This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/44478f-e980-4e60-9d6e-386617a664fe/1/fexyg377vE6m3dS-lDYZFrTDYto.mft File: fexyg377vE6m3dS-lDYZFrTDYto.mft (raw, json) Hash identifier: JAONGyrxKLjCgwieYvZzgqXNx43UnBFM3ZLF1c+C4AY= Subject key identifier: 27:C2:F9:02:1B:1B:E7:F0:8D:72:FE:56:F5:A5:BA:5A:8E:63:63:63 Authority key identifier: 7D:EC:72:83:7E:FB:BC:4E:A6:DD:D4:BE:94:36:19:16:B4:C3:62:DA Certificate issuer: /CN=7dec72837efbbc4ea6ddd4be94361916b4c362da Certificate serial: 019B6BB3598F4F0385E8F5238D10DB9A298A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fexyg377vE6m3dS-lDYZFrTDYto.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/44478f-e980-4e60-9d6e-386617a664fe/1/fexyg377vE6m3dS-lDYZFrTDYto.mft Manifest number: 0E88 Signing time: Mon 29 Dec 2025 20:01:14 +0000 Manifest this update: Mon 29 Dec 2025 20:01:14 +0000 Manifest next update: Tue 30 Dec 2025 20:01:14 +0000 Files and hashes: 1: U2BvE4zbzFJTHLJzSmZ1W9x-kCM.roa (hash: CneTmiRYnA+2gIbWw8P2gftXT9GSMXZurQf8UEQYJtM=) 2: fexyg377vE6m3dS-lDYZFrTDYto.crl (hash: H3sJKo86Oe/jGmRWTRUQT0jafibuO+C6I3n0wksWVHA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/44478f-e980-4e60-9d6e-386617a664fe/1/fexyg377vE6m3dS-lDYZFrTDYto.crl rsync://rpki.ripe.net/repository/DEFAULT/d3/44478f-e980-4e60-9d6e-386617a664fe/1/fexyg377vE6m3dS-lDYZFrTDYto.mft rsync://rpki.ripe.net/repository/DEFAULT/fexyg377vE6m3dS-lDYZFrTDYto.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 30 Dec 2025 20:01:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:6b:b3:59:8f:4f:03:85:e8:f5:23:8d:10:db:9a:29:8a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7dec72837efbbc4ea6ddd4be94361916b4c362da Validity Not Before: Dec 29 20:01:14 2025 GMT Not After : Dec 30 20:01:14 2025 GMT Subject: CN=27c2f9021b1be7f08d72fe56f5a5ba5a8e636363 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:b3:a5:68:5d:68:47:57:da:4d:a5:20:85:ae: 4e:57:29:88:d4:c7:02:a2:2b:3f:8e:88:42:ca:5d: e9:05:56:7f:9a:b5:ee:4c:8e:ce:e8:c3:ad:61:15: 65:12:98:a8:45:4b:72:87:b3:6b:10:b8:77:89:04: 64:b7:e9:7e:5c:4f:55:c2:de:c1:00:eb:61:c4:78: 30:2c:6f:ef:f9:ef:58:ee:51:e1:c5:f2:47:1d:63: 17:b6:98:9a:c5:5f:96:a9:e2:29:45:14:66:54:03: 36:0f:52:4c:af:36:c7:fc:f6:2d:d8:84:5b:e1:4d: a7:f8:42:78:8c:8b:9d:ae:a7:22:b8:52:04:9a:e0: 45:3b:e1:93:4c:13:bb:84:d0:85:4f:46:b1:47:e0: 45:7a:a5:4d:da:cf:67:38:26:e0:10:4b:36:a3:4d: 8a:b7:8f:0f:fd:ce:52:a4:6d:2d:59:c9:ef:66:b7: fe:28:12:93:ab:cd:9e:2e:2d:1f:b7:17:2b:21:8d: 96:7f:ea:e1:e3:17:77:47:b0:2c:bd:c1:07:71:f8: 39:5b:45:b1:3d:74:ca:86:56:55:75:0a:28:46:6e: f4:3d:e7:e1:79:14:2f:89:ce:f5:be:e7:a6:30:1b: 34:8f:81:c5:7a:82:97:b2:35:b5:52:13:98:f4:b8: 16:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 27:C2:F9:02:1B:1B:E7:F0:8D:72:FE:56:F5:A5:BA:5A:8E:63:63:63 X509v3 Authority Key Identifier: keyid:7D:EC:72:83:7E:FB:BC:4E:A6:DD:D4:BE:94:36:19:16:B4:C3:62:DA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fexyg377vE6m3dS-lDYZFrTDYto.