This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/f48de1-9f33-4f0a-8676-e836eb3d2f1f/1/9bMQ6dROhHDWzYAJWQZssA8pHvo.mft File: 9bMQ6dROhHDWzYAJWQZssA8pHvo.mft (raw, json) Hash identifier: 7MDgCxJnEMMGP+6qZlCVoInpGFLE4IKr5m2q2P9GHFs= Subject key identifier: 81:53:8A:20:DA:93:7A:FC:C1:DB:D8:97:00:A8:E4:6E:77:7D:60:62 Authority key identifier: F5:B3:10:E9:D4:4E:84:70:D6:CD:80:09:59:06:6C:B0:0F:29:1E:FA Certificate issuer: /CN=f5b310e9d44e8470d6cd800959066cb00f291efa Certificate serial: 019B3C7E05BB13B225E4C20F0FBC8836AD29 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9bMQ6dROhHDWzYAJWQZssA8pHvo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/f48de1-9f33-4f0a-8676-e836eb3d2f1f/1/9bMQ6dROhHDWzYAJWQZssA8pHvo.mft Manifest number: 11EC Signing time: Sat 20 Dec 2025 16:00:50 +0000 Manifest this update: Sat 20 Dec 2025 16:00:50 +0000 Manifest next update: Sun 21 Dec 2025 16:00:50 +0000 Files and hashes: 1: 9bMQ6dROhHDWzYAJWQZssA8pHvo.crl (hash: 25hITzDcWZEJ+vducg0b8Gx5WF09dDYgL9v2rhOo7Iw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/18/f48de1-9f33-4f0a-8676-e836eb3d2f1f/1/9bMQ6dROhHDWzYAJWQZssA8pHvo.crl rsync://rpki.ripe.net/repository/DEFAULT/18/f48de1-9f33-4f0a-8676-e836eb3d2f1f/1/9bMQ6dROhHDWzYAJWQZssA8pHvo.mft rsync://rpki.ripe.net/repository/DEFAULT/9bMQ6dROhHDWzYAJWQZssA8pHvo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 15:46:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3c:7e:05:bb:13:b2:25:e4:c2:0f:0f:bc:88:36:ad:29 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f5b310e9d44e8470d6cd800959066cb00f291efa Validity Not Before: Dec 20 16:00:50 2025 GMT Not After : Dec 21 16:00:50 2025 GMT Subject: CN=81538a20da937afcc1dbd89700a8e46e777d6062 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:8b:81:53:c2:37:47:31:b8:8b:19:1c:66:e5: ad:a7:a0:8e:38:79:29:0c:e1:38:ae:95:8c:2a:15: 88:bf:91:04:bb:7e:de:a1:5a:a6:ea:b1:29:cd:02: 7c:8f:73:74:fb:41:39:9d:a1:67:9e:41:b5:09:31: 61:bf:68:8d:8c:09:cd:9e:ac:81:c5:d0:59:84:e3: 48:20:37:a3:f9:4e:f0:9a:d8:3a:b9:4d:22:3a:64: da:eb:4f:2d:4a:37:38:52:76:6a:03:cf:5d:f1:b9: 99:98:74:75:85:5d:8b:01:85:66:a9:bb:42:39:1e: 24:27:b0:26:19:0b:90:2b:f8:cb:cf:39:23:7d:34: 5f:c9:a4:ff:9c:d2:5e:7f:12:8f:d0:4c:85:17:bc: e5:97:36:1f:85:ce:a5:cb:90:2e:ff:06:00:d5:b1: ba:bd:4a:bf:ae:2c:e9:d9:e8:ba:6f:5d:9c:20:22: bd:03:f6:b2:35:fa:c7:e2:52:76:02:89:02:2e:9e: 58:d1:bc:5b:bf:fc:ec:87:92:91:09:84:fb:db:83: 05:69:5f:70:19:5d:9e:ce:10:0b:e2:35:58:0c:bd: 85:63:c0:fb:8e:9e:0c:95:76:e2:f2:cd:57:d9:dc: d6:8f:cd:c1:13:22:8d:77:8e:15:4b:10:90:13:5a: ce:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 81:53:8A:20:DA:93:7A:FC:C1:DB:D8:97:00:A8:E4:6E:77:7D:60:62 X509v3 Authority Key Identifier: keyid:F5:B3:10:E9:D4:4E:84:70:D6:CD:80:09:59:06:6C:B0:0F:29:1E:FA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9bMQ6dROhHDWzYAJWQZssA8pHvo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/f48de1-9f33-4f0a-8676-e836eb3d2f1f/1/9bMQ6dROhHDWzYAJWQZssA8pHvo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/18/f48de1-9f33-4f0a-8676-e836eb3d2f1f/1/9bMQ6dROhHDWzYAJWQZssA8pHvo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 30:1b:a0:44:6c:d5:94:a8:57:53:9a:4f:ce:f6:d8:94:88:1a: e4:5d:eb:81:d5:59:7d:be:e9:2e:0a:dd:de:fe:46:dc:35:33: aa:ad:38:32:6b:14:50:e2:5a:34:a2:b8:86:20:b3:17:05:e2: 03:76:cf:cd:27:f0:d9:4b:fd:b8:66:06:57:38:61:70:fa:6c: b1:52:5c:cb:46:1d:0c:06:47:a0:88:65:c8:b9:ff:9b:9c:d6: 2e:dd:c9:8b:c8:52:97:70:e0:23:64:8c:5c:1a:4b:06:d6:72: 60:c5:9c:13:be:b7:8f:30:c1:2a:5b:45:d4:c3:d7:21:52:19: 51:21:26:a9:39:4b:93:ef:69:be:b9:f4:82:8e:40:1d:9a:48: 96:32:f0:40:d3:c9:d5:62:23:46:0c:65:82:25:73:22:e9:23: 65:8c:3b:4b:f1:70:7e:2f:3d:38:a2:15:74:d4:e0:50:93:04: ab:ec:28:03:f0:72:72:0d:df:59:98:f2:19:f8:98:02:c4:6e: 90:80:3b:0a:90:74:23:97:9c:69:3e:50:5c:c6:d7:e6:11:dc: b5:c0:a9:cc:b4:9e:81:80:c3:cc:2c:a6:1c:7b:f3:ed:b2:5f: 4a:7d:05:7b:17:c2:ad:8f:b3:25:ef:98:8f:d7:26:f8:c5:a3: 39:96:5c:56 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs8fgW7E7Il5MIPD7yINq0pMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGY1YjMxMGU5ZDQ0ZTg0NzBkNmNkODAwOTU5MDY2Y2IwMGYy OTFlZmEwHhcNMjUxMjIwMTYwMDUwWhcNMjUxMjIxMTYwMDUwWjAzMTEwLwYDVQQD Eyg4MTUzOGEyMGRhOTM3YWZjYzFkYmQ4OTcwMGE4ZTQ2ZTc3N2Q2MDYyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7YuBU8I3RzG4ixkcZuWtp6COOHkp DOE4rpWMKhWIv5EEu37eoVqm6rEpzQJ8j3N0+0E5naFnnkG1CTFhv2iNjAnNnqyB xdBZhONIIDej+U7wmtg6uU0iOmTa608tSjc4UnZqA89d8bmZmHR1hV2LAYVmqbtC OR4kJ7AmGQuQK/jLzzkjfTRfyaT/nNJefxKP0EyFF7zllzYfhc6ly5Au/wYA1bG6 vUq/rizp2ei6b12cICK9A/ayNfrH4lJ2AokCLp5Y0bxbv/zsh5KRCYT724MFaV9w GV2ezhAL4jVYDL2FY8D7jp4MlXbi8s1X2dzWj83BEyKNd44VSxCQE1rO9QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIFTiiDak3r8wdvYlwCo5G53fWBiMB8GA1UdIwQY MBaAFPWzEOnUToRw1s2ACVkGbLAPKR76MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOWJNUTZkUk9oSERXellBSldRWnNzQThwSHZvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9mNDhkZTEtOWYzMy00ZjBhLTg2NzYt ZTgzNmViM2QyZjFmLzEvOWJNUTZkUk9oSERXellBSldRWnNzQThwSHZvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xOC9mNDhkZTEtOWYzMy00ZjBhLTg2NzYtZTgzNmViM2QyZjFm LzEvOWJNUTZkUk9oSERXellBSldRWnNzQThwSHZvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMBugRGzV lKhXU5pPzvbYlIga5F3rgdVZfb7pLgrd3v5G3DUzqq04MmsUUOJaNKK4hiCzFwXi A3bPzSfw2Uv9uGYGVzhhcPpssVJcy0YdDAZHoIhlyLn/m5zWLt3Ji8hSl3DgI2SM XBpLBtZyYMWcE763jzDBKltF1MPXIVIZUSEmqTlLk+9pvrn0go5AHZpIljLwQNPJ 1WIjRgxlgiVzIukjZYw7S/Fwfi89OKIVdNTgUJMEq+woA/Bycg3fWZjyGfiYAsRu kIA7CpB0I5ecaT5QXMbX5hHctcCpzLSegYDDzCymHHvz7bJfSn0FexfCrY+zJe+Y j9cm+MWjOZZcVg== -----END CERTIFICATE-----Generated at Sun Dec 21 01:09:01 2025 by rpki-client