This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/c451f6-866a-4091-aa88-f0abb9558d45/1/A0BZzz9bz7oJObTF2cPThs7NTOw.mft File: A0BZzz9bz7oJObTF2cPThs7NTOw.mft (raw, json) Hash identifier: MgP/awGhqQ5oTDlerVqTRjockz6CMBSCWkUClaV1bac= Subject key identifier: 70:48:0E:F2:EA:3B:84:B6:50:FF:C5:16:42:5E:30:99:7F:88:30:7E Authority key identifier: 03:40:59:CF:3F:5B:CF:BA:09:39:B4:C5:D9:C3:D3:86:CE:CD:4C:EC Certificate issuer: /CN=034059cf3f5bcfba0939b4c5d9c3d386cecd4cec Certificate serial: 019AF540FA95AD5455C5927F2DF1A09E0F29 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A0BZzz9bz7oJObTF2cPThs7NTOw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/c451f6-866a-4091-aa88-f0abb9558d45/1/A0BZzz9bz7oJObTF2cPThs7NTOw.mft Manifest number: 012F Signing time: Sat 06 Dec 2025 20:01:07 +0000 Manifest this update: Sat 06 Dec 2025 20:01:07 +0000 Manifest next update: Sun 07 Dec 2025 20:01:07 +0000 Files and hashes: 1: A0BZzz9bz7oJObTF2cPThs7NTOw.crl (hash: ujyKeTRU+c9Aw4/P9KbhYAhKM+T0x1tdbYjORElzMzc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/c451f6-866a-4091-aa88-f0abb9558d45/1/A0BZzz9bz7oJObTF2cPThs7NTOw.crl rsync://rpki.ripe.net/repository/DEFAULT/17/c451f6-866a-4091-aa88-f0abb9558d45/1/A0BZzz9bz7oJObTF2cPThs7NTOw.mft rsync://rpki.ripe.net/repository/DEFAULT/A0BZzz9bz7oJObTF2cPThs7NTOw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:40:fa:95:ad:54:55:c5:92:7f:2d:f1:a0:9e:0f:29 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=034059cf3f5bcfba0939b4c5d9c3d386cecd4cec Validity Not Before: Dec 6 20:01:07 2025 GMT Not After : Dec 7 20:01:07 2025 GMT Subject: CN=70480ef2ea3b84b650ffc516425e30997f88307e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:a6:29:5b:97:df:c3:24:a1:90:3e:c3:16:7e: 97:ee:a4:e1:87:79:64:65:38:8b:89:b6:f4:16:d2: eb:c0:75:ce:26:88:0c:08:a5:4e:2d:06:6e:f6:09: b1:a1:94:84:d5:4d:0c:ff:26:54:54:45:d0:f6:63: c9:49:b3:01:e0:c8:d8:bd:89:a0:c4:4c:99:e7:4b: 19:6e:82:b8:04:a9:3d:be:6c:03:35:cd:74:0e:90: d6:57:47:b8:7f:45:fc:3f:78:82:87:dc:cc:8a:97: 6b:f3:e7:e6:33:d3:10:9a:bd:e1:2d:87:af:63:44: 5f:2f:37:ba:9c:8e:7d:dc:47:8c:b2:aa:3c:5e:02: 6e:25:f6:0f:3a:4b:83:c2:53:e5:00:05:ff:99:17: 89:33:46:f2:22:28:cd:df:32:fc:d8:cb:36:94:e5: f6:0c:3e:9a:1c:1b:57:7e:1f:00:d7:70:f7:91:ac: 1f:58:8a:cc:16:08:c4:f0:10:dc:88:32:7f:d4:10: 9d:7f:3d:d4:6f:e3:7f:02:0e:f0:4e:a9:0a:9a:a6: dc:d5:1e:1e:32:b5:36:1d:ab:e0:f3:82:2c:05:29: 30:9f:98:05:06:0f:10:81:64:bb:1b:69:12:90:ec: 72:ff:87:70:e9:cd:ee:a5:67:83:da:9c:01:18:71: 57:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 70:48:0E:F2:EA:3B:84:B6:50:FF:C5:16:42:5E:30:99:7F:88:30:7E X509v3 Authority Key Identifier: