This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9dccb4b0-e30e-426c-84dc-464fd1899116/0/407DAF8DC897D3F1C43D866EA945305303AD73ED.mft File: 407DAF8DC897D3F1C43D866EA945305303AD73ED.mft (raw, json) Hash identifier: 65ya9r8T3HiWs4mXIqLk1ddOXhwxX5+NquN6QTydkWQ= Subject key identifier: 2B:29:EA:6C:25:D9:40:BB:DB:2F:FD:07:8B:1A:19:D2:85:C0:35:64 Authority key identifier: 40:7D:AF:8D:C8:97:D3:F1:C4:3D:86:6E:A9:45:30:53:03:AD:73:ED Certificate issuer: /CN=407daf8dc897d3f1c43d866ea945305303ad73ed Certificate serial: 4E00C687D3B9CEFAD1E9A209634B0E12EB1753A1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QH2vjciX0_HEPYZuqUUwUwOtc-0.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/9dccb4b0-e30e-426c-84dc-464fd1899116/0/407DAF8DC897D3F1C43D866EA945305303AD73ED.mft Manifest number: 32 Signing time: Sat 20 Dec 2025 18:26:44 +0000 Manifest this update: Sat 20 Dec 2025 18:21:44 +0000 Manifest next update: Sun 21 Dec 2025 18:44:44 +0000 Files and hashes: 1: 407DAF8DC897D3F1C43D866EA945305303AD73ED.crl (hash: DbPrDuIfhhfOZdkxw2tdMWfybXVi0DdUKhY7AcVKu5A=) 2: 323030313a3637383a6531303a3a2f34382d3438203d3e20323038393135.roa (hash: Q+rBjBtdmpkMnJJ1scyQFgFf7p0XTL49lt2rh8zsejE=) Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/9dccb4b0-e30e-426c-84dc-464fd1899116/0/407DAF8DC897D3F1C43D866EA945305303AD73ED.crl rsync://rsync.paas.rpki.ripe.net/repository/9dccb4b0-e30e-426c-84dc-464fd1899116/0/407DAF8DC897D3F1C43D866EA945305303AD73ED.mft rsync://rpki.ripe.net/repository/DEFAULT/QH2vjciX0_HEPYZuqUUwUwOtc-0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 18:44:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4e:00:c6:87:d3:b9:ce:fa:d1:e9:a2:09:63:4b:0e:12:eb:17:53:a1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=407daf8dc897d3f1c43d866ea945305303ad73ed Validity Not Before: Dec 20 18:21:44 2025 GMT Not After : Dec 21 18:44:44 2025 GMT Subject: CN=2B29EA6C25D940BBDB2FFD078B1A19D285C03564 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:cb:55:6d:39:db:65:ec:80:0c:f0:ee:28:6e: cc:05:3d:e4:bb:7c:5c:d6:35:42:2c:c8:22:5e:dc: c1:82:4c:0d:ed:02:8f:06:65:c2:26:74:2a:a2:25: 36:00:a3:a2:8a:92:18:76:06:16:22:2d:ee:de:77: d0:89:96:d8:b3:1b:21:05:09:a6:0e:cc:2b:77:ec: 97:16:97:3a:cf:71:83:4f:fa:a8:e1:26:3c:ca:3c: bf:70:41:2a:df:f2:29:2e:9e:30:d3:16:66:33:c6: 19:12:8f:4d:26:05:59:f5:88:3c:07:28:07:80:ad: 95:bf:a1:cc:82:86:40:ce:1e:14:1e:13:0b:73:19: 28:77:d9:d7:8a:db:3d:53:8c:73:57:9a:67:2d:53: da:08:84:80:32:51:ca:48:41:8f:51:48:95:77:e9: 20:be:62:39:53:11:f0:b8:98:4e:a5:cc:bc:28:36: f2:e7:aa:28:39:e4:75:38:d0:b3:5c:2b:69:e2:bf: ef:8a:0b:ea:19:19:e2:0c:79:72:3b:77:c3:ab:ec: a2:3a:4b:e7:73:47:48:57:4a:73:3b:04:ae:36:1e: db:1b:92:11:d6:96:ae:84:68:2a:f5:36:19:4a:4b: 46:2e:00:57:d5:09:0e:7b:c7:78:1d:fc:f2:ce:45: b1:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:29:EA:6C:25:D9:40:BB:DB:2F:FD:07:8B:1A:19:D2:85:C0:35:64 X509v3 Authority Key Identifier: keyid:40:7D:AF:8D:C8:97:D3:F1:C4:3D:86:6E:A9:45:30:53:03:AD:73:ED X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/9dccb4b0-e30e-426c-84dc-464fd1899116/0/407DAF8DC897D3F1C43D866EA945305303AD73ED.