This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/3631e0-56d7-4c29-95c4-6682b07fa947/1/Mns0IMJQE3legioq5Q043B04J5M.mft File: Mns0IMJQE3legioq5Q043B04J5M.mft (raw, json) Hash identifier: wlz9VndG+WKfaFP11fDEBAxwP83CBFFx4OIE1pekNUk= Subject key identifier: 58:6F:BD:DE:1F:86:16:A0:08:28:20:E0:30:F0:C5:C0:74:A1:22:94 Authority key identifier: 32:7B:34:20:C2:50:13:79:5E:82:2A:2A:E5:0D:38:DC:1D:38:27:93 Certificate issuer: /CN=327b3420c25013795e822a2ae50d38dc1d382793 Certificate serial: 019B73A35D500864A3649CF8F7C08317895C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mns0IMJQE3legioq5Q043B04J5M.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/3631e0-56d7-4c29-95c4-6682b07fa947/1/Mns0IMJQE3legioq5Q043B04J5M.mft Manifest number: 17A5 Signing time: Wed 31 Dec 2025 09:00:44 +0000 Manifest this update: Wed 31 Dec 2025 09:00:44 +0000 Manifest next update: Thu 01 Jan 2026 09:00:44 +0000 Files and hashes: 1: Mns0IMJQE3legioq5Q043B04J5M.crl (hash: PGyS0iEriHNlAcKz7EXWLRHEnMnJYrvBfgLeaHvO04c=) 2: v9geoE7KmWCRnCztGaTkN5bSNF0.roa (hash: yJ1Hvyh5t82gNQ9PRDa/lCyqTlzjssbfVD5EEeI11lA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/3631e0-56d7-4c29-95c4-6682b07fa947/1/Mns0IMJQE3legioq5Q043B04J5M.crl rsync://rpki.ripe.net/repository/DEFAULT/43/3631e0-56d7-4c29-95c4-6682b07fa947/1/Mns0IMJQE3legioq5Q043B04J5M.mft rsync://rpki.ripe.net/repository/DEFAULT/Mns0IMJQE3legioq5Q043B04J5M.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 01 Jan 2026 08:51:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:73:a3:5d:50:08:64:a3:64:9c:f8:f7:c0:83:17:89:5c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=327b3420c25013795e822a2ae50d38dc1d382793 Validity Not Before: Dec 31 09:00:44 2025 GMT Not After : Jan 1 09:00:44 2026 GMT Subject: CN=586fbdde1f8616a0082820e030f0c5c074a12294 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:cd:f4:07:eb:a4:92:96:8f:a5:5b:7d:bc:63: 41:92:c3:64:85:69:05:ff:0e:aa:46:ca:05:5f:df: 40:08:41:77:ae:63:9f:af:3c:89:6b:e4:0b:0f:ee: f6:de:37:05:1d:11:01:1c:b0:e8:3e:bf:2a:75:f8: 3d:98:43:8e:fd:21:bc:db:d3:28:ac:c1:09:a0:2c: 81:35:57:79:6b:f2:22:95:78:1c:0c:9a:01:e4:fe: 3e:54:3a:d1:47:e4:43:d0:ff:cf:54:60:2b:b5:38: 0d:17:9a:3c:d1:00:64:15:ab:7b:16:b9:96:32:ad: c8:5c:84:9e:ca:42:e9:bd:ea:e2:4b:f9:1b:bb:ce: ed:b6:1c:dd:b9:9f:a5:a9:91:3e:1c:f9:66:34:50: 2d:48:df:6c:1c:9c:82:05:ea:c4:b6:c0:bd:47:51: 99:96:e6:93:e3:76:5c:5f:36:53:ec:e8:55:a4:6f: 88:b2:43:dd:3d:49:7f:7e:31:1c:dc:08:8f:65:28: 60:63:dc:34:55:8a:df:af:40:37:3f:d8:96:63:5f: b9:35:8a:dd:8e:7e:4f:a3:68:4e:dd:7a:0b:2b:75: 3f:48:28:c6:b2:ed:1f:3d:10:72:8e:9a:54:d6:9d: 28:b0:b6:3e:44:e9:ac:d1:9d:41:97:1c:8e:25:38: 09:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 58:6F:BD:DE:1F:86:16:A0:08:28:20:E0:30:F0:C5:C0:74:A1:22:94 X509v3 Authority Key Identifier: keyid:32:7B:34:20:C2:50:13:79:5E:82:2A:2A:E5:0D:38:DC:1D:38:27:93 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mns0IMJQE3legioq5Q043B04J5M.