This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/55b848-0fc3-43c3-8ace-0dc3c21bd628/1/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.mft File: maXkwc3ovLO4Qgdw1ZqDp5F8jMg.mft (raw, json) Hash identifier: a0pyhWnaRfFmM8WJO0+KcWGpuBHV34IDjR+Q0hk5qqc= Subject key identifier: 72:0A:35:3E:9B:E9:8D:C6:4C:DA:46:43:23:60:1C:66:91:7F:48:35 Authority key identifier: 99:A5:E4:C1:CD:E8:BC:B3:B8:42:07:70:D5:9A:83:A7:91:7C:8C:C8 Certificate issuer: /CN=99a5e4c1cde8bcb3b8420770d59a83a7917c8cc8 Certificate serial: 019B33B1FD8D370514817979589B5479545A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/55b848-0fc3-43c3-8ace-0dc3c21bd628/1/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.mft Manifest number: 1341 Signing time: Thu 18 Dec 2025 23:01:01 +0000 Manifest this update: Thu 18 Dec 2025 23:01:01 +0000 Manifest next update: Fri 19 Dec 2025 23:01:01 +0000 Files and hashes: 1: maXkwc3ovLO4Qgdw1ZqDp5F8jMg.crl (hash: aVpXAx2WGgVnbagHF4JPlneaelZCkJwXxi1BVBFBzOg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/55b848-0fc3-43c3-8ace-0dc3c21bd628/1/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.crl rsync://rpki.ripe.net/repository/DEFAULT/f9/55b848-0fc3-43c3-8ace-0dc3c21bd628/1/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.mft rsync://rpki.ripe.net/repository/DEFAULT/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 20:16:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:33:b1:fd:8d:37:05:14:81:79:79:58:9b:54:79:54:5a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=99a5e4c1cde8bcb3b8420770d59a83a7917c8cc8 Validity Not Before: Dec 18 23:01:01 2025 GMT Not After : Dec 19 23:01:01 2025 GMT Subject: CN=720a353e9be98dc64cda464323601c66917f4835 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:27:b4:2e:09:9e:6e:45:d1:b1:82:bd:09:c6: 3b:67:70:20:d3:cc:ea:65:27:10:f1:be:9c:f1:27: 0d:20:56:ce:3a:13:00:9f:ca:81:15:8b:86:cb:1c: 97:c2:1f:3c:13:1d:ef:0e:ec:7a:f8:90:3e:9c:96: d6:fe:8a:80:a6:d9:55:67:25:96:68:69:8b:fe:9c: 4e:6a:a1:77:c4:58:46:a0:e4:2a:2f:b5:f7:2f:46: c2:26:7d:c1:f7:70:39:a2:5c:0a:f0:75:a2:9f:ad: 01:7e:e2:65:05:e8:16:50:f1:b8:a4:f3:bf:f9:f0: e8:91:bd:23:5f:6e:78:08:e0:94:1a:4a:2b:61:82: 87:ba:9e:a9:76:15:6d:82:d6:31:27:df:82:c8:a1: 87:a6:ff:8c:41:46:ea:28:1d:d8:07:df:e9:7e:f8: f3:56:a5:04:ab:a6:81:08:54:ea:b5:e3:bb:3e:73: 69:31:83:8b:e8:37:bf:64:2a:64:f9:47:3f:2d:df: 50:bc:2d:c5:5c:5e:8f:b4:39:a2:03:7b:16:ed:86: 86:65:83:94:29:ae:19:de:44:fa:18:d2:97:ea:23: f9:7d:75:8d:46:86:8b:4a:e4:b4:c9:e8:46:90:70: 38:0b:27:81:70:c5:af:3d:fb:44:8f:55:ca:1e:be: 8c:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:0A:35:3E:9B:E9:8D:C6:4C:DA:46:43:23:60:1C:66:91:7F:48:35 X509v3 Authority Key Identifier: keyid:99:A5:E4:C1:CD:E8:BC:B3:B8:42:07:70:D5:9A:83:A7:91:7C:8C:C8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/55b848-0fc3-43c3-8ace-0dc3c21bd628/1/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/55b848-0fc3-43c3-8ace-0dc3c21bd628/1/maXkwc3ovLO4Qgdw1ZqDp5F8jMg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 72:6a:a1:b5:84:f1:6d:44:69:72:e1:b4:ae:52:ea:2f:04:53: e7:c9:44:ab:20:4a:ca:54:4e:a5:83:32:47:0d:f2:cc:e6:82: 1c:52:8c:f0:5a:b9:1c:ce:08:51:d1:ab:c6:2c:87:57:2d:b2: b7:c8:29:60:e2:ff:44:33:df:f4:0e:68:cf:d8:a2:04:99:d8: a0:59:a7:19:92:03:e6:d2:cd:b6:e6:44:b2:80:89:26:f0:95: 27:42:fc:5f:10:ef:f3:9c:15:68:5e:83:ce:7c:37:2e:40:a2: 2a:ce:f6:29:88:22:00:dc:8c:df:7d:b7:3a:74:0e:2d:11:24: c4:9f:20:2a:6b:55:b8:8a:45:b3:bd:d5:27:e7:a4:e8:19:61: 8e:05:50:4d:fc:47:bb:30:66:25:b4:93:10:c5:e0:02:de:04: 97:aa:be:be:00:d8:ef:ee:4b:16:95:ac:2b:d4:f6:6b:18:e3: 72:12:bd:fd:92:ae:e2:93:8a:48:4a:9e:be:6b:d4:a2:84:c5: ac:2d:6d:8e:35:03:f9:fa:95:1f:98:a1:64:be:58:de:9f:0b: 74:0a:6b:b8:2d:16:c1:69:f8:22:7f:2f:36:44:30:83:cf:ad: 26:d8:84:92:c4:aa:69:97:2f:73:9d:b0:64:8f:3a:ca:1e:db: 45:72:68:3c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZszsf2NNwUUgXl5WJtUeVRaMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk5YTVlNGMxY2RlOGJjYjNiODQyMDc3MGQ1OWE4M2E3OTE3 YzhjYzgwHhcNMjUxMjE4MjMwMTAxWhcNMjUxMjE5MjMwMTAxWjAzMTEwLwYDVQQD Eyg3MjBhMzUzZTliZTk4ZGM2NGNkYTQ2NDMyMzYwMWM2NjkxN2Y0ODM1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAySe0LgmebkXRsYK9CcY7Z3Ag08zq ZScQ8b6c8ScNIFbOOhMAn8qBFYuGyxyXwh88Ex3vDux6+JA+nJbW/oqAptlVZyWW aGmL/pxOaqF3xFhGoOQqL7X3L0bCJn3B93A5olwK8HWin60BfuJlBegWUPG4pPO/ +fDokb0jX254COCUGkorYYKHup6pdhVtgtYxJ9+CyKGHpv+MQUbqKB3YB9/pfvjz VqUEq6aBCFTqteO7PnNpMYOL6De/ZCpk+Uc/Ld9QvC3FXF6PtDmiA3sW7YaGZYOU Ka4Z3kT6GNKX6iP5fXWNRoaLSuS0yehGkHA4CyeBcMWvPftEj1XKHr6MzwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHIKNT6b6Y3GTNpGQyNgHGaRf0g1MB8GA1UdIwQY MBaAFJml5MHN6LyzuEIHcNWag6eRfIzIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbWFYa3djM292TE80UWdkdzFacURwNUY4ak1nLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS81NWI4NDgtMGZjMy00M2MzLThhY2Ut MGRjM2MyMWJkNjI4LzEvbWFYa3djM292TE80UWdkdzFacURwNUY4ak1nLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mOS81NWI4NDgtMGZjMy00M2MzLThhY2UtMGRjM2MyMWJkNjI4 LzEvbWFYa3djM292TE80UWdkdzFacURwNUY4ak1nLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcmqhtYTx bURpcuG0rlLqLwRT58lEqyBKylROpYMyRw3yzOaCHFKM8Fq5HM4IUdGrxiyHVy2y t8gpYOL/RDPf9A5oz9iiBJnYoFmnGZID5tLNtuZEsoCJJvCVJ0L8XxDv85wVaF6D znw3LkCiKs72KYgiANyM3323OnQOLREkxJ8gKmtVuIpFs73VJ+ek6BlhjgVQTfxH uzBmJbSTEMXgAt4El6q+vgDY7+5LFpWsK9T2axjjchK9/ZKu4pOKSEqevmvUooTF rC1tjjUD+fqVH5ihZL5Y3p8LdApruC0WwWn4In8vNkQwg8+tJtiEksSqaZcvc52w ZI86yh7bRXJoPA== -----END CERTIFICATE-----Generated at Fri Dec 19 00:56:03 2025 by rpki-client