This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/d78bb4-568a-4545-b210-53ab86595fc0/1/9aKrEck1CB9eSaaFyDl49vc9TaE.mft File: 9aKrEck1CB9eSaaFyDl49vc9TaE.mft (raw, json) Hash identifier: TTJkh0vvr/5Vs7y8dYYs9QbgUE5v3+wp/nhOEeT0KrE= Subject key identifier: 96:D5:A3:BA:F0:14:B3:9F:8B:AC:F0:A2:06:50:70:A0:75:88:EB:9C Authority key identifier: F5:A2:AB:11:C9:35:08:1F:5E:49:A6:85:C8:39:78:F6:F7:3D:4D:A1 Certificate issuer: /CN=f5a2ab11c935081f5e49a685c83978f6f73d4da1 Certificate serial: 019AF49BBB1D05362F3345782F4E8EF155A2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9aKrEck1CB9eSaaFyDl49vc9TaE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/d78bb4-568a-4545-b210-53ab86595fc0/1/9aKrEck1CB9eSaaFyDl49vc9TaE.mft Manifest number: 04B0 Signing time: Sat 06 Dec 2025 17:00:37 +0000 Manifest this update: Sat 06 Dec 2025 17:00:37 +0000 Manifest next update: Sun 07 Dec 2025 17:00:37 +0000 Files and hashes: 1: 9aKrEck1CB9eSaaFyDl49vc9TaE.crl (hash: vB7v83aRUjj3xxsb6ERkajOe/LYVk3ytNC+YmrbF5A4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/d78bb4-568a-4545-b210-53ab86595fc0/1/9aKrEck1CB9eSaaFyDl49vc9TaE.crl rsync://rpki.ripe.net/repository/DEFAULT/9b/d78bb4-568a-4545-b210-53ab86595fc0/1/9aKrEck1CB9eSaaFyDl49vc9TaE.mft rsync://rpki.ripe.net/repository/DEFAULT/9aKrEck1CB9eSaaFyDl49vc9TaE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f4:9b:bb:1d:05:36:2f:33:45:78:2f:4e:8e:f1:55:a2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f5a2ab11c935081f5e49a685c83978f6f73d4da1 Validity Not Before: Dec 6 17:00:37 2025 GMT Not After : Dec 7 17:00:37 2025 GMT Subject: CN=96d5a3baf014b39f8bacf0a2065070a07588eb9c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:e3:f4:70:70:28:8a:cb:c2:35:ca:54:42:6b: 4f:a3:7c:ef:d3:88:c4:76:1e:7c:64:b1:56:de:b6: 59:9e:99:5f:8d:4f:92:c4:5a:a9:9f:36:d3:7c:ed: 66:64:1a:6d:16:47:bf:3e:bb:57:84:3a:8e:e9:11: ee:16:92:d8:a2:72:c5:db:b9:3c:52:b0:69:0b:1b: 65:eb:8a:2d:c7:c0:24:eb:93:56:02:12:f7:9d:bc: ea:66:48:9a:52:32:08:af:db:c8:6e:80:fd:51:3c: 4c:e1:8b:38:43:00:02:10:98:07:11:d8:63:43:59: db:bc:fb:81:77:f3:48:30:8b:bf:0c:27:e9:44:36: 4b:2a:28:bc:14:df:a9:3f:81:b1:c9:a0:2d:5a:a5: 84:9e:17:7f:7d:3b:90:71:db:d2:7c:d9:5e:96:c4: 7f:fa:13:a6:3c:3d:69:3a:8a:3f:56:9b:d7:5d:f0: fd:5e:40:40:75:f2:fd:f8:8b:6c:6d:f0:49:41:ae: 1c:b0:87:51:b7:db:4b:e7:70:b9:b0:e6:7e:da:92: 4c:60:29:fe:01:59:63:cc:cd:83:c5:eb:2f:50:75: 92:4d:7d:4c:75:5e:60:13:14:66:54:eb:50:d9:49: 63:e0:2f:6d:3e:6c:83:35:b6:af:c9:8e:fe:7c:b1: da:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 96:D5:A3:BA:F0:14:B3:9F:8B:AC:F0:A2:06:50:70:A0:75:88:EB:9C X509v3 Authority Key Identifier: