This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/125b9d-2a1f-463a-965e-7cfeaf086e14/1/MkxxBGxUn7PH1OvEz5UZ0ALnbfE.mft File: MkxxBGxUn7PH1OvEz5UZ0ALnbfE.mft (raw, json) Hash identifier: IvED1nFiw8M1k0WKAAbtQq230nxQHYNFMLfG5RNCavM= Subject key identifier: 91:FA:B7:A4:94:78:A1:D0:B0:72:CF:3F:A1:D3:92:60:F4:85:27:B0 Authority key identifier: 32:4C:71:04:6C:54:9F:B3:C7:D4:EB:C4:CF:95:19:D0:02:E7:6D:F1 Certificate issuer: /CN=324c71046c549fb3c7d4ebc4cf9519d002e76df1 Certificate serial: 019B5CE4C2805CD7FD89A46EA479183C5C01 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MkxxBGxUn7PH1OvEz5UZ0ALnbfE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/125b9d-2a1f-463a-965e-7cfeaf086e14/1/MkxxBGxUn7PH1OvEz5UZ0ALnbfE.mft Manifest number: 0C61 Signing time: Fri 26 Dec 2025 23:00:54 +0000 Manifest this update: Fri 26 Dec 2025 23:00:54 +0000 Manifest next update: Sat 27 Dec 2025 23:00:54 +0000 Files and hashes: 1: 2W4Y0bQNlvS93LoW6fNHPM7BKLQ.roa (hash: I9C4k+xseXfObTJ4huNUkRHHI0jQTaqLFqDJffjcwOE=) 2: MkxxBGxUn7PH1OvEz5UZ0ALnbfE.crl (hash: 33ZQFc7N1wv0wIDX0erlkIndjf/4DQmCzc8X601641A=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/56/125b9d-2a1f-463a-965e-7cfeaf086e14/1/MkxxBGxUn7PH1OvEz5UZ0ALnbfE.crl rsync://rpki.ripe.net/repository/DEFAULT/56/125b9d-2a1f-463a-965e-7cfeaf086e14/1/MkxxBGxUn7PH1OvEz5UZ0ALnbfE.mft rsync://rpki.ripe.net/repository/DEFAULT/MkxxBGxUn7PH1OvEz5UZ0ALnbfE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 23:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5c:e4:c2:80:5c:d7:fd:89:a4:6e:a4:79:18:3c:5c:01 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=324c71046c549fb3c7d4ebc4cf9519d002e76df1 Validity Not Before: Dec 26 23:00:54 2025 GMT Not After : Dec 27 23:00:54 2025 GMT Subject: CN=91fab7a49478a1d0b072cf3fa1d39260f48527b0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:da:e6:b1:c2:5f:6d:13:7d:7d:9a:31:c8:6a: 34:1a:4d:38:dc:33:2e:f6:6e:41:e2:59:b2:f6:ef: 0a:f0:b8:3a:9a:72:bd:4b:69:59:d9:d1:ae:ac:3e: 14:71:2c:81:47:29:7c:e8:0f:0d:47:a3:98:85:99: 36:2b:e3:d3:d6:0f:84:74:6b:69:b8:ae:73:18:a2: 80:6d:6b:6f:9e:4d:51:99:38:66:8e:34:f0:b7:af: 46:db:aa:43:7b:e8:d0:94:41:2c:e0:c6:a5:77:3e: 19:9a:a1:28:b5:d1:28:69:bf:a9:4c:e1:41:45:9e: 98:fa:d6:5b:15:12:6c:a5:36:00:b0:9d:85:e6:92: c0:0c:2b:60:6c:69:7f:f9:c1:30:1b:88:4a:b9:4d: cd:98:94:e0:d6:04:87:3e:1d:4f:7d:00:99:c3:e4: 4a:88:1e:ea:ed:cc:69:8f:97:64:08:ef:c5:b9:25: da:d3:61:f3:8f:fb:29:18:3f:25:ae:a7:94:f9:3e: 97:ed:d0:e8:bf:ce:06:82:64:5a:53:7d:08:4b:1e: fa:ad:b5:54:86:03:3a:85:f5:37:35:21:ea:33:68: c5:ae:e5:85:6b:cf:64:f6:7f:7a:b8:9b:92:29:78: 7d:41:6e:a5:31:18:67:ce:47:82:e8:21:57:e6:bd: 59:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:FA:B7:A4:94:78:A1:D0:B0:72:CF:3F:A1:D3:92:60:F4:85:27:B0 X509v3 Authority Key Identifier: keyid:32:4C:71:04:6C:54:9F:B3:C7:D4:EB:C4:CF:95:19:D0:02:E7:6D:F1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MkxxBGxUn7PH1OvEz5UZ0ALnbfE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/125b9d-2a1f-463a-965e-7cfeaf086e14/1/MkxxBGxUn7PH1OvEz5UZ0ALnbfE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/56/125b9d-2a1f-463a-965e-7cfeaf086e14/1/MkxxBGxUn7PH1OvEz5UZ0ALnbfE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 52:0c:00:e2:26:3c:4e:a8:57:89:4f:d2:2a:e9:0e:13:00:4a: f3:73:b5:e9:7d:bc:02:3e:37:60:12:63:fe:95:0c:81:7e:3d: 02:76:53:4c:91:26:bb:67:e3:01:2f:ef:54:89:9f:33:60:be: b7:ac:ca:e3:20:00:cc:23:1e:67:90:71:b5:7c:c3:3d:aa:e8: 2b:d7:15:76:ec:e8:d4:42:1c:72:ae:55:eb:aa:8e:16:6f:ce: 28:54:7b:82:89:bc:65:db:b3:90:bf:8b:f2:43:9f:6f:55:f6: 1b:10:b9:8b:d6:af:9f:eb:54:2d:5f:5e:73:08:74:ee:de:87: ce:6a:ed:f9:63:c2:96:7c:8a:23:d2:38:c2:76:dd:79:65:29: 42:56:13:51:40:b8:ce:71:a0:fb:22:6e:c9:27:7f:45:d7:8a: 2e:6f:82:51:f8:dc:c9:5c:ff:3a:45:15:5c:8e:0a:fb:b3:3c: 91:fc:2b:a1:7d:56:f3:c8:72:e1:13:bd:ce:02:b7:0e:ad:98: 23:e8:4e:3c:32:f0:0a:be:73:f7:7c:a2:d5:7b:52:4e:4b:bd: c0:6a:ca:6e:37:10:72:65:c2:f0:cd:24:9e:c1:71:36:7e:c4: 53:55:37:17:70:12:dd:f2:6f:15:f3:0a:ca:33:ab:3d:1f:76: 29:4d:17:ac -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtc5MKAXNf9iaRupHkYPFwBMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDMyNGM3MTA0NmM1NDlmYjNjN2Q0ZWJjNGNmOTUxOWQwMDJl NzZkZjEwHhcNMjUxMjI2MjMwMDU0WhcNMjUxMjI3MjMwMDU0WjAzMTEwLwYDVQQD Eyg5MWZhYjdhNDk0NzhhMWQwYjA3MmNmM2ZhMWQzOTI2MGY0ODUyN2IwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyNrmscJfbRN9fZoxyGo0Gk043DMu 9m5B4lmy9u8K8Lg6mnK9S2lZ2dGurD4UcSyBRyl86A8NR6OYhZk2K+PT1g+EdGtp uK5zGKKAbWtvnk1RmThmjjTwt69G26pDe+jQlEEs4Maldz4ZmqEotdEoab+pTOFB RZ6Y+tZbFRJspTYAsJ2F5pLADCtgbGl/+cEwG4hKuU3NmJTg1gSHPh1PfQCZw+RK iB7q7cxpj5dkCO/FuSXa02Hzj/spGD8lrqeU+T6X7dDov84GgmRaU30ISx76rbVU hgM6hfU3NSHqM2jFruWFa89k9n96uJuSKXh9QW6lMRhnzkeC6CFX5r1ZuwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJH6t6SUeKHQsHLPP6HTkmD0hSewMB8GA1UdIwQY MBaAFDJMcQRsVJ+zx9TrxM+VGdAC523xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTWt4eEJHeFVuN1BIMU92RXo1VVowQUxuYmZFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni8xMjViOWQtMmExZi00NjNhLTk2NWUt N2NmZWFmMDg2ZTE0LzEvTWt4eEJHeFVuN1BIMU92RXo1VVowQUxuYmZFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Ni8xMjViOWQtMmExZi00NjNhLTk2NWUtN2NmZWFmMDg2ZTE0 LzEvTWt4eEJHeFVuN1BIMU92RXo1VVowQUxuYmZFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUgwA4iY8 TqhXiU/SKukOEwBK83O16X28Aj43YBJj/pUMgX49AnZTTJEmu2fjAS/vVImfM2C+ t6zK4yAAzCMeZ5BxtXzDParoK9cVduzo1EIccq5V66qOFm/OKFR7gom8ZduzkL+L 8kOfb1X2GxC5i9avn+tULV9ecwh07t6Hzmrt+WPClnyKI9I4wnbdeWUpQlYTUUC4 znGg+yJuySd/RdeKLm+CUfjcyVz/OkUVXI4K+7M8kfwroX1W88hy4RO9zgK3Dq2Y I+hOPDLwCr5z93yi1XtSTku9wGrKbjcQcmXC8M0knsFxNn7EU1U3F3AS3fJvFfMK yjOrPR92KU0XrA== -----END CERTIFICATE-----Generated at Sat Dec 27 07:03:31 2025 by rpki-client