This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/7F216F49A3B9A84A0E85E80A2C42874F09EA3985.mft File: 7F216F49A3B9A84A0E85E80A2C42874F09EA3985.mft (raw, json) Hash identifier: i0KrNuC/4tAOy0TX9mzynzSkr98ekbA5fQUS4TxmST8= Subject key identifier: C0:75:0E:A1:AF:34:9A:20:2A:E1:23:4F:12:93:97:0F:09:93:FD:23 Authority key identifier: 7F:21:6F:49:A3:B9:A8:4A:0E:85:E8:0A:2C:42:87:4F:09:EA:39:85 Certificate issuer: /CN=7f216f49a3b9a84a0e85e80a2c42874f09ea3985 Certificate serial: 01EA6D47237BA6A840760A2BCDF9E6B12B066533 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fyFvSaO5qEoOhegKLEKHTwnqOYU.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/7F216F49A3B9A84A0E85E80A2C42874F09EA3985.mft Manifest number: 0187 Signing time: Sat 20 Dec 2025 13:59:39 +0000 Manifest this update: Sat 20 Dec 2025 13:54:39 +0000 Manifest next update: Sun 21 Dec 2025 16:29:39 +0000 Files and hashes: 1: 326130653a666434353a326366303a3a2f34382d3438203d3e20323032383535.roa (hash: lpEMU1X1JLSHAOWUFG4frUPhBZsu7LhlBnijuGC43xs=) 2: 7F216F49A3B9A84A0E85E80A2C42874F09EA3985.crl (hash: ZCO+9YnoXj/Az2Wqdb+9DA/imeUmo4wmr9kktsphwJg=) 3: 326130653a666434353a326538303a3a2f34382d3438203d3e20323134373233.roa (hash: OBdYMpDCrnydUqYR/9aR6OWDxV3xrASuK04QdHbbnp4=) 4: 326130653a666434353a326634303a3a2f34342d3438203d3e20323132353931.roa (hash: m8ac/OmE29DqLuwrvKPJFKpYCamTHx1fmPvpHqRkArI=) 5: 326130653a666434353a326535303a3a2f34382d3438203d3e20323135333730.roa (hash: S2x/glwBFQqLmSWyNwtm4qEtJyulbbnFBue99o2JPS8=) 6: 326130393a626534303a323830303a3a2f34302d3438203d3e20323133313730.roa (hash: bGsR+5RlWB67shIeVpz1QNwpCAPKyIXgoOV7T0RQXx8=) 7: 326130653a666434353a326630303a3a2f34382d3438203d3e20323132393636.roa (hash: fCahoT0DASmE4L0CnNku4FHnUTfBEMsJKaoRBnEvKJY=) 8: 326130653a666434353a353030303a3a2f34302d3438203d3e20323034383330.roa (hash: 9ztDCaU6aAMVKVrLFNLTSsl1A84X7CinJDw99b10Wgk=) 9: 326130393a626534303a323830303a3a2f34302d3438203d3e20313939393530.roa (hash: AiP13DNBwIkSFzdQdSir0FYGd4okcKOcyfxhs/nt0mM=) 10: 326130653a666434353a326633303a3a2f34382d3438203d3e20323039333130.roa (hash: Ah9wB6P+J6/u6bq6IHZMWUCN9kLwcy3+ovMQjaM+Mjs=) Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/7F216F49A3B9A84A0E85E80A2C42874F09EA3985.crl rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/7F216F49A3B9A84A0E85E80A2C42874F09EA3985.mft rsync://rpki.ripe.net/repository/DEFAULT/fyFvSaO5qEoOhegKLEKHTwnqOYU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 10:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:ea:6d:47:23:7b:a6:a8:40:76:0a:2b:cd:f9:e6:b1:2b:06:65:33 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7f216f49a3b9a84a0e85e80a2c42874f09ea3985 Validity Not Before: Dec 20 13:54:39 2025 GMT Not After : Dec 21 16:29:39 2025 GMT Subject: CN=C0750EA1AF349A202AE1234F1293970F0993FD23 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:ec:da:a0:e0:11:43:b0:90:91:41:67:73:f4: 41:b1:f6:db:78:a8:04:64:77:af:5f:86:38:dd:47: 54:d8:1c:a5:2a:a7:be:77:83:5a:d1:57:ab:81:70: 2a:15:a6:c2:5a:4c:f9:1e:70:99:40:37:31:5c:bc: e2:e1:2f:a7:bd:a4:53:4c:c0:36:24:1b:e4:77:2c: 2c:37:6c:43:07:62:55:d7:86:9e:54:01:17:f6:99: 83:70:55:43:1a:9d:5b:39:06:c7:3a:45:6b:a8:e1: d0:46:03:2a:9c:4d:79:11:b1:ce:13:fb:1e:77:90: 7a:d4:17:0b:23:c5:bc:4c:31:e6:48:65:38:cb:a6: 24:27:89:67:8d:24:5c:07:db:1a:59:f0:66:19:70: 99:c3:bf:a0:9c:d9:93:de:c9:71:40:ae:c1:36:d2: 92:6a:c6:ff:ba:5d:35:ea:d3:17:d3:52:d0:e2:17: