This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/4bdc4d-0899-4709-9424-891b455c2c53/1/fAMRalBjzm8X_OpTUcneSgxosN0.mft File: fAMRalBjzm8X_OpTUcneSgxosN0.mft (raw, json) Hash identifier: q1ARaJocoKkHbM2o1Od64/+F79AD6mELH6vFTsQU+BY= Subject key identifier: A8:5F:9C:E9:2D:33:52:B7:1F:6F:2E:8F:C1:37:11:AE:94:E6:64:F5 Authority key identifier: 7C:03:11:6A:50:63:CE:6F:17:FC:EA:53:51:C9:DE:4A:0C:68:B0:DD Certificate issuer: /CN=7c03116a5063ce6f17fcea5351c9de4a0c68b0dd Certificate serial: 019AF12E6ED5C31DBE5134D0400BD29D26FC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fAMRalBjzm8X_OpTUcneSgxosN0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/4bdc4d-0899-4709-9424-891b455c2c53/1/fAMRalBjzm8X_OpTUcneSgxosN0.mft Manifest number: 0C18 Signing time: Sat 06 Dec 2025 01:02:23 +0000 Manifest this update: Sat 06 Dec 2025 01:02:23 +0000 Manifest next update: Sun 07 Dec 2025 01:02:23 +0000 Files and hashes: 1: fAMRalBjzm8X_OpTUcneSgxosN0.crl (hash: k6JPvGcpyvTExtT1QjGHLC9lIhf1HyRcbFLY+1aB9Z0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3c/4bdc4d-0899-4709-9424-891b455c2c53/1/fAMRalBjzm8X_OpTUcneSgxosN0.crl rsync://rpki.ripe.net/repository/DEFAULT/3c/4bdc4d-0899-4709-9424-891b455c2c53/1/fAMRalBjzm8X_OpTUcneSgxosN0.mft rsync://rpki.ripe.net/repository/DEFAULT/fAMRalBjzm8X_OpTUcneSgxosN0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:02:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2e:6e:d5:c3:1d:be:51:34:d0:40:0b:d2:9d:26:fc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7c03116a5063ce6f17fcea5351c9de4a0c68b0dd Validity Not Before: Dec 6 01:02:23 2025 GMT Not After : Dec 7 01:02:23 2025 GMT Subject: CN=a85f9ce92d3352b71f6f2e8fc13711ae94e664f5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:a6:a5:cc:b0:70:63:ef:36:4b:a6:f1:d4:e1: bd:5d:8d:d5:cc:a6:36:f9:05:58:49:84:c0:ad:0c: 97:2f:11:b1:74:d1:16:e5:d3:66:11:b1:97:a3:d8: 4e:4b:74:18:3c:86:45:c5:bf:bb:c9:9b:09:3a:ac: 22:49:6d:31:f1:41:c2:54:f4:ce:06:93:38:60:aa: 78:cc:5b:c1:34:96:b1:91:3b:3d:7a:e7:41:fb:15: 0b:1b:35:a3:55:47:0e:59:b8:dc:94:50:fa:4c:76: f8:29:83:c9:4b:fc:c5:d8:65:79:3d:7b:52:f4:99: 87:84:55:4c:19:6d:1f:12:9d:2f:aa:4f:5b:2f:50: 46:4a:b3:d4:a4:aa:05:32:3b:a3:8c:46:9b:c5:ac: c0:7a:8e:cb:77:f2:b1:65:c6:1d:86:95:0f:04:b4: 52:c3:33:01:94:60:8e:52:d0:be:bd:67:a3:52:f0: 34:e0:6e:bd:64:27:e1:a3:96:8d:07:cf:82:0d:0d: 98:73:3f:76:ec:1e:b6:8f:a4:d1:90:c8:e5:46:40: 4e:da:22:6d:82:76:a3:32:c6:f3:54:92:c8:36:46: b1:32:3b:9f:34:5f:0a:10:34:44:ff:00:ad:d6:fe: 1e:49:ba:9b:6b:71:44:fb:74:01:3c:59:83:16:de: eb:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A8:5F:9C:E9:2D:33:52:B7:1F:6F:2E:8F:C1:37:11:AE:94:E6:64:F5 X509v3 Authority Key Identifier: keyid:7C:03:11:6A:50:63:CE:6F:17:FC:EA:53:51:C9:DE:4A:0C:68:B0:DD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fAMRalBjzm8X_OpTUcneSgxosN0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/4bdc4d-0899-4709-9424-891b455c2c53/1/fAMRalBjzm8X_OpTUcneSgxosN0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/4bdc4d-0899-4709-9424-891b455c2c53/1/fAMRalBjzm8X_OpTUcneSgxosN0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 48:dd:1d:30:25:ec:e5:ad:62:ce:8a:10:eb:7c:b8:df:da:5e: 0a:ff:f6:60:4a:b6:1d:7a:a8:3c:68:56:bf:b5:93:bc:8b:00: 5a:94:24:06:95:4d:6f:15:72:ac:7b:3c:32:b3:a4:65:11:5a: ce:f5:3a:60:c9:d6:30:7b:92:8f:1e:07:cf:15:59:3a:a3:6d: 47:81:e7:6e:c9:78:99:07:1e:22:08:a3:53:28:51:b5:cf:1f: 54:6b:1e:84:88:26:8e:ce:5d:20:5e:3d:a0:6d:9e:44:dd:35: 1d:e3:5d:f0:0c:6c:e0:1a:62:30:e7:4e:7c:3c:b2:58:78:ae: d1:28:3f:1a:1a:62:e0:58:11:03:d1:36:c1:b9:54:f6:98:d6: c5:2a:98:30:43:59:db:9c:e4:72:d5:e3:99:70:a8:ff:2a:5a: 4a:d9:b8:95:dd:5d:89:43:f2:5a:47:e7:6e:62:bf:76:18:c4: 1e:83:0e:8a:39:27:5d:2e:9f:29:d9:e2:99:a6:c5:ee:7e:9e: 69:ef:1e:48:87:c1:a4:33:4c:95:39:b9:b3:9e:03:22:8e:b4: 80:4b:49:e4:37:7f:b6:a6:e2:ec:56:5e:97:ee:e1:83:19:3e: 8e:13:c5:01:53:a2:76:3c:75:4a:e3:db:a9:4f:63:fa:74:77: 84:16:64:3b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLm7Vwx2+UTTQQAvSnSb8MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDdjMDMxMTZhNTA2M2NlNmYxN2ZjZWE1MzUxYzlkZTRhMGM2 OGIwZGQwHhcNMjUxMjA2MDEwMjIzWhcNMjUxMjA3MDEwMjIzWjAzMTEwLwYDVQQD EyhhODVmOWNlOTJkMzM1MmI3MWY2ZjJlOGZjMTM3MTFhZTk0ZTY2NGY1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr6alzLBwY+82S6bx1OG9XY3VzKY2 +QVYSYTArQyXLxGxdNEW5dNmEbGXo9hOS3QYPIZFxb+7yZsJOqwiSW0x8UHCVPTO BpM4YKp4zFvBNJaxkTs9eudB+xULGzWjVUcOWbjclFD6THb4KYPJS/zF2GV5PXtS 9JmHhFVMGW0fEp0vqk9bL1BGSrPUpKoFMjujjEabxazAeo7Ld/KxZcYdhpUPBLRS wzMBlGCOUtC+vWejUvA04G69ZCfho5aNB8+CDQ2Ycz927B62j6TRkMjlRkBO2iJt gnajMsbzVJLINkaxMjufNF8KEDRE/wCt1v4eSbqba3FE+3QBPFmDFt7reQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKhfnOktM1K3H28uj8E3Ea6U5mT1MB8GA1UdIwQY MBaAFHwDEWpQY85vF/zqU1HJ3koMaLDdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZkFNUmFsQmp6bThYX09wVFVjbmVTZ3hvc04wLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy80YmRjNGQtMDg5OS00NzA5LTk0MjQt ODkxYjQ1NWMyYzUzLzEvZkFNUmFsQmp6bThYX09wVFVjbmVTZ3hvc04wLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYy80YmRjNGQtMDg5OS00NzA5LTk0MjQtODkxYjQ1NWMyYzUz LzEvZkFNUmFsQmp6bThYX09wVFVjbmVTZ3hvc04wLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASN0dMCXs 5a1izooQ63y439peCv/2YEq2HXqoPGhWv7WTvIsAWpQkBpVNbxVyrHs8MrOkZRFa zvU6YMnWMHuSjx4HzxVZOqNtR4Hnbsl4mQceIgijUyhRtc8fVGsehIgmjs5dIF49 oG2eRN01HeNd8Axs4BpiMOdOfDyyWHiu0Sg/Ghpi4FgRA9E2wblU9pjWxSqYMENZ 25zkctXjmXCo/ypaStm4ld1diUPyWkfnbmK/dhjEHoMOijknXS6fKdnimabF7n6e ae8eSIfBpDNMlTm5s54DIo60gEtJ5Dd/tqbi7FZel+7hgxk+jhPFAVOidjx1SuPb qU9j+nR3hBZkOw== -----END CERTIFICATE-----Generated at Sat Dec 6 07:21:34 2025 by rpki-client