This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/af832b-a641-4e46-a836-40f4c68e9a31/1/MdfZ0pzs-OWRIiM9cW5rBQ5xhHg.mft File: MdfZ0pzs-OWRIiM9cW5rBQ5xhHg.mft (raw, json) Hash identifier: tBddaAJcOtp8COAMYmUKf9rPrk53gnkqg7fqVts7brw= Subject key identifier: 43:C4:C3:4A:FD:D0:D1:1F:36:87:D2:8E:9B:1A:DB:CE:50:B3:BF:56 Authority key identifier: 31:D7:D9:D2:9C:EC:F8:E5:91:22:23:3D:71:6E:6B:05:0E:71:84:78 Certificate issuer: /CN=31d7d9d29cecf8e59122233d716e6b050e718478 Certificate serial: 019B522A913D878218E808D3038515211EDC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MdfZ0pzs-OWRIiM9cW5rBQ5xhHg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/af832b-a641-4e46-a836-40f4c68e9a31/1/MdfZ0pzs-OWRIiM9cW5rBQ5xhHg.mft Manifest number: 036F Signing time: Wed 24 Dec 2025 21:01:19 +0000 Manifest this update: Wed 24 Dec 2025 21:01:19 +0000 Manifest next update: Thu 25 Dec 2025 21:01:19 +0000 Files and hashes: 1: MdfZ0pzs-OWRIiM9cW5rBQ5xhHg.crl (hash: INF15zfka60Wxh0EOHJhTStTr2UtmKbzcg5NrlZsA7Y=) 2: qrKl-rcRUKxNmBfUngwMFX-9LNE.roa (hash: PaYLCeAW4XuOfyFRVE6QF7zqDhxSffbvadtvWZrAG8s=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/af832b-a641-4e46-a836-40f4c68e9a31/1/MdfZ0pzs-OWRIiM9cW5rBQ5xhHg.crl rsync://rpki.ripe.net/repository/DEFAULT/20/af832b-a641-4e46-a836-40f4c68e9a31/1/MdfZ0pzs-OWRIiM9cW5rBQ5xhHg.mft rsync://rpki.ripe.net/repository/DEFAULT/MdfZ0pzs-OWRIiM9cW5rBQ5xhHg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 18:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:52:2a:91:3d:87:82:18:e8:08:d3:03:85:15:21:1e:dc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=31d7d9d29cecf8e59122233d716e6b050e718478 Validity Not Before: Dec 24 21:01:19 2025 GMT Not After : Dec 25 21:01:19 2025 GMT Subject: CN=43c4c34afdd0d11f3687d28e9b1adbce50b3bf56 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:47:f1:52:b1:3b:78:b4:03:e1:93:39:ca:20: 6c:dd:b8:bb:e0:c5:40:6b:aa:ac:4e:c8:09:94:5f: 34:4e:99:da:d4:dd:33:67:de:84:f7:da:87:ba:d9: 0b:f8:ef:0a:b9:8c:27:17:e2:9b:82:c9:ad:98:f7: 57:d3:1d:5d:19:49:0a:99:b8:47:86:aa:fc:10:4c: 6e:6e:e1:ba:b2:dd:04:e2:97:f3:44:05:1e:23:0d: 99:12:f0:07:24:7e:dd:ff:39:1a:6e:4e:3b:3e:4a: 00:ef:79:1d:4b:81:fc:b8:40:3c:93:0c:03:6a:c4: ee:71:bc:f1:cf:80:17:f2:aa:90:17:08:40:3b:ee: b0:e2:00:b1:4b:c4:67:a2:a5:5e:45:a5:44:18:e6: b0:33:8f:c6:5f:79:fd:77:5e:b6:ed:6b:51:5e:8f: ef:f3:b2:27:3d:3a:10:90:b8:a5:41:2c:ad:b3:23: 3b:86:9b:d0:6f:54:a6:3b:dc:2a:d8:10:c3:67:a3: 84:80:7b:82:ae:4d:a6:c0:f6:9f:b7:7c:2d:ff:29: c7:63:7e:6f:35:a0:a0:a3:5d:05:82:71:72:ec:b7: ba:cb:76:c1:74:4e:4b:95:3c:b5:37:b6:7d:e4:4b: 0c:0f:8f:12:7d:99:86:22:9d:bd:a9:52:56:d7:06: 6b:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 43:C4:C3:4A:FD:D0:D1:1F:36:87:D2:8E:9B:1A:DB:CE:50:B3:BF:56 X509v3 Authority Key Identifier: keyid:31:D7:D9:D2:9C:EC:F8:E5:91:22:23:3D:71:6E:6B:05:0E:71:84:78 