This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/452ba7-3c15-4bba-ad33-2571f7a2d25f/1/ffgoIInih2ZRITPUI2r0FaN709I.mft File: ffgoIInih2ZRITPUI2r0FaN709I.mft (raw, json) Hash identifier: wuTMgE39y/mtRvqFnjOCK1NNvfdkTLtlOqIuVa0IYcY= Subject key identifier: BB:04:3E:A3:C8:76:49:61:1B:63:A0:BE:05:A9:CB:3D:2D:99:1F:9B Authority key identifier: 7D:F8:28:20:89:E2:87:66:51:21:33:D4:23:6A:F4:15:A3:7B:D3:D2 Certificate issuer: /CN=7df8282089e28766512133d4236af415a37bd3d2 Certificate serial: 019B194D2D9802C0363F7FAAFE0C32370BCC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ffgoIInih2ZRITPUI2r0FaN709I.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/452ba7-3c15-4bba-ad33-2571f7a2d25f/1/ffgoIInih2ZRITPUI2r0FaN709I.mft Manifest number: 04B6 Signing time: Sat 13 Dec 2025 20:00:46 +0000 Manifest this update: Sat 13 Dec 2025 20:00:46 +0000 Manifest next update: Sun 14 Dec 2025 20:00:46 +0000 Files and hashes: 1: ffgoIInih2ZRITPUI2r0FaN709I.crl (hash: mo0HKDPrpk48x8eaiUd0gpd4jqkKSJ4k1ckdSQdXCiw=) 2: ig1FgJHLmhVp1HtQnDRiBOwALfo.roa (hash: IlHHwWSfIB2n4wpeo6hZD+s1jPc54zsXsSO0r9HX6WY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/452ba7-3c15-4bba-ad33-2571f7a2d25f/1/ffgoIInih2ZRITPUI2r0FaN709I.crl rsync://rpki.ripe.net/repository/DEFAULT/72/452ba7-3c15-4bba-ad33-2571f7a2d25f/1/ffgoIInih2ZRITPUI2r0FaN709I.mft rsync://rpki.ripe.net/repository/DEFAULT/ffgoIInih2ZRITPUI2r0FaN709I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 14 Dec 2025 17:47:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:19:4d:2d:98:02:c0:36:3f:7f:aa:fe:0c:32:37:0b:cc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7df8282089e28766512133d4236af415a37bd3d2 Validity Not Before: Dec 13 20:00:46 2025 GMT Not After : Dec 14 20:00:46 2025 GMT Subject: CN=bb043ea3c87649611b63a0be05a9cb3d2d991f9b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:17:0e:9c:55:dc:99:1e:1f:98:20:11:9d:3c: cf:55:27:ef:3b:ef:92:08:6c:07:f7:06:98:86:83: 81:97:68:ce:f1:34:b6:db:8b:3f:13:14:0d:f7:92: 56:83:91:21:65:52:5e:5d:03:e1:df:bf:2f:65:bd: fa:e9:cc:3e:9a:4b:58:99:a8:0a:3a:81:1b:e6:4a: b3:66:b2:70:28:90:99:85:3b:5d:0f:af:ea:4b:d9: 11:16:e2:ee:72:78:47:79:0c:9e:78:d6:77:ad:3b: aa:2a:c0:e8:5b:b0:69:0d:5d:90:5a:00:89:1b:77: 3a:35:0c:41:6c:f4:86:00:84:f4:2c:77:2a:4e:74: 56:ac:65:7b:b5:61:99:29:ef:47:3a:c0:0f:8e:e0: 00:9a:41:3e:28:7a:88:3a:5d:58:6c:92:1e:53:c8: 25:1b:0a:dc:4a:a5:bc:d4:c9:5d:67:2e:0f:9b:15: 5f:3b:4c:2c:4f:f0:07:fe:24:6a:7b:ed:ad:1e:c9: a6:f9:9a:5e:52:3c:36:91:b3:3c:b4:ce:b5:96:4f: 6f:38:13:e4:95:7f:49:1c:a5:df:c7:d2:96:43:47: a8:aa:e2:50:77:8f:a0:c7:6f:ef:b4:d8:72:68:d4: 9d:15:ae:80:15:e7:43:6c:cf:9b:63:cc:8e:74:1d: c3:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BB:04:3E:A3:C8:76:49:61:1B:63:A0:BE:05:A9:CB:3D:2D:99:1F:9B X509v3 Authority Key Identifier: keyid:7D:F8:28:20:89:E2:87:66:51:21:33:D4:23:6A:F4:15:A3:7B:D3:D2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffgoIInih2ZRITPUI2r0FaN709I.