This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/3dfe7f-57ae-450c-92e1-7025e188068c/1/CEJ1mgT8_Z3ThkhvBIIOSgYDl_I.mft File: CEJ1mgT8_Z3ThkhvBIIOSgYDl_I.mft (raw, json) Hash identifier: eIV6K2rUddYm3G98tDOvWVISnpIHsXYZiro5adHj460= Subject key identifier: 35:26:91:38:E2:D5:EE:C9:7F:6F:0D:C9:2B:F6:BB:C7:8F:4A:A1:B2 Authority key identifier: 08:42:75:9A:04:FC:FD:9D:D3:86:48:6F:04:82:0E:4A:06:03:97:F2 Certificate issuer: /CN=0842759a04fcfd9dd386486f04820e4a060397f2 Certificate serial: 019B3D22EF12207C14612E25DB7796EB7724 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CEJ1mgT8_Z3ThkhvBIIOSgYDl_I.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/3dfe7f-57ae-450c-92e1-7025e188068c/1/CEJ1mgT8_Z3ThkhvBIIOSgYDl_I.mft Manifest number: 03F9 Signing time: Sat 20 Dec 2025 19:00:57 +0000 Manifest this update: Sat 20 Dec 2025 19:00:57 +0000 Manifest next update: Sun 21 Dec 2025 19:00:57 +0000 Files and hashes: 1: CEJ1mgT8_Z3ThkhvBIIOSgYDl_I.crl (hash: azC4Z/b+/ssQvcj9ieJ8P0pxLr9t9zeeAjPy6thFeYc=) 2: hwJf6VumQco-ZneET3L8ACOfvX8.roa (hash: EcoD8v/r1aMC/ov7E8diQalSosE5t0EwMU8AArCBREA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/3dfe7f-57ae-450c-92e1-7025e188068c/1/CEJ1mgT8_Z3ThkhvBIIOSgYDl_I.crl rsync://rpki.ripe.net/repository/DEFAULT/41/3dfe7f-57ae-450c-92e1-7025e188068c/1/CEJ1mgT8_Z3ThkhvBIIOSgYDl_I.mft rsync://rpki.ripe.net/repository/DEFAULT/CEJ1mgT8_Z3ThkhvBIIOSgYDl_I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 15:46:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3d:22:ef:12:20:7c:14:61:2e:25:db:77:96:eb:77:24 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0842759a04fcfd9dd386486f04820e4a060397f2 Validity Not Before: Dec 20 19:00:57 2025 GMT Not After : Dec 21 19:00:57 2025 GMT Subject: CN=35269138e2d5eec97f6f0dc92bf6bbc78f4aa1b2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:93:0b:ad:e7:d2:01:a9:c7:00:2e:b4:e1:a0:a0: f5:70:86:a9:bc:21:78:ac:3d:86:ca:70:24:37:54: 86:ec:bd:b1:52:a5:f9:85:75:98:ab:85:95:8f:29: 4b:08:e7:22:a6:eb:97:fc:aa:37:cd:3f:c8:a9:47: 59:74:dc:24:b4:b1:d4:69:3f:65:2c:2a:9b:c1:b1: 18:6f:95:67:5f:ff:79:fc:2d:46:82:1e:cd:40:9a: 51:77:68:7d:5c:3d:8e:5b:28:8d:9a:f0:81:f5:f8: 07:ad:d7:40:1c:53:d8:5e:2c:f7:83:aa:fe:7b:e2: b2:0c:cb:5f:4d:92:5e:78:72:ea:68:cb:93:a4:4e: dc:08:c6:90:da:da:07:fc:b1:a4:eb:99:22:07:dc: 03:7c:9f:4d:07:d8:42:06:62:be:be:74:41:f2:19: a9:62:27:52:15:a0:f1:ab:29:e9:02:45:95:2a:98: 75:56:23:b2:1c:91:9d:2d:af:29:6d:e8:fd:30:3d: 9f:9a:c1:42:ef:af:85:a2:40:6b:1f:c8:fb:22:a8: 9e:e3:53:17:e6:bb:13:ef:a6:4c:ff:bc:7e:52:9e: dc:62:ac:37:aa:68:e3:6c:3c:4c:3d:b8:2c:7f:b5: f3:dc:b9:ee:6d:1a:a6:16:c9:c3:7e:2f:33:91:87: ec:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:26:91:38:E2:D5:EE:C9:7F:6F:0D:C9:2B:F6:BB:C7:8F:4A:A1:B2 X509v3 Authority Key Identifier: keyid:08:42:75:9A:04:FC:FD:9D:D3:86:48:6F:04:82:0E:4A:06:03:97:F2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CEJ1mgT8_Z3ThkhvBIIOSgYDl_I.