This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/29dac9-9a15-4661-af78-1522e2964fce/1/fzErCdH2kPJXAL1dzwfJGAxelmM.mft File: fzErCdH2kPJXAL1dzwfJGAxelmM.mft (raw, json) Hash identifier: w2/87/HChwXBQjD4TbxXF3tE+0TPe8cMe/IulRRnFKw= Subject key identifier: 1F:BF:0C:24:58:CC:CC:7F:B2:B8:67:DC:35:6E:DB:65:73:8E:1C:40 Authority key identifier: 7F:31:2B:09:D1:F6:90:F2:57:00:BD:5D:CF:07:C9:18:0C:5E:96:63 Certificate issuer: /CN=7f312b09d1f690f25700bd5dcf07c9180c5e9663 Certificate serial: 019B5907C1A1EE497346CC01DE68D3A7AE40 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fzErCdH2kPJXAL1dzwfJGAxelmM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/29dac9-9a15-4661-af78-1522e2964fce/1/fzErCdH2kPJXAL1dzwfJGAxelmM.mft Manifest number: BF Signing time: Fri 26 Dec 2025 05:00:39 +0000 Manifest this update: Fri 26 Dec 2025 05:00:39 +0000 Manifest next update: Sat 27 Dec 2025 05:00:39 +0000 Files and hashes: 1: 5wnQts3aHCqK4LPQTc1TSV8LlF8.roa (hash: k5nmC2X9nRpfsHKs8VUO+zQKfKvAMmG2gTrsovLYmdc=) 2: fzErCdH2kPJXAL1dzwfJGAxelmM.crl (hash: oKNkoiZLM8r6VmSGBlPOsm6zikDVaH4nAmUAnWILvGI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/29dac9-9a15-4661-af78-1522e2964fce/1/fzErCdH2kPJXAL1dzwfJGAxelmM.crl rsync://rpki.ripe.net/repository/DEFAULT/bc/29dac9-9a15-4661-af78-1522e2964fce/1/fzErCdH2kPJXAL1dzwfJGAxelmM.mft rsync://rpki.ripe.net/repository/DEFAULT/fzErCdH2kPJXAL1dzwfJGAxelmM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 05:00:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:07:c1:a1:ee:49:73:46:cc:01:de:68:d3:a7:ae:40 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7f312b09d1f690f25700bd5dcf07c9180c5e9663 Validity Not Before: Dec 26 05:00:39 2025 GMT Not After : Dec 27 05:00:39 2025 GMT Subject: CN=1fbf0c2458cccc7fb2b867dc356edb65738e1c40 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:57:4d:fe:eb:4d:d5:49:bb:d9:df:9d:9e:49: 42:01:84:8e:7a:a2:b8:d4:d4:af:d7:c6:1f:b2:a3: 95:2c:7c:fe:0b:2f:8d:56:c4:28:c6:3d:45:d2:01: 7e:8b:8c:68:c7:35:f4:20:f3:41:e0:f5:9b:6c:95: 90:46:18:3f:d0:70:74:13:fb:96:23:f9:66:e9:a3: 39:99:cd:cb:8f:84:1e:b6:e3:e3:56:67:cf:ee:6b: 3d:3f:4c:7b:02:05:26:f1:5c:93:39:0e:c4:6d:92: be:08:e9:47:9a:33:bf:60:47:0b:b8:10:5b:b1:4c: 16:9c:31:52:3f:25:2c:12:aa:a7:bd:f7:6e:97:f2: c2:74:4f:38:5e:24:6d:39:b1:9b:6a:78:97:41:f8: 83:fa:0a:cd:2e:ef:f4:5a:4d:62:60:2a:11:79:0e: 6a:41:56:4e:54:b5:cf:93:98:80:d4:37:d1:a9:7d: 57:e1:0d:70:ab:e7:42:17:f0:49:e3:a5:57:cb:4f: 82:8f:fd:8f:be:67:e6:92:37:4c:14:94:07:7f:cc: ce:9c:2c:da:9e:d6:0a:8e:48:32:c1:65:92:12:17: 83:0c:9f:a1:11:44:c9:e5:2e:6b:ad:95:20:01:1b: 68:d2:7d:ed:b4:d7:f0:0e:07:62:a9:ce:3b:fa:4e: 2d:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1F:BF:0C:24:58:CC:CC:7F:B2:B8:67:DC:35:6E:DB:65:73:8E:1C:40 X509v3 Authority Key Identifier: keyid:7F:31:2B:09:D1:F6:90:F2:57:00:BD:5D:CF:07:C9:18:0C:5E:96:63 