This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/6536f9-87dd-4edd-b01c-b23172eb81fb/1/mSAfYJ56iT2obPDrvKS79HJ51hc.mft File: mSAfYJ56iT2obPDrvKS79HJ51hc.mft (raw, json) Hash identifier: NRzY+H9f6A6TJyZj0Ugzd4igKEgYjZyLGTB0SKG6a2M= Subject key identifier: 18:62:FB:89:C2:19:BD:4F:A1:71:C4:EE:64:43:EA:08:DB:0D:54:13 Authority key identifier: 99:20:1F:60:9E:7A:89:3D:A8:6C:F0:EB:BC:A4:BB:F4:72:79:D6:17 Certificate issuer: /CN=99201f609e7a893da86cf0ebbca4bbf47279d617 Certificate serial: 019B3D90B81A67E297B4BD3E69E0F7E1B2C3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mSAfYJ56iT2obPDrvKS79HJ51hc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/6536f9-87dd-4edd-b01c-b23172eb81fb/1/mSAfYJ56iT2obPDrvKS79HJ51hc.mft Manifest number: 0624 Signing time: Sat 20 Dec 2025 21:00:52 +0000 Manifest this update: Sat 20 Dec 2025 21:00:52 +0000 Manifest next update: Sun 21 Dec 2025 21:00:52 +0000 Files and hashes: 1: mSAfYJ56iT2obPDrvKS79HJ51hc.crl (hash: SlENOW+XQp7lhllcPZ+cO3KWfRBLBjFQvjDrFeIRmBU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/56/6536f9-87dd-4edd-b01c-b23172eb81fb/1/mSAfYJ56iT2obPDrvKS79HJ51hc.crl rsync://rpki.ripe.net/repository/DEFAULT/56/6536f9-87dd-4edd-b01c-b23172eb81fb/1/mSAfYJ56iT2obPDrvKS79HJ51hc.mft rsync://rpki.ripe.net/repository/DEFAULT/mSAfYJ56iT2obPDrvKS79HJ51hc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 15:46:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3d:90:b8:1a:67:e2:97:b4:bd:3e:69:e0:f7:e1:b2:c3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=99201f609e7a893da86cf0ebbca4bbf47279d617 Validity Not Before: Dec 20 21:00:52 2025 GMT Not After : Dec 21 21:00:52 2025 GMT Subject: CN=1862fb89c219bd4fa171c4ee6443ea08db0d5413 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:54:81:09:45:02:f2:90:72:62:b7:33:a4:72: 2a:79:65:40:a0:b1:0c:51:e2:e2:ee:f9:57:63:79: a5:4a:8f:a2:67:1b:11:ac:97:4b:f2:30:4d:f2:e3: b2:40:c5:31:9f:61:be:38:4f:a9:e4:1f:b7:e9:8a: 74:c1:99:bc:11:66:4b:9f:b0:9c:1f:b3:fb:f6:da: dc:54:81:c5:21:f5:c2:75:2f:34:18:99:bb:a8:0c: ff:76:18:e1:89:7e:0a:6b:a7:70:3f:82:29:d9:7f: e9:f0:ec:6f:45:c4:11:65:7c:37:ef:c4:04:a6:ac: d7:10:38:bd:97:49:c8:e5:37:94:da:55:d9:7b:a8: cd:3e:ba:96:c0:e3:be:03:39:f8:3c:48:de:f7:ea: e2:85:71:3a:f6:2d:53:9c:42:83:9c:90:dc:1f:d6: e9:f5:e0:67:dc:99:65:67:22:48:40:13:ea:4b:34: 19:24:df:44:5a:a6:b8:54:fa:7c:9b:23:f6:8a:fb: f0:cf:07:c8:47:98:40:56:c2:27:14:32:1d:34:d9: 72:9b:35:e5:a4:ec:e6:c7:23:76:79:24:e3:b5:6b: d0:9a:f6:46:cf:0e:23:2e:7e:59:45:61:67:a2:97: a7:11:0c:de:9d:40:82:03:17:b8:34:df:17:31:3c: 94:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 18:62:FB:89:C2:19:BD:4F:A1:71:C4:EE:64:43:EA:08:DB:0D:54:13 X509v3 Authority Key Identifier: keyid:99:20:1F:60:9E:7A:89:3D:A8:6C:F0:EB:BC:A4:BB:F4:72:79:D6:17 