This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7c11b819-d459-4136-9987-f0292a87e640/0/68D097AFD88AEF3F10282F3218FC13F01A0DE486.mft File: 68D097AFD88AEF3F10282F3218FC13F01A0DE486.mft (raw, json) Hash identifier: OJN5jY6GrbEsqnGdV8d3BNxup0V3JPsPTqTt8aQ4a9g= Subject key identifier: D3:7E:40:7A:FD:68:15:D0:6F:6F:4C:7C:D2:06:FB:8A:B2:C2:40:35 Authority key identifier: 68:D0:97:AF:D8:8A:EF:3F:10:28:2F:32:18:FC:13:F0:1A:0D:E4:86 Certificate issuer: /CN=68d097afd88aef3f10282f3218fc13f01a0de486 Certificate serial: 3E4717813142CE10A6EFF6F1656F67B26B671AD4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aNCXr9iK7z8QKC8yGPwT8BoN5IY.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7c11b819-d459-4136-9987-f0292a87e640/0/68D097AFD88AEF3F10282F3218FC13F01A0DE486.mft Manifest number: 03B2 Signing time: Tue 23 Dec 2025 19:07:47 +0000 Manifest this update: Tue 23 Dec 2025 19:02:47 +0000 Manifest next update: Wed 24 Dec 2025 22:35:47 +0000 Files and hashes: 1: 68D097AFD88AEF3F10282F3218FC13F01A0DE486.crl (hash: rajNLBaYCNssvdSbXGmmbpvXxgDhV76aka9ThGvv2J4=) 2: 3138352e3230362e3235332e302f32342d3234203d3e203630373831.roa (hash: SQPPpGAfcWzeQjBcG69M0Ql5cnWUCRPHaAkbYVbbBkE=) Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7c11b819-d459-4136-9987-f0292a87e640/0/68D097AFD88AEF3F10282F3218FC13F01A0DE486.crl rsync://rsync.paas.rpki.ripe.net/repository/7c11b819-d459-4136-9987-f0292a87e640/0/68D097AFD88AEF3F10282F3218FC13F01A0DE486.mft rsync://rpki.ripe.net/repository/DEFAULT/aNCXr9iK7z8QKC8yGPwT8BoN5IY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 24 Dec 2025 22:35:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3e:47:17:81:31:42:ce:10:a6:ef:f6:f1:65:6f:67:b2:6b:67:1a:d4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=68d097afd88aef3f10282f3218fc13f01a0de486 Validity Not Before: Dec 23 19:02:47 2025 GMT Not After : Dec 24 22:35:47 2025 GMT Subject: CN=D37E407AFD6815D06F6F4C7CD206FB8AB2C24035 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:44:e9:63:b5:78:a2:fb:bf:9c:d6:1a:34:5b: 03:79:d1:00:a2:46:70:ac:18:2c:ca:1b:84:2a:0c: b2:40:9b:13:c7:6a:b7:eb:96:91:8a:a0:96:88:e1: b8:62:db:10:7b:7d:7a:51:d4:d3:75:41:61:1f:51: 6f:1b:7d:e1:89:68:fe:ea:f0:1f:18:98:63:8e:2d: 6d:2d:f7:b1:15:c6:af:4e:ec:a5:58:1d:28:b5:82: 8a:f6:cf:aa:a0:ca:f6:e2:47:ad:4a:b7:e6:74:9d: 16:73:34:7f:83:81:63:fb:9f:54:ff:52:1b:4e:ce: c3:1f:f9:a6:0b:06:10:82:2a:9f:c4:8d:5c:45:94: f7:d1:eb:c8:20:dc:12:0f:f1:b0:b7:4e:68:69:20: 0f:d5:2a:d4:d3:08:70:39:98:c0:3a:86:6d:26:38: 22:c3:8c:32:1f:69:56:df:f6:d6:37:71:b8:6a:f8: 6c:f5:cb:81:99:bc:cc:34:9a:90:97:85:f0:42:f2: d2:e5:2e:23:aa:54:bb:6a:39:fe:fc:07:7a:be:d0: bf:26:48:bc:5f:bc:29:15:6f:86:a0:ee:f6:d5:63: 8c:38:1c:bc:ab:4f:4f:92:13:d4:d9:fd:3e:9c:f0: d0:d3:7d:87:30:a8:f9:48:99:8d:a7:72:43:6f:8b: 31:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D3:7E:40:7A:FD:68:15:D0:6F:6F:4C:7C:D2:06:FB:8A:B2:C2:40:35 X509v3 Authority Key Identifier: keyid:68:D0:97:AF:D8:8A:EF:3F:10:28:2F:32:18:FC:13:F0:1A:0D:E4:86 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/7c11b819-d459-4136-9987-f0292a87e640/0/68D097AFD88AEF3F10282F3218FC13F01A0DE486.