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fzErCdH2kPJXAL1dzwfJGAxelmM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/29dac9-9a15-4661-af78-1522e2964fce/1/fzErCdH2kPJXAL1dzwfJGAxelmM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/29dac9-9a15-4661-af78-1522e2964fce/1/fzErCdH2kPJXAL1dzwfJGAxelmM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 81:87:69:08:d9:a0:33:c7:af:eb:ee:b0:1a:de:da:e5:d1:6d: aa:73:5b:c3:3a:b9:8e:9f:db:eb:80:79:c8:b2:5a:6e:ac:63: 4b:3d:2c:ab:df:b5:46:59:37:26:58:d6:73:39:e3:3e:79:da: 84:ab:8a:7e:60:6c:d3:94:af:8e:bd:83:08:5b:40:8d:b8:90: 9f:b8:c5:3b:cb:fa:e5:d1:14:bd:99:56:5a:9b:5a:37:41:ea: f4:f8:f3:e0:0e:b2:a0:44:7a:34:16:52:12:e9:fd:87:8b:ad: 5a:ce:76:97:39:cf:49:d4:1b:e2:af:e5:68:b4:38:11:60:c4: 5b:31:e1:ec:a6:6f:5d:e0:9d:89:28:a7:91:bd:f4:94:eb:cc: 17:64:dd:bb:ec:37:da:d8:1f:0a:33:5b:29:ba:b7:e8:5d:9f: 4e:f9:29:b2:e0:e4:14:6d:9b:93:64:17:b5:a7:d5:a0:32:4c: 14:bb:16:a9:5b:50:b5:1b:56:44:97:e8:18:fd:48:81:8f:76: dc:12:21:c6:de:94:9c:2c:97:a7:e4:b7:e2:9a:39:cc:a9:7a: c7:21:0b:28:19:ef:ef:8d:1c:b0:1d:02:c5:7b:25:9d:53:b8: 4e:b1:24:61:bf:2e:24:4f:af:2d:a4:25:8d:ac:28:f0:53:d5: a6:b0:c4:5f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZB8Gh7klzRswB3mjTp65AMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDdmMzEyYjA5ZDFmNjkwZjI1NzAwYmQ1ZGNmMDdjOTE4MGM1 ZTk2NjMwHhcNMjUxMjI2MDUwMDM5WhcNMjUxMjI3MDUwMDM5WjAzMTEwLwYDVQQD EygxZmJmMGMyNDU4Y2NjYzdmYjJiODY3ZGMzNTZlZGI2NTczOGUxYzQwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvldN/utN1Um72d+dnklCAYSOeqK4 1NSv18YfsqOVLHz+Cy+NVsQoxj1F0gF+i4xoxzX0IPNB4PWbbJWQRhg/0HB0E/uW I/lm6aM5mc3Lj4QetuPjVmfP7ms9P0x7AgUm8VyTOQ7EbZK+COlHmjO/YEcLuBBb sUwWnDFSPyUsEqqnvfdul/LCdE84XiRtObGbaniXQfiD+grNLu/0Wk1iYCoReQ5q QVZOVLXPk5iA1DfRqX1X4Q1wq+dCF/BJ46VXy0+Cj/2PvmfmkjdMFJQHf8zOnCza ntYKjkgywWWSEheDDJ+hEUTJ5S5rrZUgARto0n3ttNfwDgdiqc47+k4t5QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFB+/DCRYzMx/srhn3DVu22VzjhxAMB8GA1UdIwQY MBaAFH8xKwnR9pDyVwC9Xc8HyRgMXpZjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZnpFckNkSDJrUEpYQUwxZHp3ZkpHQXhlbG1NLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy8yOWRhYzktOWExNS00NjYxLWFmNzgt MTUyMmUyOTY0ZmNlLzEvZnpFckNkSDJrUEpYQUwxZHp3ZkpHQXhlbG1NLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYy8yOWRhYzktOWExNS00NjYxLWFmNzgtMTUyMmUyOTY0ZmNl LzEvZnpFckNkSDJrUEpYQUwxZHp3ZkpHQXhlbG1NLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgYdpCNmg M8ev6+6wGt7a5dFtqnNbwzq5jp/b64B5yLJabqxjSz0sq9+1Rlk3JljWcznjPnna hKuKfmBs05Svjr2DCFtAjbiQn7jFO8v65dEUvZlWWptaN0Hq9Pjz4A6yoER6NBZS Eun9h4utWs52lznPSdQb4q/laLQ4EWDEWzHh7KZvXeCdiSinkb30lOvMF2Tdu+w3 2tgfCjNbKbq36F2fTvkpsuDkFG2bk2QXtafVoDJMFLsWqVtQtRtWRJfoGP1IgY92 3BIhxt6UnCyXp+S34po5zKl6xyELKBnv740csB0CxXslnVO4TrEkYb8uJE+vLaQl jawo8FPVprDEXw== -----END CERTIFICATE-----Generated at Fri Dec 26 14:16:54 2025 by rpki-client