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/452ba7-3c15-4bba-ad33-2571f7a2d25f/1/ffgoIInih2ZRITPUI2r0FaN709I.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/72/452ba7-3c15-4bba-ad33-2571f7a2d25f/1/ffgoIInih2ZRITPUI2r0FaN709I.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 38:e0:0f:b8:5c:fa:11:3b:e1:4c:d9:43:47:90:eb:59:fe:21: 7e:eb:cf:dd:38:2d:7e:a2:00:5b:9a:7c:5d:25:be:2f:9e:80: 0a:39:d7:1b:7d:ca:40:bd:c0:d1:96:97:48:5e:9d:01:48:26: 71:d9:01:a7:c7:3d:5c:8a:a1:9d:1a:26:37:e0:14:51:ef:9e: 34:2b:11:e2:7d:18:d5:5d:f4:65:f1:38:75:53:bb:c9:6c:f6: b9:7a:08:c8:52:76:ac:c4:ef:73:5b:43:8f:23:f1:8f:5b:e0: 18:ac:36:29:46:8d:25:9b:33:63:5a:66:f0:9a:35:1d:6d:92: a0:90:80:67:f1:eb:15:16:70:8f:99:12:ab:dd:5a:56:c4:38: e6:28:b6:1e:87:0c:db:b7:a6:74:7e:24:2d:a7:ed:ac:71:f6: 54:0c:14:2a:8c:12:af:72:48:59:29:7d:c9:4e:8c:76:62:b6: 3d:e0:cc:6d:24:b6:04:b8:51:61:26:ff:ce:06:f3:49:72:85: 66:3f:7f:0e:29:c0:29:b6:13:48:2f:d7:2c:95:0b:f0:95:3d: f8:16:dc:0d:cf:84:b0:49:64:aa:a4:36:fd:ef:77:17:c7:96: 86:59:fa:89:18:a5:0a:e9:d0:82:6e:4b:ac:10:5b:0f:0a:fc: ff:e8:12:1c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsZTS2YAsA2P3+q/gwyNwvMMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDdkZjgyODIwODllMjg3NjY1MTIxMzNkNDIzNmFmNDE1YTM3 YmQzZDIwHhcNMjUxMjEzMjAwMDQ2WhcNMjUxMjE0MjAwMDQ2WjAzMTEwLwYDVQQD EyhiYjA0M2VhM2M4NzY0OTYxMWI2M2EwYmUwNWE5Y2IzZDJkOTkxZjliMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlhcOnFXcmR4fmCARnTzPVSfvO++S CGwH9waYhoOBl2jO8TS224s/ExQN95JWg5EhZVJeXQPh378vZb366cw+mktYmagK OoEb5kqzZrJwKJCZhTtdD6/qS9kRFuLucnhHeQyeeNZ3rTuqKsDoW7BpDV2QWgCJ G3c6NQxBbPSGAIT0LHcqTnRWrGV7tWGZKe9HOsAPjuAAmkE+KHqIOl1YbJIeU8gl GwrcSqW81MldZy4PmxVfO0wsT/AH/iRqe+2tHsmm+ZpeUjw2kbM8tM61lk9vOBPk lX9JHKXfx9KWQ0eoquJQd4+gx2/vtNhyaNSdFa6AFedDbM+bY8yOdB3DTQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLsEPqPIdklhG2OgvgWpyz0tmR+bMB8GA1UdIwQY MBaAFH34KCCJ4odmUSEz1CNq9BWje9PSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZmZnb0lJbmloMlpSSVRQVUkycjBGYU43MDlJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi80NTJiYTctM2MxNS00YmJhLWFkMzMt MjU3MWY3YTJkMjVmLzEvZmZnb0lJbmloMlpSSVRQVUkycjBGYU43MDlJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83Mi80NTJiYTctM2MxNS00YmJhLWFkMzMtMjU3MWY3YTJkMjVm LzEvZmZnb0lJbmloMlpSSVRQVUkycjBGYU43MDlJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOOAPuFz6 ETvhTNlDR5DrWf4hfuvP3TgtfqIAW5p8XSW+L56ACjnXG33KQL3A0ZaXSF6dAUgm cdkBp8c9XIqhnRomN+AUUe+eNCsR4n0Y1V30ZfE4dVO7yWz2uXoIyFJ2rMTvc1tD jyPxj1vgGKw2KUaNJZszY1pm8Jo1HW2SoJCAZ/HrFRZwj5kSq91aVsQ45ii2HocM 27emdH4kLaftrHH2VAwUKowSr3JIWSl9yU6MdmK2PeDMbSS2BLhRYSb/zgbzSXKF Zj9/DinAKbYTSC/XLJUL8JU9+BbcDc+EsElkqqQ2/e93F8eWhln6iRilCunQgm5L rBBbDwr8/+gSHA== -----END CERTIFICATE-----Generated at Sun Dec 14 01:20:04 2025 by rpki-client