This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/9aff54-5971-402f-ab69-a419670d17e1/1/MKqwK2VOkVytyjOSkuKMFcR9-Fg.mft File: MKqwK2VOkVytyjOSkuKMFcR9-Fg.mft (raw, json) Hash identifier: OdWTr2bi6NeHeKYe9YHs57YFvJ5dC0V2U+nkYkFsRtk= Subject key identifier: F8:F3:81:21:8C:94:D1:A2:A0:A0:54:79:1D:5B:6D:F2:CD:3A:7D:D9 Authority key identifier: 30:AA:B0:2B:65:4E:91:5C:AD:CA:33:92:92:E2:8C:15:C4:7D:F8:58 Certificate issuer: /CN=30aab02b654e915cadca339292e28c15c47df858 Certificate serial: 019B3343D47DF5A171E3D4AAB15777ADA56C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MKqwK2VOkVytyjOSkuKMFcR9-Fg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/9aff54-5971-402f-ab69-a419670d17e1/1/MKqwK2VOkVytyjOSkuKMFcR9-Fg.mft Manifest number: 05E5 Signing time: Thu 18 Dec 2025 21:00:41 +0000 Manifest this update: Thu 18 Dec 2025 21:00:41 +0000 Manifest next update: Fri 19 Dec 2025 21:00:41 +0000 Files and hashes: 1: MKqwK2VOkVytyjOSkuKMFcR9-Fg.crl (hash: R2a/EkGJB18NuerDN563Lp0URnncFJfhvwjrOt+JWtA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/9aff54-5971-402f-ab69-a419670d17e1/1/MKqwK2VOkVytyjOSkuKMFcR9-Fg.crl rsync://rpki.ripe.net/repository/DEFAULT/d5/9aff54-5971-402f-ab69-a419670d17e1/1/MKqwK2VOkVytyjOSkuKMFcR9-Fg.mft rsync://rpki.ripe.net/repository/DEFAULT/MKqwK2VOkVytyjOSkuKMFcR9-Fg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 20:16:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:33:43:d4:7d:f5:a1:71:e3:d4:aa:b1:57:77:ad:a5:6c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=30aab02b654e915cadca339292e28c15c47df858 Validity Not Before: Dec 18 21:00:41 2025 GMT Not After : Dec 19 21:00:41 2025 GMT Subject: CN=f8f381218c94d1a2a0a054791d5b6df2cd3a7dd9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:4f:83:74:23:69:c5:fa:c9:b8:6b:79:11:04: 65:28:27:51:62:66:f2:bb:e3:21:d8:2a:a5:f3:8d: 4e:82:c0:04:75:8c:31:7e:33:b4:9e:78:15:da:58: c6:2a:bc:88:32:b9:50:cf:20:ae:9c:b2:15:63:fb: 2e:ac:f0:10:d2:fe:c3:b8:61:ae:c6:58:00:e7:90: 84:ac:c4:ea:02:de:b0:2b:f8:8a:89:bf:cf:75:79: 09:15:4d:97:b6:b2:7c:e1:db:17:a9:2b:dd:b8:85: cb:18:91:f6:6c:61:1d:0e:67:fa:ad:52:2a:07:52: 58:9f:d8:19:ec:4d:c6:d9:23:dd:d5:a8:d4:39:e7: a3:63:b5:4b:fe:8a:ee:91:46:f3:2b:60:6d:5d:a2: aa:be:c4:8d:f9:16:ad:c8:4e:e2:c8:63:2d:e7:5f: 48:dc:77:10:c7:59:e5:41:0d:ea:25:89:f4:38:d0: 1a:b8:5c:45:05:3b:16:fb:7f:31:4f:8f:e2:2c:82: 6f:8f:56:8c:57:25:49:91:31:ea:5e:90:f9:2b:39: ac:53:bc:f6:66:66:25:58:c7:2a:1b:c2:4a:9e:78: 99:14:9b:c2:f0:46:05:57:84:fd:26:ef:fc:d4:b2: d3:72:3d:ca:92:57:b4:3d:3e:d9:b5:e5:09:31:a3: 02:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F8:F3:81:21:8C:94:D1:A2:A0:A0:54:79:1D:5B:6D:F2:CD:3A:7D:D9 X509v3 Authority Key Identifier: keyid:30:AA:B0:2B:65:4E:91:5C:AD:CA:33:92:92:E2:8C:15:C4:7D:F8:58 