This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/d7cf94-ac61-4fbf-adf0-57eaf833ab0b/1/CzVgh8IMejJUFv2oA8t289p5R6k.mft File: CzVgh8IMejJUFv2oA8t289p5R6k.mft (raw, json) Hash identifier: UUTI3t9W4v9KQ3Wi+Sn3A+spgIl7SV91q3bNqRREkn8= Subject key identifier: F0:F6:27:FB:49:89:F6:F0:60:B1:5D:4A:62:D4:2C:42:36:09:06:5F Authority key identifier: 0B:35:60:87:C2:0C:7A:32:54:16:FD:A8:03:CB:76:F3:DA:79:47:A9 Certificate issuer: /CN=0b356087c20c7a325416fda803cb76f3da7947a9 Certificate serial: 019AF088C74BB7DC7637CE306D77EC930A93 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CzVgh8IMejJUFv2oA8t289p5R6k.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/d7cf94-ac61-4fbf-adf0-57eaf833ab0b/1/CzVgh8IMejJUFv2oA8t289p5R6k.mft Manifest number: 04EA Signing time: Fri 05 Dec 2025 22:01:26 +0000 Manifest this update: Fri 05 Dec 2025 22:01:26 +0000 Manifest next update: Sat 06 Dec 2025 22:01:26 +0000 Files and hashes: 1: CzVgh8IMejJUFv2oA8t289p5R6k.crl (hash: 7ZIxKgszzbMaJGa/9Zhq5LuE79PapQ4zIqWCcisQ7IA=) 2: VWgiKeUlZyr_tkfBtwpTnh3j5es.roa (hash: F+rSoMMmSh1ZRMmb8OY6V8ChtegfB1X8DkMugPNoNpA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/d7cf94-ac61-4fbf-adf0-57eaf833ab0b/1/CzVgh8IMejJUFv2oA8t289p5R6k.crl rsync://rpki.ripe.net/repository/DEFAULT/20/d7cf94-ac61-4fbf-adf0-57eaf833ab0b/1/CzVgh8IMejJUFv2oA8t289p5R6k.mft rsync://rpki.ripe.net/repository/DEFAULT/CzVgh8IMejJUFv2oA8t289p5R6k.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 22:01:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f0:88:c7:4b:b7:dc:76:37:ce:30:6d:77:ec:93:0a:93 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0b356087c20c7a325416fda803cb76f3da7947a9 Validity Not Before: Dec 5 22:01:26 2025 GMT Not After : Dec 6 22:01:26 2025 GMT Subject: CN=f0f627fb4989f6f060b15d4a62d42c423609065f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8c:5e:fe:6e:e5:b5:6e:e8:30:dc:9b:7d:4b:af: 3c:68:f7:e9:d5:94:45:17:52:96:90:ac:58:78:44: b8:51:b6:bc:11:80:0a:78:34:17:63:b8:a6:5d:17: d6:ad:92:4c:3a:3e:2d:b8:4d:ba:a8:70:1d:54:5d: fa:7a:33:d2:5d:80:e9:44:37:5b:af:1c:12:c1:d0: 8d:df:fe:0d:42:9f:b3:1d:83:a1:fa:00:bd:7f:19: dc:bb:5a:e0:3c:94:65:1a:c3:cf:bf:1a:59:bd:cf: 88:45:96:1b:8f:9f:6e:80:92:2e:76:52:39:2a:77: 6e:8e:13:d0:6d:bb:7d:88:d5:77:8b:d6:7c:ef:ab: 8c:a7:4e:1e:1e:07:a9:19:99:a0:f0:2d:52:5b:13: 05:b1:65:7a:5f:ed:cf:60:95:b8:83:87:3f:2a:26: 6c:92:d7:95:82:5a:f7:f0:27:52:a4:1c:fd:dc:ef: d8:82:59:11:9e:fa:21:6a:6e:70:4b:11:e7:ce:d8: 85:f3:56:be:8a:83:60:28:d3:64:d8:1f:4d:28:72: 53:47:f9:fe:ea:b6:00:7d:2a:50:d9:59:a5:5d:d1: 88:1b:65:34:39:da:bf:f6:2a:28:69:f5:4c:e2:09: 93:51:7d:94:ff:18:ba:fe:47:cb:55:ee:20:ab:14: a7:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F0:F6:27:FB:49:89:F6:F0:60:B1:5D:4A:62:D4:2C:42:36:09:06:5F X509v3 Authority Key Identifier: keyid:0B:35:60:87:C2:0C:7A:32:54:16:FD:A8:03:CB:76:F3:DA:79:47:A9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CzVgh8IMejJUFv2oA8t289p5R6k.