This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/038f7d-59bb-4825-b6bf-78851932b27f/1/ErmEbY911kX_YwjOAwCHopfms1k.mft File: ErmEbY911kX_YwjOAwCHopfms1k.mft (raw, json) Hash identifier: 6ZOxbiMTXlM3TCgXOT1G2uTrz82yeK0t/C4nVJ/zQCc= Subject key identifier: FD:5F:BA:93:D8:F7:BA:E2:09:8C:5A:3E:28:89:3C:DA:EA:B1:9D:CB Authority key identifier: 12:B9:84:6D:8F:75:D6:45:FF:63:08:CE:03:00:87:A2:97:E6:B3:59 Certificate issuer: /CN=12b9846d8f75d645ff6308ce030087a297e6b359 Certificate serial: 019B5BD20CE03297781F6031F50A0CBD96FA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ErmEbY911kX_YwjOAwCHopfms1k.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/038f7d-59bb-4825-b6bf-78851932b27f/1/ErmEbY911kX_YwjOAwCHopfms1k.mft Manifest number: 15B9 Signing time: Fri 26 Dec 2025 18:00:51 +0000 Manifest this update: Fri 26 Dec 2025 18:00:51 +0000 Manifest next update: Sat 27 Dec 2025 18:00:51 +0000 Files and hashes: 1: ErmEbY911kX_YwjOAwCHopfms1k.crl (hash: 6O3qzi5d8BD1g5aoDOuIRoDgmrb8fjjEnCMNGT3ZhsE=) 2: Z6p3Mb3Xuxofy2Z3p3uuAgYevv0.roa (hash: SQn+3rhGu53usOi2Tvr4qfF9FQezTzxP7fAqpbwWcZQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e1/038f7d-59bb-4825-b6bf-78851932b27f/1/ErmEbY911kX_YwjOAwCHopfms1k.crl rsync://rpki.ripe.net/repository/DEFAULT/e1/038f7d-59bb-4825-b6bf-78851932b27f/1/ErmEbY911kX_YwjOAwCHopfms1k.mft rsync://rpki.ripe.net/repository/DEFAULT/ErmEbY911kX_YwjOAwCHopfms1k.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 18:00:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5b:d2:0c:e0:32:97:78:1f:60:31:f5:0a:0c:bd:96:fa Signature Algorithm: sha256WithRSAEncryption Issuer: CN=12b9846d8f75d645ff6308ce030087a297e6b359 Validity Not Before: Dec 26 18:00:51 2025 GMT Not After : Dec 27 18:00:51 2025 GMT Subject: CN=fd5fba93d8f7bae2098c5a3e28893cdaeab19dcb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:35:b1:fc:a8:bc:3e:a2:dd:33:61:72:95:b7: a2:65:30:0c:e3:dc:a8:d1:fd:d7:11:64:7e:ae:47: 34:15:f0:32:68:06:dd:f4:aa:c6:df:29:90:f1:15: 34:0e:c8:4b:78:81:4a:96:19:cb:d2:f3:b2:b0:0b: 6a:81:0b:ea:d8:84:57:ae:99:ec:2c:39:57:bf:86: 5b:66:a1:90:a8:e4:3f:6e:36:bb:6d:4c:ee:1d:b1: 9c:da:6b:9e:96:2a:f8:00:dc:d1:6a:a5:f1:9e:1c: 60:ac:74:7a:d9:fc:6b:88:06:11:0f:74:78:a1:94: 4e:1d:87:bd:00:67:d8:36:de:bc:e7:fc:ff:ea:c2: 56:86:7f:f6:00:63:5a:3d:cc:9a:f0:33:ed:4e:67: 9d:36:c1:d5:50:55:bf:34:cc:08:64:60:d1:ac:5f: e3:8a:b2:ca:69:e8:56:51:e2:b7:74:83:11:de:71: 3e:d8:e1:57:bd:8b:26:b4:dd:06:97:ca:e1:e6:09: 53:a4:4e:44:d5:f3:3a:03:70:ed:6e:d5:f4:af:cf: 8f:08:d6:b2:44:a8:7a:0a:99:dd:4a:fa:69:02:89: 3c:8c:d0:ef:89:10:bc:ce:7e:be:e9:29:c3:a8:e3: bd:cf:5d:d5:c6:45:66:2d:23:21:6e:27:d7:0d:36: fc:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FD:5F:BA:93:D8:F7:BA:E2:09:8C:5A:3E:28:89:3C:DA:EA:B1:9D:CB X509v3 Authority Key Identifier: keyid:12:B9:84:6D:8F:75:D6:45:FF:63:08:CE:03:00:87:A2:97:E6:B3:59 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ErmEbY911kX_YwjOAwCHopfms1k.