This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/579f0f-070e-443d-8ecd-6872355838a2/1/mtVmfEEoFBE5zKfFBH_BclC_Y68.mft File: mtVmfEEoFBE5zKfFBH_BclC_Y68.mft (raw, json) Hash identifier: qwPZ+NCKaCazUz5GZFhfdFOUgDzRpty89YxL2R9S9s4= Subject key identifier: 00:0E:57:A7:8F:40:28:7B:E7:38:A0:30:FA:DC:2B:C8:4C:98:61:A0 Authority key identifier: 9A:D5:66:7C:41:28:14:11:39:CC:A7:C5:04:7F:C1:72:50:BF:63:AF Certificate issuer: /CN=9ad5667c4128141139cca7c5047fc17250bf63af Certificate serial: 019B44A54CFBDC720C02B508CE43B8807B4C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mtVmfEEoFBE5zKfFBH_BclC_Y68.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/579f0f-070e-443d-8ecd-6872355838a2/1/mtVmfEEoFBE5zKfFBH_BclC_Y68.mft Manifest number: 1789 Signing time: Mon 22 Dec 2025 06:00:42 +0000 Manifest this update: Mon 22 Dec 2025 06:00:42 +0000 Manifest next update: Tue 23 Dec 2025 06:00:42 +0000 Files and hashes: 1: mtVmfEEoFBE5zKfFBH_BclC_Y68.crl (hash: bY8qQeRbuRap3F8i9YNdMYoAYWsgYKW4ZQhMMq4N2mc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/579f0f-070e-443d-8ecd-6872355838a2/1/mtVmfEEoFBE5zKfFBH_BclC_Y68.crl rsync://rpki.ripe.net/repository/DEFAULT/09/579f0f-070e-443d-8ecd-6872355838a2/1/mtVmfEEoFBE5zKfFBH_BclC_Y68.mft rsync://rpki.ripe.net/repository/DEFAULT/mtVmfEEoFBE5zKfFBH_BclC_Y68.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 06:00:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:44:a5:4c:fb:dc:72:0c:02:b5:08:ce:43:b8:80:7b:4c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9ad5667c4128141139cca7c5047fc17250bf63af Validity Not Before: Dec 22 06:00:42 2025 GMT Not After : Dec 23 06:00:42 2025 GMT Subject: CN=000e57a78f40287be738a030fadc2bc84c9861a0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:7b:dc:d7:39:6d:b5:c8:e2:6a:57:31:3e:c7: 8c:1d:ae:71:bc:ff:84:79:a1:20:f7:55:8b:b9:af: db:06:d0:c9:7c:e2:e1:e8:15:a5:7d:c3:81:4e:e4: 4f:66:fc:0a:e4:d7:af:60:f6:09:e9:f7:83:a3:13: 06:b7:31:54:0b:99:e3:8f:1e:bc:03:bc:49:d2:5c: 58:01:67:48:73:a3:05:c3:f4:12:b7:54:8b:23:d5: 68:39:c6:73:1f:07:71:15:37:f8:32:5c:c9:2c:2d: 55:88:c2:a5:d8:fa:b6:fd:39:2b:ef:0d:6d:eb:2b: 79:49:35:10:ee:54:a0:0a:86:00:4f:7b:72:21:e6: 15:64:a0:0d:09:19:06:59:da:de:1d:8a:fc:55:01: 6a:d8:e9:12:17:90:7d:1e:bb:67:01:b6:ee:5e:7a: 53:ff:ed:9c:4c:eb:aa:f3:7b:c5:56:20:d1:e0:5b: 4e:e3:ef:46:01:8e:7b:e2:ee:0d:aa:e5:96:96:ff: c4:32:5a:f7:bf:42:91:f6:39:58:5a:9c:9c:76:b1: 21:3f:b1:56:87:74:66:93:05:47:3b:90:2b:08:a3: 81:3e:29:ca:8b:32:a3:1c:c4:5f:a9:9a:a5:01:6d: 5c:9a:ab:af:4a:fe:e7:63:65:cb:c3:50:c8:e1:12: 5a:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:0E:57:A7:8F:40:28:7B:E7:38:A0:30:FA:DC:2B:C8:4C:98:61:A0 X509v3 Authority Key Identifier: keyid:9A:D5:66:7C:41:28:14:11:39:CC:A7:C5:04:7F:C1:72:50:BF:63:AF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mtVmfEEoFBE5zKfFBH_BclC_Y68.