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/3dfe7f-57ae-450c-92e1-7025e188068c/1/CEJ1mgT8_Z3ThkhvBIIOSgYDl_I.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/41/3dfe7f-57ae-450c-92e1-7025e188068c/1/CEJ1mgT8_Z3ThkhvBIIOSgYDl_I.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6b:9d:eb:b3:c6:8e:32:e6:00:6a:44:f4:e8:5f:e8:87:37:42: bc:d4:c1:ea:74:dc:0a:4f:ed:a1:fc:8a:bd:af:ee:67:27:6e: d9:9e:bf:4f:dd:46:72:67:f1:85:b2:fb:a5:cf:94:2e:1f:54: 33:73:dc:9e:05:19:09:eb:a3:a9:d9:8f:79:bb:d8:02:1b:94: fa:a2:d7:59:cc:51:ed:ae:a2:ee:26:9e:c9:31:5f:26:45:ec: 2e:87:ba:31:07:92:9a:36:c0:fa:f7:30:16:44:c7:63:a0:9d: 90:4a:e4:57:00:62:c2:29:a3:9e:8c:1b:88:e1:5d:30:3c:85: 5f:90:fd:a6:31:15:bb:45:10:4e:a3:7c:74:49:aa:f1:47:f7: 78:9f:e7:a9:21:4a:e0:01:46:1b:c3:69:33:bb:1a:5d:32:ee: 2c:41:57:30:58:6e:7e:e5:01:37:3c:46:49:2f:d7:fb:e0:c2: 90:1a:dc:31:99:a3:42:d6:c0:78:36:06:ec:6b:8d:19:6a:1c: 1e:63:09:f8:58:eb:1c:67:de:f9:d4:b9:e3:4e:fb:5f:be:a9: 38:28:b8:c8:cf:4a:07:87:d6:e0:b5:98:09:89:f3:d8:c4:62: ac:af:1c:4b:dd:40:06:11:fa:ca:69:f3:56:72:28:9e:08:9d: 5f:24:8c:c5 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs9Iu8SIHwUYS4l23eW63ckMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA4NDI3NTlhMDRmY2ZkOWRkMzg2NDg2ZjA0ODIwZTRhMDYw Mzk3ZjIwHhcNMjUxMjIwMTkwMDU3WhcNMjUxMjIxMTkwMDU3WjAzMTEwLwYDVQQD EygzNTI2OTEzOGUyZDVlZWM5N2Y2ZjBkYzkyYmY2YmJjNzhmNGFhMWIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkwut59IBqccALrThoKD1cIapvCF4 rD2GynAkN1SG7L2xUqX5hXWYq4WVjylLCOcipuuX/Ko3zT/IqUdZdNwktLHUaT9l LCqbwbEYb5VnX/95/C1Ggh7NQJpRd2h9XD2OWyiNmvCB9fgHrddAHFPYXiz3g6r+ e+KyDMtfTZJeeHLqaMuTpE7cCMaQ2toH/LGk65kiB9wDfJ9NB9hCBmK+vnRB8hmp YidSFaDxqynpAkWVKph1ViOyHJGdLa8pbej9MD2fmsFC76+FokBrH8j7Iqie41MX 5rsT76ZM/7x+Up7cYqw3qmjjbDxMPbgsf7Xz3LnubRqmFsnDfi8zkYfsKQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDUmkTji1e7Jf28NySv2u8ePSqGyMB8GA1UdIwQY MBaAFAhCdZoE/P2d04ZIbwSCDkoGA5fyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ0VKMW1nVDhfWjNUaGtodkJJSU9TZ1lEbF9JLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS8zZGZlN2YtNTdhZS00NTBjLTkyZTEt NzAyNWUxODgwNjhjLzEvQ0VKMW1nVDhfWjNUaGtodkJJSU9TZ1lEbF9JLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80MS8zZGZlN2YtNTdhZS00NTBjLTkyZTEtNzAyNWUxODgwNjhj LzEvQ0VKMW1nVDhfWjNUaGtodkJJSU9TZ1lEbF9JLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAa53rs8aO MuYAakT06F/ohzdCvNTB6nTcCk/tofyKva/uZydu2Z6/T91GcmfxhbL7pc+ULh9U M3PcngUZCeujqdmPebvYAhuU+qLXWcxR7a6i7iaeyTFfJkXsLoe6MQeSmjbA+vcw FkTHY6CdkErkVwBiwimjnowbiOFdMDyFX5D9pjEVu0UQTqN8dEmq8Uf3eJ/nqSFK 4AFGG8NpM7saXTLuLEFXMFhufuUBNzxGSS/X++DCkBrcMZmjQtbAeDYG7GuNGWoc HmMJ+FjrHGfe+dS54077X76pOCi4yM9KB4fW4LWYCYnz2MRirK8cS91ABhH6ymnz VnIongidXySMxQ== -----END CERTIFICATE-----Generated at Sun Dec 21 00:39:48 2025 by rpki-client