fc:ff:ac:0c:a6:ca:81:26:89:9f:49:01:94:82:6e: 5e:22:f3:ce:81:62:83:3a:29:95:5d:fd:1a:d4:3b: 02:3e:d6:20:db:23:42:a5:10:bf:2a:4f:91:ca:53: e9:8d:b8:be:56:69:93:f3:89:c6:8d:f5:50:cb:41: 51:0a:9c:63:fb:4f:f8:ae:d2:69:78:33:b0:7c:21: fc:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C0:75:0E:A1:AF:34:9A:20:2A:E1:23:4F:12:93:97:0F:09:93:FD:23 X509v3 Authority Key Identifier: keyid:7F:21:6F:49:A3:B9:A8:4A:0E:85:E8:0A:2C:42:87:4F:09:EA:39:85 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/7F216F49A3B9A84A0E85E80A2C42874F09EA3985.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fyFvSaO5qEoOhegKLEKHTwnqOYU.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/7F216F49A3B9A84A0E85E80A2C42874F09EA3985.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6a:9a:b2:c8:56:9b:af:85:61:92:78:9e:05:ea:74:e8:16:ff: 06:20:20:95:32:4c:8e:14:6e:c2:2a:b7:3e:31:18:f8:66:50: 53:9d:07:ea:7b:ed:ed:ca:10:de:bb:b1:70:4a:87:d6:b7:85: 3e:53:3e:7a:ca:96:01:db:f5:60:66:7e:0f:e9:6b:8d:e4:fa: 33:11:da:e4:be:01:98:48:00:6d:64:09:61:db:dc:fd:9e:11: dc:38:84:3f:63:46:09:5b:cd:b2:33:79:73:09:30:7e:2f:c8: 74:a9:0b:08:ab:22:5d:8e:46:00:0d:b3:78:0c:19:63:ea:07: 4a:29:f0:29:6d:75:cd:e3:81:7c:96:b2:c2:a8:29:cd:36:4f: 6f:31:e7:e5:d2:03:fc:67:3a:9d:93:dd:09:98:6a:a6:8e:31: 50:20:9d:9c:ea:ab:a5:28:82:96:9a:d4:45:02:cd:8a:91:77: fe:8b:97:fd:10:08:74:e3:90:6b:80:3e:40:66:c1:99:9b:33: 82:9a:7c:ab:37:2b:73:4c:b5:b2:02:4e:e7:56:3d:ae:00:3d: 2d:ed:a4:6e:f2:06:11:93:b7:c4:6c:a0:a7:1a:e9:6e:15:d1: 0f:02:ab:c5:f7:b5:9b:93:77:f5:b0:8a:3a:80:17:f1:ac:bb: bf:d7:75:a0 -----BEGIN CERTIFICATE----- MIIFPTCCBCWgAwIBAgIUAeptRyN7pqhAdgorzfnmsSsGZTMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoN2YyMTZmNDlhM2I5YTg0YTBlODVlODBhMmM0Mjg3NGYw OWVhMzk4NTAeFw0yNTEyMjAxMzU0MzlaFw0yNTEyMjExNjI5MzlaMDMxMTAvBgNV BAMTKEMwNzUwRUExQUYzNDlBMjAyQUUxMjM0RjEyOTM5NzBGMDk5M0ZEMjMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCa7Nqg4BFDsJCRQWdz9EGx9tt4 qARkd69fhjjdR1TYHKUqp753g1rRV6uBcCoVpsJaTPkecJlANzFcvOLhL6e9pFNM wDYkG+R3LCw3bEMHYlXXhp5UARf2mYNwVUManVs5Bsc6RWuo4dBGAyqcTXkRsc4T +x53kHrUFwsjxbxMMeZIZTjLpiQniWeNJFwH2xpZ8GYZcJnDv6Cc2ZPeyXFArsE2 0pJqxv+6XTXq0xfTUtDiF/z/rAymyoEmiZ9JAZSCbl4i886BYoM6KZVd/RrUOwI+ 1iDbI0KlEL8qT5HKU+mNuL5WaZPzicaN9VDLQVEKnGP7T/iu0ml4M7B8IfxNAgMB AAGjggJHMIICQzAdBgNVHQ4EFgQUwHUOoa80miAq4SNPEpOXDwmT/SMwHwYDVR0j BBgwFoAUfyFvSaO5qEoOhegKLEKHTwnqOYUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMmRmYjMwY2EtZTFjMi00OTIxLWIwNTQtZDRhZjA5MTY1 YWYxLzAvN0YyMTZGNDlBM0I5QTg0QTBFODVFODBBMkM0Mjg3NEYwOUVBMzk4NS5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Z5RnZTYU81cUVvT2hlZ0tMRUtIVHdu cU9ZVS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6 Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8yZGZiMzBjYS1l MWMyLTQ5MjEtYjA1NC1kNGFmMDkxNjVhZjEvMC83RjIxNkY0OUEzQjlBODRBMEU4 NUU4MEEyQzQyODc0RjA5RUEzOTg1Lm1mdDAYBgNVHSABAf8EDjAMMAoGCCsGAQUF Bw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUH AQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAapqyyFabr4VhknieBep0 6Bb/BiAglTJMjhRuwiq3PjEY+GZQU50H6nvt7coQ3ruxcEqH1reFPlM+esqWAdv1 YGZ+D+lrjeT6MxHa5L4BmEgAbWQJYdvc/Z4R3DiEP2NGCVvNsjN5cwkwfi/IdKkL CKsiXY5GAA2zeAwZY+oHSinwKW11zeOBfJaywqgpzTZPbzHn5dID/Gc6nZPdCZhq po4xUCCdnOqrpSiClprURQLNipF3/ouX/RAIdOOQa4A+QGbBmZszgpp8qzcrc0y1 sgJO51Y9rgA9Le2kbvIGEZO3xGygpxrpbhXRDwKrxfe1m5N39bCKOoAX8ay7v9d1 oA== -----END CERTIFICATE-----Generated at Sat Dec 20 19:51:11 2025 by rpki-client