This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/74fa13-2cb3-427a-a45a-8f3470d82057/1/MHFOgRmzE03MBg_lkAp82Gj8WXM.mft File: MHFOgRmzE03MBg_lkAp82Gj8WXM.mft (raw, json) Hash identifier: 4LtbyEMtwqKtsRu0kI5Yw0Y5Ga31twmeZY9tRN2Tf+k= Subject key identifier: 14:05:7A:A1:EF:81:CA:4E:27:66:E7:AC:4C:2B:42:F2:3E:61:D6:91 Authority key identifier: 30:71:4E:81:19:B3:13:4D:CC:06:0F:E5:90:0A:7C:D8:68:FC:59:73 Certificate issuer: /CN=30714e8119b3134dcc060fe5900a7cd868fc5973 Certificate serial: 019B3FB650B49D593F7A5F32704D467B1E61 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MHFOgRmzE03MBg_lkAp82Gj8WXM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/74fa13-2cb3-427a-a45a-8f3470d82057/1/MHFOgRmzE03MBg_lkAp82Gj8WXM.mft Manifest number: 032F Signing time: Sun 21 Dec 2025 07:01:11 +0000 Manifest this update: Sun 21 Dec 2025 07:01:11 +0000 Manifest next update: Mon 22 Dec 2025 07:01:11 +0000 Files and hashes: 1: MHFOgRmzE03MBg_lkAp82Gj8WXM.crl (hash: 91R5QtoXhAXEZwYkmMIdLfycTokA2b+8EIgAHUkVNsU=) 2: s8cM_dy31wLZQn4guvFF3f9HiZg.roa (hash: 4BYSDQG+JLpKAQER6Y51ZvwyHGW9NfhpGsXwE25xvBw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/74fa13-2cb3-427a-a45a-8f3470d82057/1/MHFOgRmzE03MBg_lkAp82Gj8WXM.crl rsync://rpki.ripe.net/repository/DEFAULT/ff/74fa13-2cb3-427a-a45a-8f3470d82057/1/MHFOgRmzE03MBg_lkAp82Gj8WXM.mft rsync://rpki.ripe.net/repository/DEFAULT/MHFOgRmzE03MBg_lkAp82Gj8WXM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 04:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3f:b6:50:b4:9d:59:3f:7a:5f:32:70:4d:46:7b:1e:61 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=30714e8119b3134dcc060fe5900a7cd868fc5973 Validity Not Before: Dec 21 07:01:11 2025 GMT Not After : Dec 22 07:01:11 2025 GMT Subject: CN=14057aa1ef81ca4e2766e7ac4c2b42f23e61d691 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:af:16:eb:1f:b7:5e:0f:7b:1a:49:f1:b4:5b: 1e:1e:01:f9:05:55:c4:35:cd:bd:db:29:54:c2:97: 03:68:2c:ff:f3:55:77:b4:b0:62:83:1d:32:24:0c: 10:e7:e3:03:00:dc:81:42:ed:ff:ec:6d:43:e5:19: 6d:4f:57:a8:5c:fa:62:34:76:aa:04:30:bd:f7:9c: a7:c6:59:9f:97:97:55:40:6b:97:c9:da:19:55:ff: 66:2e:ba:d6:35:c9:e5:b4:e7:19:c9:9a:4a:14:05: df:fb:94:bc:d9:59:c6:c4:ef:db:4b:e6:2c:fd:93: 8f:8f:b2:ea:ee:aa:5e:83:cf:30:79:e9:5b:a5:19: da:99:36:3f:d8:f3:ba:6c:de:f0:5b:ec:bf:d8:d5: c3:e0:d0:6f:54:91:fd:5e:9a:69:65:05:6c:4a:c1: d5:d1:21:b0:77:d7:44:48:6f:7c:9f:61:a0:ab:ce: 7d:8a:2a:36:7e:a7:91:55:02:43:fd:e6:31:e8:7c: dd:6b:c6:06:b1:c4:1c:7b:f0:8c:54:0e:07:0c:49: b6:ef:f2:9c:41:e5:b9:e6:18:fc:fb:13:2d:5c:2c: 36:73:0d:ce:d3:a5:22:f2:b3:f9:95:f5:cd:ba:0d: eb:25:4f:92:e8:70:e4:73:b2:e9:7a:12:77:c9:41: 7d:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 14:05:7A:A1:EF:81:CA:4E:27:66:E7:AC:4C:2B:42:F2:3E:61:D6:91 X509v3 Authority Key Identifier: keyid:30:71:4E:81:19:B3:13:4D:CC:06:0F:E5:90:0A:7C:D8:68:FC:59:73 