This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/35b49b-03a3-4101-a3fe-1d8e19df4a62/1/MtOVxX39MMDNLDD0IziuTBSnUKE.mft File: MtOVxX39MMDNLDD0IziuTBSnUKE.mft (raw, json) Hash identifier: yBqo2SJ6YqL5EyjUcGn23jLBb1tL7jK84EghLgY2gYo= Subject key identifier: 24:C8:5E:04:6F:48:EF:3E:54:F5:6A:18:6B:5B:78:34:E7:82:8B:D7 Authority key identifier: 32:D3:95:C5:7D:FD:30:C0:CD:2C:30:F4:23:38:AE:4C:14:A7:50:A1 Certificate issuer: /CN=32d395c57dfd30c0cd2c30f42338ae4c14a750a1 Certificate serial: 019B766D407708756F04A8317A8FC59F2883 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MtOVxX39MMDNLDD0IziuTBSnUKE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/35b49b-03a3-4101-a3fe-1d8e19df4a62/1/MtOVxX39MMDNLDD0IziuTBSnUKE.mft Manifest number: 0C8F Signing time: Wed 31 Dec 2025 22:00:29 +0000 Manifest this update: Wed 31 Dec 2025 22:00:29 +0000 Manifest next update: Thu 01 Jan 2026 22:00:29 +0000 Files and hashes: 1: MtOVxX39MMDNLDD0IziuTBSnUKE.crl (hash: UD+Tvf9L0yglckHqHZ5C7myQmbMgreAY6o+BOTSekD8=) 2: n5cNfAezq-PA0qRMQcD4Vk_fATk.roa (hash: 3AWrOq42owDA1epXEWxZ5qyQ/E7NiBYhiJKMNg3oKTI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/35b49b-03a3-4101-a3fe-1d8e19df4a62/1/MtOVxX39MMDNLDD0IziuTBSnUKE.crl rsync://rpki.ripe.net/repository/DEFAULT/14/35b49b-03a3-4101-a3fe-1d8e19df4a62/1/MtOVxX39MMDNLDD0IziuTBSnUKE.mft rsync://rpki.ripe.net/repository/DEFAULT/MtOVxX39MMDNLDD0IziuTBSnUKE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 01 Jan 2026 18:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:6d:40:77:08:75:6f:04:a8:31:7a:8f:c5:9f:28:83 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=32d395c57dfd30c0cd2c30f42338ae4c14a750a1 Validity Not Before: Dec 31 22:00:29 2025 GMT Not After : Jan 1 22:00:29 2026 GMT Subject: CN=24c85e046f48ef3e54f56a186b5b7834e7828bd7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:24:45:c2:b3:d1:f1:43:37:db:ca:15:2d:73: 41:9d:58:6c:c0:fe:ef:39:90:d5:4f:e0:61:98:2d: d1:68:e1:08:c3:6d:92:e6:b3:eb:3b:fe:ab:d1:d1: f9:ca:ce:77:29:05:0e:1f:d5:d1:3a:b0:ce:6b:d3: 54:08:b0:f6:0e:53:42:8e:98:33:a2:59:bc:6c:42: 87:0d:60:ee:d8:1f:a1:28:c0:e1:2a:5b:e3:1c:a1: 45:fb:80:8f:b8:9a:71:54:e0:ea:fd:5d:b8:28:f5: 52:6e:de:b3:dd:52:80:ba:17:fe:4f:49:87:b0:f0: 1d:51:74:63:c5:7f:5d:80:a5:77:13:a2:29:4e:bc: 9f:f3:a5:b4:5b:62:53:1b:d1:0c:2c:00:c0:bf:1a: a6:b3:46:6e:6f:e8:d7:9d:0f:5b:c4:d2:2c:84:2b: e1:e8:ca:14:9f:3b:4f:91:ef:46:0a:4a:9c:85:e3: 09:72:0b:70:25:a7:5f:9e:bb:14:7a:51:9b:5d:97: 33:32:12:a8:87:92:0e:7d:ae:ef:13:b3:fe:8e:77: 8e:82:d4:cc:99:7c:45:61:3e:a2:35:fd:e6:b9:3a: db:62:d1:cc:fb:cf:16:e4:c2:4e:85:3a:f2:71:d4: 35:fc:2f:b8:aa:00:6f:96:b7:02:01:37:bd:ef:da: 57:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 24:C8:5E:04:6F:48:EF:3E:54:F5:6A:18:6B:5B:78:34:E7:82:8B:D7 X509v3 Authority Key Identifier: keyid:32:D3:95:C5:7D:FD:30:C0:CD:2C:30:F4:23:38:AE:4C:14:A7:50:A1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MtOVxX39MMDNLDD0IziuTBSnUKE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/35b49b-03a3-4101-a3fe-1d8e19df4a62/1/MtOVxX39MMDNLDD0IziuTBSnUKE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/14/35b49b-03a3-4101-a3fe-1d8e19df4a62/1/MtOVxX39MMDNLDD0IziuTBSnUKE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 80:7d:77:63:68:65:1a:f3:bc:fe:7d:db:01:3c:bc:36:81:d1: 29:bb:47:1e:63:07:69:d2:ae:17:f0:fe:9d:30:c1:61:fb:03: 16:3d:50:e0:a0:7f:94:f1:18:ef:55:dd:ef:05:c1:66:c8:a8: e9:d5:d5:67:dc:3a:7a:c2:a4:9a:71:e4:34:f5:f0:6e:5a:39: a9:98:39:13:0e:ff:d4:65:6a:d8:e6:9e:4d:a0:d9:90:05:ef: bc:13:85:9b:a1:2e:86:f3:2b:0c:db:af:6e:a2:5d:f9:83:f6: 7e:ad:97:51:07:62:ac:f7:d0:4a:6c:a8:71:25:d8:90:00:17: 62:a8:eb:5e:35:d2:4d:88:97:bd:4e:97:6d:c2:37:9d:4a:ff: 02:5c:2a:55:c8:dc:d2:10:d1:3f:bc:fc:8a:9d:e9:52:4c:a4: 7a:ba:b7:e3:14:43:d8:93:e6:20:b7:2d:75:09:d7:27:b7:6a: 17:0a:83:c0:40:a5:b4:03:03:10:aa:1d:94:40:0d:f7:1c:bd: ad:b4:16:34:c4:52:cb:8d:5e:10:34:f5:b3:d7:f0:b8:1d:e0: ce:bb:8c:9f:95:b9:bc:a6:e6:03:e3:46:c3:25:64:08:df:81: 66:9c:2f:58:3d:36:78:21:09:f4:95:be:1d:b3:a7:c8:31:52: 06:4e:6a:75 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZt2bUB3CHVvBKgxeo/FnyiDMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDMyZDM5NWM1N2RmZDMwYzBjZDJjMzBmNDIzMzhhZTRjMTRh NzUwYTEwHhcNMjUxMjMxMjIwMDI5WhcNMjYwMTAxMjIwMDI5WjAzMTEwLwYDVQQD EygyNGM4NWUwNDZmNDhlZjNlNTRmNTZhMTg2YjViNzgzNGU3ODI4YmQ3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtSRFwrPR8UM328oVLXNBnVhswP7v OZDVT+BhmC3RaOEIw22S5rPrO/6r0dH5ys53KQUOH9XROrDOa9NUCLD2DlNCjpgz olm8bEKHDWDu2B+hKMDhKlvjHKFF+4CPuJpxVODq/V24KPVSbt6z3VKAuhf+T0mH sPAdUXRjxX9dgKV3E6IpTryf86W0W2JTG9EMLADAvxqms0Zub+jXnQ9bxNIshCvh 6MoUnztPke9GCkqcheMJcgtwJadfnrsUelGbXZczMhKoh5IOfa7vE7P+jneOgtTM mXxFYT6iNf3muTrbYtHM+88W5MJOhTrycdQ1/C+4qgBvlrcCATe979pXdQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCTIXgRvSO8+VPVqGGtbeDTngovXMB8GA1UdIwQY MBaAFDLTlcV9/TDAzSww9CM4rkwUp1ChMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTXRPVnhYMzlNTUROTEREMEl6aXVUQlNuVUtFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8zNWI0OWItMDNhMy00MTAxLWEzZmUt MWQ4ZTE5ZGY0YTYyLzEvTXRPVnhYMzlNTUROTEREMEl6aXVUQlNuVUtFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNC8zNWI0OWItMDNhMy00MTAxLWEzZmUtMWQ4ZTE5ZGY0YTYy LzEvTXRPVnhYMzlNTUROTEREMEl6aXVUQlNuVUtFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgH13Y2hl GvO8/n3bATy8NoHRKbtHHmMHadKuF/D+nTDBYfsDFj1Q4KB/lPEY71Xd7wXBZsio 6dXVZ9w6esKkmnHkNPXwblo5qZg5Ew7/1GVq2OaeTaDZkAXvvBOFm6EuhvMrDNuv bqJd+YP2fq2XUQdirPfQSmyocSXYkAAXYqjrXjXSTYiXvU6XbcI3nUr/AlwqVcjc 0hDRP7z8ip3pUkykerq34xRD2JPmILctdQnXJ7dqFwqDwECltAMDEKodlEAN9xy9 rbQWNMRSy41eEDT1s9fwuB3gzruMn5W5vKbmA+NGwyVkCN+BZpwvWD02eCEJ9JW+ HbOnyDFSBk5qdQ== -----END CERTIFICATE-----Generated at Thu Jan 1 01:02:14 2026 by rpki-client