This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/1acd3f-6f22-431c-a03c-80895f88f5d5/1/fPxZzhNuPpOobeVfBdSaWeFcu78.mft File: fPxZzhNuPpOobeVfBdSaWeFcu78.mft (raw, json) Hash identifier: fyT5HcsCThoGZLErdERt0IzCXF5Uo9d27+l5q+hl+To= Subject key identifier: 52:A0:27:6B:18:56:3B:75:5F:FC:7A:B4:6E:23:A4:B2:FF:64:F8:1F Authority key identifier: 7C:FC:59:CE:13:6E:3E:93:A8:6D:E5:5F:05:D4:9A:59:E1:5C:BB:BF Certificate issuer: /CN=7cfc59ce136e3e93a86de55f05d49a59e15cbbbf Certificate serial: 019B75C944F796AD24A9CDDED4ED2402DFB6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fPxZzhNuPpOobeVfBdSaWeFcu78.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/1acd3f-6f22-431c-a03c-80895f88f5d5/1/fPxZzhNuPpOobeVfBdSaWeFcu78.mft Manifest number: 0B42 Signing time: Wed 31 Dec 2025 19:01:23 +0000 Manifest this update: Wed 31 Dec 2025 19:01:23 +0000 Manifest next update: Thu 01 Jan 2026 19:01:23 +0000 Files and hashes: 1: fPxZzhNuPpOobeVfBdSaWeFcu78.crl (hash: uqp7xPW2dIcOt0XjrbP/DYntrFLCTA9W49g/wN7d57w=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1b/1acd3f-6f22-431c-a03c-80895f88f5d5/1/fPxZzhNuPpOobeVfBdSaWeFcu78.crl rsync://rpki.ripe.net/repository/DEFAULT/1b/1acd3f-6f22-431c-a03c-80895f88f5d5/1/fPxZzhNuPpOobeVfBdSaWeFcu78.mft rsync://rpki.ripe.net/repository/DEFAULT/fPxZzhNuPpOobeVfBdSaWeFcu78.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 01 Jan 2026 16:22:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:75:c9:44:f7:96:ad:24:a9:cd:de:d4:ed:24:02:df:b6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7cfc59ce136e3e93a86de55f05d49a59e15cbbbf Validity Not Before: Dec 31 19:01:23 2025 GMT Not After : Jan 1 19:01:23 2026 GMT Subject: CN=52a0276b18563b755ffc7ab46e23a4b2ff64f81f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:14:b0:f6:d9:68:f3:29:96:ce:fc:1d:df:5b: c1:08:58:ae:c4:1a:c9:45:20:47:ca:bb:95:6e:4b: 59:0f:5e:cd:7a:48:5c:60:5a:4e:48:6e:79:37:40: a3:e4:7e:db:97:ad:b5:d9:44:56:78:5f:f8:12:45: b9:ed:a6:2a:96:73:35:ee:b5:a5:bb:c6:a7:9a:c8: 16:cb:06:27:47:1a:25:d8:9c:8d:4a:61:c0:cc:42: a2:88:db:13:dc:7a:6c:7b:1c:2c:8a:74:24:96:ae: ae:02:c4:e0:12:d5:ca:f4:12:7c:c6:1e:a0:76:0a: c0:52:f2:9d:88:e6:e2:a1:ab:23:73:ff:8f:11:99: 5c:50:ba:ed:1d:8f:5c:5f:d0:c9:bd:9d:9a:83:95: 71:f5:54:e5:31:eb:8c:41:69:64:62:b8:5e:b8:ee: 28:41:58:cd:89:e1:74:9f:ce:6b:3c:13:4b:12:88: ba:89:73:8a:f2:22:d3:8c:e2:0c:6c:f9:8e:74:d9: 38:fa:16:d3:0b:3d:4a:73:ea:09:c8:0f:90:b7:db: 70:0a:f7:95:02:16:61:08:a5:db:5c:44:5e:6b:4b: 7a:bf:59:04:c2:ca:e8:9d:39:32:03:c5:a5:3d:1d: 5f:00:53:b8:c9:7f:66:bd:56:93:18:5b:d6:fa:06: 30:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 52:A0:27:6B:18:56:3B:75:5F:FC:7A:B4:6E:23:A4:B2:FF:64:F8:1F X509v3 Authority Key Identifier: keyid:7C:FC:59:CE:13:6E:3E:93:A8:6D:E5:5F:05:D4:9A:59:E1:5C:BB:BF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fPxZzhNuPpOobeVfBdSaWeFcu78.