This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/29dac9-9a15-4661-af78-1522e2964fce/1/fzErCdH2kPJXAL1dzwfJGAxelmM.mft File: fzErCdH2kPJXAL1dzwfJGAxelmM.mft (raw, json) Hash identifier: u6Hgs3JIM8vGdqdUPSflQPcGfSh0b9pcc5o7joJkK3M= Subject key identifier: AC:3B:C9:7C:44:E6:B9:02:D5:F8:82:38:52:3E:58:95:54:AB:90:8E Authority key identifier: 7F:31:2B:09:D1:F6:90:F2:57:00:BD:5D:CF:07:C9:18:0C:5E:96:63 Certificate issuer: /CN=7f312b09d1f690f25700bd5dcf07c9180c5e9663 Certificate serial: 019B3FED16433CEC79402808C200CF0ABB22 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fzErCdH2kPJXAL1dzwfJGAxelmM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/29dac9-9a15-4661-af78-1522e2964fce/1/fzErCdH2kPJXAL1dzwfJGAxelmM.mft Manifest number: B2 Signing time: Sun 21 Dec 2025 08:01:00 +0000 Manifest this update: Sun 21 Dec 2025 08:01:00 +0000 Manifest next update: Mon 22 Dec 2025 08:01:00 +0000 Files and hashes: 1: 5wnQts3aHCqK4LPQTc1TSV8LlF8.roa (hash: k5nmC2X9nRpfsHKs8VUO+zQKfKvAMmG2gTrsovLYmdc=) 2: fzErCdH2kPJXAL1dzwfJGAxelmM.crl (hash: /0w63Ide54x69LPIRHYgbysTDzAxqqtmjdI0rWAjq4M=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/29dac9-9a15-4661-af78-1522e2964fce/1/fzErCdH2kPJXAL1dzwfJGAxelmM.crl rsync://rpki.ripe.net/repository/DEFAULT/bc/29dac9-9a15-4661-af78-1522e2964fce/1/fzErCdH2kPJXAL1dzwfJGAxelmM.mft rsync://rpki.ripe.net/repository/DEFAULT/fzErCdH2kPJXAL1dzwfJGAxelmM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 04:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3f:ed:16:43:3c:ec:79:40:28:08:c2:00:cf:0a:bb:22 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7f312b09d1f690f25700bd5dcf07c9180c5e9663 Validity Not Before: Dec 21 08:01:00 2025 GMT Not After : Dec 22 08:01:00 2025 GMT Subject: CN=ac3bc97c44e6b902d5f88238523e589554ab908e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:bf:f6:d4:13:a9:de:c5:6e:51:9c:7b:a7:43: 12:c4:bd:2f:b7:85:98:66:7a:a6:93:3e:c8:12:8b: d2:c2:c5:05:3b:bd:64:61:d9:47:85:33:76:a3:18: 05:65:48:af:16:7a:fc:70:de:b0:2e:c3:d5:21:4d: 70:59:2f:ea:6d:a4:71:74:56:3c:25:2d:c1:ef:19: 39:52:20:c7:44:9a:51:d0:aa:30:12:21:e5:64:da: cd:68:85:6c:77:bc:5a:35:86:7b:55:8a:0c:5a:f2: 12:dd:03:87:f2:65:a5:0e:02:f5:94:db:92:81:0d: f2:9a:60:4f:2b:c4:9b:68:0d:24:68:71:ab:a1:aa: ea:92:c0:34:d9:4c:82:4a:0e:51:21:6b:c3:5f:79: 0d:a2:1f:47:c9:6b:61:ec:0d:f2:9d:45:6c:6a:a1: 9b:4c:53:1f:43:b0:44:27:a9:90:df:d0:05:49:e8: 33:90:b2:80:eb:63:a9:77:8a:6f:09:20:8e:37:07: 1a:46:62:1f:24:ea:88:75:8c:64:2b:74:8c:dc:4e: 9b:8c:c0:86:93:2a:28:db:f3:32:20:e5:e3:7e:1f: 6f:56:42:51:c0:48:24:e2:ee:4a:ad:09:28:05:52: 7c:95:a5:ab:12:17:15:7e:28:1d:ea:ca:ea:ed:dc: a6:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AC:3B:C9:7C:44:E6:B9:02:D5:F8:82:38:52:3E:58:95:54:AB:90:8E X509v3 Authority Key Identifier: keyid:7F:31:2B:09:D1:F6:90:F2:57:00:BD:5D:CF:07:C9:18:0C:5E:96:63 