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QH2vjciX0_HEPYZuqUUwUwOtc-0.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9dccb4b0-e30e-426c-84dc-464fd1899116/0/407DAF8DC897D3F1C43D866EA945305303AD73ED.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 56:c5:cf:87:db:2d:09:eb:94:cd:80:fc:24:0f:bb:e4:ef:c1: d6:00:0e:26:f8:ce:a1:be:4f:92:de:4a:16:87:97:ac:89:2f: 45:21:55:61:18:47:df:06:f4:be:84:aa:37:31:1f:c6:5c:36: da:12:f9:1e:a5:50:9e:56:28:9a:ef:a6:a2:1c:85:0b:a1:ac: 58:24:8a:2a:61:3d:12:6c:a6:e8:d1:52:23:30:67:cd:b4:8a: 35:5d:89:b7:15:e1:a0:97:40:7f:d9:3c:2a:9f:ae:e3:e8:ab: 71:ee:71:f9:31:ef:92:33:88:26:56:0f:37:85:d2:80:35:57: 80:a1:05:c6:56:fd:4b:9e:d7:0a:90:bc:3d:80:d3:43:2c:e6: 21:95:1d:bd:0d:15:ae:18:20:95:96:86:96:05:3c:fe:9b:87: 2d:50:04:84:fe:71:da:07:9a:42:5f:1a:23:e2:2c:53:12:00: a1:58:46:37:83:c0:c7:30:f9:cc:ee:8c:66:3a:79:6e:c9:52: cb:36:42:d2:0a:b2:6a:99:cc:38:80:10:da:f0:7d:8a:62:3f: 94:97:d7:de:de:e8:81:c6:65:59:75:52:1b:31:ef:e9:b4:74: 1a:d9:1e:13:47:1f:4c:0a:39:ba:91:b9:2e:eb:5a:b5:4d:9c: 91:ab:e6:6a -----BEGIN CERTIFICATE----- MIIFPTCCBCWgAwIBAgIUTgDGh9O5zvrR6aIJY0sOEusXU6EwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDA3ZGFmOGRjODk3ZDNmMWM0M2Q4NjZlYTk0NTMwNTMw M2FkNzNlZDAeFw0yNTEyMjAxODIxNDRaFw0yNTEyMjExODQ0NDRaMDMxMTAvBgNV BAMTKDJCMjlFQTZDMjVEOTQwQkJEQjJGRkQwNzhCMUExOUQyODVDMDM1NjQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCky1VtOdtl7IAM8O4obswFPeS7 fFzWNUIsyCJe3MGCTA3tAo8GZcImdCqiJTYAo6KKkhh2BhYiLe7ed9CJltizGyEF CaYOzCt37JcWlzrPcYNP+qjhJjzKPL9wQSrf8ikunjDTFmYzxhkSj00mBVn1iDwH KAeArZW/ocyChkDOHhQeEwtzGSh32deK2z1TjHNXmmctU9oIhIAyUcpIQY9RSJV3 6SC+YjlTEfC4mE6lzLwoNvLnqig55HU40LNcK2niv++KC+oZGeIMeXI7d8Or7KI6 S+dzR0hXSnM7BK42HtsbkhHWlq6EaCr1NhlKS0YuAFfVCQ57x3gd/PLORbHFAgMB AAGjggJHMIICQzAdBgNVHQ4EFgQUKynqbCXZQLvbL/0HixoZ0oXANWQwHwYDVR0j BBgwFoAUQH2vjciX0/HEPYZuqUUwUwOtc+0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvOWRjY2I0YjAtZTMwZS00MjZjLTg0ZGMtNDY0ZmQxODk5 MTE2LzAvNDA3REFGOERDODk3RDNGMUM0M0Q4NjZFQTk0NTMwNTMwM0FENzNFRC5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1FIMnZqY2lYMF9IRVBZWnVxVVV3VXdP dGMtMC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6 Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS85ZGNjYjRiMC1l MzBlLTQyNmMtODRkYy00NjRmZDE4OTkxMTYvMC80MDdEQUY4REM4OTdEM0YxQzQz RDg2NkVBOTQ1MzA1MzAzQUQ3M0VELm1mdDAYBgNVHSABAf8EDjAMMAoGCCsGAQUF Bw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUH AQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVsXPh9stCeuUzYD8JA+7 5O/B1gAOJvjOob5Pkt5KFoeXrIkvRSFVYRhH3wb0voSqNzEfxlw22hL5HqVQnlYo mu+mohyFC6GsWCSKKmE9Emym6NFSIzBnzbSKNV2JtxXhoJdAf9k8Kp+u4+irce5x +THvkjOIJlYPN4XSgDVXgKEFxlb9S57XCpC8PYDTQyzmIZUdvQ0VrhgglZaGlgU8 /puHLVAEhP5x2geaQl8aI+IsUxIAoVhGN4PAxzD5zO6MZjp5bslSyzZC0gqyapnM OIAQ2vB9imI/lJfX3t7ogcZlWXVSGzHv6bR0GtkeE0cfTAo5upG5LutatU2ckavm ag== -----END CERTIFICATE-----Generated at Sun Dec 21 07:38:28 2025 by rpki-client