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/d7cf94-ac61-4fbf-adf0-57eaf833ab0b/1/CzVgh8IMejJUFv2oA8t289p5R6k.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/20/d7cf94-ac61-4fbf-adf0-57eaf833ab0b/1/CzVgh8IMejJUFv2oA8t289p5R6k.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 18:73:28:cf:37:a8:66:21:f7:7e:48:f7:7c:93:bb:80:61:83: 50:6e:46:9b:ab:40:09:24:45:ee:5b:e5:9d:db:10:54:a9:09: d1:e5:fd:c7:b0:52:3b:9d:48:33:a8:e5:8c:f1:05:83:33:c2: 8c:87:06:8e:ea:44:6f:c1:e5:ac:d2:c5:10:5c:83:ec:64:48: d5:36:b5:03:46:28:e8:2e:b7:83:6a:90:63:93:13:0b:7f:dc: 8e:9f:e8:93:49:d5:df:02:28:ed:17:a5:8d:3d:66:c2:bb:73: 80:b6:6e:21:e2:75:40:ee:e0:5b:3a:2e:25:ae:c4:93:c1:36: 3f:c7:33:01:65:a5:63:3d:35:8b:00:a3:ed:9f:e8:b1:d2:89: 71:f2:b2:02:53:e0:df:25:39:f7:e4:4a:25:58:29:25:9b:53: 90:f2:6f:6b:d5:48:10:7a:ce:3b:ab:1d:4f:33:dd:bd:0b:02: e4:22:b0:12:4d:9c:04:25:63:5a:16:44:75:0b:4d:11:f7:ea: 8b:a8:10:9a:31:39:67:c1:f9:6d:b9:d4:f0:87:1c:77:bf:be: 1f:d1:2b:85:ac:b4:0a:88:b2:34:38:15:7e:c2:86:5d:6e:47: b5:70:c2:e3:90:b6:ee:d3:a6:37:41:ad:e0:cc:38:ea:93:61: 69:4b:ce:9d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrwiMdLt9x2N84wbXfskwqTMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBiMzU2MDg3YzIwYzdhMzI1NDE2ZmRhODAzY2I3NmYzZGE3 OTQ3YTkwHhcNMjUxMjA1MjIwMTI2WhcNMjUxMjA2MjIwMTI2WjAzMTEwLwYDVQQD EyhmMGY2MjdmYjQ5ODlmNmYwNjBiMTVkNGE2MmQ0MmM0MjM2MDkwNjVmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjF7+buW1bugw3Jt9S688aPfp1ZRF F1KWkKxYeES4Uba8EYAKeDQXY7imXRfWrZJMOj4tuE26qHAdVF36ejPSXYDpRDdb rxwSwdCN3/4NQp+zHYOh+gC9fxncu1rgPJRlGsPPvxpZvc+IRZYbj59ugJIudlI5 KndujhPQbbt9iNV3i9Z876uMp04eHgepGZmg8C1SWxMFsWV6X+3PYJW4g4c/KiZs kteVglr38CdSpBz93O/YglkRnvoham5wSxHnztiF81a+ioNgKNNk2B9NKHJTR/n+ 6rYAfSpQ2VmlXdGIG2U0Odq/9iooafVM4gmTUX2U/xi6/kfLVe4gqxSn4wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPD2J/tJifbwYLFdSmLULEI2CQZfMB8GA1UdIwQY MBaAFAs1YIfCDHoyVBb9qAPLdvPaeUepMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ3pWZ2g4SU1lakpVRnYyb0E4dDI4OXA1UjZrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC9kN2NmOTQtYWM2MS00ZmJmLWFkZjAt NTdlYWY4MzNhYjBiLzEvQ3pWZ2g4SU1lakpVRnYyb0E4dDI4OXA1UjZrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMC9kN2NmOTQtYWM2MS00ZmJmLWFkZjAtNTdlYWY4MzNhYjBi LzEvQ3pWZ2g4SU1lakpVRnYyb0E4dDI4OXA1UjZrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGHMozzeo ZiH3fkj3fJO7gGGDUG5Gm6tACSRF7lvlndsQVKkJ0eX9x7BSO51IM6jljPEFgzPC jIcGjupEb8HlrNLFEFyD7GRI1Ta1A0Yo6C63g2qQY5MTC3/cjp/ok0nV3wIo7Rel jT1mwrtzgLZuIeJ1QO7gWzouJa7Ek8E2P8czAWWlYz01iwCj7Z/osdKJcfKyAlPg 3yU59+RKJVgpJZtTkPJva9VIEHrOO6sdTzPdvQsC5CKwEk2cBCVjWhZEdQtNEffq i6gQmjE5Z8H5bbnU8Iccd7++H9Erhay0CoiyNDgVfsKGXW5HtXDC45C27tOmN0Gt 4Mw46pNhaUvOnQ== -----END CERTIFICATE-----Generated at Sat Dec 6 07:13:43 2025 by rpki-client