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/038f7d-59bb-4825-b6bf-78851932b27f/1/ErmEbY911kX_YwjOAwCHopfms1k.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/038f7d-59bb-4825-b6bf-78851932b27f/1/ErmEbY911kX_YwjOAwCHopfms1k.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 92:41:5d:42:9f:9e:d1:25:72:31:0d:fc:08:48:52:ac:f5:2e: 6e:e9:76:e1:6e:71:13:de:05:e4:c4:22:d7:b1:d2:92:1c:4b: a9:3b:7e:44:ab:6a:8d:63:58:3d:c3:25:b5:9b:e9:a0:32:0e: d9:ab:8f:e9:0d:c3:95:41:4d:6a:19:f0:7d:38:a9:74:27:13: 7a:63:6a:17:54:76:3c:da:05:29:ca:15:6a:e0:dd:72:7a:ca: f7:69:47:03:3f:8c:bb:3a:3e:dc:82:61:ef:06:a6:a0:2e:30: 9b:db:44:84:7c:37:5d:6c:e3:0a:5b:7e:97:90:ae:d5:23:0f: 7b:49:e8:4c:f6:1e:bc:77:61:71:51:19:0a:d9:99:ae:11:b8: 37:e2:ee:de:ff:16:f7:0c:6d:2a:8b:61:f9:56:fe:a3:7a:00: 57:b7:91:9f:7d:34:96:cf:34:ed:96:47:10:0c:5a:2d:94:16: 57:80:8d:54:b5:6f:05:b3:5a:58:93:c3:45:72:d1:58:8f:e1: 77:e9:23:14:e2:23:ea:d4:2c:fa:de:09:02:c9:fa:32:77:4b: a5:f6:bf:48:34:c3:43:ae:a9:80:7a:00:cf:3b:ba:e9:79:bc: 86:d9:de:6f:fc:65:b2:92:00:77:58:ee:fd:97:6c:e9:33:45: e5:48:27:6c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtb0gzgMpd4H2Ax9QoMvZb6MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDEyYjk4NDZkOGY3NWQ2NDVmZjYzMDhjZTAzMDA4N2EyOTdl NmIzNTkwHhcNMjUxMjI2MTgwMDUxWhcNMjUxMjI3MTgwMDUxWjAzMTEwLwYDVQQD EyhmZDVmYmE5M2Q4ZjdiYWUyMDk4YzVhM2UyODg5M2NkYWVhYjE5ZGNiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnzWx/Ki8PqLdM2FylbeiZTAM49yo 0f3XEWR+rkc0FfAyaAbd9KrG3ymQ8RU0DshLeIFKlhnL0vOysAtqgQvq2IRXrpns LDlXv4ZbZqGQqOQ/bja7bUzuHbGc2muelir4ANzRaqXxnhxgrHR62fxriAYRD3R4 oZROHYe9AGfYNt685/z/6sJWhn/2AGNaPcya8DPtTmedNsHVUFW/NMwIZGDRrF/j irLKaehWUeK3dIMR3nE+2OFXvYsmtN0Gl8rh5glTpE5E1fM6A3DtbtX0r8+PCNay RKh6CpndSvppAok8jNDviRC8zn6+6SnDqOO9z13VxkVmLSMhbifXDTb83QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFP1fupPY97riCYxaPiiJPNrqsZ3LMB8GA1UdIwQY MBaAFBK5hG2PddZF/2MIzgMAh6KX5rNZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRXJtRWJZOTExa1hfWXdqT0F3Q0hvcGZtczFrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS8wMzhmN2QtNTliYi00ODI1LWI2YmYt Nzg4NTE5MzJiMjdmLzEvRXJtRWJZOTExa1hfWXdqT0F3Q0hvcGZtczFrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lMS8wMzhmN2QtNTliYi00ODI1LWI2YmYtNzg4NTE5MzJiMjdm LzEvRXJtRWJZOTExa1hfWXdqT0F3Q0hvcGZtczFrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkkFdQp+e 0SVyMQ38CEhSrPUubul24W5xE94F5MQi17HSkhxLqTt+RKtqjWNYPcMltZvpoDIO 2auP6Q3DlUFNahnwfTipdCcTemNqF1R2PNoFKcoVauDdcnrK92lHAz+Muzo+3IJh 7wamoC4wm9tEhHw3XWzjClt+l5Cu1SMPe0noTPYevHdhcVEZCtmZrhG4N+Lu3v8W 9wxtKoth+Vb+o3oAV7eRn300ls807ZZHEAxaLZQWV4CNVLVvBbNaWJPDRXLRWI/h d+kjFOIj6tQs+t4JAsn6MndLpfa/SDTDQ66pgHoAzzu66Xm8htneb/xlspIAd1ju /Zds6TNF5UgnbA== -----END CERTIFICATE-----Generated at Sat Dec 27 02:48:59 2025 by rpki-client