This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/5e731f-528b-4e02-ad68-6d9035af1535/1/f1HfHfTohn5B5ef5Lef50foMFU0.mft File: f1HfHfTohn5B5ef5Lef50foMFU0.mft (raw, json) Hash identifier: L3MCHS3LVn894uyCnxIEetFITSK9rY6lLMtztfOmlgI= Subject key identifier: 1B:07:35:A9:D9:F1:07:29:33:38:51:3F:4F:0D:59:B1:C8:12:4E:62 Authority key identifier: 7F:51:DF:1D:F4:E8:86:7E:41:E5:E7:F9:2D:E7:F9:D1:FA:0C:15:4D Certificate issuer: /CN=7f51df1df4e8867e41e5e7f92de7f9d1fa0c154d Certificate serial: 019AF19BB3C9D677BC660F3C1B9DA612FB4F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f1HfHfTohn5B5ef5Lef50foMFU0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/5e731f-528b-4e02-ad68-6d9035af1535/1/f1HfHfTohn5B5ef5Lef50foMFU0.mft Manifest number: 0C46 Signing time: Sat 06 Dec 2025 03:01:44 +0000 Manifest this update: Sat 06 Dec 2025 03:01:44 +0000 Manifest next update: Sun 07 Dec 2025 03:01:44 +0000 Files and hashes: 1: f1HfHfTohn5B5ef5Lef50foMFU0.crl (hash: wSCX78M8by6rf44MP59mpztAbS5MXJP0ZG1tyP8SIf4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/5e731f-528b-4e02-ad68-6d9035af1535/1/f1HfHfTohn5B5ef5Lef50foMFU0.crl rsync://rpki.ripe.net/repository/DEFAULT/fa/5e731f-528b-4e02-ad68-6d9035af1535/1/f1HfHfTohn5B5ef5Lef50foMFU0.mft rsync://rpki.ripe.net/repository/DEFAULT/f1HfHfTohn5B5ef5Lef50foMFU0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:9b:b3:c9:d6:77:bc:66:0f:3c:1b:9d:a6:12:fb:4f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7f51df1df4e8867e41e5e7f92de7f9d1fa0c154d Validity Not Before: Dec 6 03:01:44 2025 GMT Not After : Dec 7 03:01:44 2025 GMT Subject: CN=1b0735a9d9f107293338513f4f0d59b1c8124e62 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f5:2a:cf:26:79:9b:87:65:5e:b1:6c:f2:8e:35: 68:7d:7a:ae:19:50:b4:45:90:da:87:59:1c:ad:35: b6:8b:e1:96:92:64:aa:88:45:6b:e6:26:23:ba:d5: 7e:25:61:55:48:27:7c:9b:5d:d8:6e:fe:88:eb:a1: 6f:7e:df:5b:4f:28:13:ae:19:3f:a3:74:24:3c:e7: 8a:e9:f0:35:66:52:e9:8c:d7:0e:31:15:fa:1b:16: ff:99:f8:e4:df:73:28:b2:0e:69:e7:33:74:42:0a: 3b:db:99:b5:3e:d3:9c:91:24:dc:55:47:d7:f2:7b: e4:6c:f3:5c:d3:66:bf:b1:0b:24:b5:cb:27:1e:99: 3a:fd:8b:81:cc:7f:e5:1a:ad:6b:cc:00:14:fd:e5: 91:e8:49:89:6a:e8:ab:df:e0:d4:dd:b4:f3:b7:ff: cb:43:86:09:79:5a:e1:51:27:b8:3f:b6:38:30:a2: 7c:a8:ae:83:7c:45:89:fc:23:23:82:b0:2c:ca:99: 0a:9a:25:d5:af:00:2d:49:d6:f8:80:e6:39:3a:31: 93:08:ef:6f:e6:89:ce:9c:e7:9a:8b:ad:ab:3d:68: 13:b9:20:0b:c4:63:47:34:3d:51:55:f2:54:1b:88: 3f:1f:ae:eb:1a:d8:db:7a:aa:50:2b:36:7d:5e:d4: 68:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1B:07:35:A9:D9:F1:07:29:33:38:51:3F:4F:0D:59:B1:C8:12:4E:62 X509v3 Authority Key Identifier: keyid:7F:51:DF:1D:F4:E8:86:7E:41:E5:E7:F9:2D:E7:F9:D1:FA:0C:15:4D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1HfHfTohn5B5ef5Lef50foMFU0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/5e731f-528b-4e02-ad68-6d9035af1535/1/f1HfHfTohn5B5ef5Lef50foMFU0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/5e731f-528b-4e02-ad68-6d9035af1535/1/f1HfHfTohn5B5ef5Lef50foMFU0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 63:8a:05:ab:57:04:3c:39:3a:e2:39:59:ad:3d:a5:3d:09:bd: ba:6f:28:e9:2b:d8:00:4b:29:02:81:4b:60:66:05:8b:a0:4d: 31:f7:8d:29:8d:3b:20:cc:f8:5c:42:44:ea:e5:c9:e0:15:ea: d3:10:97:d5:11:00:d2:ab:d7:62:23:d0:2d:d0:81:a5:df:3b: 5a:8f:37:73:47:a0:d8:d4:f9:f9:d9:a0:0e:6b:06:15:fe:1b: a7:68:ff:a9:79:a1:b0:b1:96:fb:1c:7d:4f:b9:5d:13:52:6c: 28:c5:49:c3:5d:fc:b9:ee:d4:60:6b:7f:c2:b0:e1:ae:e1:47: 3a:97:e3:0c:7d:85:10:5a:fc:57:44:d3:49:2b:4d:9d:d1:12: a8:8a:70:51:a0:a6:af:8f:a4:35:5e:e8:d6:7d:68:5b:17:28: 49:40:9c:ad:b7:e8:af:e2:1c:35:84:33:ce:c0:04:a6:c7:d2: 17:e1:a2:e0:02:9d:6d:58:1f:c2:be:b4:9c:b7:8f:4e:3d:85: d9:61:0d:c3:aa:57:e6:f1:f1:47:a0:9f:b7:b1:21:c0:a3:5e: c1:fb:df:fa:49:c1:1f:bd:86:e9:c4:f0:de:3a:35:f1:98:f4: 8c:79:c4:eb:31:1c:96:48:96:2b:b0:41:8f:62:eb:b5:e0:4a: b2:f9:50:ec -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxm7PJ1ne8Zg88G52mEvtPMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDdmNTFkZjFkZjRlODg2N2U0MWU1ZTdmOTJkZTdmOWQxZmEw YzE1NGQwHhcNMjUxMjA2MDMwMTQ0WhcNMjUxMjA3MDMwMTQ0WjAzMTEwLwYDVQQD EygxYjA3MzVhOWQ5ZjEwNzI5MzMzODUxM2Y0ZjBkNTliMWM4MTI0ZTYyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9SrPJnmbh2VesWzyjjVofXquGVC0 RZDah1kcrTW2i+GWkmSqiEVr5iYjutV+JWFVSCd8m13Ybv6I66Fvft9bTygTrhk/ o3QkPOeK6fA1ZlLpjNcOMRX6Gxb/mfjk33Mosg5p5zN0Qgo725m1PtOckSTcVUfX 8nvkbPNc02a/sQsktcsnHpk6/YuBzH/lGq1rzAAU/eWR6EmJauir3+DU3bTzt//L Q4YJeVrhUSe4P7Y4MKJ8qK6DfEWJ/CMjgrAsypkKmiXVrwAtSdb4gOY5OjGTCO9v 5onOnOeai62rPWgTuSALxGNHND1RVfJUG4g/H67rGtjbeqpQKzZ9XtRoxQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBsHNanZ8QcpMzhRP08NWbHIEk5iMB8GA1UdIwQY MBaAFH9R3x306IZ+QeXn+S3n+dH6DBVNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZjFIZkhmVG9objVCNWVmNUxlZjUwZm9NRlUwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS81ZTczMWYtNTI4Yi00ZTAyLWFkNjgt NmQ5MDM1YWYxNTM1LzEvZjFIZkhmVG9objVCNWVmNUxlZjUwZm9NRlUwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mYS81ZTczMWYtNTI4Yi00ZTAyLWFkNjgtNmQ5MDM1YWYxNTM1 LzEvZjFIZkhmVG9objVCNWVmNUxlZjUwZm9NRlUwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY4oFq1cE PDk64jlZrT2lPQm9um8o6SvYAEspAoFLYGYFi6BNMfeNKY07IMz4XEJE6uXJ4BXq 0xCX1REA0qvXYiPQLdCBpd87Wo83c0eg2NT5+dmgDmsGFf4bp2j/qXmhsLGW+xx9 T7ldE1JsKMVJw138ue7UYGt/wrDhruFHOpfjDH2FEFr8V0TTSStNndESqIpwUaCm r4+kNV7o1n1oWxcoSUCcrbfor+IcNYQzzsAEpsfSF+Gi4AKdbVgfwr60nLePTj2F 2WENw6pX5vHxR6Cft7EhwKNewfvf+knBH72G6cTw3jo18Zj0jHnE6zEclkiWK7BB j2LrteBKsvlQ7A== -----END CERTIFICATE-----Generated at Sat Dec 6 10:18:34 2025 by rpki-client