This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/d85f41-7701-44c2-bf2e-c5619859450c/1/fi4pGEMoSetx6V3EDRB56oZfYQk.mft File: fi4pGEMoSetx6V3EDRB56oZfYQk.mft (raw, json) Hash identifier: HdENo/IZXAETNsHJcSBcxW3dqcCAKFlSUhvikUlZGeI= Subject key identifier: AA:78:62:6A:7A:69:B6:F8:A9:FD:7B:E0:77:55:C4:2F:03:99:BC:9B Authority key identifier: 7E:2E:29:18:43:28:49:EB:71:E9:5D:C4:0D:10:79:EA:86:5F:61:09 Certificate issuer: /CN=7e2e2918432849eb71e95dc40d1079ea865f6109 Certificate serial: 019B6AD847DA664EABEBBA892EDECA81AABF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fi4pGEMoSetx6V3EDRB56oZfYQk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/d85f41-7701-44c2-bf2e-c5619859450c/1/fi4pGEMoSetx6V3EDRB56oZfYQk.mft Manifest number: 0ABB Signing time: Mon 29 Dec 2025 16:01:57 +0000 Manifest this update: Mon 29 Dec 2025 16:01:57 +0000 Manifest next update: Tue 30 Dec 2025 16:01:57 +0000 Files and hashes: 1: S1dC-8FvWd5r91Ep_3NW-RYRFSM.roa (hash: WN6IJU4enC30WWGrEp1TUJBHxrmIxnrzAFySxPEWWA0=) 2: fi4pGEMoSetx6V3EDRB56oZfYQk.crl (hash: nP29rsR/AJy9xFVmgY4mivf7qZUw5kHQmd9qBAVT1LM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/d85f41-7701-44c2-bf2e-c5619859450c/1/fi4pGEMoSetx6V3EDRB56oZfYQk.crl rsync://rpki.ripe.net/repository/DEFAULT/16/d85f41-7701-44c2-bf2e-c5619859450c/1/fi4pGEMoSetx6V3EDRB56oZfYQk.mft rsync://rpki.ripe.net/repository/DEFAULT/fi4pGEMoSetx6V3EDRB56oZfYQk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 30 Dec 2025 15:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:6a:d8:47:da:66:4e:ab:eb:ba:89:2e:de:ca:81:aa:bf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7e2e2918432849eb71e95dc40d1079ea865f6109 Validity Not Before: Dec 29 16:01:57 2025 GMT Not After : Dec 30 16:01:57 2025 GMT Subject: CN=aa78626a7a69b6f8a9fd7be07755c42f0399bc9b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:7e:30:0e:a8:59:51:d3:2b:98:a6:81:e9:1b: 32:69:86:33:9b:23:49:d2:12:82:ab:ea:62:50:d5: 01:84:40:aa:55:5f:9c:2d:68:2d:69:5e:e7:48:2e: 85:d4:45:9f:43:99:5f:47:9c:73:b8:04:f6:0f:93: ab:b6:ef:7e:f1:c6:1a:d4:c4:3d:fe:46:f5:f8:a6: 15:e9:36:04:76:8f:d7:aa:a3:c9:f2:b3:1a:56:24: 1a:04:aa:c1:c4:d2:3f:48:ff:92:9f:4f:66:a1:f8: bd:04:fb:08:34:b4:36:35:61:34:65:b4:c0:d9:29: a3:f5:0f:53:da:c2:5f:4a:e4:69:b5:6a:b3:f0:18: 5e:2e:e5:e7:46:c5:87:2f:56:91:68:53:cf:f4:fd: d6:47:d5:14:a0:a1:73:e5:db:00:d9:a3:33:e2:9b: 17:38:4e:cd:94:fb:f6:58:92:6c:bc:69:94:b0:a9: 38:49:86:6d:ae:0b:ac:99:f8:a6:6f:44:72:02:bf: 96:5a:92:a7:74:f5:aa:a5:13:cc:e6:a0:21:88:64: 54:6d:b8:6a:10:eb:e1:fb:f2:2c:1e:64:42:cf:73: 33:54:a8:80:48:26:88:cb:6a:f7:7d:9d:2f:d6:9c: 81:4b:74:0f:e8:63:27:01:b3:27:5f:c5:94:9d:c7: 56:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AA:78:62:6A:7A:69:B6:F8:A9:FD:7B:E0:77:55:C4:2F:03:99:BC:9B X509v3 Authority Key Identifier: keyid:7E:2E:29:18:43:28:49:EB:71:E9:5D:C4:0D:10:79:EA:86:5F:61:09 