keyid:F5:A2:AB:11:C9:35:08:1F:5E:49:A6:85:C8:39:78:F6:F7:3D:4D:A1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9aKrEck1CB9eSaaFyDl49vc9TaE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/d78bb4-568a-4545-b210-53ab86595fc0/1/9aKrEck1CB9eSaaFyDl49vc9TaE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/d78bb4-568a-4545-b210-53ab86595fc0/1/9aKrEck1CB9eSaaFyDl49vc9TaE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 43:4d:c8:76:9f:d8:12:83:4b:60:ad:58:ce:e2:93:88:99:36: 2d:52:e8:82:e9:a9:07:83:6d:ae:66:2b:75:20:57:e6:b6:6d: 37:d6:ff:b1:09:ad:ef:6c:59:c9:84:1e:00:7a:96:cb:93:87: 8a:3d:ce:10:26:4b:0c:18:cc:ec:aa:bd:4b:d9:b0:70:99:09: f3:88:27:97:55:1e:2b:8f:36:84:5c:1a:66:b1:e4:52:59:71: 73:b8:06:27:eb:b5:d8:c0:da:3d:6a:a9:e5:2b:e2:05:1c:09: 57:f4:29:c4:e5:fa:f6:bb:8e:6b:d1:26:ae:33:09:bd:9e:06: f1:00:54:e8:e0:e6:c7:84:91:7d:75:68:52:fd:c6:b6:40:54: a5:55:b3:63:e0:98:ed:88:c9:be:09:07:2e:dc:31:09:ba:58: 60:66:8c:a3:76:a4:0e:0f:1d:3f:ea:d2:b8:80:c4:d5:77:e4: 9e:19:ea:36:85:30:2f:0e:de:4d:1f:55:be:c9:bf:ea:45:d7: e2:07:be:a1:0a:63:4d:6c:a6:94:04:a9:99:95:4a:f7:4e:53: 70:61:2f:77:ca:c0:32:32:ef:cf:34:88:d4:62:49:03:4e:a0: db:f6:a8:fb:6e:e5:30:05:99:53:ee:c4:de:49:6a:c3:59:e6: 70:e3:5b:26 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr0m7sdBTYvM0V4L06O8VWiMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGY1YTJhYjExYzkzNTA4MWY1ZTQ5YTY4NWM4Mzk3OGY2Zjcz ZDRkYTEwHhcNMjUxMjA2MTcwMDM3WhcNMjUxMjA3MTcwMDM3WjAzMTEwLwYDVQQD Eyg5NmQ1YTNiYWYwMTRiMzlmOGJhY2YwYTIwNjUwNzBhMDc1ODhlYjljMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5+P0cHAoisvCNcpUQmtPo3zv04jE dh58ZLFW3rZZnplfjU+SxFqpnzbTfO1mZBptFke/PrtXhDqO6RHuFpLYonLF27k8 UrBpCxtl64otx8Ak65NWAhL3nbzqZkiaUjIIr9vIboD9UTxM4Ys4QwACEJgHEdhj Q1nbvPuBd/NIMIu/DCfpRDZLKii8FN+pP4GxyaAtWqWEnhd/fTuQcdvSfNlelsR/ +hOmPD1pOoo/VpvXXfD9XkBAdfL9+ItsbfBJQa4csIdRt9tL53C5sOZ+2pJMYCn+ AVljzM2DxesvUHWSTX1MdV5gExRmVOtQ2Ulj4C9tPmyDNbavyY7+fLHanQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJbVo7rwFLOfi6zwogZQcKB1iOucMB8GA1UdIwQY MBaAFPWiqxHJNQgfXkmmhcg5ePb3PU2hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOWFLckVjazFDQjllU2FhRnlEbDQ5dmM5VGFFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi9kNzhiYjQtNTY4YS00NTQ1LWIyMTAt NTNhYjg2NTk1ZmMwLzEvOWFLckVjazFDQjllU2FhRnlEbDQ5dmM5VGFFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85Yi9kNzhiYjQtNTY4YS00NTQ1LWIyMTAtNTNhYjg2NTk1ZmMw LzEvOWFLckVjazFDQjllU2FhRnlEbDQ5dmM5VGFFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ03Idp/Y EoNLYK1YzuKTiJk2LVLogumpB4NtrmYrdSBX5rZtN9b/sQmt72xZyYQeAHqWy5OH ij3OECZLDBjM7Kq9S9mwcJkJ84gnl1UeK482hFwaZrHkUllxc7gGJ+u12MDaPWqp 5SviBRwJV/QpxOX69ruOa9EmrjMJvZ4G8QBU6ODmx4SRfXVoUv3GtkBUpVWzY+CY 7YjJvgkHLtwxCbpYYGaMo3akDg8dP+rSuIDE1XfknhnqNoUwLw7eTR9Vvsm/6kXX 4ge+oQpjTWymlASpmZVK905TcGEvd8rAMjLvzzSI1GJJA06g2/ao+27lMAWZU+7E 3klqw1nmcONbJg== -----END CERTIFICATE-----Generated at Sat Dec 6 22:42:35 2025 by rpki-client