This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/13d48a-d0ee-4d55-a33b-b0eb4c06a1e7/1/Ma-3caS5EQsRSqgHr7cIaxplN54.mft File: Ma-3caS5EQsRSqgHr7cIaxplN54.mft (raw, json) Hash identifier: KEm5rc18Ofn1qcaUKpWBqSYeBdQyQCzQzQCiiYxu4zY= Subject key identifier: 6E:4D:55:91:8F:7C:B4:E9:C7:BB:04:FD:A8:E1:C7:63:4C:18:14:BB Authority key identifier: 31:AF:B7:71:A4:B9:11:0B:11:4A:A8:07:AF:B7:08:6B:1A:65:37:9E Certificate issuer: /CN=31afb771a4b9110b114aa807afb7086b1a65379e Certificate serial: 019B32D7BCB307A1DE586BB23D924B819908 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ma-3caS5EQsRSqgHr7cIaxplN54.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/13d48a-d0ee-4d55-a33b-b0eb4c06a1e7/1/Ma-3caS5EQsRSqgHr7cIaxplN54.mft Manifest number: 053F Signing time: Thu 18 Dec 2025 19:02:37 +0000 Manifest this update: Thu 18 Dec 2025 19:02:37 +0000 Manifest next update: Fri 19 Dec 2025 19:02:37 +0000 Files and hashes: 1: Ma-3caS5EQsRSqgHr7cIaxplN54.crl (hash: hk+SH01k8WF1oGr32jvxUv0hwGe02uOlP7NBkR3nXwk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/13d48a-d0ee-4d55-a33b-b0eb4c06a1e7/1/Ma-3caS5EQsRSqgHr7cIaxplN54.crl rsync://rpki.ripe.net/repository/DEFAULT/52/13d48a-d0ee-4d55-a33b-b0eb4c06a1e7/1/Ma-3caS5EQsRSqgHr7cIaxplN54.mft rsync://rpki.ripe.net/repository/DEFAULT/Ma-3caS5EQsRSqgHr7cIaxplN54.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 19:02:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:32:d7:bc:b3:07:a1:de:58:6b:b2:3d:92:4b:81:99:08 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=31afb771a4b9110b114aa807afb7086b1a65379e Validity Not Before: Dec 18 19:02:37 2025 GMT Not After : Dec 19 19:02:37 2025 GMT Subject: CN=6e4d55918f7cb4e9c7bb04fda8e1c7634c1814bb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:1d:34:03:3f:eb:bd:04:47:fc:64:0e:04:09: 12:95:1d:c3:d1:e1:78:e2:ce:a0:0c:f0:60:6f:4d: 85:3d:ec:b3:1a:ae:8b:4a:0f:06:1e:3f:d2:48:16: c9:c9:10:37:89:2a:01:58:13:1f:27:5f:43:11:6e: 5d:88:f3:d9:1e:b8:26:b9:7f:98:95:fc:11:5c:3a: d5:2b:3b:f4:ac:30:bc:a3:21:93:10:d8:bb:af:72: 63:a2:9b:7a:ac:8b:7f:84:d2:d2:e6:0b:ba:3a:6c: f0:00:6e:28:fb:e8:a1:c1:dd:1c:1d:6c:ba:cc:dc: 3d:84:5e:8a:81:1d:ff:db:6a:a0:a4:e9:5e:ef:54: 17:9e:4f:a5:fc:76:fa:09:48:85:7f:c6:43:d2:1f: ca:8c:8a:a2:f3:8b:bc:99:8b:82:28:00:57:f8:3e: 30:ad:ab:03:1b:0f:d4:6a:56:71:48:42:cd:a7:ae: ed:be:a2:8e:ca:05:03:e6:36:52:78:35:0e:40:77: 2a:75:28:81:df:8d:fc:56:96:75:2b:37:e4:60:0c: 00:a6:5d:1e:cd:9f:a1:92:14:3b:cd:52:17:77:ea: 6f:cd:1a:8f:4a:bc:14:1f:90:cf:e3:b2:45:dc:70: bd:61:77:b3:6f:ea:b6:6e:f5:7a:88:54:82:07:d6: 29:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6E:4D:55:91:8F:7C:B4:E9:C7:BB:04:FD:A8:E1:C7:63:4C:18:14:BB X509v3 Authority Key Identifier: keyid:31:AF:B7:71:A4:B9:11:0B:11:4A:A8:07:AF:B7:08:6B:1A:65:37:9E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ma-3caS5EQsRSqgHr7cIaxplN54.