This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/107fdd-d2a5-450c-b031-25bf25018489/1/rFxTEhWE19himH8m_3vtWuE4FqE.mft File: rFxTEhWE19himH8m_3vtWuE4FqE.mft (raw, json) Hash identifier: wm5ftltUYYVPT3rwPurmKvdwxSJRI4wPFpwPFvfLtS0= Subject key identifier: EE:92:34:AF:95:65:63:C0:7D:AF:E2:F3:74:FD:FE:93:4E:6E:1C:0D Authority key identifier: AC:5C:53:12:15:84:D7:D8:62:98:7F:26:FF:7B:ED:5A:E1:38:16:A1 Certificate issuer: /CN=ac5c53121584d7d862987f26ff7bed5ae13816a1 Certificate serial: 019B3DC7F3375DA41EE0FA3AB8FEE0CB50AF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rFxTEhWE19himH8m_3vtWuE4FqE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/107fdd-d2a5-450c-b031-25bf25018489/1/rFxTEhWE19himH8m_3vtWuE4FqE.mft Manifest number: 014E Signing time: Sat 20 Dec 2025 22:01:12 +0000 Manifest this update: Sat 20 Dec 2025 22:01:12 +0000 Manifest next update: Sun 21 Dec 2025 22:01:12 +0000 Files and hashes: 1: rFxTEhWE19himH8m_3vtWuE4FqE.crl (hash: QoSaTZYW2d0UiwPO+fTL4Eq3Xz81pMlqOksEwQdmHaU=) 2: tE2-w8GfKCp0rc9wUQGDCMDaXtA.roa (hash: 2MgwOZTjIHEb4mTC8CdutjmxgqJ5RVv+wXieNgEA//M=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/107fdd-d2a5-450c-b031-25bf25018489/1/rFxTEhWE19himH8m_3vtWuE4FqE.crl rsync://rpki.ripe.net/repository/DEFAULT/b4/107fdd-d2a5-450c-b031-25bf25018489/1/rFxTEhWE19himH8m_3vtWuE4FqE.mft rsync://rpki.ripe.net/repository/DEFAULT/rFxTEhWE19himH8m_3vtWuE4FqE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 19:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3d:c7:f3:37:5d:a4:1e:e0:fa:3a:b8:fe:e0:cb:50:af Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ac5c53121584d7d862987f26ff7bed5ae13816a1 Validity Not Before: Dec 20 22:01:12 2025 GMT Not After : Dec 21 22:01:12 2025 GMT Subject: CN=ee9234af956563c07dafe2f374fdfe934e6e1c0d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:86:2a:73:19:51:94:b4:45:48:18:b4:94:46: 05:d2:d6:1a:bf:12:4a:3a:bf:47:76:05:c3:16:5b: 24:7f:e6:5d:39:ea:2b:62:a0:16:a9:14:81:a4:f5: d4:46:b4:99:d8:c6:1c:72:1b:66:47:16:09:1e:8e: ce:58:ea:4c:08:7f:b6:33:ef:24:f0:b4:4d:5f:0c: 47:3e:4d:fc:2a:41:1c:26:25:31:0c:83:e5:ca:b7: 24:32:d4:6e:8d:dd:8c:55:66:ae:29:56:3a:14:0d: d2:89:31:17:82:57:7e:d5:24:c2:90:7c:98:6d:54: d8:a8:75:c6:d2:14:6e:80:ec:2c:7e:33:03:31:c7: 30:40:22:58:73:30:84:1d:38:59:51:49:b6:44:f9: 3b:1e:81:42:02:6f:99:a5:01:7b:2a:0e:e7:3c:bc: 0e:23:22:63:20:01:1f:4a:0b:96:6a:60:ca:30:fe: 08:20:72:c4:66:b8:79:fc:a4:ed:cf:35:a0:1d:01: f1:0f:e7:9b:fb:91:d3:7c:82:e0:86:fc:69:98:9b: ee:7e:3f:da:b0:83:50:f3:84:58:f9:f0:7e:3f:2a: 85:a2:35:87:5d:28:46:d4:37:5c:72:7e:9d:6d:85: 5a:9c:6f:c4:41:11:9a:75:a1:ad:eb:e8:42:a0:cb: ad:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EE:92:34:AF:95:65:63:C0:7D:AF:E2:F3:74:FD:FE:93:4E:6E:1C:0D X509v3 Authority Key Identifier: