This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/81d8dd-4cd3-4378-b067-7cd472864bf8/1/fkL5qpHFODs-cnVy67GVWRqHYM4.mft File: fkL5qpHFODs-cnVy67GVWRqHYM4.mft (raw, json) Hash identifier: PAwod5ZLM80Gpp+Btx3M1eO9RsTLr/XLAGmd5wnWCUU= Subject key identifier: 3E:35:B3:1A:14:D8:22:A6:03:2E:D4:61:F0:C4:59:A6:7B:35:3D:CE Authority key identifier: 7E:42:F9:AA:91:C5:38:3B:3E:72:75:72:EB:B1:95:59:1A:87:60:CE Certificate issuer: /CN=7e42f9aa91c5383b3e727572ebb195591a8760ce Certificate serial: 019B5977420AFEB5E6B8CCA2A32F2FD85DD7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fkL5qpHFODs-cnVy67GVWRqHYM4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/81d8dd-4cd3-4378-b067-7cd472864bf8/1/fkL5qpHFODs-cnVy67GVWRqHYM4.mft Manifest number: 082E Signing time: Fri 26 Dec 2025 07:02:26 +0000 Manifest this update: Fri 26 Dec 2025 07:02:26 +0000 Manifest next update: Sat 27 Dec 2025 07:02:26 +0000 Files and hashes: 1: fkL5qpHFODs-cnVy67GVWRqHYM4.crl (hash: 44e0bJLWgKTOWCio51OXqfBIjNNHKD+rIf+vOPnjxok=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/81d8dd-4cd3-4378-b067-7cd472864bf8/1/fkL5qpHFODs-cnVy67GVWRqHYM4.crl rsync://rpki.ripe.net/repository/DEFAULT/20/81d8dd-4cd3-4378-b067-7cd472864bf8/1/fkL5qpHFODs-cnVy67GVWRqHYM4.mft rsync://rpki.ripe.net/repository/DEFAULT/fkL5qpHFODs-cnVy67GVWRqHYM4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:77:42:0a:fe:b5:e6:b8:cc:a2:a3:2f:2f:d8:5d:d7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7e42f9aa91c5383b3e727572ebb195591a8760ce Validity Not Before: Dec 26 07:02:26 2025 GMT Not After : Dec 27 07:02:26 2025 GMT Subject: CN=3e35b31a14d822a6032ed461f0c459a67b353dce Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:1e:87:06:a5:e2:c9:c0:98:bf:44:43:98:0f: 49:5f:44:15:48:46:0f:d4:86:d3:92:63:ae:4f:3f: a4:b3:fd:23:3f:7a:69:7d:21:17:5c:7d:50:51:9b: d4:95:c8:f7:27:20:3a:39:ff:e3:7d:41:38:0d:66: 44:2a:dd:f8:9b:84:58:30:1a:cf:70:ce:ee:e2:5e: 42:d2:a9:e1:84:9e:83:53:ea:22:7a:7a:87:77:43: 7d:c0:c8:8c:91:7c:f7:65:be:6a:01:85:fd:3b:0f: 37:06:d6:00:dc:37:81:46:94:b3:c9:bc:55:80:80: 2a:34:fa:41:e5:26:f6:5f:ad:7d:9d:ad:f0:73:97: 20:e5:8a:cd:1a:7b:66:9f:97:45:9b:44:42:2d:eb: 99:54:ad:33:b5:7f:ac:8f:83:2a:e5:76:84:67:99: 63:1e:74:7e:a1:9f:f1:85:6c:f9:60:86:e7:1a:89: bc:76:94:9b:4e:f5:55:29:f8:d7:86:04:19:28:78: 83:7d:f9:3a:a1:6a:d4:71:05:23:55:d8:54:a5:90: 2f:27:86:72:69:41:11:54:24:62:96:bd:fd:81:3a: ac:42:1f:a7:a0:38:c3:b7:2a:e1:77:e0:60:f0:99: 20:6c:37:6e:db:d4:bd:8c:fc:1a:06:73:03:03:94: de:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3E:35:B3:1A:14:D8:22:A6:03:2E:D4:61:F0:C4:59:A6:7B:35:3D:CE X509v3 Authority Key Identifier: keyid:7E:42:F9:AA:91:C5:38:3B:3E:72:75:72:EB:B1:95:59:1A:87:60:CE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fkL5qpHFODs-cnVy67GVWRqHYM4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/81d8dd-4cd3-4378-b067-7cd472864bf8/1/fkL5qpHFODs-cnVy67GVWRqHYM4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/20/81d8dd-4cd3-4378-b067-7cd472864bf8/1/fkL5qpHFODs-cnVy67GVWRqHYM4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 23:5e:05:e7:d1:c0:bc:ee:85:89:13:07:71:d8:01:2f:1f:47: ff:8e:cf:bc:5e:be:2d:e8:27:21:4f:89:9a:44:9b:57:16:6d: 5f:17:33:0a:f4:0a:2c:23:88:23:7b:e1:75:94:ee:7c:57:44: de:73:1c:1b:3c:68:5f:47:09:18:73:c1:a4:aa:52:91:92:16: 6b:2a:1b:7e:14:55:bf:7c:66:fd:69:1d:a6:8d:72:24:1c:ba: ba:a6:28:1b:01:d1:07:9b:f5:a1:fb:1c:13:82:96:e9:ab:81: 64:a4:c1:69:29:db:b9:cc:01:a5:e5:1a:5c:86:39:8e:34:d9: d7:4e:6e:31:de:be:bb:c7:d3:12:94:5a:7f:a0:2b:18:86:69: 75:b8:ca:08:7e:f0:5e:d1:71:27:17:1d:68:b1:f4:79:ba:9e: d7:66:c7:70:46:f9:95:d0:74:8b:25:cd:b2:e6:62:3e:fd:b2: bc:35:f7:d4:5e:15:f3:ba:48:3f:5d:27:16:83:ea:aa:4e:95: 43:17:9c:92:b2:d9:7f:de:43:a6:3e:10:33:01:7e:59:76:18: e3:98:76:b6:99:3a:f8:bc:99:28:e0:36:42:66:48:05:33:3a: 14:ac:7a:6a:a9:9f:53:04:e1:46:12:ad:44:f2:5d:32:b3:ab: 12:e6:1d:ea -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZd0IK/rXmuMyioy8v2F3XMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDdlNDJmOWFhOTFjNTM4M2IzZTcyNzU3MmViYjE5NTU5MWE4 NzYwY2UwHhcNMjUxMjI2MDcwMjI2WhcNMjUxMjI3MDcwMjI2WjAzMTEwLwYDVQQD EygzZTM1YjMxYTE0ZDgyMmE2MDMyZWQ0NjFmMGM0NTlhNjdiMzUzZGNlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyx6HBqXiycCYv0RDmA9JX0QVSEYP 1IbTkmOuTz+ks/0jP3ppfSEXXH1QUZvUlcj3JyA6Of/jfUE4DWZEKt34m4RYMBrP cM7u4l5C0qnhhJ6DU+oienqHd0N9wMiMkXz3Zb5qAYX9Ow83BtYA3DeBRpSzybxV gIAqNPpB5Sb2X619na3wc5cg5YrNGntmn5dFm0RCLeuZVK0ztX+sj4Mq5XaEZ5lj HnR+oZ/xhWz5YIbnGom8dpSbTvVVKfjXhgQZKHiDffk6oWrUcQUjVdhUpZAvJ4Zy aUERVCRilr39gTqsQh+noDjDtyrhd+Bg8JkgbDdu29S9jPwaBnMDA5Te0QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFD41sxoU2CKmAy7UYfDEWaZ7NT3OMB8GA1UdIwQY MBaAFH5C+aqRxTg7PnJ1cuuxlVkah2DOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZmtMNXFwSEZPRHMtY25WeTY3R1ZXUnFIWU00LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC84MWQ4ZGQtNGNkMy00Mzc4LWIwNjct N2NkNDcyODY0YmY4LzEvZmtMNXFwSEZPRHMtY25WeTY3R1ZXUnFIWU00Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMC84MWQ4ZGQtNGNkMy00Mzc4LWIwNjctN2NkNDcyODY0YmY4 LzEvZmtMNXFwSEZPRHMtY25WeTY3R1ZXUnFIWU00LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAI14F59HA vO6FiRMHcdgBLx9H/47PvF6+LegnIU+JmkSbVxZtXxczCvQKLCOII3vhdZTufFdE 3nMcGzxoX0cJGHPBpKpSkZIWayobfhRVv3xm/Wkdpo1yJBy6uqYoGwHRB5v1ofsc E4KW6auBZKTBaSnbucwBpeUaXIY5jjTZ105uMd6+u8fTEpRaf6ArGIZpdbjKCH7w XtFxJxcdaLH0ebqe12bHcEb5ldB0iyXNsuZiPv2yvDX31F4V87pIP10nFoPqqk6V QxeckrLZf95Dpj4QMwF+WXYY45h2tpk6+LyZKOA2QmZIBTM6FKx6aqmfUwThRhKt RPJdMrOrEuYd6g== -----END CERTIFICATE-----Generated at Fri Dec 26 14:17:20 2025 by rpki-client