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fi4pGEMoSetx6V3EDRB56oZfYQk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/d85f41-7701-44c2-bf2e-c5619859450c/1/fi4pGEMoSetx6V3EDRB56oZfYQk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/16/d85f41-7701-44c2-bf2e-c5619859450c/1/fi4pGEMoSetx6V3EDRB56oZfYQk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 46:db:ed:da:92:27:ee:5f:b2:f4:e7:fb:2f:d0:e1:e9:30:ab: 28:a3:e2:d0:be:77:e6:d9:17:6e:f8:61:2f:95:b9:72:8f:19: 8e:9a:38:eb:a5:ad:72:d3:f6:05:09:65:cf:05:1e:be:2f:98: ce:8a:41:ca:78:30:6d:36:f4:dc:db:27:88:7c:1a:c2:c7:c1: 42:26:dd:07:c8:57:78:f8:0c:21:50:38:5a:30:44:4f:d6:83: 13:03:4b:b7:86:b4:fb:c3:7f:99:fe:d0:2d:2c:c9:29:d0:7e: 2b:b6:36:0a:57:f0:66:03:1c:2b:0d:65:e2:ad:cb:19:7f:cc: b0:15:c3:a8:56:8c:ba:a5:90:41:58:fd:fa:06:de:6f:b7:2f: 7a:61:24:5b:d4:85:99:f3:9f:90:7e:2e:eb:2b:92:b9:28:d8: 4d:d1:29:df:f8:fe:1f:ec:5d:89:99:1b:05:ed:c1:48:e3:98: 96:f5:c4:1d:e0:25:ff:5b:8b:89:56:22:b9:ad:fd:b8:11:0a: c5:e5:30:e2:44:84:e7:c1:8a:17:79:03:fb:aa:c7:a4:47:84: 1a:9d:d5:be:7c:4b:1b:c2:28:d6:c2:dc:1f:aa:ac:e2:77:23: 74:e6:f9:e2:f7:7a:ae:f6:77:9a:4a:27:66:f2:77:be:0a:90: ec:6f:5b:21 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtq2EfaZk6r67qJLt7Kgaq/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDdlMmUyOTE4NDMyODQ5ZWI3MWU5NWRjNDBkMTA3OWVhODY1 ZjYxMDkwHhcNMjUxMjI5MTYwMTU3WhcNMjUxMjMwMTYwMTU3WjAzMTEwLwYDVQQD EyhhYTc4NjI2YTdhNjliNmY4YTlmZDdiZTA3NzU1YzQyZjAzOTliYzliMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtH4wDqhZUdMrmKaB6RsyaYYzmyNJ 0hKCq+piUNUBhECqVV+cLWgtaV7nSC6F1EWfQ5lfR5xzuAT2D5Ortu9+8cYa1MQ9 /kb1+KYV6TYEdo/XqqPJ8rMaViQaBKrBxNI/SP+Sn09mofi9BPsINLQ2NWE0ZbTA 2Smj9Q9T2sJfSuRptWqz8BheLuXnRsWHL1aRaFPP9P3WR9UUoKFz5dsA2aMz4psX OE7NlPv2WJJsvGmUsKk4SYZtrgusmfimb0RyAr+WWpKndPWqpRPM5qAhiGRUbbhq EOvh+/IsHmRCz3MzVKiASCaIy2r3fZ0v1pyBS3QP6GMnAbMnX8WUncdWFQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKp4Ymp6abb4qf174HdVxC8DmbybMB8GA1UdIwQY MBaAFH4uKRhDKEnrceldxA0QeeqGX2EJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZmk0cEdFTW9TZXR4NlYzRURSQjU2b1pmWVFrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9kODVmNDEtNzcwMS00NGMyLWJmMmUt YzU2MTk4NTk0NTBjLzEvZmk0cEdFTW9TZXR4NlYzRURSQjU2b1pmWVFrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNi9kODVmNDEtNzcwMS00NGMyLWJmMmUtYzU2MTk4NTk0NTBj LzEvZmk0cEdFTW9TZXR4NlYzRURSQjU2b1pmWVFrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARtvt2pIn 7l+y9Of7L9Dh6TCrKKPi0L535tkXbvhhL5W5co8Zjpo466WtctP2BQllzwUevi+Y zopByngwbTb03NsniHwawsfBQibdB8hXePgMIVA4WjBET9aDEwNLt4a0+8N/mf7Q LSzJKdB+K7Y2ClfwZgMcKw1l4q3LGX/MsBXDqFaMuqWQQVj9+gbeb7cvemEkW9SF mfOfkH4u6yuSuSjYTdEp3/j+H+xdiZkbBe3BSOOYlvXEHeAl/1uLiVYiua39uBEK xeUw4kSE58GKF3kD+6rHpEeEGp3VvnxLG8Io1sLcH6qs4ncjdOb54vd6rvZ3mkon ZvJ3vgqQ7G9bIQ== -----END CERTIFICATE-----Generated at Mon Dec 29 23:45:02 2025 by rpki-client