This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/2a8f7e-e605-4114-90e8-f600d0fd03ce/1/rCEZF4v9kjpLXsQG2f4UUrJ3bvo.mft File: rCEZF4v9kjpLXsQG2f4UUrJ3bvo.mft (raw, json) Hash identifier: uS8TEMNqUXEYX1DBc1oNYEncUZacaCWu5iCQOk2voyU= Subject key identifier: 76:FE:8F:67:E7:50:70:00:25:D1:23:3B:6C:EC:D2:1B:22:A8:50:7E Authority key identifier: AC:21:19:17:8B:FD:92:3A:4B:5E:C4:06:D9:FE:14:52:B2:77:6E:FA Certificate issuer: /CN=ac2119178bfd923a4b5ec406d9fe1452b2776efa Certificate serial: 019B31C3C2487B9734E9350824C87AA9683D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rCEZF4v9kjpLXsQG2f4UUrJ3bvo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/2a8f7e-e605-4114-90e8-f600d0fd03ce/1/rCEZF4v9kjpLXsQG2f4UUrJ3bvo.mft Manifest number: 0CA0 Signing time: Thu 18 Dec 2025 14:01:11 +0000 Manifest this update: Thu 18 Dec 2025 14:01:11 +0000 Manifest next update: Fri 19 Dec 2025 14:01:11 +0000 Files and hashes: 1: nd2mEoM182MlqnyU97QFBEBtYLc.roa (hash: H4CTJi+dex4a2tP/U9S7boExXOmFzvTZ0iE52ANC1z0=) 2: rCEZF4v9kjpLXsQG2f4UUrJ3bvo.crl (hash: +SUeFBOpi1rUYW7xboa5YLf4E7VrVBvkjg37nm5uT38=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/2a8f7e-e605-4114-90e8-f600d0fd03ce/1/rCEZF4v9kjpLXsQG2f4UUrJ3bvo.crl rsync://rpki.ripe.net/repository/DEFAULT/28/2a8f7e-e605-4114-90e8-f600d0fd03ce/1/rCEZF4v9kjpLXsQG2f4UUrJ3bvo.mft rsync://rpki.ripe.net/repository/DEFAULT/rCEZF4v9kjpLXsQG2f4UUrJ3bvo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 13:00:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:31:c3:c2:48:7b:97:34:e9:35:08:24:c8:7a:a9:68:3d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ac2119178bfd923a4b5ec406d9fe1452b2776efa Validity Not Before: Dec 18 14:01:11 2025 GMT Not After : Dec 19 14:01:11 2025 GMT Subject: CN=76fe8f67e750700025d1233b6cecd21b22a8507e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:2a:1e:3e:e2:eb:03:16:b6:ff:e1:ea:e2:f4: 78:d7:8e:41:6d:52:3a:f5:91:1a:91:41:00:b1:a4: d6:0a:47:f4:3f:c2:64:ca:48:ce:7c:f3:09:ba:cf: a3:32:6a:59:01:3f:25:ae:cc:c2:b7:54:61:82:da: 29:b1:7d:c4:47:22:80:ed:dc:d2:a6:01:b8:e8:53: 40:82:47:ad:c6:a6:fe:e6:d3:42:ea:b1:a1:f1:36: a8:fe:58:72:6d:f7:dc:47:09:e4:56:8d:73:8b:93: 5e:bf:c9:4c:be:40:65:be:8b:b1:ac:e8:de:4d:13: 10:93:16:da:dc:47:ad:51:a1:ec:c7:50:40:b3:be: 13:38:db:9f:46:f3:80:c7:bc:f4:2b:bb:c8:1d:3c: 24:6c:ff:2c:1a:c2:68:39:0b:98:26:21:20:70:44: 1b:ed:9b:a9:be:62:a1:e7:5e:b9:5f:20:54:41:1f: b5:2a:1c:b7:03:2d:a0:0e:e4:c9:02:48:df:ce:f9: e1:c5:d0:ac:1a:fb:7a:c6:21:81:b0:23:ec:0e:22: 50:0b:51:4b:5d:c8:9d:22:e6:c6:40:f1:1d:ca:29: b0:ed:cf:20:fc:a6:14:14:68:d3:24:9f:3a:b9:00: 82:90:48:2b:2a:ef:4c:9d:94:77:92:a1:a2:6c:ce: ba:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 76:FE:8F:67:E7:50:70:00:25:D1:23:3B:6C:EC:D2:1B:22:A8:50:7E X509v3 Authority Key Identifier: keyid:AC:21:19:17:8B:FD:92:3A:4B:5E:C4:06:D9:FE:14:52:B2:77:6E:FA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rCEZF4v9kjpLXsQG2f4UUrJ3bvo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/2a8f7e-e605-4114-90e8-f600d0fd03ce/1/rCEZF4v9kjpLXsQG2f4UUrJ3bvo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/28/2a8f7e-e605-4114-90e8-f600d0fd03ce/1/rCEZF4v9kjpLXsQG2f4UUrJ3bvo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 45:ca:d7:fc:f5:13:2d:24:f2:df:2c:1a:d4:da:72:39:8b:c7: 39:01:a6:df:76:f0:9a:df:e2:46:48:6f:84:ff:82:5e:34:9e: 46:40:43:02:a6:8c:2b:55:d4:79:3a:99:62:01:a2:80:d6:fb: 64:ba:e4:92:f7:0b:18:fe:85:22:57:64:31:0e:b4:73:49:14: 51:f3:ef:69:72:0d:7c:bc:c8:13:3e:0f:55:66:94:8a:83:f5: e6:28:58:fc:67:eb:79:6c:b6:99:2b:20:6b:4f:29:53:02:ca: b1:ac:2d:72:b9:6d:be:4d:dc:5a:f2:bb:b4:04:04:3f:4e:ec: 45:5a:6a:cb:5e:93:fd:f8:b6:06:91:ad:9e:41:79:e5:d0:fa: ce:ef:c2:35:3e:48:e7:36:85:64:78:c3:51:63:5d:a9:76:b6: 2e:3c:98:63:e7:69:b6:1c:04:c8:27:0a:57:cb:e2:df:6d:f1: 33:c0:49:3f:93:e0:07:bf:28:85:c2:af:56:73:4a:c4:23:45: b7:68:78:3b:80:0a:89:fa:1a:a2:bd:9b:3c:3e:f6:ad:03:f1: e2:e6:02:7a:e3:29:93:41:29:97:2e:6e:9e:df:a4:25:de:25: b3:95:e1:eb:46:c6:35:46:c1:38:93:cd:14:eb:23:5f:b8:54: 3e:2a:30:ac -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsxw8JIe5c06TUIJMh6qWg9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFjMjExOTE3OGJmZDkyM2E0YjVlYzQwNmQ5ZmUxNDUyYjI3 NzZlZmEwHhcNMjUxMjE4MTQwMTExWhcNMjUxMjE5MTQwMTExWjAzMTEwLwYDVQQD Eyg3NmZlOGY2N2U3NTA3MDAwMjVkMTIzM2I2Y2VjZDIxYjIyYTg1MDdlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtSoePuLrAxa2/+Hq4vR4145BbVI6 9ZEakUEAsaTWCkf0P8JkykjOfPMJus+jMmpZAT8lrszCt1RhgtopsX3ERyKA7dzS pgG46FNAgketxqb+5tNC6rGh8Tao/lhybffcRwnkVo1zi5Nev8lMvkBlvouxrOje TRMQkxba3EetUaHsx1BAs74TONufRvOAx7z0K7vIHTwkbP8sGsJoOQuYJiEgcEQb 7ZupvmKh5165XyBUQR+1Khy3Ay2gDuTJAkjfzvnhxdCsGvt6xiGBsCPsDiJQC1FL XcidIubGQPEdyimw7c8g/KYUFGjTJJ86uQCCkEgrKu9MnZR3kqGibM662wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHb+j2fnUHAAJdEjO2zs0hsiqFB+MB8GA1UdIwQY MBaAFKwhGReL/ZI6S17EBtn+FFKyd276MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvckNFWkY0djlranBMWHNRRzJmNFVVckozYnZvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8yYThmN2UtZTYwNS00MTE0LTkwZTgt ZjYwMGQwZmQwM2NlLzEvckNFWkY0djlranBMWHNRRzJmNFVVckozYnZvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yOC8yYThmN2UtZTYwNS00MTE0LTkwZTgtZjYwMGQwZmQwM2Nl LzEvckNFWkY0djlranBMWHNRRzJmNFVVckozYnZvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARcrX/PUT LSTy3ywa1NpyOYvHOQGm33bwmt/iRkhvhP+CXjSeRkBDAqaMK1XUeTqZYgGigNb7 ZLrkkvcLGP6FIldkMQ60c0kUUfPvaXINfLzIEz4PVWaUioP15ihY/GfreWy2mSsg a08pUwLKsawtcrltvk3cWvK7tAQEP07sRVpqy16T/fi2BpGtnkF55dD6zu/CNT5I 5zaFZHjDUWNdqXa2LjyYY+dpthwEyCcKV8vi323xM8BJP5PgB78ohcKvVnNKxCNF t2h4O4AKifoaor2bPD72rQPx4uYCeuMpk0Eply5unt+kJd4ls5Xh60bGNUbBOJPN FOsjX7hUPiowrA== -----END CERTIFICATE-----Generated at Thu Dec 18 22:34:25 2025 by rpki-client