This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/7F216F49A3B9A84A0E85E80A2C42874F09EA3985.mft File: 7F216F49A3B9A84A0E85E80A2C42874F09EA3985.mft (raw, json) Hash identifier: RcEfldvGZ7KxbIhnfCoEvjd/E/h1Rft71+nMvRzgnvk= Subject key identifier: FC:4B:76:BB:BE:AF:E2:DF:BE:85:8C:66:59:1B:F1:49:D7:DA:C3:A1 Authority key identifier: 7F:21:6F:49:A3:B9:A8:4A:0E:85:E8:0A:2C:42:87:4F:09:EA:39:85 Certificate issuer: /CN=7f216f49a3b9a84a0e85e80a2c42874f09ea3985 Certificate serial: 4B255579A9B3CBCDB5BB2D926653B69C0414BB91 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fyFvSaO5qEoOhegKLEKHTwnqOYU.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/7F216F49A3B9A84A0E85E80A2C42874F09EA3985.mft Manifest number: 017B Signing time: Thu 11 Dec 2025 14:16:22 +0000 Manifest this update: Thu 11 Dec 2025 14:11:22 +0000 Manifest next update: Fri 12 Dec 2025 17:20:22 +0000 Files and hashes: 1: 326130653a666434353a326535303a3a2f34382d3438203d3e20323135333730.roa (hash: S2x/glwBFQqLmSWyNwtm4qEtJyulbbnFBue99o2JPS8=) 2: 326130653a666434353a353030303a3a2f34302d3438203d3e20323034383330.roa (hash: 9ztDCaU6aAMVKVrLFNLTSsl1A84X7CinJDw99b10Wgk=) 3: 326130653a666434353a326630303a3a2f34382d3438203d3e20323132393636.roa (hash: fCahoT0DASmE4L0CnNku4FHnUTfBEMsJKaoRBnEvKJY=) 4: 326130653a666434353a326633303a3a2f34382d3438203d3e20323039333130.roa (hash: Ah9wB6P+J6/u6bq6IHZMWUCN9kLwcy3+ovMQjaM+Mjs=) 5: 326130653a666434353a326634303a3a2f34342d3438203d3e20323132353931.roa (hash: m8ac/OmE29DqLuwrvKPJFKpYCamTHx1fmPvpHqRkArI=) 6: 326130393a626534303a323830303a3a2f34302d3438203d3e20313939393530.roa (hash: AiP13DNBwIkSFzdQdSir0FYGd4okcKOcyfxhs/nt0mM=) 7: 7F216F49A3B9A84A0E85E80A2C42874F09EA3985.crl (hash: 5jTMfNyivtxDM8BTSQdb+THmTQnaiicLFIZEU15rHmA=) 8: 326130393a626534303a323830303a3a2f34302d3438203d3e20323133313730.roa (hash: bGsR+5RlWB67shIeVpz1QNwpCAPKyIXgoOV7T0RQXx8=) 9: 326130653a666434353a326366303a3a2f34382d3438203d3e20323032383535.roa (hash: lpEMU1X1JLSHAOWUFG4frUPhBZsu7LhlBnijuGC43xs=) 10: 326130653a666434353a326538303a3a2f34382d3438203d3e20323134373233.roa (hash: OBdYMpDCrnydUqYR/9aR6OWDxV3xrASuK04QdHbbnp4=) Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/7F216F49A3B9A84A0E85E80A2C42874F09EA3985.crl rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/7F216F49A3B9A84A0E85E80A2C42874F09EA3985.mft rsync://rpki.ripe.net/repository/DEFAULT/fyFvSaO5qEoOhegKLEKHTwnqOYU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 12 Dec 2025 14:45:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4b:25:55:79:a9:b3:cb:cd:b5:bb:2d:92:66:53:b6:9c:04:14:bb:91 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7f216f49a3b9a84a0e85e80a2c42874f09ea3985 Validity Not Before: Dec 11 14:11:22 2025 GMT Not After : Dec 12 17:20:22 2025 GMT Subject: CN=FC4B76BBBEAFE2DFBE858C66591BF149D7DAC3A1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:55:ae:d4:68:89:3d:59:4f:5b:a6:e1:23:76: eb:88:77:7e:e0:cb:9c:97:66:3a:f8:5b:65:84:bb: 6d:97:58:3e:4f:c9:58:f8:49:a5:9f:1a:1a:6d:ec: 99:99:38:ff:c0:af:d0:8e:95:e2:bd:ad:45:df:3a: ed:9f:82:4f:9e:fe:54:30:06:7b:0b:3f:3f:59:83: b6:1b:a1:c9:75:56:b2:66:fc:3a:ec:85:a9:c1:41: 3d:20:dd:63:a6:7d:31:6b:49:29:b8:69:03:5f:56: aa:ea:28:63:20:c8:74:20:47:14:7b:c4:ea:f7:32: 86:e3:98:de:e7:9c:79:7c:e1:cf:55:c1:df:97:9b: dc:9f:b6:d2:fa:c7:51:f2:c5:ae:18:1b:5a:05:24: 36:a3:2f:fd:8a:ba:33:04:bb:f2:5d:59:8b:fb:b9: 83:69:2b:d7:d1:5d:e1:c6:af:88:6e:68:a9:a3:1a: dc:1b:39:bb:38:47:49:f7:9c:cf:55:12:4b:ed:d1: e4:eb:1b:e8:fe:e6:14:28:2f:18:cb:05:78:16:e8: 71:ad:4b:2d:10:cb:be:e2:43:bb:37:bf:94:0d:86: 99:8b:09:ba:8d:d6:fc:66:71:79:8e:e2:93:e5:d7: 82:81:01:dd:09:a2:bd:06:15:88:35:c3:38:25:f8: 98:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FC:4B:76:BB:BE:AF:E2:DF:BE:85:8C:66:59:1B:F1:49:D7:DA:C3:A1 X509v3 Authority Key Identifier: keyid:7F:21:6F:49:A3:B9:A8:4A:0E:85:E8:0A:2C:42:87:4F:09:EA:39:85 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/7F216F49A3B9A84A0E85E80A2C42874F09EA3985.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fyFvSaO5qEoOhegKLEKHTwnqOYU.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/2dfb30ca-e1c2-4921-b054-d4af09165af1/0/7F216F49A3B9A84A0E85E80A2C42874F09EA3985.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 63:45:18:db:8d:bd:e4:ad:f0:b9:e9:38:d5:6d:2f:bf:61:3d: c1:54:40:de:52:39:b4:4e:20:f0:84:b3:2b:39:e9:20:3e:d7: 25:3a:97:ad:93:22:37:45:b0:84:5b:33:13:25:99:b9:96:08: 3a:cc:8b:2f:f2:04:36:f5:02:9c:ba:16:9d:b6:c3:77:33:15: 9b:44:7f:2d:36:7a:aa:bd:c8:d4:a4:3e:b3:f2:53:97:63:e7: 85:e5:ca:f8:a2:64:7d:90:6a:2a:be:3e:9c:12:c3:16:f7:d0: c8:f7:49:10:c9:27:76:b8:13:e6:22:a9:b1:3c:af:21:3b:70: 88:50:f7:76:ff:df:81:8f:b1:b8:31:f8:98:34:6d:00:bc:68: bb:89:7d:0a:48:dd:49:97:a2:00:8d:8a:fe:5f:04:e0:94:a7: 61:c6:04:55:c9:51:ea:91:e9:1f:33:ad:dd:b5:a1:65:c0:7e: 4a:67:6a:69:4e:e5:bc:b7:53:5e:cd:dd:d7:cf:cf:a5:43:b3: e0:7a:90:dd:27:ee:a6:36:71:97:01:fe:aa:14:fe:f3:6c:d6: 23:49:86:75:9f:e6:6a:27:44:8a:38:ec:c6:09:6b:d8:84:a7: 9f:3c:f8:31:f4:1a:c0:a8:0f:5c:64:e3:e0:23:c3:17:f5:ce: 9f:d6:fd:6b -----BEGIN CERTIFICATE----- MIIFPTCCBCWgAwIBAgIUSyVVeamzy821uy2SZlO2nAQUu5EwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoN2YyMTZmNDlhM2I5YTg0YTBlODVlODBhMmM0Mjg3NGYw OWVhMzk4NTAeFw0yNTEyMTExNDExMjJaFw0yNTEyMTIxNzIwMjJaMDMxMTAvBgNV BAMTKEZDNEI3NkJCQkVBRkUyREZCRTg1OEM2NjU5MUJGMTQ5RDdEQUMzQTEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDsVa7UaIk9WU9bpuEjduuId37g y5yXZjr4W2WEu22XWD5PyVj4SaWfGhpt7JmZOP/Ar9COleK9rUXfOu2fgk+e/lQw BnsLPz9Zg7Ybocl1VrJm/DrshanBQT0g3WOmfTFrSSm4aQNfVqrqKGMgyHQgRxR7 xOr3MobjmN7nnHl84c9Vwd+Xm9yfttL6x1Hyxa4YG1oFJDajL/2KujMEu/JdWYv7 uYNpK9fRXeHGr4huaKmjGtwbObs4R0n3nM9VEkvt0eTrG+j+5hQoLxjLBXgW6HGt Sy0Qy77iQ7s3v5QNhpmLCbqN1vxmcXmO4pPl14KBAd0Jor0GFYg1wzgl+JgpAgMB AAGjggJHMIICQzAdBgNVHQ4EFgQU/Et2u76v4t++hYxmWRvxSdfaw6EwHwYDVR0j BBgwFoAUfyFvSaO5qEoOhegKLEKHTwnqOYUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMmRmYjMwY2EtZTFjMi00OTIxLWIwNTQtZDRhZjA5MTY1 YWYxLzAvN0YyMTZGNDlBM0I5QTg0QTBFODVFODBBMkM0Mjg3NEYwOUVBMzk4NS5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Z5RnZTYU81cUVvT2hlZ0tMRUtIVHdu cU9ZVS5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6 Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS8yZGZiMzBjYS1l MWMyLTQ5MjEtYjA1NC1kNGFmMDkxNjVhZjEvMC83RjIxNkY0OUEzQjlBODRBMEU4 NUU4MEEyQzQyODc0RjA5RUEzOTg1Lm1mdDAYBgNVHSABAf8EDjAMMAoGCCsGAQUF Bw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwFQYIKwYBBQUH AQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY0UY24295K3wuek41W0v v2E9wVRA3lI5tE4g8ISzKznpID7XJTqXrZMiN0WwhFszEyWZuZYIOsyLL/IENvUC nLoWnbbDdzMVm0R/LTZ6qr3I1KQ+s/JTl2PnheXK+KJkfZBqKr4+nBLDFvfQyPdJ EMkndrgT5iKpsTyvITtwiFD3dv/fgY+xuDH4mDRtALxou4l9CkjdSZeiAI2K/l8E 4JSnYcYEVclR6pHpHzOt3bWhZcB+SmdqaU7lvLdTXs3d18/PpUOz4HqQ3SfupjZx lwH+qhT+82zWI0mGdZ/maidEijjsxglr2ISnnzz4MfQawKgPXGTj4CPDF/XOn9b9 aw== -----END CERTIFICATE-----Generated at Fri Dec 12 00:11:29 2025 by rpki-client