This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/44c365-6ced-45d9-865d-04fcecad70ec/1/fhNBS9wjEkAN-p9QZQ1R7gRD3xY.mft File: fhNBS9wjEkAN-p9QZQ1R7gRD3xY.mft (raw, json) Hash identifier: gGdJD5UHtAdFMAdxshQ5PTKbs+RMQ0OZJjw3WGfJido= Subject key identifier: 6D:8B:EF:97:A3:E7:E1:5B:4F:F1:6D:01:46:A3:1F:C8:41:46:16:0E Authority key identifier: 7E:13:41:4B:DC:23:12:40:0D:FA:9F:50:65:0D:51:EE:04:43:DF:16 Certificate issuer: /CN=7e13414bdc2312400dfa9f50650d51ee0443df16 Certificate serial: 019B0F007DDEFBF40229D1F35CC798731559 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fhNBS9wjEkAN-p9QZQ1R7gRD3xY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/44c365-6ced-45d9-865d-04fcecad70ec/1/fhNBS9wjEkAN-p9QZQ1R7gRD3xY.mft Manifest number: 1771 Signing time: Thu 11 Dec 2025 20:00:48 +0000 Manifest this update: Thu 11 Dec 2025 20:00:48 +0000 Manifest next update: Fri 12 Dec 2025 20:00:48 +0000 Files and hashes: 1: W6ZuDAGnWoDaEzlWI7u6oQknSmA.roa (hash: OmbyY76V+595ZQjAafvVZcWcNGfzKgZ8Ut3VoJKhN9E=) 2: fhNBS9wjEkAN-p9QZQ1R7gRD3xY.crl (hash: 94LT9fPOgK6ySV0GEPigYqJddiwxJ42tL0YpPt8B7XE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/44c365-6ced-45d9-865d-04fcecad70ec/1/fhNBS9wjEkAN-p9QZQ1R7gRD3xY.crl rsync://rpki.ripe.net/repository/DEFAULT/ab/44c365-6ced-45d9-865d-04fcecad70ec/1/fhNBS9wjEkAN-p9QZQ1R7gRD3xY.mft rsync://rpki.ripe.net/repository/DEFAULT/fhNBS9wjEkAN-p9QZQ1R7gRD3xY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 12 Dec 2025 14:45:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:0f:00:7d:de:fb:f4:02:29:d1:f3:5c:c7:98:73:15:59 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7e13414bdc2312400dfa9f50650d51ee0443df16 Validity Not Before: Dec 11 20:00:48 2025 GMT Not After : Dec 12 20:00:48 2025 GMT Subject: CN=6d8bef97a3e7e15b4ff16d0146a31fc84146160e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:1b:bb:a5:83:10:b1:15:ef:8f:a1:0f:42:f6: 4c:8d:ef:de:ad:1c:b8:ee:07:fe:e8:60:08:49:1d: 39:bd:22:db:0f:2a:ae:d7:52:37:b3:32:cb:c7:3f: 49:cc:c3:ac:9d:0b:e3:b0:47:5a:95:85:41:24:e9: 20:db:b8:e0:98:0f:51:50:11:6c:a3:83:b7:0d:03: 54:c0:f4:79:a6:aa:5f:cf:70:c3:03:ee:58:8b:2c: 11:d0:e8:b8:98:bc:a1:e8:5f:1f:c1:2f:8b:0a:a8: 42:9b:fc:e1:1e:c6:fa:8b:06:2d:8c:9c:5d:cc:27: db:78:c3:27:96:9e:d3:63:8b:14:08:4c:59:5f:17: e1:14:33:f2:86:0c:a9:05:49:66:28:27:97:f3:6f: 51:b6:f2:3f:df:5b:eb:34:09:10:5f:e0:e8:58:cd: 2e:db:a0:bf:2e:46:e4:ce:b1:5c:b9:32:f2:5c:76: 81:de:59:16:08:4d:66:30:4b:6e:f3:e7:8a:eb:67: 4b:72:66:32:a8:f5:5d:ac:11:54:25:f2:3c:6c:1c: 67:09:73:3b:90:a5:73:fe:e1:bc:5d:12:c4:8c:0f: 10:10:0a:7b:9b:9d:0c:0a:1e:5b:fd:30:9a:00:70: f1:90:85:e0:ab:b8:76:3c:be:b3:76:0e:db:12:be: 62:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6D:8B:EF:97:A3:E7:E1:5B:4F:F1:6D:01:46:A3:1F:C8:41:46:16:0E X509v3 Authority Key Identifier: keyid:7E:13:41:4B:DC:23:12:40:0D:FA:9F:50:65:0D:51:EE:04:43:DF:16 