This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/74fa13-2cb3-427a-a45a-8f3470d82057/1/MHFOgRmzE03MBg_lkAp82Gj8WXM.mft File: MHFOgRmzE03MBg_lkAp82Gj8WXM.mft (raw, json) Hash identifier: Q/R0Hqr3ByrHGc6Fa6qCk2cQaa3bHBpuRRjqMRqUKGY= Subject key identifier: 90:49:B4:3B:A6:F5:36:B8:DC:12:4A:30:9E:F2:EE:95:65:0A:77:BD Authority key identifier: 30:71:4E:81:19:B3:13:4D:CC:06:0F:E5:90:0A:7C:D8:68:FC:59:73 Certificate issuer: /CN=30714e8119b3134dcc060fe5900a7cd868fc5973 Certificate serial: 019B439317289430C46044AF166FA4CDB936 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MHFOgRmzE03MBg_lkAp82Gj8WXM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/74fa13-2cb3-427a-a45a-8f3470d82057/1/MHFOgRmzE03MBg_lkAp82Gj8WXM.mft Manifest number: 0331 Signing time: Mon 22 Dec 2025 01:01:11 +0000 Manifest this update: Mon 22 Dec 2025 01:01:11 +0000 Manifest next update: Tue 23 Dec 2025 01:01:11 +0000 Files and hashes: 1: MHFOgRmzE03MBg_lkAp82Gj8WXM.crl (hash: 2X2a5QYyDvdJK0ju60RH+lKRKsyhaT7KiibVWHCWCMQ=) 2: s8cM_dy31wLZQn4guvFF3f9HiZg.roa (hash: 4BYSDQG+JLpKAQER6Y51ZvwyHGW9NfhpGsXwE25xvBw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/74fa13-2cb3-427a-a45a-8f3470d82057/1/MHFOgRmzE03MBg_lkAp82Gj8WXM.crl rsync://rpki.ripe.net/repository/DEFAULT/ff/74fa13-2cb3-427a-a45a-8f3470d82057/1/MHFOgRmzE03MBg_lkAp82Gj8WXM.mft rsync://rpki.ripe.net/repository/DEFAULT/MHFOgRmzE03MBg_lkAp82Gj8WXM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:43:93:17:28:94:30:c4:60:44:af:16:6f:a4:cd:b9:36 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=30714e8119b3134dcc060fe5900a7cd868fc5973 Validity Not Before: Dec 22 01:01:11 2025 GMT Not After : Dec 23 01:01:11 2025 GMT Subject: CN=9049b43ba6f536b8dc124a309ef2ee95650a77bd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:ab:f1:dd:0c:1f:e8:aa:e6:2f:b7:26:ec:ba: fe:f5:b9:2e:18:e4:f6:e4:63:87:66:1c:17:b8:7e: 8b:df:fd:b9:4f:58:25:eb:82:ac:af:6d:04:24:d0: 7f:0d:c1:43:f9:6c:d3:80:22:ff:85:4a:ea:90:c1: 28:ec:b5:2f:a1:51:d3:d6:a7:21:01:d3:37:5a:a5: 0c:09:d8:5a:4b:ff:79:86:75:c9:b2:53:0d:5e:82: f2:28:b4:4d:dc:8a:51:31:3c:ba:15:f4:4a:01:c9: 3f:53:20:51:9d:0d:5f:30:28:a4:4b:be:2b:04:10: 35:98:78:19:e0:10:bc:11:a4:f9:ae:b2:39:e1:c3: 29:f0:c1:65:29:50:ec:a3:13:7f:d3:9d:8a:0c:e0: ec:f3:f1:64:0e:d0:0d:61:38:12:f8:53:ea:42:71: 7a:85:c0:95:a0:e5:b1:ae:86:88:99:a5:07:f7:dd: fe:75:2d:61:3b:f1:21:a8:bc:4b:0e:9d:bf:17:84: 57:77:72:54:34:69:a0:3a:68:19:3c:aa:b3:71:82: d0:1e:83:62:74:7c:25:c7:85:a0:db:3d:01:1f:fd: 79:16:40:2f:a1:0b:63:2a:0a:dd:a1:3b:ff:a5:f0: d3:a1:16:9b:5a:81:75:99:c1:c7:2f:f3:c8:ab:6b: 22:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:49:B4:3B:A6:F5:36:B8:DC:12:4A:30:9E:F2:EE:95:65:0A:77:BD X509v3 Authority Key Identifier: keyid:30:71:4E:81:19:B3:13:4D:CC:06:0F:E5:90:0A:7C:D8:68:FC:59:73 