This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/3f99e66d-4c7b-4130-91d5-4fbd84357792/0/CE964F98379F0320A7191E6D6788800535885928.mft File: CE964F98379F0320A7191E6D6788800535885928.mft (raw, json) Hash identifier: +ApwJDpgUbfqk+oQ0g7xq4QW9zXnmUgmvuSlK95S1X0= Subject key identifier: 35:DB:63:44:C9:7C:F6:BA:DC:9E:99:55:32:57:0E:00:45:41:04:19 Authority key identifier: CE:96:4F:98:37:9F:03:20:A7:19:1E:6D:67:88:80:05:35:88:59:28 Certificate issuer: /CN=ce964f98379f0320a7191e6d6788800535885928 Certificate serial: 2FBB184AAA5F694B3C3A1892128DB258E89D1850 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zpZPmDefAyCnGR5tZ4iABTWIWSg.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/3f99e66d-4c7b-4130-91d5-4fbd84357792/0/CE964F98379F0320A7191E6D6788800535885928.mft Manifest number: AA Signing time: Sun 21 Dec 2025 18:56:17 +0000 Manifest this update: Sun 21 Dec 2025 18:51:17 +0000 Manifest next update: Mon 22 Dec 2025 21:35:17 +0000 Files and hashes: 1: CE964F98379F0320A7191E6D6788800535885928.crl (hash: TWk8FHTSljD28w2EROECYhURgqs268OtEE2/IhhEJzY=) 2: AS214955.asa (hash: pJ7+xLkRqPDuQTZ4CjdQziRCbw0R4LvxfMvSG4sXOdg=) Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/3f99e66d-4c7b-4130-91d5-4fbd84357792/0/CE964F98379F0320A7191E6D6788800535885928.crl rsync://rsync.paas.rpki.ripe.net/repository/3f99e66d-4c7b-4130-91d5-4fbd84357792/0/CE964F98379F0320A7191E6D6788800535885928.mft rsync://rpki.ripe.net/repository/DEFAULT/zpZPmDefAyCnGR5tZ4iABTWIWSg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 21:35:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2f:bb:18:4a:aa:5f:69:4b:3c:3a:18:92:12:8d:b2:58:e8:9d:18:50 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ce964f98379f0320a7191e6d6788800535885928 Validity Not Before: Dec 21 18:51:17 2025 GMT Not After : Dec 22 21:35:17 2025 GMT Subject: CN=35DB6344C97CF6BADC9E995532570E0045410419 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:62:ad:de:09:3f:13:de:63:30:ef:28:9f:b9: 0f:3c:14:0b:ef:cb:18:5c:47:23:1a:56:3b:d9:b0: 96:45:90:9d:e1:1c:7b:3d:b3:40:4e:de:e1:e0:f4: b2:6d:fb:21:b8:69:7b:5c:ac:bf:3f:12:60:fc:80: 1d:5b:30:2f:a9:0a:8c:78:85:77:5b:8b:d2:a8:b1: c3:71:e2:31:ad:ce:5f:e3:0a:25:a7:04:54:f5:bf: 48:e8:15:b0:b4:20:64:a7:50:d4:3b:74:56:35:a6: b7:d3:7a:55:b1:17:10:b7:dc:80:4d:3c:c2:04:f7: e4:bf:93:62:c1:4a:98:53:b4:34:9e:2c:54:0f:ad: 2e:ec:92:c5:01:fe:66:a6:7c:b3:2f:76:67:6c:e3: 4a:b3:2c:f1:86:a2:09:e4:4b:fd:2b:3b:99:98:35: 5a:89:e1:d6:de:c2:62:40:ff:7b:68:e7:99:da:23: 54:b8:ce:df:8d:ab:ef:1f:33:6d:13:d4:5e:17:16: db:c0:a1:1c:d9:8a:3a:4f:db:42:89:b4:1c:3e:43: ac:28:b4:71:a0:66:e8:86:65:4b:47:d5:ea:3f:59: 31:f6:33:59:6a:b9:67:9a:68:e8:6f:cd:36:8c:56: 82:0b:aa:e1:7f:5c:24:b2:d5:15:61:9c:8e:13:e7: 20:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:DB:63:44:C9:7C:F6:BA:DC:9E:99:55:32:57:0E:00:45:41:04:19 X509v3 Authority Key Identifier: keyid:CE:96:4F:98:37:9F:03:20:A7:19:1E:6D:67:88:80:05:35:88:59:28 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/3f99e66d-4c7b-4130-91d5-4fbd84357792/0/CE964F98379F0320A7191E6D6788800535885928.