This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/29dac9-9a15-4661-af78-1522e2964fce/1/fzErCdH2kPJXAL1dzwfJGAxelmM.mft File: fzErCdH2kPJXAL1dzwfJGAxelmM.mft (raw, json) Hash identifier: pXru0xumWY8sk6C2WvSBmCqH0zOj+DaYMLGdUsT2EHM= Subject key identifier: 81:30:09:B4:82:75:91:09:C6:44:13:85:B2:8B:CC:36:E6:21:A1:F6 Authority key identifier: 7F:31:2B:09:D1:F6:90:F2:57:00:BD:5D:CF:07:C9:18:0C:5E:96:63 Certificate issuer: /CN=7f312b09d1f690f25700bd5dcf07c9180c5e9663 Certificate serial: 019AF49C5B8E6AD3CBB99F87F3EBA55BDB6A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fzErCdH2kPJXAL1dzwfJGAxelmM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/29dac9-9a15-4661-af78-1522e2964fce/1/fzErCdH2kPJXAL1dzwfJGAxelmM.mft Manifest number: 8B Signing time: Sat 06 Dec 2025 17:01:18 +0000 Manifest this update: Sat 06 Dec 2025 17:01:18 +0000 Manifest next update: Sun 07 Dec 2025 17:01:18 +0000 Files and hashes: 1: 5wnQts3aHCqK4LPQTc1TSV8LlF8.roa (hash: k5nmC2X9nRpfsHKs8VUO+zQKfKvAMmG2gTrsovLYmdc=) 2: fzErCdH2kPJXAL1dzwfJGAxelmM.crl (hash: amJ0JuMVjjCB+tB9JzN9OpFX6yvZ+5/k8ED3uV9keKI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/29dac9-9a15-4661-af78-1522e2964fce/1/fzErCdH2kPJXAL1dzwfJGAxelmM.crl rsync://rpki.ripe.net/repository/DEFAULT/bc/29dac9-9a15-4661-af78-1522e2964fce/1/fzErCdH2kPJXAL1dzwfJGAxelmM.mft rsync://rpki.ripe.net/repository/DEFAULT/fzErCdH2kPJXAL1dzwfJGAxelmM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 17:01:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f4:9c:5b:8e:6a:d3:cb:b9:9f:87:f3:eb:a5:5b:db:6a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7f312b09d1f690f25700bd5dcf07c9180c5e9663 Validity Not Before: Dec 6 17:01:18 2025 GMT Not After : Dec 7 17:01:18 2025 GMT Subject: CN=813009b482759109c6441385b28bcc36e621a1f6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:9a:e6:62:62:65:84:a7:4f:60:b6:7f:b7:39: 40:80:68:ab:33:cf:f1:16:36:3b:cf:fe:93:a8:05: c4:df:41:b8:26:f1:18:2e:44:24:db:83:94:80:7d: b7:04:8a:dd:be:0d:df:1d:e0:b3:3d:6b:e8:c8:ec: 93:82:a1:6e:1f:c6:81:5d:b9:cc:0e:31:57:e4:4f: f4:74:45:14:70:53:7a:91:09:e6:39:d9:37:9d:ad: ce:ca:12:f1:6b:83:2d:d0:b2:ed:66:8d:ea:71:33: 71:d5:c0:bb:27:6f:89:1c:46:39:84:9c:f5:98:ea: 85:21:aa:50:99:e0:a9:df:8e:bd:a8:7b:55:b1:9e: 84:68:fa:99:1b:f2:ba:a5:c4:dd:f8:42:1e:5c:ee: 0c:ed:ec:e4:b9:a4:78:22:16:c4:3b:8c:55:70:b9: b8:47:3a:90:0b:42:31:04:3c:26:5e:1d:79:4d:07: 54:ea:33:04:5e:68:ae:52:47:99:35:db:12:88:9f: 74:90:b0:e1:f1:52:b0:d3:27:52:26:67:c4:32:6b: 0f:f6:3f:40:0b:0d:cc:62:f4:63:9f:c6:d6:61:ca: f5:8a:2b:27:36:98:b0:22:57:15:1a:cf:6d:66:5e: 11:a1:96:5b:98:ba:7b:0c:d2:7d:93:d4:25:9c:6e: f8:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 81:30:09:B4:82:75:91:09:C6:44:13:85:B2:8B:CC:36:E6:21:A1:F6 X509v3 Authority Key Identifier: keyid:7F:31:2B:09:D1:F6:90:F2:57:00:BD:5D:CF:07:C9:18:0C:5E:96:63 