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fhNBS9wjEkAN-p9QZQ1R7gRD3xY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/44c365-6ced-45d9-865d-04fcecad70ec/1/fhNBS9wjEkAN-p9QZQ1R7gRD3xY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/44c365-6ced-45d9-865d-04fcecad70ec/1/fhNBS9wjEkAN-p9QZQ1R7gRD3xY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0c:3d:df:ed:57:a9:8f:19:36:e2:43:c1:c6:de:5f:ad:61:97: 01:f2:df:5d:70:1c:5c:c4:b8:50:3d:d2:a7:ce:22:b2:0f:06: 9b:67:6e:d6:24:50:8d:8c:24:1d:ef:33:f9:2b:6e:ea:76:03: 5b:cc:ca:4e:a0:8f:8e:f3:f4:78:32:85:5c:56:cd:a5:f5:d0: 24:53:c7:fe:98:5a:af:74:82:ab:0e:e3:7c:59:e9:09:33:d0: d3:a5:2c:2d:4f:6c:d9:f6:70:9d:10:99:63:f5:89:44:8d:d2: 65:8b:65:7f:8a:ca:a1:7c:91:53:75:83:44:76:13:e7:71:19: ac:ac:f4:86:92:37:c0:13:26:26:61:eb:17:56:a4:f2:20:d0: 3f:10:94:dd:a3:52:80:9f:5f:e4:be:6d:bd:ac:38:b8:bc:5a: e4:2e:7a:b7:e6:0a:39:10:3a:55:24:4b:a8:4b:8e:42:a1:24: e0:5e:22:80:04:61:b0:ad:1c:e9:de:d8:02:d6:13:f6:cc:98: 6e:e4:82:b8:68:08:30:93:07:46:a8:e4:a9:a0:cd:98:eb:eb: 46:b8:11:eb:37:20:fa:49:8d:e9:fd:4c:d4:e5:3a:c9:57:ac: b0:f8:50:6e:41:98:2e:b1:15:5b:03:ae:e3:4f:d2:e7:3b:1a: bd:8e:7a:e6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsPAH3e+/QCKdHzXMeYcxVZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDdlMTM0MTRiZGMyMzEyNDAwZGZhOWY1MDY1MGQ1MWVlMDQ0 M2RmMTYwHhcNMjUxMjExMjAwMDQ4WhcNMjUxMjEyMjAwMDQ4WjAzMTEwLwYDVQQD Eyg2ZDhiZWY5N2EzZTdlMTViNGZmMTZkMDE0NmEzMWZjODQxNDYxNjBlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzRu7pYMQsRXvj6EPQvZMje/erRy4 7gf+6GAISR05vSLbDyqu11I3szLLxz9JzMOsnQvjsEdalYVBJOkg27jgmA9RUBFs o4O3DQNUwPR5pqpfz3DDA+5YiywR0Oi4mLyh6F8fwS+LCqhCm/zhHsb6iwYtjJxd zCfbeMMnlp7TY4sUCExZXxfhFDPyhgypBUlmKCeX829RtvI/31vrNAkQX+DoWM0u 26C/LkbkzrFcuTLyXHaB3lkWCE1mMEtu8+eK62dLcmYyqPVdrBFUJfI8bBxnCXM7 kKVz/uG8XRLEjA8QEAp7m50MCh5b/TCaAHDxkIXgq7h2PL6zdg7bEr5iJQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFG2L75ej5+FbT/FtAUajH8hBRhYOMB8GA1UdIwQY MBaAFH4TQUvcIxJADfqfUGUNUe4EQ98WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZmhOQlM5d2pFa0FOLXA5UVpRMVI3Z1JEM3hZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi80NGMzNjUtNmNlZC00NWQ5LTg2NWQt MDRmY2VjYWQ3MGVjLzEvZmhOQlM5d2pFa0FOLXA5UVpRMVI3Z1JEM3hZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hYi80NGMzNjUtNmNlZC00NWQ5LTg2NWQtMDRmY2VjYWQ3MGVj LzEvZmhOQlM5d2pFa0FOLXA5UVpRMVI3Z1JEM3hZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADD3f7Vep jxk24kPBxt5frWGXAfLfXXAcXMS4UD3Sp84isg8Gm2du1iRQjYwkHe8z+Stu6nYD W8zKTqCPjvP0eDKFXFbNpfXQJFPH/phar3SCqw7jfFnpCTPQ06UsLU9s2fZwnRCZ Y/WJRI3SZYtlf4rKoXyRU3WDRHYT53EZrKz0hpI3wBMmJmHrF1ak8iDQPxCU3aNS gJ9f5L5tvaw4uLxa5C56t+YKORA6VSRLqEuOQqEk4F4igARhsK0c6d7YAtYT9syY buSCuGgIMJMHRqjkqaDNmOvrRrgR6zcg+kmN6f1M1OU6yVessPhQbkGYLrEVWwOu 40/S5zsavY565g== -----END CERTIFICATE-----Generated at Thu Dec 11 23:53:46 2025 by rpki-client