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MHFOgRmzE03MBg_lkAp82Gj8WXM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/74fa13-2cb3-427a-a45a-8f3470d82057/1/MHFOgRmzE03MBg_lkAp82Gj8WXM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/74fa13-2cb3-427a-a45a-8f3470d82057/1/MHFOgRmzE03MBg_lkAp82Gj8WXM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 62:b7:61:19:7e:54:de:9b:61:04:cc:0f:ea:e5:cb:b4:32:a2: 41:86:27:51:99:dd:c8:7d:58:30:73:d8:a8:e8:cf:1d:8a:bb: d7:fc:fb:11:2f:62:dd:4a:e5:a9:82:ee:58:e4:68:58:04:74: 02:35:04:ec:e8:c8:d0:1d:b4:62:02:3e:1d:42:60:1d:24:ec: 5f:75:11:c3:92:13:3f:f0:c0:42:73:fb:1c:b6:8d:14:27:88: dc:1d:93:f3:c4:c5:4c:12:41:24:90:ba:4c:71:23:3f:f0:85: 06:34:c3:e9:fb:f8:32:c5:65:8e:0b:ff:b7:41:b0:d0:81:2d: 07:ce:89:93:83:15:38:90:2c:a0:85:6e:33:3a:33:36:4d:29: 7e:20:e3:ad:7b:de:c3:d9:d8:0a:82:89:a8:4a:b9:fb:7d:21: cb:87:4b:97:8e:38:89:12:db:f8:98:18:97:a9:02:cf:45:db: 6c:44:e8:3a:89:5e:1d:c6:4c:b1:66:0f:5f:81:44:ba:6f:30: 3f:1f:ab:a8:b4:19:3a:cd:05:a1:19:e5:76:b6:ae:a3:40:96: 1d:cf:12:47:17:17:0a:a9:c1:1a:f0:cc:f1:c0:a3:73:b1:62: f4:17:c2:c0:8d:89:02:d3:5f:8f:f0:17:d6:8e:94:71:e0:6c: cb:4a:47:af -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs/tlC0nVk/el8ycE1Gex5hMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDMwNzE0ZTgxMTliMzEzNGRjYzA2MGZlNTkwMGE3Y2Q4Njhm YzU5NzMwHhcNMjUxMjIxMDcwMTExWhcNMjUxMjIyMDcwMTExWjAzMTEwLwYDVQQD EygxNDA1N2FhMWVmODFjYTRlMjc2NmU3YWM0YzJiNDJmMjNlNjFkNjkxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlq8W6x+3Xg97GknxtFseHgH5BVXE Nc292ylUwpcDaCz/81V3tLBigx0yJAwQ5+MDANyBQu3/7G1D5RltT1eoXPpiNHaq BDC995ynxlmfl5dVQGuXydoZVf9mLrrWNcnltOcZyZpKFAXf+5S82VnGxO/bS+Ys /ZOPj7Lq7qpeg88weelbpRnamTY/2PO6bN7wW+y/2NXD4NBvVJH9XpppZQVsSsHV 0SGwd9dESG98n2Ggq859iio2fqeRVQJD/eYx6Hzda8YGscQce/CMVA4HDEm27/Kc QeW55hj8+xMtXCw2cw3O06Ui8rP5lfXNug3rJU+S6HDkc7LpehJ3yUF9twIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBQFeqHvgcpOJ2bnrEwrQvI+YdaRMB8GA1UdIwQY MBaAFDBxToEZsxNNzAYP5ZAKfNho/FlzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTUhGT2dSbXpFMDNNQmdfbGtBcDgyR2o4V1hNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi83NGZhMTMtMmNiMy00MjdhLWE0NWEt OGYzNDcwZDgyMDU3LzEvTUhGT2dSbXpFMDNNQmdfbGtBcDgyR2o4V1hNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZi83NGZhMTMtMmNiMy00MjdhLWE0NWEtOGYzNDcwZDgyMDU3 LzEvTUhGT2dSbXpFMDNNQmdfbGtBcDgyR2o4V1hNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYrdhGX5U 3pthBMwP6uXLtDKiQYYnUZndyH1YMHPYqOjPHYq71/z7ES9i3UrlqYLuWORoWAR0 AjUE7OjI0B20YgI+HUJgHSTsX3URw5ITP/DAQnP7HLaNFCeI3B2T88TFTBJBJJC6 THEjP/CFBjTD6fv4MsVljgv/t0Gw0IEtB86Jk4MVOJAsoIVuMzozNk0pfiDjrXve w9nYCoKJqEq5+30hy4dLl444iRLb+JgYl6kCz0XbbEToOoleHcZMsWYPX4FEum8w Px+rqLQZOs0FoRnldrauo0CWHc8SRxcXCqnBGvDM8cCjc7Fi9BfCwI2JAtNfj/AX 1o6UceBsy0pHrw== -----END CERTIFICATE-----Generated at Sun Dec 21 13:23:24 2025 by rpki-client