keyid:AC:5C:53:12:15:84:D7:D8:62:98:7F:26:FF:7B:ED:5A:E1:38:16:A1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rFxTEhWE19himH8m_3vtWuE4FqE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/107fdd-d2a5-450c-b031-25bf25018489/1/rFxTEhWE19himH8m_3vtWuE4FqE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/107fdd-d2a5-450c-b031-25bf25018489/1/rFxTEhWE19himH8m_3vtWuE4FqE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 57:1e:eb:3d:c1:6e:7b:8e:44:eb:1a:c0:ef:09:a0:a6:ef:35: 44:95:a2:47:60:08:96:6c:8e:cd:21:c3:2d:56:fb:67:14:ac: af:f8:1c:5d:76:83:47:fc:da:28:71:ca:99:8e:e5:48:44:28: cd:36:67:de:3a:45:08:2b:20:2e:af:5b:6c:1f:4f:cb:0f:35: 11:d1:57:39:8e:58:64:c8:f3:bd:29:31:36:04:47:25:a3:97: 2a:68:1f:6d:75:69:b7:3f:a2:b5:b5:61:b7:c7:7b:c1:2d:29: 3c:43:dd:c4:8f:b4:6d:8b:0e:92:88:1b:39:86:e9:5e:c8:3f: e5:da:af:2d:00:be:82:e6:ce:ba:c1:a7:e7:a8:9f:e3:b3:97: 99:09:98:82:93:a6:6c:1b:d2:64:41:e0:2d:00:83:16:93:32: 3c:4a:84:93:8f:fb:f4:ea:e1:4a:8b:a8:eb:83:70:a5:f2:64: 06:73:e8:de:19:11:4f:61:07:30:2c:bc:08:7f:68:33:85:92: 3e:b2:07:03:72:3b:ab:d5:32:76:d5:4a:f1:12:6f:92:16:09: 16:f5:58:bc:57:c5:b3:51:fc:e0:57:82:04:fe:7a:e6:f9:ee: 4a:93:ff:b1:1f:11:50:4d:26:76:99:76:2e:1d:1f:08:a5:c3: 0f:5b:19:16 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs9x/M3XaQe4Po6uP7gy1CvMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFjNWM1MzEyMTU4NGQ3ZDg2Mjk4N2YyNmZmN2JlZDVhZTEz ODE2YTEwHhcNMjUxMjIwMjIwMTEyWhcNMjUxMjIxMjIwMTEyWjAzMTEwLwYDVQQD EyhlZTkyMzRhZjk1NjU2M2MwN2RhZmUyZjM3NGZkZmU5MzRlNmUxYzBkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApoYqcxlRlLRFSBi0lEYF0tYavxJK Or9HdgXDFlskf+ZdOeorYqAWqRSBpPXURrSZ2MYcchtmRxYJHo7OWOpMCH+2M+8k 8LRNXwxHPk38KkEcJiUxDIPlyrckMtRujd2MVWauKVY6FA3SiTEXgld+1STCkHyY bVTYqHXG0hRugOwsfjMDMccwQCJYczCEHThZUUm2RPk7HoFCAm+ZpQF7Kg7nPLwO IyJjIAEfSguWamDKMP4IIHLEZrh5/KTtzzWgHQHxD+eb+5HTfILghvxpmJvufj/a sINQ84RY+fB+PyqFojWHXShG1Ddccn6dbYVanG/EQRGadaGt6+hCoMuthQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFO6SNK+VZWPAfa/i83T9/pNObhwNMB8GA1UdIwQY MBaAFKxcUxIVhNfYYph/Jv977VrhOBahMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvckZ4VEVoV0UxOWhpbUg4bV8zdnRXdUU0RnFFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8xMDdmZGQtZDJhNS00NTBjLWIwMzEt MjViZjI1MDE4NDg5LzEvckZ4VEVoV0UxOWhpbUg4bV8zdnRXdUU0RnFFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNC8xMDdmZGQtZDJhNS00NTBjLWIwMzEtMjViZjI1MDE4NDg5 LzEvckZ4VEVoV0UxOWhpbUg4bV8zdnRXdUU0RnFFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVx7rPcFu e45E6xrA7wmgpu81RJWiR2AIlmyOzSHDLVb7ZxSsr/gcXXaDR/zaKHHKmY7lSEQo zTZn3jpFCCsgLq9bbB9Pyw81EdFXOY5YZMjzvSkxNgRHJaOXKmgfbXVptz+itbVh t8d7wS0pPEPdxI+0bYsOkogbOYbpXsg/5dqvLQC+gubOusGn56if47OXmQmYgpOm bBvSZEHgLQCDFpMyPEqEk4/79OrhSouo64NwpfJkBnPo3hkRT2EHMCy8CH9oM4WS PrIHA3I7q9UydtVK8RJvkhYJFvVYvFfFs1H84FeCBP565vnuSpP/sR8RUE0mdpl2 Lh0fCKXDD1sZFg== -----END CERTIFICATE-----Generated at Sun Dec 21 03:06:02 2025 by rpki-client