This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/cda958-3cab-4b23-916c-35de384c0982/1/mCQarJ7ae-9pCJ9ke12Pd0_0OiY.mft File: mCQarJ7ae-9pCJ9ke12Pd0_0OiY.mft (raw, json) Hash identifier: 84rI0TdLBGCgjzMafqr0JTgGCUX0n+XDeO5uP1TzU5c= Subject key identifier: 83:AB:D3:E6:AD:2C:7E:E6:D2:A0:B0:53:5B:0B:D1:29:1F:F8:91:D6 Authority key identifier: 98:24:1A:AC:9E:DA:7B:EF:69:08:9F:64:7B:5D:8F:77:4F:F4:3A:26 Certificate issuer: /CN=98241aac9eda7bef69089f647b5d8f774ff43a26 Certificate serial: 019AF4654E7F5C01FB4E549D65E6847522E2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCQarJ7ae-9pCJ9ke12Pd0_0OiY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/cda958-3cab-4b23-916c-35de384c0982/1/mCQarJ7ae-9pCJ9ke12Pd0_0OiY.mft Manifest number: 0E97 Signing time: Sat 06 Dec 2025 16:01:11 +0000 Manifest this update: Sat 06 Dec 2025 16:01:11 +0000 Manifest next update: Sun 07 Dec 2025 16:01:11 +0000 Files and hashes: 1: mCQarJ7ae-9pCJ9ke12Pd0_0OiY.crl (hash: Jo4+Qft+ys61nHL1ol64ytVuUDIrS4J6b6XbsIqkPSY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/cda958-3cab-4b23-916c-35de384c0982/1/mCQarJ7ae-9pCJ9ke12Pd0_0OiY.crl rsync://rpki.ripe.net/repository/DEFAULT/d2/cda958-3cab-4b23-916c-35de384c0982/1/mCQarJ7ae-9pCJ9ke12Pd0_0OiY.mft rsync://rpki.ripe.net/repository/DEFAULT/mCQarJ7ae-9pCJ9ke12Pd0_0OiY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 16:01:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f4:65:4e:7f:5c:01:fb:4e:54:9d:65:e6:84:75:22:e2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=98241aac9eda7bef69089f647b5d8f774ff43a26 Validity Not Before: Dec 6 16:01:11 2025 GMT Not After : Dec 7 16:01:11 2025 GMT Subject: CN=83abd3e6ad2c7ee6d2a0b0535b0bd1291ff891d6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:ec:f3:10:8f:c5:dd:7c:db:ba:98:5f:2d:e8: 84:05:9e:27:81:ae:12:0f:38:2c:bd:7a:8b:7b:35: 4c:91:a1:7a:8c:6b:c9:e7:04:87:ed:4e:c9:33:1d: 97:c0:47:26:ce:f3:a3:91:84:0d:ac:1c:b6:70:51: 6c:30:8b:eb:fb:c3:b4:e3:fb:14:ab:31:33:4d:08: 8e:6f:ac:d3:83:7f:eb:98:c7:0a:69:e9:52:27:c4: 38:43:06:87:1c:f0:3d:67:32:3a:86:9e:00:0e:04: 72:f4:cb:2e:9e:bc:de:8a:5f:d6:c6:48:ae:c5:b3: d7:12:dc:f6:ed:99:07:a6:28:47:41:d9:88:18:a1: 7c:e6:b7:e6:6c:02:0a:24:dd:5a:34:47:22:e0:5f: df:a4:75:7d:68:72:4c:9a:c0:8c:a0:80:d9:66:5c: 61:c6:a3:15:a2:d1:32:f6:54:18:ec:7b:86:53:1e: 5e:8b:ab:95:33:7f:91:75:2c:09:59:42:2c:6d:87: c9:93:ff:f9:7d:66:e7:92:20:e4:ad:91:db:e8:b1: aa:2d:b9:3e:11:dd:21:84:f4:fc:0c:ce:f0:ac:73: 73:15:bb:c8:57:28:35:db:78:6d:ff:3f:eb:c2:7e: 13:ba:db:b1:15:7e:2a:a3:a3:6c:51:25:13:4c:ae: 6b:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 83:AB:D3:E6:AD:2C:7E:E6:D2:A0:B0:53:5B:0B:D1:29:1F:F8:91:D6 X509v3 Authority Key Identifier: keyid:98:24:1A:AC:9E:DA:7B:EF:69:08:9F:64:7B:5D:8F:77:4F:F4:3A:26 