This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/c2f69f-ee8e-475a-9079-ca51fb30eddf/1/81TlIOe7fhP1Ms7PBagtK3l5UqI.mft File: 81TlIOe7fhP1Ms7PBagtK3l5UqI.mft (raw, json) Hash identifier: a13atOJfyQJNCCYEKj74Oom2+hhaFGtemjSqZ1gTkJY= Subject key identifier: FE:A0:B3:A7:C9:08:A4:3D:DB:D2:50:2B:42:3D:19:84:C0:07:CC:78 Authority key identifier: F3:54:E5:20:E7:BB:7E:13:F5:32:CE:CF:05:A8:2D:2B:79:79:52:A2 Certificate issuer: /CN=f354e520e7bb7e13f532cecf05a82d2b797952a2 Certificate serial: 019B503C88B71940F85DDFA5EA9E6786E847 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/81TlIOe7fhP1Ms7PBagtK3l5UqI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/c2f69f-ee8e-475a-9079-ca51fb30eddf/1/81TlIOe7fhP1Ms7PBagtK3l5UqI.mft Manifest number: 0CEA Signing time: Wed 24 Dec 2025 12:01:42 +0000 Manifest this update: Wed 24 Dec 2025 12:01:42 +0000 Manifest next update: Thu 25 Dec 2025 12:01:42 +0000 Files and hashes: 1: 81TlIOe7fhP1Ms7PBagtK3l5UqI.crl (hash: CfJBllRim+GblD5sb00VPOyr/jXwSaAbFBDahA3BPPo=) 2: 9R7qE2JixKC-vbV8JeqORUi7upg.roa (hash: qMwpouu0cneK+WPX+gDmDCVwU3yx/zaa1DbEZEykJcU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3e/c2f69f-ee8e-475a-9079-ca51fb30eddf/1/81TlIOe7fhP1Ms7PBagtK3l5UqI.crl rsync://rpki.ripe.net/repository/DEFAULT/3e/c2f69f-ee8e-475a-9079-ca51fb30eddf/1/81TlIOe7fhP1Ms7PBagtK3l5UqI.mft rsync://rpki.ripe.net/repository/DEFAULT/81TlIOe7fhP1Ms7PBagtK3l5UqI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 09:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:50:3c:88:b7:19:40:f8:5d:df:a5:ea:9e:67:86:e8:47 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f354e520e7bb7e13f532cecf05a82d2b797952a2 Validity Not Before: Dec 24 12:01:42 2025 GMT Not After : Dec 25 12:01:42 2025 GMT Subject: CN=fea0b3a7c908a43ddbd2502b423d1984c007cc78 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:96:5f:2b:8f:7e:79:ba:33:58:73:bd:f5:9b: 7d:9b:b8:ff:7c:7b:b7:02:82:a3:a4:06:b3:f9:6c: 03:b1:60:ee:e7:d1:e9:bd:51:cb:f0:ce:2c:45:ba: 75:39:c3:d6:49:f3:68:2e:d7:d4:66:29:f6:81:f2: 20:ec:4b:df:de:4a:7d:99:c9:65:f1:7c:9d:71:3a: 58:0e:3b:e1:f5:49:c7:d5:22:88:55:04:e0:7e:ba: 7f:ae:97:9f:f4:87:72:85:a7:80:24:a4:1a:0d:16: 0d:30:d1:dc:b3:51:5e:9a:61:83:fd:f6:84:0e:1b: b6:6b:89:b1:2a:86:a4:9a:b1:99:cb:ea:ac:5e:5b: 54:53:2f:47:31:60:5c:7f:ec:aa:e5:cf:2b:50:ef: 4d:6f:31:ab:6a:a1:4e:ea:c8:a2:43:f8:de:58:36: 6b:cd:85:00:78:58:bd:67:8b:3c:fe:c5:94:46:56: 25:c8:8a:78:0d:f2:ce:46:d0:70:2a:6f:f3:45:84: 6d:65:0c:60:44:24:d6:49:4d:59:39:76:e3:3e:2e: f3:e6:0a:1f:44:8b:4e:56:3e:49:6d:57:8b:3c:c7: 4a:b9:ee:0b:f5:8b:dc:f8:1a:db:c9:c0:aa:83:f1: 5e:ae:3c:e1:7f:82:85:80:7f:75:52:3d:26:f0:6d: c9:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FE:A0:B3:A7:C9:08:A4:3D:DB:D2:50:2B:42:3D:19:84:C0:07:CC:78 X509v3 Authority Key Identifier: keyid:F3:54:E5:20:E7:BB:7E:13:F5:32:CE:CF:05:A8:2D:2B:79:79:52:A2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/81TlIOe7fhP1Ms7PBagtK3l5UqI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/c2f69f-ee8e-475a-9079-ca51fb30eddf/1/81TlIOe7fhP1Ms7PBagtK3l5UqI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/c2f69f-ee8e-475a-9079-ca51fb30eddf/1/81TlIOe7fhP1Ms7PBagtK3l5UqI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6c:ee:56:d9:26:21:fd:42:43:79:9b:5f:68:e8:c3:ab:5e:e5: 0f:ba:9d:03:0d:70:ab:1c:6d:e2:54:40:98:8f:62:54:8e:c5: 41:18:b8:7f:d2:e8:6a:4e:b0:d7:39:12:b7:ce:ae:26:26:b5: 49:5b:c6:8a:09:4b:b7:44:09:ce:b5:90:c5:76:3f:6e:21:82: 2f:20:24:db:e2:44:61:eb:2d:cf:92:59:7a:cb:df:0a:93:a1: e5:3d:58:07:e4:ef:5e:c0:9e:5f:7a:bb:65:05:a2:2b:04:52: 35:8c:a7:bf:7a:94:86:6f:10:37:fc:ca:05:f0:89:36:97:df: f1:11:60:4a:46:0d:6f:89:ce:3c:d1:25:41:21:9e:e9:97:d8: 39:ad:89:fd:e3:18:fd:ae:bc:84:ac:20:f0:68:e4:c8:9a:62: 65:66:43:d3:b6:ca:91:bc:d7:44:21:26:80:f1:b8:2e:05:98: 35:01:f4:4e:3a:69:58:f3:97:72:92:43:ac:11:84:c0:6d:dc: b8:70:21:cc:b9:25:df:36:d6:71:e1:80:38:82:4d:6d:bf:b4: 7e:a9:9e:19:93:ed:9d:de:1a:89:3d:3f:6e:e5:26:14:c9:1e: f3:53:18:0b:44:41:f9:b9:65:00:82:d7:59:3a:6a:ad:ce:61: 31:fa:87:f5 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtQPIi3GUD4Xd+l6p5nhuhHMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGYzNTRlNTIwZTdiYjdlMTNmNTMyY2VjZjA1YTgyZDJiNzk3 OTUyYTIwHhcNMjUxMjI0MTIwMTQyWhcNMjUxMjI1MTIwMTQyWjAzMTEwLwYDVQQD EyhmZWEwYjNhN2M5MDhhNDNkZGJkMjUwMmI0MjNkMTk4NGMwMDdjYzc4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwpZfK49+ebozWHO99Zt9m7j/fHu3 AoKjpAaz+WwDsWDu59HpvVHL8M4sRbp1OcPWSfNoLtfUZin2gfIg7Evf3kp9mcll 8XydcTpYDjvh9UnH1SKIVQTgfrp/rpef9IdyhaeAJKQaDRYNMNHcs1FemmGD/faE Dhu2a4mxKoakmrGZy+qsXltUUy9HMWBcf+yq5c8rUO9NbzGraqFO6siiQ/jeWDZr zYUAeFi9Z4s8/sWURlYlyIp4DfLORtBwKm/zRYRtZQxgRCTWSU1ZOXbjPi7z5gof RItOVj5JbVeLPMdKue4L9Yvc+BrbycCqg/Ferjzhf4KFgH91Uj0m8G3JIQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFP6gs6fJCKQ929JQK0I9GYTAB8x4MB8GA1UdIwQY MBaAFPNU5SDnu34T9TLOzwWoLSt5eVKiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvODFUbElPZTdmaFAxTXM3UEJhZ3RLM2w1VXFJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS9jMmY2OWYtZWU4ZS00NzVhLTkwNzkt Y2E1MWZiMzBlZGRmLzEvODFUbElPZTdmaFAxTXM3UEJhZ3RLM2w1VXFJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zZS9jMmY2OWYtZWU4ZS00NzVhLTkwNzktY2E1MWZiMzBlZGRm LzEvODFUbElPZTdmaFAxTXM3UEJhZ3RLM2w1VXFJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbO5W2SYh /UJDeZtfaOjDq17lD7qdAw1wqxxt4lRAmI9iVI7FQRi4f9Loak6w1zkSt86uJia1 SVvGiglLt0QJzrWQxXY/biGCLyAk2+JEYestz5JZesvfCpOh5T1YB+TvXsCeX3q7 ZQWiKwRSNYynv3qUhm8QN/zKBfCJNpff8RFgSkYNb4nOPNElQSGe6ZfYOa2J/eMY /a68hKwg8GjkyJpiZWZD07bKkbzXRCEmgPG4LgWYNQH0TjppWPOXcpJDrBGEwG3c uHAhzLkl3zbWceGAOIJNbb+0fqmeGZPtnd4aiT0/buUmFMke81MYC0RB+bllAILX WTpqrc5hMfqH9Q== -----END CERTIFICATE-----Generated at Wed Dec 24 16:39:01 2025 by rpki-client