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/3631e0-56d7-4c29-95c4-6682b07fa947/1/Mns0IMJQE3legioq5Q043B04J5M.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/43/3631e0-56d7-4c29-95c4-6682b07fa947/1/Mns0IMJQE3legioq5Q043B04J5M.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 07:6d:8c:7d:6e:2d:01:9e:b2:b0:15:53:23:50:e7:31:0e:42: 63:26:88:44:ce:74:c2:34:2d:6d:ed:ae:63:31:b7:27:22:9e: 72:98:2d:08:de:8e:06:47:31:2c:28:07:56:1c:36:6f:d3:26: 46:09:9c:dd:a0:96:06:11:b6:08:0f:6c:2b:f2:30:b3:61:9c: b2:31:a7:25:35:6b:2c:9e:da:ae:53:72:1a:ef:40:a7:23:f5: a9:f7:e0:b9:48:4d:37:a5:56:79:95:8e:97:dd:6d:a4:69:24: 4e:af:44:3c:f8:8c:11:66:c7:34:8a:07:5e:cb:e0:87:47:c8: 14:78:5b:fe:c4:20:8d:ce:95:0f:a5:71:c9:c1:05:eb:c9:1d: f7:0a:af:f4:23:56:c6:94:cd:3f:10:17:ec:24:80:1b:47:5e: 47:aa:4b:40:79:07:48:e1:b5:14:f8:10:79:3e:17:e7:6a:9a: d6:c2:87:ef:40:46:4f:7c:15:f3:1c:45:a1:ea:b5:04:d4:07: 2d:a5:90:59:cb:07:e6:4b:ef:de:d2:4e:30:09:1f:49:06:42: e4:7c:d3:7e:aa:9c:19:fb:0f:ef:7f:a8:b4:8f:1a:3c:40:b7: ee:c7:c8:65:49:3f:4e:de:89:b6:35:d1:91:26:fd:26:73:67: ab:a2:ab:24 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtzo11QCGSjZJz498CDF4lcMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDMyN2IzNDIwYzI1MDEzNzk1ZTgyMmEyYWU1MGQzOGRjMWQz ODI3OTMwHhcNMjUxMjMxMDkwMDQ0WhcNMjYwMTAxMDkwMDQ0WjAzMTEwLwYDVQQD Eyg1ODZmYmRkZTFmODYxNmEwMDgyODIwZTAzMGYwYzVjMDc0YTEyMjk0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy830B+ukkpaPpVt9vGNBksNkhWkF /w6qRsoFX99ACEF3rmOfrzyJa+QLD+723jcFHREBHLDoPr8qdfg9mEOO/SG829Mo rMEJoCyBNVd5a/IilXgcDJoB5P4+VDrRR+RD0P/PVGArtTgNF5o80QBkFat7FrmW Mq3IXISeykLpveriS/kbu87tthzduZ+lqZE+HPlmNFAtSN9sHJyCBerEtsC9R1GZ luaT43ZcXzZT7OhVpG+IskPdPUl/fjEc3AiPZShgY9w0VYrfr0A3P9iWY1+5NYrd jn5Po2hO3XoLK3U/SCjGsu0fPRByjppU1p0osLY+ROms0Z1BlxyOJTgJXwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFhvvd4fhhagCCgg4DDwxcB0oSKUMB8GA1UdIwQY MBaAFDJ7NCDCUBN5XoIqKuUNONwdOCeTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTW5zMElNSlFFM2xlZ2lvcTVRMDQzQjA0SjVNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My8zNjMxZTAtNTZkNy00YzI5LTk1YzQt NjY4MmIwN2ZhOTQ3LzEvTW5zMElNSlFFM2xlZ2lvcTVRMDQzQjA0SjVNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80My8zNjMxZTAtNTZkNy00YzI5LTk1YzQtNjY4MmIwN2ZhOTQ3 LzEvTW5zMElNSlFFM2xlZ2lvcTVRMDQzQjA0SjVNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAB22MfW4t AZ6ysBVTI1DnMQ5CYyaIRM50wjQtbe2uYzG3JyKecpgtCN6OBkcxLCgHVhw2b9Mm Rgmc3aCWBhG2CA9sK/Iws2GcsjGnJTVrLJ7arlNyGu9ApyP1qffguUhNN6VWeZWO l91tpGkkTq9EPPiMEWbHNIoHXsvgh0fIFHhb/sQgjc6VD6VxycEF68kd9wqv9CNW xpTNPxAX7CSAG0deR6pLQHkHSOG1FPgQeT4X52qa1sKH70BGT3wV8xxFoeq1BNQH LaWQWcsH5kvv3tJOMAkfSQZC5HzTfqqcGfsP73+otI8aPEC37sfIZUk/Tt6JtjXR kSb9JnNnq6KrJA== -----END CERTIFICATE-----Generated at Wed Dec 31 10:27:44 2025 by rpki-client