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fzErCdH2kPJXAL1dzwfJGAxelmM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/29dac9-9a15-4661-af78-1522e2964fce/1/fzErCdH2kPJXAL1dzwfJGAxelmM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/29dac9-9a15-4661-af78-1522e2964fce/1/fzErCdH2kPJXAL1dzwfJGAxelmM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 46:d3:df:15:4f:d1:0b:cd:0a:e9:f6:2c:2b:8c:21:b2:d2:28: 06:ba:86:88:c7:e2:7c:f8:29:ff:f0:59:78:92:6b:74:96:54: 76:64:9a:81:90:96:3f:13:ae:d2:9b:67:9e:e1:c9:b3:a0:46: c3:f9:55:c3:ff:ad:86:8e:b0:40:55:68:c6:74:9f:ba:45:74: ea:d6:87:ab:a7:24:1a:78:aa:ca:77:93:cc:f1:02:2b:18:23: 14:ec:42:b8:81:ed:54:16:ba:eb:b8:f8:eb:56:b0:df:41:9b: 2b:3f:ae:af:54:63:bd:3c:b2:36:86:99:43:b8:ca:14:e3:57: a1:f5:45:21:57:d2:1a:e8:73:ce:b8:9a:a1:2c:f4:6b:d0:73: b3:bd:bb:07:85:a0:bb:e3:68:b4:44:0a:b9:e0:6c:8d:d0:64: 12:95:6f:3e:6c:5e:aa:0c:96:e9:09:1a:4a:d9:a6:cf:22:1b: aa:60:9f:1d:cb:75:d8:9f:32:52:5a:b6:fa:7d:e2:6c:15:64: 4e:09:e6:d4:32:49:b1:e3:50:b9:ee:3d:a1:b2:7a:f6:82:0e: 16:75:fa:00:12:2c:de:14:8d:e4:68:ba:f4:39:6d:a1:6b:85: 7a:80:a6:42:71:0e:39:03:00:42:63:81:6d:d5:3d:7b:e3:83: 81:9d:88:05 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs/7RZDPOx5QCgIwgDPCrsiMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDdmMzEyYjA5ZDFmNjkwZjI1NzAwYmQ1ZGNmMDdjOTE4MGM1 ZTk2NjMwHhcNMjUxMjIxMDgwMTAwWhcNMjUxMjIyMDgwMTAwWjAzMTEwLwYDVQQD EyhhYzNiYzk3YzQ0ZTZiOTAyZDVmODgyMzg1MjNlNTg5NTU0YWI5MDhlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsb/21BOp3sVuUZx7p0MSxL0vt4WY Znqmkz7IEovSwsUFO71kYdlHhTN2oxgFZUivFnr8cN6wLsPVIU1wWS/qbaRxdFY8 JS3B7xk5UiDHRJpR0KowEiHlZNrNaIVsd7xaNYZ7VYoMWvIS3QOH8mWlDgL1lNuS gQ3ymmBPK8SbaA0kaHGroarqksA02UyCSg5RIWvDX3kNoh9HyWth7A3ynUVsaqGb TFMfQ7BEJ6mQ39AFSegzkLKA62Opd4pvCSCONwcaRmIfJOqIdYxkK3SM3E6bjMCG kyoo2/MyIOXjfh9vVkJRwEgk4u5KrQkoBVJ8laWrEhcVfigd6srq7dymawIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKw7yXxE5rkC1fiCOFI+WJVUq5COMB8GA1UdIwQY MBaAFH8xKwnR9pDyVwC9Xc8HyRgMXpZjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZnpFckNkSDJrUEpYQUwxZHp3ZkpHQXhlbG1NLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy8yOWRhYzktOWExNS00NjYxLWFmNzgt MTUyMmUyOTY0ZmNlLzEvZnpFckNkSDJrUEpYQUwxZHp3ZkpHQXhlbG1NLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYy8yOWRhYzktOWExNS00NjYxLWFmNzgtMTUyMmUyOTY0ZmNl LzEvZnpFckNkSDJrUEpYQUwxZHp3ZkpHQXhlbG1NLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARtPfFU/R C80K6fYsK4whstIoBrqGiMfifPgp//BZeJJrdJZUdmSagZCWPxOu0ptnnuHJs6BG w/lVw/+tho6wQFVoxnSfukV06taHq6ckGniqyneTzPECKxgjFOxCuIHtVBa667j4 61aw30GbKz+ur1RjvTyyNoaZQ7jKFONXofVFIVfSGuhzzriaoSz0a9Bzs727B4Wg u+NotEQKueBsjdBkEpVvPmxeqgyW6QkaStmmzyIbqmCfHct12J8yUlq2+n3ibBVk Tgnm1DJJseNQue49obJ69oIOFnX6ABIs3hSN5Gi69DltoWuFeoCmQnEOOQMAQmOB bdU9e+ODgZ2IBQ== -----END CERTIFICATE-----Generated at Sun Dec 21 11:59:17 2025 by rpki-client