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MdfZ0pzs-OWRIiM9cW5rBQ5xhHg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/af832b-a641-4e46-a836-40f4c68e9a31/1/MdfZ0pzs-OWRIiM9cW5rBQ5xhHg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/20/af832b-a641-4e46-a836-40f4c68e9a31/1/MdfZ0pzs-OWRIiM9cW5rBQ5xhHg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 96:b9:32:96:a6:3c:2b:9c:8e:55:e9:c7:32:fd:8f:99:38:6f: 2d:8e:25:6d:5f:39:10:0c:b4:2b:ad:2d:e6:08:e4:76:fd:f2: 18:7e:1f:ab:c7:e3:34:31:92:6b:a0:23:31:18:47:0b:10:ec: 54:14:22:a3:e0:6d:23:17:c9:09:ce:e8:57:43:33:79:4d:14: 02:29:65:21:49:e6:7b:48:b7:8f:2a:cb:cc:bb:e7:d8:3a:d5: 68:1c:e7:20:92:44:15:a1:91:07:6f:b5:3e:b3:4a:3d:33:da: 1b:78:7c:d7:61:e6:59:75:50:69:8b:9e:c3:60:36:d1:91:c4: d0:8e:30:0e:0d:3b:dd:f0:c6:59:a4:78:e8:9a:04:3c:ce:91: b2:99:06:30:d8:95:cb:d5:97:11:fa:ce:25:11:ca:e7:90:fd: 5b:b3:1a:51:b2:e8:40:6a:be:fe:3f:db:7b:bf:25:47:86:19: c1:d7:89:9e:c9:0d:35:41:be:94:da:dd:63:08:14:d0:6c:3c: c2:e5:6b:e1:88:8f:70:9d:f4:ca:ee:46:e9:7b:b9:01:a1:4e: fc:fd:a0:c8:31:43:9a:b5:fe:65:c9:59:33:02:58:48:9d:49: 16:9a:ce:31:9d:ea:64:67:b2:8d:b6:64:c5:e2:0c:13:ab:e7: b4:1f:fc:69 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtSKpE9h4IY6AjTA4UVIR7cMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDMxZDdkOWQyOWNlY2Y4ZTU5MTIyMjMzZDcxNmU2YjA1MGU3 MTg0NzgwHhcNMjUxMjI0MjEwMTE5WhcNMjUxMjI1MjEwMTE5WjAzMTEwLwYDVQQD Eyg0M2M0YzM0YWZkZDBkMTFmMzY4N2QyOGU5YjFhZGJjZTUwYjNiZjU2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo0fxUrE7eLQD4ZM5yiBs3bi74MVA a6qsTsgJlF80Tpna1N0zZ96E99qHutkL+O8KuYwnF+KbgsmtmPdX0x1dGUkKmbhH hqr8EExubuG6st0E4pfzRAUeIw2ZEvAHJH7d/zkabk47PkoA73kdS4H8uEA8kwwD asTucbzxz4AX8qqQFwhAO+6w4gCxS8RnoqVeRaVEGOawM4/GX3n9d1627WtRXo/v 87InPToQkLilQSytsyM7hpvQb1SmO9wq2BDDZ6OEgHuCrk2mwPaft3wt/ynHY35v NaCgo10FgnFy7Le6y3bBdE5LlTy1N7Z95EsMD48SfZmGIp29qVJW1wZrhwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEPEw0r90NEfNofSjpsa285Qs79WMB8GA1UdIwQY MBaAFDHX2dKc7PjlkSIjPXFuawUOcYR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTWRmWjBwenMtT1dSSWlNOWNXNXJCUTV4aEhnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC9hZjgzMmItYTY0MS00ZTQ2LWE4MzYt NDBmNGM2OGU5YTMxLzEvTWRmWjBwenMtT1dSSWlNOWNXNXJCUTV4aEhnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMC9hZjgzMmItYTY0MS00ZTQ2LWE4MzYtNDBmNGM2OGU5YTMx LzEvTWRmWjBwenMtT1dSSWlNOWNXNXJCUTV4aEhnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlrkylqY8 K5yOVenHMv2PmThvLY4lbV85EAy0K60t5gjkdv3yGH4fq8fjNDGSa6AjMRhHCxDs VBQio+BtIxfJCc7oV0MzeU0UAillIUnme0i3jyrLzLvn2DrVaBznIJJEFaGRB2+1 PrNKPTPaG3h812HmWXVQaYuew2A20ZHE0I4wDg073fDGWaR46JoEPM6RspkGMNiV y9WXEfrOJRHK55D9W7MaUbLoQGq+/j/be78lR4YZwdeJnskNNUG+lNrdYwgU0Gw8 wuVr4YiPcJ30yu5G6Xu5AaFO/P2gyDFDmrX+ZclZMwJYSJ1JFprOMZ3qZGeyjbZk xeIME6vntB/8aQ== -----END CERTIFICATE-----Generated at Thu Dec 25 03:30:42 2025 by rpki-client