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/13d48a-d0ee-4d55-a33b-b0eb4c06a1e7/1/Ma-3caS5EQsRSqgHr7cIaxplN54.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/52/13d48a-d0ee-4d55-a33b-b0eb4c06a1e7/1/Ma-3caS5EQsRSqgHr7cIaxplN54.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 08:95:5f:9f:51:6a:5f:ec:3a:62:63:08:23:53:81:37:2c:40: 3e:20:59:6e:e0:55:7c:70:08:a5:81:0c:c2:14:de:c1:82:88: 4b:f0:a9:5c:f9:58:b9:77:1c:01:b4:47:d0:37:8a:bf:bc:26: 59:1c:fb:e2:ba:13:51:9c:76:c3:8b:1c:c6:d1:90:35:c5:81: 27:96:ad:08:09:84:20:08:f6:ae:b3:a5:8c:fd:12:72:e9:8b: 7d:79:55:5e:62:df:eb:27:10:e8:b0:8e:07:8e:ad:c6:e6:11: 1f:29:c3:b2:3f:65:d1:60:8f:59:06:9c:36:71:32:43:d0:fd: 0e:f8:8d:6b:1a:f6:d8:d4:bd:62:ec:27:ff:73:d5:e2:6a:3f: 81:82:dd:b7:bd:f3:db:26:60:9d:5b:38:3c:ef:0f:69:9b:a1: 9c:d9:31:86:99:b4:46:3f:6b:f4:bc:7e:dc:4f:53:5b:11:b2: f4:a4:5c:ea:50:99:7d:f9:03:d3:73:cd:ea:e1:9a:ea:22:90: 4e:88:8e:1c:32:b3:32:83:c4:21:26:7d:ec:a6:d0:0b:27:b2: 6a:ad:de:2f:3d:a4:65:a9:b2:fb:fa:68:2c:13:02:9a:43:0b: ab:3d:50:d6:de:cb:e9:dc:5a:00:59:36:7e:7a:e0:a3:12:2f: 48:72:7f:34 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsy17yzB6HeWGuyPZJLgZkIMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDMxYWZiNzcxYTRiOTExMGIxMTRhYTgwN2FmYjcwODZiMWE2 NTM3OWUwHhcNMjUxMjE4MTkwMjM3WhcNMjUxMjE5MTkwMjM3WjAzMTEwLwYDVQQD Eyg2ZTRkNTU5MThmN2NiNGU5YzdiYjA0ZmRhOGUxYzc2MzRjMTgxNGJiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4h00Az/rvQRH/GQOBAkSlR3D0eF4 4s6gDPBgb02FPeyzGq6LSg8GHj/SSBbJyRA3iSoBWBMfJ19DEW5diPPZHrgmuX+Y lfwRXDrVKzv0rDC8oyGTENi7r3Jjopt6rIt/hNLS5gu6OmzwAG4o++ihwd0cHWy6 zNw9hF6KgR3/22qgpOle71QXnk+l/Hb6CUiFf8ZD0h/KjIqi84u8mYuCKABX+D4w rasDGw/UalZxSELNp67tvqKOygUD5jZSeDUOQHcqdSiB3438VpZ1KzfkYAwApl0e zZ+hkhQ7zVIXd+pvzRqPSrwUH5DP47JF3HC9YXezb+q2bvV6iFSCB9YpNwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFG5NVZGPfLTpx7sE/ajhx2NMGBS7MB8GA1UdIwQY MBaAFDGvt3GkuRELEUqoB6+3CGsaZTeeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTWEtM2NhUzVFUXNSU3FnSHI3Y0lheHBsTjU0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi8xM2Q0OGEtZDBlZS00ZDU1LWEzM2It YjBlYjRjMDZhMWU3LzEvTWEtM2NhUzVFUXNSU3FnSHI3Y0lheHBsTjU0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Mi8xM2Q0OGEtZDBlZS00ZDU1LWEzM2ItYjBlYjRjMDZhMWU3 LzEvTWEtM2NhUzVFUXNSU3FnSHI3Y0lheHBsTjU0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACJVfn1Fq X+w6YmMII1OBNyxAPiBZbuBVfHAIpYEMwhTewYKIS/CpXPlYuXccAbRH0DeKv7wm WRz74roTUZx2w4scxtGQNcWBJ5atCAmEIAj2rrOljP0ScumLfXlVXmLf6ycQ6LCO B46txuYRHynDsj9l0WCPWQacNnEyQ9D9DviNaxr22NS9Yuwn/3PV4mo/gYLdt73z 2yZgnVs4PO8PaZuhnNkxhpm0Rj9r9Lx+3E9TWxGy9KRc6lCZffkD03PN6uGa6iKQ ToiOHDKzMoPEISZ97KbQCyeyaq3eLz2kZamy+/poLBMCmkMLqz1Q1t7L6dxaAFk2 fnrgoxIvSHJ/NA== -----END CERTIFICATE-----Generated at Fri Dec 19 00:10:54 2025 by rpki-client