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zpZPmDefAyCnGR5tZ4iABTWIWSg.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/3f99e66d-4c7b-4130-91d5-4fbd84357792/0/CE964F98379F0320A7191E6D6788800535885928.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 94:79:4d:31:d4:46:fb:78:3a:42:a0:e8:87:44:fd:89:ea:98: b8:4f:61:21:50:2d:c7:c8:c5:30:bb:cc:2c:bd:e5:57:61:c3: aa:7d:ce:e9:ab:64:bd:51:28:9a:07:dd:32:d4:dc:40:13:54: 78:b7:9d:ba:e7:4e:c5:26:38:5d:85:45:f7:ae:b1:c0:8b:16: 1a:a2:fc:e0:3a:d4:0d:56:35:b8:b4:63:9c:01:c3:f5:7c:1e: 98:86:75:22:7a:d9:d3:7e:22:a9:76:d2:fd:76:86:11:94:c8: ea:8d:72:bd:bd:39:af:d6:ce:a3:6c:e8:85:fa:b8:36:f2:a5: 61:e4:d3:08:a2:02:3d:da:06:75:3b:ef:a8:aa:98:25:f2:be: 86:d0:62:18:95:1f:b9:11:2c:48:7c:53:dd:44:5a:bc:35:60: 7f:2c:98:4e:d4:02:b7:f8:44:38:0f:d2:7b:58:40:d9:b0:88: 59:4a:5c:1d:7e:93:46:38:10:3d:cb:62:d9:73:84:14:f5:e5: 81:d1:8a:e9:d3:e6:01:25:05:6a:94:87:11:8f:d5:5f:79:b8: 89:6e:b4:e2:c5:c3:19:ec:6e:0c:25:01:17:20:8a:53:e4:53: 3a:f0:30:3e:b4:56:a9:bb:15:96:b6:e4:f4:5f:3b:b3:59:21: e7:cd:16:b0 -----BEGIN CERTIFICATE----- MIIFPTCCBCWgAwIBAgIUL7sYSqpfaUs8OhiSEo2yWOidGFAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoY2U5NjRmOTgzNzlmMDMyMGE3MTkxZTZkNjc4ODgwMDUz NTg4NTkyODAeFw0yNTEyMjExODUxMTdaFw0yNTEyMjIyMTM1MTdaMDMxMTAvBgNV BAMTKDM1REI2MzQ0Qzk3Q0Y2QkFEQzlFOTk1NTMyNTcwRTAwNDU0MTA0MTkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCXYq3eCT8T3mMw7yifuQ88FAvv yxhcRyMaVjvZsJZFkJ3hHHs9s0BO3uHg9LJt+yG4aXtcrL8/EmD8gB1bMC+pCox4 hXdbi9KoscNx4jGtzl/jCiWnBFT1v0joFbC0IGSnUNQ7dFY1prfTelWxFxC33IBN PMIE9+S/k2LBSphTtDSeLFQPrS7sksUB/mamfLMvdmds40qzLPGGognkS/0rO5mY NVqJ4dbewmJA/3to55naI1S4zt+Nq+8fM20T1F4XFtvAoRzZijpP20KJtBw+Q6wo tHGgZuiGZUtH1eo/WTH2M1lquWeaaOhvzTaMVoILquF/XCSy1RVhnI4T5yBNAgMB AAGjggJHMIICQzAdBgNVHQ4EFgQUNdtjRMl89rrcnplVMlcOAEVBBBkwHwYDVR0j BBgwFoAUzpZPmDefAyCnGR5tZ4iABTWIWSgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvM2Y5OWU2NmQtNGM3Yi00MTMwLTkxZDUtNGZiZDg0MzU3 NzkyLzAvQ0U5NjRGOTgzNzlGMDMyMEE3MTkxRTZENjc4ODgwMDUzNTg4NTkyOC5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3pwWlBtRGVmQXlDbkdSNXRaNGlBQlRX SVdTZy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6 Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8zZjk5ZTY2ZC00 YzdiLTQxMzAtOTFkNS00ZmJkODQzNTc3OTIvMC9DRTk2NEY5ODM3OUYwMzIwQTcx OTFFNkQ2Nzg4ODAwNTM1ODg1OTI4Lm1mdDAYBgNVHSABAf8EDjAMMAoGCCsGAQUF Bw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUH AQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlHlNMdRG+3g6QqDoh0T9 ieqYuE9hIVAtx8jFMLvMLL3lV2HDqn3O6atkvVEomgfdMtTcQBNUeLeduudOxSY4 XYVF966xwIsWGqL84DrUDVY1uLRjnAHD9XwemIZ1InrZ034iqXbS/XaGEZTI6o1y vb05r9bOo2zohfq4NvKlYeTTCKICPdoGdTvvqKqYJfK+htBiGJUfuREsSHxT3URa vDVgfyyYTtQCt/hEOA/Se1hA2bCIWUpcHX6TRjgQPcti2XOEFPXlgdGK6dPmASUF apSHEY/VX3m4iW604sXDGexuDCUBFyCKU+RTOvAwPrRWqbsVlrbk9F87s1kh580W sA== -----END CERTIFICATE-----Generated at Mon Dec 22 08:48:06 2025 by rpki-client