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/1acd3f-6f22-431c-a03c-80895f88f5d5/1/fPxZzhNuPpOobeVfBdSaWeFcu78.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/1acd3f-6f22-431c-a03c-80895f88f5d5/1/fPxZzhNuPpOobeVfBdSaWeFcu78.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a1:3e:bf:34:e4:96:fc:27:21:b8:02:0b:fb:b3:d9:be:c9:a0: b6:40:cc:ca:61:f4:05:62:6e:f5:39:82:a1:53:73:2b:e1:27: 51:d6:1c:9a:e7:34:0d:9d:91:bd:6d:51:f3:bf:3d:9a:78:7d: d0:cb:e5:cf:66:b7:68:02:5b:e5:32:79:22:30:2d:a9:38:dd: 10:90:0c:43:a0:31:4e:4a:aa:18:85:cb:12:57:e8:12:18:e4: 50:7e:a9:c0:6d:da:d1:28:9f:64:66:c6:72:9f:bc:78:a1:dc: 61:96:fb:e9:b3:ba:46:5b:d1:68:aa:1a:fd:fe:bc:74:2e:db: 20:02:fa:db:5f:2d:f8:ed:53:d2:9f:90:c5:24:7c:a8:61:00: cc:82:71:e2:11:74:ae:88:06:46:ce:7e:b2:6e:0f:43:46:73: 96:e7:d4:63:fa:6a:1d:b8:3c:c4:78:be:28:8a:33:73:c9:61: 7c:9a:18:f1:27:2b:c6:be:13:d4:bd:6c:ab:c4:d3:be:9e:7b: f8:d2:17:36:a0:80:9e:f3:77:f8:6d:f5:b5:19:f9:0e:44:7d: 70:6e:32:1b:5e:8f:5e:8d:71:87:e6:20:14:d5:43:96:ab:7a: 2d:f3:38:d8:eb:db:f0:21:7f:89:71:f5:b0:8f:19:d0:53:d5: 0e:5b:43:95 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZt1yUT3lq0kqc3e1O0kAt+2MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDdjZmM1OWNlMTM2ZTNlOTNhODZkZTU1ZjA1ZDQ5YTU5ZTE1 Y2JiYmYwHhcNMjUxMjMxMTkwMTIzWhcNMjYwMTAxMTkwMTIzWjAzMTEwLwYDVQQD Eyg1MmEwMjc2YjE4NTYzYjc1NWZmYzdhYjQ2ZTIzYTRiMmZmNjRmODFmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnhSw9tlo8ymWzvwd31vBCFiuxBrJ RSBHyruVbktZD17NekhcYFpOSG55N0Cj5H7bl6212URWeF/4EkW57aYqlnM17rWl u8anmsgWywYnRxol2JyNSmHAzEKiiNsT3HpsexwsinQklq6uAsTgEtXK9BJ8xh6g dgrAUvKdiObioasjc/+PEZlcULrtHY9cX9DJvZ2ag5Vx9VTlMeuMQWlkYrheuO4o QVjNieF0n85rPBNLEoi6iXOK8iLTjOIMbPmOdNk4+hbTCz1Kc+oJyA+Qt9twCveV AhZhCKXbXERea0t6v1kEwsronTkyA8WlPR1fAFO4yX9mvVaTGFvW+gYwHQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFKgJ2sYVjt1X/x6tG4jpLL/ZPgfMB8GA1UdIwQY MBaAFHz8Wc4Tbj6TqG3lXwXUmlnhXLu/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZlB4WnpoTnVQcE9vYmVWZkJkU2FXZUZjdTc4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi8xYWNkM2YtNmYyMi00MzFjLWEwM2Mt ODA4OTVmODhmNWQ1LzEvZlB4WnpoTnVQcE9vYmVWZkJkU2FXZUZjdTc4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xYi8xYWNkM2YtNmYyMi00MzFjLWEwM2MtODA4OTVmODhmNWQ1 LzEvZlB4WnpoTnVQcE9vYmVWZkJkU2FXZUZjdTc4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoT6/NOSW /CchuAIL+7PZvsmgtkDMymH0BWJu9TmCoVNzK+EnUdYcmuc0DZ2RvW1R8789mnh9 0Mvlz2a3aAJb5TJ5IjAtqTjdEJAMQ6AxTkqqGIXLElfoEhjkUH6pwG3a0SifZGbG cp+8eKHcYZb76bO6RlvRaKoa/f68dC7bIAL6218t+O1T0p+QxSR8qGEAzIJx4hF0 rogGRs5+sm4PQ0ZzlufUY/pqHbg8xHi+KIozc8lhfJoY8Scrxr4T1L1sq8TTvp57 +NIXNqCAnvN3+G31tRn5DkR9cG4yG16PXo1xh+YgFNVDlqt6LfM42Ovb8CF/iXH1 sI8Z0FPVDltDlQ== -----END CERTIFICATE-----Generated at Wed Dec 31 21:05:52 2025 by rpki-client