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MKqwK2VOkVytyjOSkuKMFcR9-Fg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/9aff54-5971-402f-ab69-a419670d17e1/1/MKqwK2VOkVytyjOSkuKMFcR9-Fg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/9aff54-5971-402f-ab69-a419670d17e1/1/MKqwK2VOkVytyjOSkuKMFcR9-Fg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 07:44:62:13:15:20:62:46:f8:d9:27:19:d0:1d:b5:9c:c4:f2: 74:fc:90:2d:91:e0:c4:a7:97:cc:32:29:6c:8c:7f:b3:a1:4d: e7:db:4f:2b:e0:cb:72:4e:91:f3:df:d7:fc:e5:70:43:47:0e: a8:86:c1:e6:60:48:80:97:a6:7a:12:7a:0b:0f:8e:c4:95:cf: 1a:4b:30:92:ab:2c:dd:7c:a6:54:31:0c:69:88:a1:4e:b9:72: 5a:e8:07:c0:a0:fb:88:c2:f8:65:05:cf:7d:e3:36:05:46:4b: 12:36:1a:29:68:65:d7:b8:97:61:cb:07:67:b8:95:cf:29:22: 17:70:b2:8d:d3:aa:0f:9b:96:3a:e3:33:bd:1f:92:82:74:0e: 16:f6:7f:9c:bb:eb:89:c9:64:f3:36:9d:d1:86:24:c7:c9:ed: 40:38:a7:14:5d:cb:d7:4c:9f:a8:bb:e9:4d:0f:f1:fd:d6:2c: 5d:41:b2:fc:b0:8f:00:44:5f:5b:df:f0:8b:21:12:16:ce:d0: 6e:10:1d:cb:71:bc:b9:d2:5d:bd:d9:42:9e:af:2f:17:d9:f0: 5b:da:2d:c7:86:31:e9:dd:30:6b:6d:c1:56:3f:d1:40:81:1f: 11:63:7a:ab:5d:f0:dc:a7:fc:e5:93:da:a2:1c:66:9e:e6:4f: a6:92:2e:c6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZszQ9R99aFx49SqsVd3raVsMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDMwYWFiMDJiNjU0ZTkxNWNhZGNhMzM5MjkyZTI4YzE1YzQ3 ZGY4NTgwHhcNMjUxMjE4MjEwMDQxWhcNMjUxMjE5MjEwMDQxWjAzMTEwLwYDVQQD EyhmOGYzODEyMThjOTRkMWEyYTBhMDU0NzkxZDViNmRmMmNkM2E3ZGQ5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmU+DdCNpxfrJuGt5EQRlKCdRYmby u+Mh2Cql841OgsAEdYwxfjO0nngV2ljGKryIMrlQzyCunLIVY/surPAQ0v7DuGGu xlgA55CErMTqAt6wK/iKib/PdXkJFU2XtrJ84dsXqSvduIXLGJH2bGEdDmf6rVIq B1JYn9gZ7E3G2SPd1ajUOeejY7VL/orukUbzK2BtXaKqvsSN+RatyE7iyGMt519I 3HcQx1nlQQ3qJYn0ONAauFxFBTsW+38xT4/iLIJvj1aMVyVJkTHqXpD5KzmsU7z2 ZmYlWMcqG8JKnniZFJvC8EYFV4T9Ju/81LLTcj3Kkle0PT7ZteUJMaMCswIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPjzgSGMlNGioKBUeR1bbfLNOn3ZMB8GA1UdIwQY MBaAFDCqsCtlTpFcrcozkpLijBXEffhYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTUtxd0syVk9rVnl0eWpPU2t1S01GY1I5LUZnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS85YWZmNTQtNTk3MS00MDJmLWFiNjkt YTQxOTY3MGQxN2UxLzEvTUtxd0syVk9rVnl0eWpPU2t1S01GY1I5LUZnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kNS85YWZmNTQtNTk3MS00MDJmLWFiNjktYTQxOTY3MGQxN2Ux LzEvTUtxd0syVk9rVnl0eWpPU2t1S01GY1I5LUZnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAB0RiExUg Ykb42ScZ0B21nMTydPyQLZHgxKeXzDIpbIx/s6FN59tPK+DLck6R89/X/OVwQ0cO qIbB5mBIgJemehJ6Cw+OxJXPGkswkqss3XymVDEMaYihTrlyWugHwKD7iML4ZQXP feM2BUZLEjYaKWhl17iXYcsHZ7iVzykiF3CyjdOqD5uWOuMzvR+SgnQOFvZ/nLvr iclk8zad0YYkx8ntQDinFF3L10yfqLvpTQ/x/dYsXUGy/LCPAERfW9/wiyESFs7Q bhAdy3G8udJdvdlCnq8vF9nwW9otx4Yx6d0wa23BVj/RQIEfEWN6q13w3Kf85ZPa ohxmnuZPppIuxg== -----END CERTIFICATE-----Generated at Thu Dec 18 23:14:03 2025 by rpki-client