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mSAfYJ56iT2obPDrvKS79HJ51hc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/6536f9-87dd-4edd-b01c-b23172eb81fb/1/mSAfYJ56iT2obPDrvKS79HJ51hc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/56/6536f9-87dd-4edd-b01c-b23172eb81fb/1/mSAfYJ56iT2obPDrvKS79HJ51hc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b1:fd:1e:9e:8a:ea:28:f7:1c:5c:4c:30:08:77:b7:69:00:44: 4a:2c:f4:be:fe:d0:8c:1e:a1:a8:cd:f2:a9:64:3a:76:51:63: 1b:4d:b9:3f:1f:20:2f:43:7c:1c:04:b8:8d:9b:fa:52:c6:31: d2:aa:8a:c5:43:f6:d5:b7:7e:39:09:ab:66:3d:ac:ea:6b:7f: cd:59:46:7f:34:4b:49:f3:fb:de:c3:7a:cb:0a:a2:ec:d9:d5: 3a:1b:d9:ac:3d:63:98:4a:dc:29:c7:8d:85:04:34:52:e2:21: 1e:aa:ac:ef:f0:3d:3c:00:1e:0b:0b:df:5a:62:5c:6c:21:ab: 30:11:9f:a6:ba:d1:93:81:c4:2c:b2:62:a8:b6:83:d4:ef:12: 9b:f1:15:08:85:93:39:77:d1:2c:c1:93:a3:1b:9e:c3:fa:7f: 54:cc:7e:9d:7e:79:6d:b0:c4:c9:c0:f8:d9:57:b4:18:63:57: 11:80:3b:1a:90:87:2b:28:5b:50:e1:aa:45:34:1b:e9:0f:82: bb:13:09:e3:20:6d:9d:8d:e0:f6:06:95:14:87:44:b5:d2:b9: db:9e:8a:8d:a9:01:24:06:87:a7:b3:5e:59:c2:28:bb:3c:b9: 2b:7c:e0:47:b5:13:d1:e0:55:b5:87:06:73:de:80:b8:31:07: c7:a0:a0:4a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs9kLgaZ+KXtL0+aeD34bLDMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk5MjAxZjYwOWU3YTg5M2RhODZjZjBlYmJjYTRiYmY0NzI3 OWQ2MTcwHhcNMjUxMjIwMjEwMDUyWhcNMjUxMjIxMjEwMDUyWjAzMTEwLwYDVQQD EygxODYyZmI4OWMyMTliZDRmYTE3MWM0ZWU2NDQzZWEwOGRiMGQ1NDEzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAylSBCUUC8pByYrczpHIqeWVAoLEM UeLi7vlXY3mlSo+iZxsRrJdL8jBN8uOyQMUxn2G+OE+p5B+36Yp0wZm8EWZLn7Cc H7P79trcVIHFIfXCdS80GJm7qAz/dhjhiX4Ka6dwP4Ip2X/p8OxvRcQRZXw378QE pqzXEDi9l0nI5TeU2lXZe6jNPrqWwOO+Azn4PEje9+rihXE69i1TnEKDnJDcH9bp 9eBn3JllZyJIQBPqSzQZJN9EWqa4VPp8myP2ivvwzwfIR5hAVsInFDIdNNlymzXl pOzmxyN2eSTjtWvQmvZGzw4jLn5ZRWFnopenEQzenUCCAxe4NN8XMTyUjwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBhi+4nCGb1PoXHE7mRD6gjbDVQTMB8GA1UdIwQY MBaAFJkgH2Ceeok9qGzw67yku/RyedYXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbVNBZllKNTZpVDJvYlBEcnZLUzc5SEo1MWhjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni82NTM2ZjktODdkZC00ZWRkLWIwMWMt YjIzMTcyZWI4MWZiLzEvbVNBZllKNTZpVDJvYlBEcnZLUzc5SEo1MWhjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Ni82NTM2ZjktODdkZC00ZWRkLWIwMWMtYjIzMTcyZWI4MWZi LzEvbVNBZllKNTZpVDJvYlBEcnZLUzc5SEo1MWhjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsf0enorq KPccXEwwCHe3aQBESiz0vv7QjB6hqM3yqWQ6dlFjG025Px8gL0N8HAS4jZv6UsYx 0qqKxUP21bd+OQmrZj2s6mt/zVlGfzRLSfP73sN6ywqi7NnVOhvZrD1jmErcKceN hQQ0UuIhHqqs7/A9PAAeCwvfWmJcbCGrMBGfprrRk4HELLJiqLaD1O8Sm/EVCIWT OXfRLMGToxuew/p/VMx+nX55bbDEycD42Ve0GGNXEYA7GpCHKyhbUOGqRTQb6Q+C uxMJ4yBtnY3g9gaVFIdEtdK5256KjakBJAaHp7NeWcIouzy5K3zgR7UT0eBVtYcG c96AuDEHx6CgSg== -----END CERTIFICATE-----Generated at Sat Dec 20 23:06:44 2025 by rpki-client