This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/6dfbb6-4afa-4bbc-9d19-671072f91a13/1/FSj8hxfpGa4HJhquKNjIRWTIpxI.mft File: FSj8hxfpGa4HJhquKNjIRWTIpxI.mft (raw, json) Hash identifier: YUOP0Q6nIl0QF3K5lLsssrNFlAUQMBdEhE0W2jThP0k= Subject key identifier: 7C:C1:EF:85:EF:BB:90:9F:C2:D9:47:24:64:D9:46:BA:68:A9:E4:39 Authority key identifier: 15:28:FC:87:17:E9:19:AE:07:26:1A:AE:28:D8:C8:45:64:C8:A7:12 Certificate issuer: /CN=1528fc8717e919ae07261aae28d8c84564c8a712 Certificate serial: 019B3B3493E7504732CB3C2EF3E91EB77C32 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FSj8hxfpGa4HJhquKNjIRWTIpxI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/6dfbb6-4afa-4bbc-9d19-671072f91a13/1/FSj8hxfpGa4HJhquKNjIRWTIpxI.mft Manifest number: 10E7 Signing time: Sat 20 Dec 2025 10:01:00 +0000 Manifest this update: Sat 20 Dec 2025 10:01:00 +0000 Manifest next update: Sun 21 Dec 2025 10:01:00 +0000 Files and hashes: 1: FSj8hxfpGa4HJhquKNjIRWTIpxI.crl (hash: sejQL3FOcGwUdoAk2Y7BKJpFXhf8cvPgLo3bf26aIBw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/6dfbb6-4afa-4bbc-9d19-671072f91a13/1/FSj8hxfpGa4HJhquKNjIRWTIpxI.crl rsync://rpki.ripe.net/repository/DEFAULT/ac/6dfbb6-4afa-4bbc-9d19-671072f91a13/1/FSj8hxfpGa4HJhquKNjIRWTIpxI.mft rsync://rpki.ripe.net/repository/DEFAULT/FSj8hxfpGa4HJhquKNjIRWTIpxI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 09:56:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3b:34:93:e7:50:47:32:cb:3c:2e:f3:e9:1e:b7:7c:32 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1528fc8717e919ae07261aae28d8c84564c8a712 Validity Not Before: Dec 20 10:01:00 2025 GMT Not After : Dec 21 10:01:00 2025 GMT Subject: CN=7cc1ef85efbb909fc2d9472464d946ba68a9e439 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:26:83:a7:28:83:fb:ba:a8:d6:9c:e2:b7:bd: 9e:b7:54:ed:8a:88:c2:41:c4:43:f3:1f:95:4c:10: c3:86:37:02:c5:45:1e:c5:67:bf:a7:7a:e8:7d:a4: a7:ef:10:85:95:7f:42:d9:14:c9:41:9b:f6:e3:91: 42:08:6a:ec:80:09:be:57:c0:0b:d6:f4:fd:83:f8: 21:7e:7c:1b:94:f3:32:81:d6:7c:7f:49:5a:10:1c: dc:b8:cc:6c:76:ae:d6:77:7f:e1:d6:47:90:57:32: a4:29:4e:36:ed:28:fb:ba:df:b1:c3:2b:ce:f0:1b: c9:00:6c:63:3f:43:46:05:d2:fc:2c:2e:f3:5c:a3: b9:59:0b:41:ec:37:e7:bc:27:33:71:cc:91:2a:f7: ba:ec:f9:64:80:20:28:a7:5d:a6:18:61:a3:5d:e6: c9:8b:9e:19:00:98:23:91:48:3f:51:aa:eb:03:cf: 0a:24:10:a8:0d:17:60:d8:81:a0:0b:46:24:a2:e4: a0:57:e7:eb:1a:ab:b2:35:4b:e7:db:19:ab:31:46: c7:d1:e2:8c:e9:93:fa:f2:0f:27:5c:0a:cc:db:54: 5b:48:4c:9b:b5:b0:b5:d4:bb:75:05:17:7e:95:04: 6d:16:22:05:fc:c0:97:6a:93:bd:f7:cb:57:3a:fb: 69:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7C:C1:EF:85:EF:BB:90:9F:C2:D9:47:24:64:D9:46:BA:68:A9:E4:39 X509v3 Authority Key Identifier: keyid:15:28:FC:87:17:E9:19:AE:07:26:1A:AE:28:D8:C8:45:64:C8:A7:12 