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aNCXr9iK7z8QKC8yGPwT8BoN5IY.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7c11b819-d459-4136-9987-f0292a87e640/0/68D097AFD88AEF3F10282F3218FC13F01A0DE486.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 41:33:74:58:69:fa:6e:f9:4f:95:3d:ef:e9:44:76:26:13:48: b0:06:bc:7c:90:a6:54:5c:06:f7:0d:7a:5d:73:8a:d5:e4:a8: 29:d1:21:3f:fb:f5:85:91:94:78:4e:66:ed:5e:e8:6d:70:93: fe:37:c5:1a:a5:fb:e4:82:d2:d7:5c:55:47:c5:00:f5:6a:1b: 83:6f:10:53:5c:57:3a:8b:5c:46:44:a0:13:be:64:56:d8:35: 66:5e:1e:3e:9c:37:e0:d0:de:d2:7c:e4:19:7d:de:66:7d:c6: 34:c5:e2:8e:81:87:dc:e6:5a:14:ce:b8:41:87:13:d6:de:e8: 2e:dc:7e:8c:e1:3e:1e:3f:b7:30:74:f4:07:2c:59:ff:a8:f2: f1:11:e5:2c:18:be:c6:d7:48:b3:93:37:88:db:2b:67:e9:80: a3:ae:c5:12:67:94:24:57:16:a4:fd:6d:9d:c4:4e:62:dd:d9: 30:74:a0:68:d3:1f:25:af:ae:55:3b:93:91:bb:55:07:83:76: 7a:a5:e9:50:90:e1:47:5a:72:c2:7d:ff:86:4a:b2:b2:24:d5: 72:ae:47:73:56:86:ae:bc:61:57:dc:12:ce:6f:93:70:ae:65: 1b:9d:d9:1a:ef:8f:4b:cc:0b:e1:b4:55:fa:b9:0b:07:78:b3: 15:42:71:d1 -----BEGIN CERTIFICATE----- MIIFPTCCBCWgAwIBAgIUPkcXgTFCzhCm7/bxZW9nsmtnGtQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNjhkMDk3YWZkODhhZWYzZjEwMjgyZjMyMThmYzEzZjAx YTBkZTQ4NjAeFw0yNTEyMjMxOTAyNDdaFw0yNTEyMjQyMjM1NDdaMDMxMTAvBgNV BAMTKEQzN0U0MDdBRkQ2ODE1RDA2RjZGNEM3Q0QyMDZGQjhBQjJDMjQwMzUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPROljtXii+7+c1ho0WwN50QCi RnCsGCzKG4QqDLJAmxPHarfrlpGKoJaI4bhi2xB7fXpR1NN1QWEfUW8bfeGJaP7q 8B8YmGOOLW0t97EVxq9O7KVYHSi1gor2z6qgyvbiR61Kt+Z0nRZzNH+DgWP7n1T/ UhtOzsMf+aYLBhCCKp/EjVxFlPfR68gg3BIP8bC3TmhpIA/VKtTTCHA5mMA6hm0m OCLDjDIfaVbf9tY3cbhq+Gz1y4GZvMw0mpCXhfBC8tLlLiOqVLtqOf78B3q+0L8m SLxfvCkVb4ag7vbVY4w4HLyrT0+SE9TZ/T6c8NDTfYcwqPlImY2nckNvizF/AgMB AAGjggJHMIICQzAdBgNVHQ4EFgQU035Aev1oFdBvb0x80gb7irLCQDUwHwYDVR0j BBgwFoAUaNCXr9iK7z8QKC8yGPwT8BoN5IYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvN2MxMWI4MTktZDQ1OS00MTM2LTk5ODctZjAyOTJhODdl NjQwLzAvNjhEMDk3QUZEODhBRUYzRjEwMjgyRjMyMThGQzEzRjAxQTBERTQ4Ni5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2FOQ1hyOWlLN3o4UUtDOHlHUHdUOEJv TjVJWS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6 Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS83YzExYjgxOS1k NDU5LTQxMzYtOTk4Ny1mMDI5MmE4N2U2NDAvMC82OEQwOTdBRkQ4OEFFRjNGMTAy ODJGMzIxOEZDMTNGMDFBMERFNDg2Lm1mdDAYBgNVHSABAf8EDjAMMAoGCCsGAQUF Bw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUH AQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQTN0WGn6bvlPlT3v6UR2 JhNIsAa8fJCmVFwG9w16XXOK1eSoKdEhP/v1hZGUeE5m7V7obXCT/jfFGqX75ILS 11xVR8UA9Wobg28QU1xXOotcRkSgE75kVtg1Zl4ePpw34NDe0nzkGX3eZn3GNMXi joGH3OZaFM64QYcT1t7oLtx+jOE+Hj+3MHT0ByxZ/6jy8RHlLBi+xtdIs5M3iNsr Z+mAo67FEmeUJFcWpP1tncROYt3ZMHSgaNMfJa+uVTuTkbtVB4N2eqXpUJDhR1py wn3/hkqysiTVcq5Hc1aGrrxhV9wSzm+TcK5lG53ZGu+PS8wL4bRV+rkLB3izFUJx 0Q== -----END CERTIFICATE-----Generated at Wed Dec 24 11:44:26 2025 by rpki-client