This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/4b4d7a-ce48-47a4-a3c4-611e57da95c0/1/FMLqtqKWBQYEah2kMSdz2Y6XzVo.mft File: FMLqtqKWBQYEah2kMSdz2Y6XzVo.mft (raw, json) Hash identifier: EosjZTxtgiwKGtL4/7v9weIKe2xcQ7sOjOdcIxltLYM= Subject key identifier: 8B:03:CC:E5:B9:42:87:13:72:38:66:00:00:0F:E9:C3:D0:2F:E2:6D Authority key identifier: 14:C2:EA:B6:A2:96:05:06:04:6A:1D:A4:31:27:73:D9:8E:97:CD:5A Certificate issuer: /CN=14c2eab6a2960506046a1da4312773d98e97cd5a Certificate serial: 019B6AD8D03BEFBA8D9FAA890D9462CF880E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FMLqtqKWBQYEah2kMSdz2Y6XzVo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/4b4d7a-ce48-47a4-a3c4-611e57da95c0/1/FMLqtqKWBQYEah2kMSdz2Y6XzVo.mft Manifest number: 0C42 Signing time: Mon 29 Dec 2025 16:02:32 +0000 Manifest this update: Mon 29 Dec 2025 16:02:32 +0000 Manifest next update: Tue 30 Dec 2025 16:02:32 +0000 Files and hashes: 1: FMLqtqKWBQYEah2kMSdz2Y6XzVo.crl (hash: nvOYPpQc30vjT/FJmdakjFbPYPyKLjvEQ7SWDteeTEo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/31/4b4d7a-ce48-47a4-a3c4-611e57da95c0/1/FMLqtqKWBQYEah2kMSdz2Y6XzVo.crl rsync://rpki.ripe.net/repository/DEFAULT/31/4b4d7a-ce48-47a4-a3c4-611e57da95c0/1/FMLqtqKWBQYEah2kMSdz2Y6XzVo.mft rsync://rpki.ripe.net/repository/DEFAULT/FMLqtqKWBQYEah2kMSdz2Y6XzVo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 30 Dec 2025 16:02:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:6a:d8:d0:3b:ef:ba:8d:9f:aa:89:0d:94:62:cf:88:0e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=14c2eab6a2960506046a1da4312773d98e97cd5a Validity Not Before: Dec 29 16:02:32 2025 GMT Not After : Dec 30 16:02:32 2025 GMT Subject: CN=8b03cce5b942871372386600000fe9c3d02fe26d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:65:58:0d:d5:81:4d:ca:e2:b3:92:41:c3:26: 02:7c:f6:9b:89:b6:81:f5:4f:fd:62:e0:72:73:c4: 96:ab:d4:48:23:b0:f8:d3:1e:73:40:f9:57:b3:64: d3:b8:18:81:ed:61:2e:a9:45:69:18:fe:20:82:f9: 4a:13:cb:28:7d:48:97:17:05:cf:c3:36:2f:d3:37: d1:93:fa:83:4f:3b:f6:7b:db:02:95:e8:7d:87:31: 3f:64:96:6d:c9:b8:e7:9d:eb:93:41:7a:01:2e:1d: 81:ce:ed:de:82:5d:5b:a1:4f:6b:c3:2a:49:86:45: d3:9f:81:db:0c:8e:52:e0:14:8d:3a:29:5f:44:45: 11:8e:1f:97:c3:14:54:9e:ea:dd:c7:ae:f4:2b:cc: 08:0b:d8:9d:2a:e0:0a:d6:22:2a:78:36:93:2f:02: 90:93:26:99:98:19:17:21:71:a9:7a:d2:56:2a:6a: 58:38:e5:c0:85:84:10:9c:eb:e2:e9:da:c7:d9:a8: 6a:e4:50:6b:a1:c0:be:0a:d7:13:a7:15:7a:a9:87: 8b:d6:fe:b0:22:f8:7d:45:87:04:d2:22:c4:56:0f: 7d:74:3e:c8:5d:13:36:ce:06:ac:bd:a9:53:32:29: 46:1f:58:0f:54:ad:56:75:91:24:56:ab:30:23:6a: 43:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8B:03:CC:E5:B9:42:87:13:72:38:66:00:00:0F:E9:C3:D0:2F:E2:6D X509v3 Authority Key Identifier: keyid:14:C2:EA:B6:A2:96:05:06:04:6A:1D:A4:31:27:73:D9:8E:97:CD:5A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FMLqtqKWBQYEah2kMSdz2Y6XzVo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/4b4d7a-ce48-47a4-a3c4-611e57da95c0/1/FMLqtqKWBQYEah2kMSdz2Y6XzVo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/31/4b4d7a-ce48-47a4-a3c4-611e57da95c0/1/FMLqtqKWBQYEah2kMSdz2Y6XzVo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 27:44:b4:e6:78:67:32:3e:c4:a0:c1:47:6a:3c:71:ae:85:14: 74:0b:40:b8:64:89:01:ea:32:1a:79:b8:22:ec:f2:fa:3f:44: f6:75:5d:ba:55:f0:93:c5:67:0c:17:f7:fa:bf:52:1e:71:88: a8:1f:95:f5:1f:75:c2:b7:ef:78:bc:07:0b:d2:d5:4d:a8:ff: 06:3a:c1:6a:1d:83:c1:ca:48:24:f7:6f:3f:12:7d:f7:85:48: 0f:e9:27:aa:9f:74:f9:39:79:b4:d2:b8:c7:82:ed:e1:14:9f: 7c:d7:67:1f:5b:01:cc:7e:45:c5:c4:6a:f4:ad:23:fa:3e:3c: 7e:9a:42:71:fc:11:5d:5c:ab:72:ee:27:67:37:26:8b:c8:1b: 88:55:54:f0:5a:70:1e:7e:25:86:9d:ad:58:9c:6a:e3:7c:08: 47:40:94:91:d9:65:66:dd:43:00:bc:60:aa:52:cf:48:f1:70: e4:91:9a:e5:fa:ea:d3:42:ee:2a:58:81:b0:be:44:74:9f:33: 1e:ae:08:3e:9e:91:c4:74:e8:e8:1f:80:8a:d2:59:38:b6:86: 76:20:de:a0:29:40:26:5c:bd:f9:45:76:55:cd:25:76:5d:2e: 28:7b:42:6b:da:55:d1:9b:e6:79:67:e7:bf:c6:7f:72:4d:15: f9:cb:05:e9 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtq2NA777qNn6qJDZRiz4gOMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDE0YzJlYWI2YTI5NjA1MDYwNDZhMWRhNDMxMjc3M2Q5OGU5 N2NkNWEwHhcNMjUxMjI5MTYwMjMyWhcNMjUxMjMwMTYwMjMyWjAzMTEwLwYDVQQD Eyg4YjAzY2NlNWI5NDI4NzEzNzIzODY2MDAwMDBmZTljM2QwMmZlMjZkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqWVYDdWBTcris5JBwyYCfPabibaB 9U/9YuByc8SWq9RII7D40x5zQPlXs2TTuBiB7WEuqUVpGP4ggvlKE8sofUiXFwXP wzYv0zfRk/qDTzv2e9sCleh9hzE/ZJZtybjnneuTQXoBLh2Bzu3egl1boU9rwypJ hkXTn4HbDI5S4BSNOilfREURjh+XwxRUnurdx670K8wIC9idKuAK1iIqeDaTLwKQ kyaZmBkXIXGpetJWKmpYOOXAhYQQnOvi6drH2ahq5FBrocC+CtcTpxV6qYeL1v6w Ivh9RYcE0iLEVg99dD7IXRM2zgasvalTMilGH1gPVK1WdZEkVqswI2pDwQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIsDzOW5QocTcjhmAAAP6cPQL+JtMB8GA1UdIwQY MBaAFBTC6railgUGBGodpDEnc9mOl81aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRk1McXRxS1dCUVlFYWgya01TZHoyWTZYelZvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS80YjRkN2EtY2U0OC00N2E0LWEzYzQt NjExZTU3ZGE5NWMwLzEvRk1McXRxS1dCUVlFYWgya01TZHoyWTZYelZvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMS80YjRkN2EtY2U0OC00N2E0LWEzYzQtNjExZTU3ZGE5NWMw LzEvRk1McXRxS1dCUVlFYWgya01TZHoyWTZYelZvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJ0S05nhn Mj7EoMFHajxxroUUdAtAuGSJAeoyGnm4Iuzy+j9E9nVdulXwk8VnDBf3+r9SHnGI qB+V9R91wrfveLwHC9LVTaj/BjrBah2DwcpIJPdvPxJ994VID+knqp90+Tl5tNK4 x4Lt4RSffNdnH1sBzH5FxcRq9K0j+j48fppCcfwRXVyrcu4nZzcmi8gbiFVU8Fpw Hn4lhp2tWJxq43wIR0CUkdllZt1DALxgqlLPSPFw5JGa5frq00LuKliBsL5EdJ8z Hq4IPp6RxHTo6B+AitJZOLaGdiDeoClAJly9+UV2Vc0ldl0uKHtCa9pV0ZvmeWfn v8Z/ck0V+csF6Q== -----END CERTIFICATE-----Generated at Tue Dec 30 01:31:44 2025 by rpki-client