This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/f8010e-6a3f-4ff0-95e7-d418248e5728/1/cfxj7vZnTya1A6gwpd-pU9L_qr4.mft File: cfxj7vZnTya1A6gwpd-pU9L_qr4.mft (raw, json) Hash identifier: tEhUkJeMk9VQH1i+R2ORoQbQHjmgxX9Ucy+NIck0Y9U= Subject key identifier: CF:03:AE:57:03:2D:53:BF:18:AE:81:BE:B5:D1:D1:A9:D6:E0:2F:BE Authority key identifier: 71:FC:63:EE:F6:67:4F:26:B5:03:A8:30:A5:DF:A9:53:D2:FF:AA:BE Certificate issuer: /CN=71fc63eef6674f26b503a830a5dfa953d2ffaabe Certificate serial: 019B59ACF337862807AFFF0633288BC7F8CE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cfxj7vZnTya1A6gwpd-pU9L_qr4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/f8010e-6a3f-4ff0-95e7-d418248e5728/1/cfxj7vZnTya1A6gwpd-pU9L_qr4.mft Manifest number: 15FF Signing time: Fri 26 Dec 2025 08:01:05 +0000 Manifest this update: Fri 26 Dec 2025 08:01:05 +0000 Manifest next update: Sat 27 Dec 2025 08:01:05 +0000 Files and hashes: 1: cfxj7vZnTya1A6gwpd-pU9L_qr4.crl (hash: lxOt07m0hQtqLF1bHCYfQVR+CRmPHkGqcgXHZ1ynxUA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/f8010e-6a3f-4ff0-95e7-d418248e5728/1/cfxj7vZnTya1A6gwpd-pU9L_qr4.crl rsync://rpki.ripe.net/repository/DEFAULT/b9/f8010e-6a3f-4ff0-95e7-d418248e5728/1/cfxj7vZnTya1A6gwpd-pU9L_qr4.mft rsync://rpki.ripe.net/repository/DEFAULT/cfxj7vZnTya1A6gwpd-pU9L_qr4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:ac:f3:37:86:28:07:af:ff:06:33:28:8b:c7:f8:ce Signature Algorithm: sha256WithRSAEncryption Issuer: CN=71fc63eef6674f26b503a830a5dfa953d2ffaabe Validity Not Before: Dec 26 08:01:05 2025 GMT Not After : Dec 27 08:01:05 2025 GMT Subject: CN=cf03ae57032d53bf18ae81beb5d1d1a9d6e02fbe Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:f6:de:36:40:7f:a3:a0:1f:39:94:a4:97:a2: 09:d3:74:06:5b:6e:ab:89:ac:a4:d1:23:5d:76:5b: 93:ba:c3:a5:c3:7f:07:fd:5d:eb:41:c7:04:62:c9: 2f:fc:f1:76:e9:14:63:af:07:57:cb:8d:6c:9b:2e: 4e:66:af:f1:bb:16:75:10:14:e1:e1:c0:78:c1:0c: 94:ef:fe:7b:60:bb:8c:9f:47:cf:8e:6f:e2:d8:8a: af:b7:3d:35:3d:00:93:57:30:b0:5e:e2:99:57:1f: 0e:20:42:a0:f1:ec:49:31:2c:43:ae:f9:f0:c3:3f: 75:37:4e:dc:0a:ac:3a:0b:08:8f:06:0c:4b:7f:52: dd:35:3a:9c:c3:02:70:2f:d7:ed:e2:81:4b:a0:c1: b0:03:37:8c:26:f6:23:bd:d5:9b:cf:69:0f:7b:98: 43:b2:b8:60:1a:d1:17:f9:e7:d3:29:a1:92:fd:f3: 00:78:79:29:bf:68:d9:10:ab:52:af:8d:25:03:d9: ad:c6:0e:9b:d3:29:8c:c2:39:8c:02:dc:3b:f5:36: 02:3f:03:73:b6:16:11:2d:2a:2b:30:83:76:37:39: ac:33:21:b5:c1:c4:2e:d8:75:26:83:9f:6c:84:61: 7e:cb:dd:34:aa:94:d4:da:db:dd:11:85:c5:d2:c0: d3:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:03:AE:57:03:2D:53:BF:18:AE:81:BE:B5:D1:D1:A9:D6:E0:2F:BE X509v3 Authority Key Identifier: keyid:71:FC:63:EE:F6:67:4F:26:B5:03:A8:30:A5:DF:A9:53:D2:FF:AA:BE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cfxj7vZnTya1A6gwpd-pU9L_qr4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/f8010e-6a3f-4ff0-95e7-d418248e5728/1/cfxj7vZnTya1A6gwpd-pU9L_qr4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/f8010e-6a3f-4ff0-95e7-d418248e5728/1/cfxj7vZnTya1A6gwpd-pU9L_qr4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4d:8e:e0:8f:a1:b5:4b:f8:fe:64:c9:7c:07:58:fe:45:de:1c: 70:da:ca:89:76:b4:89:c7:34:30:2a:3c:8d:30:a1:42:e9:fe: ac:64:de:a1:67:30:60:ef:ce:26:e4:23:45:3a:b0:57:0d:77: 67:58:46:4a:f8:e8:75:8a:30:46:b2:de:9b:34:87:76:15:de: 5d:10:da:52:5c:af:82:1f:c5:76:bf:7a:48:2c:04:1f:ff:20: e3:b8:cc:6c:c5:56:6a:fe:e2:28:13:aa:fb:2c:31:ed:a7:30: d5:47:35:50:62:b2:7a:f0:c2:99:ce:5a:27:5e:60:f3:2e:e3: f3:a8:9a:b9:f7:ac:11:73:aa:66:e4:8a:c2:c7:cc:f0:b4:8f: 75:34:ef:bf:6a:0b:d4:be:d3:b8:4c:bf:8b:75:cd:da:ee:25: 26:ce:a4:81:17:8a:d6:5a:eb:38:3e:0e:6f:b9:22:1f:ef:0e: ec:a5:71:51:dc:e8:18:bb:57:46:e5:80:c5:2a:4e:36:be:26: 41:55:d7:5a:b6:2d:3f:8b:68:19:5c:1c:06:87:30:dd:fc:62: 27:eb:b0:67:e0:dc:79:70:64:92:c4:fb:88:88:9e:1d:87:6c: d2:9b:3f:b6:e6:85:8d:a3:68:ac:e7:86:23:03:3d:92:70:c0: 86:aa:51:79 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZrPM3higHr/8GMyiLx/jOMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDcxZmM2M2VlZjY2NzRmMjZiNTAzYTgzMGE1ZGZhOTUzZDJm ZmFhYmUwHhcNMjUxMjI2MDgwMTA1WhcNMjUxMjI3MDgwMTA1WjAzMTEwLwYDVQQD EyhjZjAzYWU1NzAzMmQ1M2JmMThhZTgxYmViNWQxZDFhOWQ2ZTAyZmJlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoPbeNkB/o6AfOZSkl6IJ03QGW26r iayk0SNddluTusOlw38H/V3rQccEYskv/PF26RRjrwdXy41smy5OZq/xuxZ1EBTh 4cB4wQyU7/57YLuMn0fPjm/i2Iqvtz01PQCTVzCwXuKZVx8OIEKg8exJMSxDrvnw wz91N07cCqw6CwiPBgxLf1LdNTqcwwJwL9ft4oFLoMGwAzeMJvYjvdWbz2kPe5hD srhgGtEX+efTKaGS/fMAeHkpv2jZEKtSr40lA9mtxg6b0ymMwjmMAtw79TYCPwNz thYRLSorMIN2NzmsMyG1wcQu2HUmg59shGF+y900qpTU2tvdEYXF0sDTLwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFM8DrlcDLVO/GK6BvrXR0anW4C++MB8GA1UdIwQY MBaAFHH8Y+72Z08mtQOoMKXfqVPS/6q+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY2Z4ajd2Wm5UeWExQTZnd3BkLXBVOUxfcXI0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS9mODAxMGUtNmEzZi00ZmYwLTk1ZTct ZDQxODI0OGU1NzI4LzEvY2Z4ajd2Wm5UeWExQTZnd3BkLXBVOUxfcXI0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iOS9mODAxMGUtNmEzZi00ZmYwLTk1ZTctZDQxODI0OGU1NzI4 LzEvY2Z4ajd2Wm5UeWExQTZnd3BkLXBVOUxfcXI0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATY7gj6G1 S/j+ZMl8B1j+Rd4ccNrKiXa0icc0MCo8jTChQun+rGTeoWcwYO/OJuQjRTqwVw13 Z1hGSvjodYowRrLemzSHdhXeXRDaUlyvgh/Fdr96SCwEH/8g47jMbMVWav7iKBOq +ywx7acw1Uc1UGKyevDCmc5aJ15g8y7j86iaufesEXOqZuSKwsfM8LSPdTTvv2oL 1L7TuEy/i3XN2u4lJs6kgReK1lrrOD4Ob7kiH+8O7KVxUdzoGLtXRuWAxSpONr4m QVXXWrYtP4toGVwcBocw3fxiJ+uwZ+DceXBkksT7iIieHYds0ps/tuaFjaNorOeG IwM9knDAhqpReQ== -----END CERTIFICATE-----Generated at Fri Dec 26 16:00:54 2025 by rpki-client