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MHFOgRmzE03MBg_lkAp82Gj8WXM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/74fa13-2cb3-427a-a45a-8f3470d82057/1/MHFOgRmzE03MBg_lkAp82Gj8WXM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/74fa13-2cb3-427a-a45a-8f3470d82057/1/MHFOgRmzE03MBg_lkAp82Gj8WXM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 45:69:f9:2b:4f:4c:19:d8:1f:a2:7e:1f:4d:ef:fc:94:94:a8: ac:21:b4:65:a6:9d:c7:c2:64:de:86:32:46:ae:3a:de:37:87: 3c:16:77:da:4f:c5:6e:56:a8:c9:54:0d:8b:b1:9c:91:6b:92: 2e:d3:cb:07:0b:1d:aa:f7:98:79:89:4d:16:6b:36:96:b1:fe: 3b:4b:cc:a4:87:c0:81:f1:6d:78:09:e0:2f:83:56:ae:0a:9b: 49:c0:88:7d:bc:ea:36:2a:47:f5:0e:de:54:0c:ed:9b:fb:81: 44:1d:d6:18:96:f5:e2:6b:7d:d2:dc:69:27:d5:c0:86:a8:e4: 15:fe:25:15:dd:27:e8:de:f7:bb:0a:9c:ef:c3:87:cd:ef:97: 22:c5:67:80:c3:b2:c0:11:59:1f:25:a7:ad:67:21:00:eb:91: a2:38:60:cc:dd:fe:f7:61:e4:af:9c:17:dd:d4:e9:bd:b9:be: c7:4b:c5:e8:87:4a:9c:6c:02:de:02:80:00:d1:8c:3e:99:82: ba:1a:e5:20:e7:e0:ab:2a:e8:a4:aa:bf:08:11:9d:00:2d:06: 92:a1:7e:de:b2:71:96:ed:57:1e:8e:ea:fa:69:b2:48:89:ee: 03:a3:88:74:9d:2b:cd:79:fb:55:49:0a:d9:09:bc:90:6a:84: 28:9f:b8:cf -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtDkxcolDDEYESvFm+kzbk2MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDMwNzE0ZTgxMTliMzEzNGRjYzA2MGZlNTkwMGE3Y2Q4Njhm YzU5NzMwHhcNMjUxMjIyMDEwMTExWhcNMjUxMjIzMDEwMTExWjAzMTEwLwYDVQQD Eyg5MDQ5YjQzYmE2ZjUzNmI4ZGMxMjRhMzA5ZWYyZWU5NTY1MGE3N2JkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuKvx3Qwf6KrmL7cm7Lr+9bkuGOT2 5GOHZhwXuH6L3/25T1gl64Ksr20EJNB/DcFD+WzTgCL/hUrqkMEo7LUvoVHT1qch AdM3WqUMCdhaS/95hnXJslMNXoLyKLRN3IpRMTy6FfRKAck/UyBRnQ1fMCikS74r BBA1mHgZ4BC8EaT5rrI54cMp8MFlKVDsoxN/052KDODs8/FkDtANYTgS+FPqQnF6 hcCVoOWxroaImaUH993+dS1hO/EhqLxLDp2/F4RXd3JUNGmgOmgZPKqzcYLQHoNi dHwlx4Wg2z0BH/15FkAvoQtjKgrdoTv/pfDToRabWoF1mcHHL/PIq2siOQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJBJtDum9Ta43BJKMJ7y7pVlCne9MB8GA1UdIwQY MBaAFDBxToEZsxNNzAYP5ZAKfNho/FlzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTUhGT2dSbXpFMDNNQmdfbGtBcDgyR2o4V1hNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi83NGZhMTMtMmNiMy00MjdhLWE0NWEt OGYzNDcwZDgyMDU3LzEvTUhGT2dSbXpFMDNNQmdfbGtBcDgyR2o4V1hNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZi83NGZhMTMtMmNiMy00MjdhLWE0NWEtOGYzNDcwZDgyMDU3 LzEvTUhGT2dSbXpFMDNNQmdfbGtBcDgyR2o4V1hNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARWn5K09M Gdgfon4fTe/8lJSorCG0Zaadx8Jk3oYyRq463jeHPBZ32k/FblaoyVQNi7GckWuS LtPLBwsdqveYeYlNFms2lrH+O0vMpIfAgfFteAngL4NWrgqbScCIfbzqNipH9Q7e VAztm/uBRB3WGJb14mt90txpJ9XAhqjkFf4lFd0n6N73uwqc78OHze+XIsVngMOy wBFZHyWnrWchAOuRojhgzN3+92Hkr5wX3dTpvbm+x0vF6IdKnGwC3gKAANGMPpmC uhrlIOfgqyropKq/CBGdAC0GkqF+3rJxlu1XHo7q+mmySInuA6OIdJ0rzXn7VUkK 2Qm8kGqEKJ+4zw== -----END CERTIFICATE-----Generated at Mon Dec 22 06:25:47 2025 by rpki-client