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FSj8hxfpGa4HJhquKNjIRWTIpxI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/6dfbb6-4afa-4bbc-9d19-671072f91a13/1/FSj8hxfpGa4HJhquKNjIRWTIpxI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/6dfbb6-4afa-4bbc-9d19-671072f91a13/1/FSj8hxfpGa4HJhquKNjIRWTIpxI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 17:aa:c5:65:1d:61:6c:24:e7:b7:c5:c6:ad:c3:13:0a:7f:ab: 7d:f1:f9:10:23:a4:9b:97:33:33:fe:52:85:16:0c:ca:39:27: 7e:64:c2:67:30:11:f9:c0:bf:53:b3:c8:e3:3a:23:3b:a9:7f: 95:8b:ae:59:81:f3:e2:a2:32:75:10:6d:c7:e8:e8:79:4d:f8: cc:bf:4a:bf:0c:80:c5:0b:e8:a7:ba:2d:2c:72:cf:be:fa:a2: c0:b0:18:24:0a:5d:e1:6b:89:fc:74:7a:90:15:d9:11:b1:94: f1:ef:8f:79:14:fc:b3:9d:4c:ad:f4:19:a2:19:2c:2b:0c:a6: 42:ec:11:51:8b:ec:26:3d:3e:20:e7:34:aa:75:c2:a5:76:24: 1e:73:a5:c6:b8:c5:07:ca:11:1e:ca:6b:5a:5a:37:6d:e6:48: f2:26:a3:21:22:6e:af:ee:5c:98:72:37:d8:a2:7d:61:29:94: 3f:da:d4:33:34:c7:f9:29:03:37:f8:ed:dc:8a:c0:9d:ce:31: aa:13:d5:bf:82:67:db:c7:f4:92:33:df:2f:b2:46:aa:77:38: 5b:33:8f:7a:2e:78:a0:7a:36:32:8f:9c:e0:94:1f:ae:d5:7f: 8c:ae:46:2a:a1:5f:b0:c6:13:6e:de:db:da:04:d7:d8:e6:ec: b9:be:70:1c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs7NJPnUEcyyzwu8+ket3wyMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDE1MjhmYzg3MTdlOTE5YWUwNzI2MWFhZTI4ZDhjODQ1NjRj OGE3MTIwHhcNMjUxMjIwMTAwMTAwWhcNMjUxMjIxMTAwMTAwWjAzMTEwLwYDVQQD Eyg3Y2MxZWY4NWVmYmI5MDlmYzJkOTQ3MjQ2NGQ5NDZiYTY4YTllNDM5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyiaDpyiD+7qo1pzit72et1TtiojC QcRD8x+VTBDDhjcCxUUexWe/p3rofaSn7xCFlX9C2RTJQZv245FCCGrsgAm+V8AL 1vT9g/ghfnwblPMygdZ8f0laEBzcuMxsdq7Wd3/h1keQVzKkKU427Sj7ut+xwyvO 8BvJAGxjP0NGBdL8LC7zXKO5WQtB7DfnvCczccyRKve67PlkgCAop12mGGGjXebJ i54ZAJgjkUg/UarrA88KJBCoDRdg2IGgC0YkouSgV+frGquyNUvn2xmrMUbH0eKM 6ZP68g8nXArM21RbSEybtbC11Lt1BRd+lQRtFiIF/MCXapO998tXOvtpMwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHzB74Xvu5CfwtlHJGTZRrpoqeQ5MB8GA1UdIwQY MBaAFBUo/IcX6RmuByYarijYyEVkyKcSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRlNqOGh4ZnBHYTRISmhxdUtOaklSV1RJcHhJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy82ZGZiYjYtNGFmYS00YmJjLTlkMTkt NjcxMDcyZjkxYTEzLzEvRlNqOGh4ZnBHYTRISmhxdUtOaklSV1RJcHhJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hYy82ZGZiYjYtNGFmYS00YmJjLTlkMTktNjcxMDcyZjkxYTEz LzEvRlNqOGh4ZnBHYTRISmhxdUtOaklSV1RJcHhJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAF6rFZR1h bCTnt8XGrcMTCn+rffH5ECOkm5czM/5ShRYMyjknfmTCZzAR+cC/U7PI4zojO6l/ lYuuWYHz4qIydRBtx+joeU34zL9KvwyAxQvop7otLHLPvvqiwLAYJApd4WuJ/HR6 kBXZEbGU8e+PeRT8s51MrfQZohksKwymQuwRUYvsJj0+IOc0qnXCpXYkHnOlxrjF B8oRHsprWlo3beZI8iajISJur+5cmHI32KJ9YSmUP9rUMzTH+SkDN/jt3IrAnc4x qhPVv4Jn28f0kjPfL7JGqnc4WzOPei54oHo2Mo+c4JQfrtV/jK5GKqFfsMYTbt7b 2gTX2Obsub5wHA== -----END CERTIFICATE-----Generated at Sat Dec 20 12:07:33 2025 by rpki-client