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/579f0f-070e-443d-8ecd-6872355838a2/1/mtVmfEEoFBE5zKfFBH_BclC_Y68.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/09/579f0f-070e-443d-8ecd-6872355838a2/1/mtVmfEEoFBE5zKfFBH_BclC_Y68.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8d:d1:ee:19:2e:1f:54:e4:d7:14:40:5f:d7:b3:b1:e5:f6:8f: 52:82:7c:53:e1:2c:c4:5f:b7:36:9d:47:d7:be:43:a9:8f:ec: c4:61:77:cd:2a:7c:82:2d:4b:01:e0:2f:0b:ec:1f:d4:37:53: 9d:90:a9:f6:f7:a4:73:83:44:4e:65:34:d4:1f:12:79:02:9a: 70:cc:11:1c:48:8c:4f:a7:9c:56:ab:0a:e4:34:b9:4e:5e:17: 49:c1:a6:7c:35:20:5f:70:d7:40:50:b6:b6:15:c8:a2:b1:87: e2:82:ea:b1:15:e5:41:01:ac:3c:4b:36:23:cf:3a:41:1b:76: bd:71:48:97:8d:7b:ae:06:c8:e3:f3:e5:53:0d:c3:3b:5b:df: bc:6b:e9:9c:3a:3e:04:74:e5:80:87:e9:91:ce:1c:2b:a3:f7: 39:22:4d:f7:83:cc:2d:47:a9:cf:74:22:75:08:8d:75:fd:61: fd:c4:b0:2c:be:c0:ba:a3:25:90:35:47:03:37:13:79:3d:42: 0b:77:8b:7b:70:85:6a:93:53:de:58:3d:8a:6c:40:9c:40:ad: b3:ec:b8:af:20:7e:75:f2:a8:0a:13:bc:9e:14:ad:96:fc:27: 0b:bd:9a:d1:18:f5:85:48:f6:3e:10:9d:e6:95:84:ef:f0:9c: 46:04:5e:15 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtEpUz73HIMArUIzkO4gHtMMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDlhZDU2NjdjNDEyODE0MTEzOWNjYTdjNTA0N2ZjMTcyNTBi ZjYzYWYwHhcNMjUxMjIyMDYwMDQyWhcNMjUxMjIzMDYwMDQyWjAzMTEwLwYDVQQD EygwMDBlNTdhNzhmNDAyODdiZTczOGEwMzBmYWRjMmJjODRjOTg2MWEwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx3vc1zlttcjialcxPseMHa5xvP+E eaEg91WLua/bBtDJfOLh6BWlfcOBTuRPZvwK5NevYPYJ6feDoxMGtzFUC5njjx68 A7xJ0lxYAWdIc6MFw/QSt1SLI9VoOcZzHwdxFTf4MlzJLC1ViMKl2Pq2/Tkr7w1t 6yt5STUQ7lSgCoYAT3tyIeYVZKANCRkGWdreHYr8VQFq2OkSF5B9HrtnAbbuXnpT /+2cTOuq83vFViDR4FtO4+9GAY574u4NquWWlv/EMlr3v0KR9jlYWpycdrEhP7FW h3RmkwVHO5ArCKOBPinKizKjHMRfqZqlAW1cmquvSv7nY2XLw1DI4RJafwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAAOV6ePQCh75zigMPrcK8hMmGGgMB8GA1UdIwQY MBaAFJrVZnxBKBQROcynxQR/wXJQv2OvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbXRWbWZFRW9GQkU1ektmRkJIX0JjbENfWTY4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS81NzlmMGYtMDcwZS00NDNkLThlY2Qt Njg3MjM1NTgzOGEyLzEvbXRWbWZFRW9GQkU1ektmRkJIX0JjbENfWTY4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wOS81NzlmMGYtMDcwZS00NDNkLThlY2QtNjg3MjM1NTgzOGEy LzEvbXRWbWZFRW9GQkU1ektmRkJIX0JjbENfWTY4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjdHuGS4f VOTXFEBf17Ox5faPUoJ8U+EsxF+3Np1H175DqY/sxGF3zSp8gi1LAeAvC+wf1DdT nZCp9vekc4NETmU01B8SeQKacMwRHEiMT6ecVqsK5DS5Tl4XScGmfDUgX3DXQFC2 thXIorGH4oLqsRXlQQGsPEs2I886QRt2vXFIl417rgbI4/PlUw3DO1vfvGvpnDo+ BHTlgIfpkc4cK6P3OSJN94PMLUepz3QidQiNdf1h/cSwLL7AuqMlkDVHAzcTeT1C C3eLe3CFapNT3lg9imxAnECts+y4ryB+dfKoChO8nhStlvwnC72a0Rj1hUj2PhCd 5pWE7/CcRgReFQ== -----END CERTIFICATE-----Generated at Mon Dec 22 14:08:11 2025 by rpki-client