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCQarJ7ae-9pCJ9ke12Pd0_0OiY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/cda958-3cab-4b23-916c-35de384c0982/1/mCQarJ7ae-9pCJ9ke12Pd0_0OiY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/cda958-3cab-4b23-916c-35de384c0982/1/mCQarJ7ae-9pCJ9ke12Pd0_0OiY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 01:fd:ac:4f:dc:e3:d2:6e:31:67:9f:bd:0d:d0:0a:a2:62:2b: 58:7e:0b:93:76:5d:7f:b4:ae:85:cc:ed:7c:06:60:04:e3:af: 5f:16:1d:c6:56:74:80:6b:3a:93:8d:c8:f5:57:29:1d:18:4f: 34:1f:ee:ed:b0:a6:af:5b:91:1c:d0:4f:ec:fe:3e:d2:76:41: cf:af:0b:d2:90:65:71:6d:c5:02:3d:44:e3:b9:bd:8f:32:48: 86:bf:ad:5d:31:c8:09:b5:77:a3:2f:55:f3:8b:12:bf:04:7d: 88:c8:f8:6d:86:f8:eb:51:50:f9:ff:99:93:9e:51:c4:40:98: f2:74:e9:2f:17:44:14:2a:a3:d4:d2:f4:36:15:43:5a:03:49: 2a:9d:33:51:81:35:b2:0b:fd:4b:ca:eb:9c:3c:33:b1:69:f2: 15:90:96:bd:26:e4:6f:3a:75:da:77:38:ee:56:2d:8a:73:21: 27:ff:b9:52:0b:b9:19:67:03:76:37:59:1f:dc:54:7c:b0:52: e8:38:ec:27:e5:6a:5e:32:aa:b1:5e:ac:10:7c:fb:55:74:6b: 58:83:5a:ff:b6:9f:dd:fb:48:ed:3a:f6:5c:32:e4:b6:03:6f: bb:74:65:93:60:5f:f4:5d:d0:05:7d:8e:60:14:91:5f:6c:e1: d3:f6:6c:0a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr0ZU5/XAH7TlSdZeaEdSLiMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk4MjQxYWFjOWVkYTdiZWY2OTA4OWY2NDdiNWQ4Zjc3NGZm NDNhMjYwHhcNMjUxMjA2MTYwMTExWhcNMjUxMjA3MTYwMTExWjAzMTEwLwYDVQQD Eyg4M2FiZDNlNmFkMmM3ZWU2ZDJhMGIwNTM1YjBiZDEyOTFmZjg5MWQ2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0+zzEI/F3XzbuphfLeiEBZ4nga4S DzgsvXqLezVMkaF6jGvJ5wSH7U7JMx2XwEcmzvOjkYQNrBy2cFFsMIvr+8O04/sU qzEzTQiOb6zTg3/rmMcKaelSJ8Q4QwaHHPA9ZzI6hp4ADgRy9Msunrzeil/Wxkiu xbPXEtz27ZkHpihHQdmIGKF85rfmbAIKJN1aNEci4F/fpHV9aHJMmsCMoIDZZlxh xqMVotEy9lQY7HuGUx5ei6uVM3+RdSwJWUIsbYfJk//5fWbnkiDkrZHb6LGqLbk+ Ed0hhPT8DM7wrHNzFbvIVyg123ht/z/rwn4TutuxFX4qo6NsUSUTTK5rRQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIOr0+atLH7m0qCwU1sL0Skf+JHWMB8GA1UdIwQY MBaAFJgkGqye2nvvaQifZHtdj3dP9DomMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbUNRYXJKN2FlLTlwQ0o5a2UxMlBkMF8wT2lZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi9jZGE5NTgtM2NhYi00YjIzLTkxNmMt MzVkZTM4NGMwOTgyLzEvbUNRYXJKN2FlLTlwQ0o5a2UxMlBkMF8wT2lZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMi9jZGE5NTgtM2NhYi00YjIzLTkxNmMtMzVkZTM4NGMwOTgy LzEvbUNRYXJKN2FlLTlwQ0o5a2UxMlBkMF8wT2lZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAf2sT9zj 0m4xZ5+9DdAKomIrWH4Lk3Zdf7SuhcztfAZgBOOvXxYdxlZ0gGs6k43I9VcpHRhP NB/u7bCmr1uRHNBP7P4+0nZBz68L0pBlcW3FAj1E47m9jzJIhr+tXTHICbV3oy9V 84sSvwR9iMj4bYb461FQ+f+Zk55RxECY8nTpLxdEFCqj1NL0NhVDWgNJKp0zUYE1 sgv9S8rrnDwzsWnyFZCWvSbkbzp12nc47lYtinMhJ/+5Ugu5GWcDdjdZH9xUfLBS 6DjsJ+VqXjKqsV6sEHz7VXRrWINa/7af3ftI7Tr2XDLktgNvu3Rlk2Bf9F3QBX2O YBSRX2zh0/ZsCg== -----END CERTIFICATE-----Generated at Sun Dec 7 01:30:47 2025 by rpki-client