keyid:03:40:59:CF:3F:5B:CF:BA:09:39:B4:C5:D9:C3:D3:86:CE:CD:4C:EC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A0BZzz9bz7oJObTF2cPThs7NTOw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/c451f6-866a-4091-aa88-f0abb9558d45/1/A0BZzz9bz7oJObTF2cPThs7NTOw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/17/c451f6-866a-4091-aa88-f0abb9558d45/1/A0BZzz9bz7oJObTF2cPThs7NTOw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 86:fc:e6:21:ac:dd:d6:30:68:6d:c8:2b:ff:e3:e8:32:37:2d: cb:05:84:16:1f:58:c6:dd:3f:1c:af:67:21:5e:4c:90:4c:b4: cd:2f:73:14:de:c7:dd:a0:63:a7:3c:d8:fb:09:1f:24:34:f5: 3f:b6:89:ea:96:75:e2:88:55:ae:d9:0a:fb:cb:81:c2:4b:4c: 29:78:7c:3b:17:46:8e:56:b2:71:cb:98:ad:cc:20:75:3a:43: 52:cf:52:94:23:63:78:14:75:d0:da:f7:26:35:f1:c8:3f:e4: 0e:fe:76:97:23:3c:2c:12:78:2a:93:d1:2f:45:5e:5c:44:48: 20:2e:38:34:1a:86:01:a9:df:ad:9e:82:82:db:fd:a9:6d:e4: 48:d1:66:bc:7d:bf:bc:b0:db:ca:05:09:98:a6:02:12:56:e4: cb:9b:4a:8d:d5:32:49:51:27:f9:d7:36:37:50:e7:c8:69:61: e4:a1:b6:b8:df:43:63:5d:e1:55:7a:1f:24:10:5d:dc:36:72: 78:13:5d:24:21:07:88:0a:1c:8e:ce:d6:d8:15:28:d5:74:ac: 24:90:66:94:3e:1e:98:b9:88:94:de:c2:f9:37:35:ea:09:48: 9a:51:f2:a5:ec:70:9a:86:49:49:cf:f6:48:c7:16:49:ff:1b: c0:20:55:06 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr1QPqVrVRVxZJ/LfGgng8pMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDAzNDA1OWNmM2Y1YmNmYmEwOTM5YjRjNWQ5YzNkMzg2Y2Vj ZDRjZWMwHhcNMjUxMjA2MjAwMTA3WhcNMjUxMjA3MjAwMTA3WjAzMTEwLwYDVQQD Eyg3MDQ4MGVmMmVhM2I4NGI2NTBmZmM1MTY0MjVlMzA5OTdmODgzMDdlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlaYpW5ffwyShkD7DFn6X7qThh3lk ZTiLibb0FtLrwHXOJogMCKVOLQZu9gmxoZSE1U0M/yZUVEXQ9mPJSbMB4MjYvYmg xEyZ50sZboK4BKk9vmwDNc10DpDWV0e4f0X8P3iCh9zMipdr8+fmM9MQmr3hLYev Y0RfLze6nI593EeMsqo8XgJuJfYPOkuDwlPlAAX/mReJM0byIijN3zL82Ms2lOX2 DD6aHBtXfh8A13D3kawfWIrMFgjE8BDciDJ/1BCdfz3Ub+N/Ag7wTqkKmqbc1R4e MrU2Havg84IsBSkwn5gFBg8QgWS7G2kSkOxy/4dw6c3upWeD2pwBGHFXXQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHBIDvLqO4S2UP/FFkJeMJl/iDB+MB8GA1UdIwQY MBaAFANAWc8/W8+6CTm0xdnD04bOzUzsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQTBCWnp6OWJ6N29KT2JURjJjUFRoczdOVE93LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9jNDUxZjYtODY2YS00MDkxLWFhODgt ZjBhYmI5NTU4ZDQ1LzEvQTBCWnp6OWJ6N29KT2JURjJjUFRoczdOVE93Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNy9jNDUxZjYtODY2YS00MDkxLWFhODgtZjBhYmI5NTU4ZDQ1 LzEvQTBCWnp6OWJ6N29KT2JURjJjUFRoczdOVE93LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhvzmIazd 1jBobcgr/+PoMjctywWEFh9Yxt0/HK9nIV5MkEy0zS9zFN7H3aBjpzzY+wkfJDT1 P7aJ6pZ14ohVrtkK+8uBwktMKXh8OxdGjlayccuYrcwgdTpDUs9SlCNjeBR10Nr3 JjXxyD/kDv52lyM8LBJ4KpPRL0VeXERIIC44NBqGAanfrZ6Cgtv9qW3kSNFmvH2/ vLDbygUJmKYCElbky5tKjdUySVEn+dc2N1DnyGlh5KG2uN9DY13hVXofJBBd3DZy eBNdJCEHiAocjs7W2BUo1XSsJJBmlD4emLmIlN7C+Tc16glImlHypexwmoZJSc/2 SMcWSf8bwCBVBg== -----END CERTIFICATE-----Generated at Sat Dec 6 22:46:34 2025 by rpki-client