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fzErCdH2kPJXAL1dzwfJGAxelmM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/29dac9-9a15-4661-af78-1522e2964fce/1/fzErCdH2kPJXAL1dzwfJGAxelmM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/29dac9-9a15-4661-af78-1522e2964fce/1/fzErCdH2kPJXAL1dzwfJGAxelmM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1e:11:14:87:54:88:75:ad:d0:87:79:55:da:db:0c:38:09:97: 6e:d8:79:66:fd:b5:8e:c2:c4:ee:5b:f3:63:0e:23:4d:66:94: 7e:3e:33:31:fa:4c:91:a2:bf:43:d9:91:4f:26:a7:f4:5e:91: 77:3f:47:90:5f:bf:24:4e:e6:e2:29:d8:e3:b1:3e:2d:2a:c6: 19:90:20:2a:b1:00:7d:a1:8b:e2:56:e2:af:c9:cd:14:ac:83: 37:c0:08:78:a6:64:85:3f:50:70:01:48:53:d1:79:a3:39:01: 48:d3:07:ec:b6:f5:d8:36:9f:63:7b:79:a5:a6:46:78:39:f8: ae:e1:ea:a2:c1:c2:49:c2:43:b0:0d:88:5c:1d:bb:47:00:40: c1:50:85:26:5d:c0:41:57:cd:11:d1:56:ca:32:20:7a:0f:97: 3a:fb:58:fe:13:69:66:72:ec:41:de:5a:1d:78:4a:6a:0c:e6: 37:68:47:1c:02:50:43:6b:66:28:cd:1c:e5:33:a9:69:e7:49: e1:14:d7:a7:47:31:67:6b:9a:d1:78:c5:0a:49:16:5e:1f:71: c7:fd:0e:bd:54:27:14:36:c0:fa:66:53:f5:cf:7f:36:9e:56: b8:a0:2f:79:42:0f:9a:93:ef:c2:9a:5d:2e:f8:79:2f:7f:53: 39:a3:74:2b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr0nFuOatPLuZ+H8+ulW9tqMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDdmMzEyYjA5ZDFmNjkwZjI1NzAwYmQ1ZGNmMDdjOTE4MGM1 ZTk2NjMwHhcNMjUxMjA2MTcwMTE4WhcNMjUxMjA3MTcwMTE4WjAzMTEwLwYDVQQD Eyg4MTMwMDliNDgyNzU5MTA5YzY0NDEzODViMjhiY2MzNmU2MjFhMWY2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyprmYmJlhKdPYLZ/tzlAgGirM8/x FjY7z/6TqAXE30G4JvEYLkQk24OUgH23BIrdvg3fHeCzPWvoyOyTgqFuH8aBXbnM DjFX5E/0dEUUcFN6kQnmOdk3na3OyhLxa4Mt0LLtZo3qcTNx1cC7J2+JHEY5hJz1 mOqFIapQmeCp3469qHtVsZ6EaPqZG/K6pcTd+EIeXO4M7ezkuaR4IhbEO4xVcLm4 RzqQC0IxBDwmXh15TQdU6jMEXmiuUkeZNdsSiJ90kLDh8VKw0ydSJmfEMmsP9j9A Cw3MYvRjn8bWYcr1iisnNpiwIlcVGs9tZl4RoZZbmLp7DNJ9k9QlnG74IwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIEwCbSCdZEJxkQThbKLzDbmIaH2MB8GA1UdIwQY MBaAFH8xKwnR9pDyVwC9Xc8HyRgMXpZjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZnpFckNkSDJrUEpYQUwxZHp3ZkpHQXhlbG1NLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy8yOWRhYzktOWExNS00NjYxLWFmNzgt MTUyMmUyOTY0ZmNlLzEvZnpFckNkSDJrUEpYQUwxZHp3ZkpHQXhlbG1NLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYy8yOWRhYzktOWExNS00NjYxLWFmNzgtMTUyMmUyOTY0ZmNl LzEvZnpFckNkSDJrUEpYQUwxZHp3ZkpHQXhlbG1NLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHhEUh1SI da3Qh3lV2tsMOAmXbth5Zv21jsLE7lvzYw4jTWaUfj4zMfpMkaK/Q9mRTyan9F6R dz9HkF+/JE7m4inY47E+LSrGGZAgKrEAfaGL4lbir8nNFKyDN8AIeKZkhT9QcAFI U9F5ozkBSNMH7Lb12DafY3t5paZGeDn4ruHqosHCScJDsA2IXB27RwBAwVCFJl3A QVfNEdFWyjIgeg+XOvtY/hNpZnLsQd5aHXhKagzmN2hHHAJQQ2tmKM0c5TOpaedJ 4RTXp0cxZ2ua0XjFCkkWXh9xx/0OvVQnFDbA+mZT9c9/Np5WuKAveUIPmpPvwppd Lvh5L39TOaN0Kw== -----END CERTIFICATE-----Generated at Sun Dec 7 00:50:44 2025 by rpki-client