This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/de2b16-fa2b-4a11-95ab-dbeaf784817a/1/FMc1JZ_be4Pyd63xLQjMmLWmEAo.mft File: FMc1JZ_be4Pyd63xLQjMmLWmEAo.mft (raw, json) Hash identifier: Uibu80j+1J+q2JgXSIqQQcUayiFISGQuO8it0rVevY0= Subject key identifier: D9:59:C7:A0:0D:70:D0:8F:8C:AF:A6:90:22:31:50:9B:50:F4:DA:FC Authority key identifier: 14:C7:35:25:9F:DB:7B:83:F2:77:AD:F1:2D:08:CC:98:B5:A6:10:0A Certificate issuer: /CN=14c735259fdb7b83f277adf12d08cc98b5a6100a Certificate serial: 019AF12CBFE146B0F840A89A916DD565D4B0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FMc1JZ_be4Pyd63xLQjMmLWmEAo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/de2b16-fa2b-4a11-95ab-dbeaf784817a/1/FMc1JZ_be4Pyd63xLQjMmLWmEAo.mft Manifest number: 0A82 Signing time: Sat 06 Dec 2025 01:00:32 +0000 Manifest this update: Sat 06 Dec 2025 01:00:32 +0000 Manifest next update: Sun 07 Dec 2025 01:00:32 +0000 Files and hashes: 1: FMc1JZ_be4Pyd63xLQjMmLWmEAo.crl (hash: PnovVLQDlMCNGVm9hcGrAP3B2tw7AA5zQSj46n4ETyk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/de2b16-fa2b-4a11-95ab-dbeaf784817a/1/FMc1JZ_be4Pyd63xLQjMmLWmEAo.crl rsync://rpki.ripe.net/repository/DEFAULT/cb/de2b16-fa2b-4a11-95ab-dbeaf784817a/1/FMc1JZ_be4Pyd63xLQjMmLWmEAo.mft rsync://rpki.ripe.net/repository/DEFAULT/FMc1JZ_be4Pyd63xLQjMmLWmEAo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:00:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2c:bf:e1:46:b0:f8:40:a8:9a:91:6d:d5:65:d4:b0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=14c735259fdb7b83f277adf12d08cc98b5a6100a Validity Not Before: Dec 6 01:00:32 2025 GMT Not After : Dec 7 01:00:32 2025 GMT Subject: CN=d959c7a00d70d08f8cafa6902231509b50f4dafc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:50:b5:ce:b3:f4:21:d2:00:8c:80:38:e6:67: 63:59:92:39:c3:44:a6:49:f3:7a:7d:3b:45:cf:31: 95:c9:d5:8e:fa:75:0f:01:cb:4f:29:34:de:40:79: 3e:f2:b1:e6:a3:a7:59:ce:3b:39:9d:df:8a:d9:5a: 0a:bd:cb:e0:fe:57:ea:b3:aa:22:2d:79:8e:69:68: 1f:65:71:04:3d:e4:0e:a3:f5:9e:61:76:e1:bc:b5: 19:82:09:b7:5f:ab:a0:7e:2d:b2:d5:94:89:96:bb: 96:c3:e3:7d:5f:ca:7a:aa:ab:d8:bc:69:b3:66:af: ad:d8:19:04:d1:7d:ee:84:02:55:5e:f1:af:db:d6: b2:82:8c:b7:41:e6:84:e0:8b:e5:a5:85:a4:91:c7: 9e:9f:ab:8f:c1:d2:86:b4:36:87:0d:81:61:74:79: 38:c2:f7:54:b2:52:5a:92:2c:6c:a6:d3:9f:7b:95: 44:ef:38:be:cc:0f:20:e2:8e:1f:99:b4:15:c6:ab: 3e:28:cb:7a:17:ac:ea:62:aa:a1:12:a4:ed:b6:f8: f5:c6:fb:8c:b6:d7:bb:52:cb:c4:c3:0f:8a:3c:63: 44:75:00:b8:69:79:94:92:91:e8:58:fe:5c:f1:8d: 48:06:1e:4f:c4:42:3d:75:94:5c:d6:06:e9:d3:e0: 15:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:59:C7:A0:0D:70:D0:8F:8C:AF:A6:90:22:31:50:9B:50:F4:DA:FC X509v3 Authority Key Identifier: keyid:14:C7:35:25:9F:DB:7B:83:F2:77:AD:F1:2D:08:CC:98:B5:A6:10:0A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FMc1JZ_be4Pyd63xLQjMmLWmEAo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/de2b16-fa2b-4a11-95ab-dbeaf784817a/1/FMc1JZ_be4Pyd63xLQjMmLWmEAo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/de2b16-fa2b-4a11-95ab-dbeaf784817a/1/FMc1JZ_be4Pyd63xLQjMmLWmEAo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 85:cc:3c:c4:f8:e2:a5:bc:aa:0f:74:73:ac:f1:fb:43:66:2c: 78:f9:16:26:35:d0:71:83:4c:9d:13:32:8b:cd:9d:2e:a9:1d: f0:63:24:01:67:f4:fd:84:b3:de:fe:a5:6f:8e:c6:89:c2:96: 95:71:be:cf:95:a9:db:27:a4:9c:fe:b5:04:bf:23:ee:b8:df: 3f:b7:6b:e9:0a:94:7d:d1:e8:52:25:8f:78:24:47:87:d3:b5: 9f:12:73:ec:f6:b3:de:7d:30:96:ce:1b:8b:23:08:0d:7e:1e: cc:d0:8d:4d:7e:d2:17:1d:7e:67:e3:a4:fd:e1:bb:e1:d0:14: 97:a9:07:d1:eb:34:f3:ea:c7:ed:a5:96:b6:51:33:5c:fb:7a: f8:d5:bc:20:11:f6:4f:44:da:e0:62:29:e8:60:d5:09:9c:5a: f3:66:5c:61:3f:cb:4b:42:5f:50:ff:11:4e:bd:72:3b:eb:02: 25:8c:4c:5f:67:d6:2e:7c:83:8c:ae:6b:52:c0:d1:bc:3d:c9: 76:dc:b2:03:2b:0f:f4:6d:f7:95:f2:73:69:22:3b:8e:56:08: 22:3f:16:45:b1:ab:19:6f:c2:d9:d2:02:1e:ac:42:ee:1f:31: 19:ff:51:ab:be:5f:9c:f1:32:75:cf:bf:cf:2f:e6:46:a9:3a: ac:22:d9:51 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLL/hRrD4QKiakW3VZdSwMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDE0YzczNTI1OWZkYjdiODNmMjc3YWRmMTJkMDhjYzk4YjVh NjEwMGEwHhcNMjUxMjA2MDEwMDMyWhcNMjUxMjA3MDEwMDMyWjAzMTEwLwYDVQQD EyhkOTU5YzdhMDBkNzBkMDhmOGNhZmE2OTAyMjMxNTA5YjUwZjRkYWZjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz1C1zrP0IdIAjIA45mdjWZI5w0Sm SfN6fTtFzzGVydWO+nUPActPKTTeQHk+8rHmo6dZzjs5nd+K2VoKvcvg/lfqs6oi LXmOaWgfZXEEPeQOo/WeYXbhvLUZggm3X6ugfi2y1ZSJlruWw+N9X8p6qqvYvGmz Zq+t2BkE0X3uhAJVXvGv29aygoy3QeaE4IvlpYWkkceen6uPwdKGtDaHDYFhdHk4 wvdUslJakixsptOfe5VE7zi+zA8g4o4fmbQVxqs+KMt6F6zqYqqhEqTttvj1xvuM tte7UsvEww+KPGNEdQC4aXmUkpHoWP5c8Y1IBh5PxEI9dZRc1gbp0+AVUwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNlZx6ANcNCPjK+mkCIxUJtQ9Nr8MB8GA1UdIwQY MBaAFBTHNSWf23uD8net8S0IzJi1phAKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRk1jMUpaX2JlNFB5ZDYzeExRak1tTFdtRUFvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9kZTJiMTYtZmEyYi00YTExLTk1YWIt ZGJlYWY3ODQ4MTdhLzEvRk1jMUpaX2JlNFB5ZDYzeExRak1tTFdtRUFvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jYi9kZTJiMTYtZmEyYi00YTExLTk1YWItZGJlYWY3ODQ4MTdh LzEvRk1jMUpaX2JlNFB5ZDYzeExRak1tTFdtRUFvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhcw8xPji pbyqD3RzrPH7Q2YsePkWJjXQcYNMnRMyi82dLqkd8GMkAWf0/YSz3v6lb47GicKW lXG+z5Wp2yeknP61BL8j7rjfP7dr6QqUfdHoUiWPeCRHh9O1nxJz7Paz3n0wls4b iyMIDX4ezNCNTX7SFx1+Z+Ok/eG74dAUl6kH0es08+rH7aWWtlEzXPt6+NW8IBH2 T0Ta4GIp6GDVCZxa82ZcYT/LS0JfUP8RTr1yO+sCJYxMX2fWLnyDjK5rUsDRvD3J dtyyAysP9G33lfJzaSI7jlYIIj8WRbGrGW/C2dICHqxC7h8xGf9Rq75fnPEydc+/ zy/mRqk6rCLZUQ== -----END CERTIFICATE-----Generated at Sat Dec 6 08:08:36 2025 by rpki-client