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/44478f-e980-4e60-9d6e-386617a664fe/1/fexyg377vE6m3dS-lDYZFrTDYto.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/44478f-e980-4e60-9d6e-386617a664fe/1/fexyg377vE6m3dS-lDYZFrTDYto.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9f:2a:49:ad:40:66:eb:aa:85:06:56:f0:80:ea:f3:f5:47:f4: 1e:a9:fd:bb:b6:c9:c5:51:29:1a:1a:5e:47:ce:be:fd:31:20: 35:0f:03:8d:c3:0b:35:70:95:b7:7a:f3:e9:df:58:35:45:42: cb:29:8f:02:c5:33:df:f6:81:54:59:92:e6:4f:cc:91:c8:a8: f5:df:2e:df:15:e8:2b:88:57:fd:60:cc:70:6c:b6:19:2f:5e: f5:b7:f3:1b:4c:1a:c2:ce:a3:48:7a:7e:0f:96:b4:bc:b2:c9: bd:8e:a4:b5:1d:d5:2d:9a:c7:f8:22:76:32:62:67:a2:ff:c9: 24:df:d6:25:9d:9c:7c:78:7e:6c:08:66:e8:a8:05:64:80:7f: fb:86:ce:07:5f:85:9f:07:f8:8d:b5:c1:94:df:e7:4a:bc:ab: cb:de:0b:21:2c:b4:3c:fb:a7:08:f5:a3:b7:94:45:e3:b9:65: 00:0d:29:63:91:6d:f5:1a:82:2b:51:6f:0f:ce:6f:a1:3d:73: 64:52:86:4d:d6:f6:8e:c8:60:5a:5f:0e:4b:a0:af:43:b8:ef: 94:5d:63:27:19:2b:fc:03:ca:c6:7f:d7:ef:41:c5:21:4b:ef: 46:eb:70:32:bc:a4:80:e4:d7:db:7f:a4:9b:71:ad:0c:eb:64: e1:f2:1a:7e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtrs1mPTwOF6PUjjRDbmimKMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDdkZWM3MjgzN2VmYmJjNGVhNmRkZDRiZTk0MzYxOTE2YjRj MzYyZGEwHhcNMjUxMjI5MjAwMTE0WhcNMjUxMjMwMjAwMTE0WjAzMTEwLwYDVQQD EygyN2MyZjkwMjFiMWJlN2YwOGQ3MmZlNTZmNWE1YmE1YThlNjM2MzYzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxbOlaF1oR1faTaUgha5OVymI1McC ois/johCyl3pBVZ/mrXuTI7O6MOtYRVlEpioRUtyh7NrELh3iQRkt+l+XE9Vwt7B AOthxHgwLG/v+e9Y7lHhxfJHHWMXtpiaxV+WqeIpRRRmVAM2D1JMrzbH/PYt2IRb 4U2n+EJ4jIudrqciuFIEmuBFO+GTTBO7hNCFT0axR+BFeqVN2s9nOCbgEEs2o02K t48P/c5SpG0tWcnvZrf+KBKTq82eLi0ftxcrIY2Wf+rh4xd3R7AsvcEHcfg5W0Wx PXTKhlZVdQooRm70PefheRQvic71vuemMBs0j4HFeoKXsjW1UhOY9LgWvwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCfC+QIbG+fwjXL+VvWlulqOY2NjMB8GA1UdIwQY MBaAFH3scoN++7xOpt3UvpQ2GRa0w2LaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZmV4eWczNzd2RTZtM2RTLWxEWVpGclREWXRvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy80NDQ3OGYtZTk4MC00ZTYwLTlkNmUt Mzg2NjE3YTY2NGZlLzEvZmV4eWczNzd2RTZtM2RTLWxEWVpGclREWXRvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMy80NDQ3OGYtZTk4MC00ZTYwLTlkNmUtMzg2NjE3YTY2NGZl LzEvZmV4eWczNzd2RTZtM2RTLWxEWVpGclREWXRvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnypJrUBm 66qFBlbwgOrz9Uf0Hqn9u7bJxVEpGhpeR86+/TEgNQ8DjcMLNXCVt3rz6d9YNUVC yymPAsUz3/aBVFmS5k/Mkcio9d8u3xXoK4hX/WDMcGy2GS9e9bfzG0waws6jSHp+ D5a0vLLJvY6ktR3VLZrH+CJ2MmJnov/JJN/WJZ2cfHh+bAhm6KgFZIB/+4bOB1+F nwf4jbXBlN/nSryry94LISy0PPunCPWjt5RF47llAA0pY5Ft9RqCK1FvD85voT1z ZFKGTdb2jshgWl8OS6CvQ7jvlF1jJxkr/APKxn/X70HFIUvvRutwMrykgOTX23+k m3GtDOtk4fIafg== -----END CERTIFICATE-----Generated at Tue Dec 30 06:16:41 2025 by rpki-client