This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/60d338-4b36-4054-b4bc-6473b092aadd/1/RZzMG7ARYGhoBts1qTNRshs-YNw.mft File: RZzMG7ARYGhoBts1qTNRshs-YNw.mft (raw, json) Hash identifier: F8HlYsU/q/9vAXheYfqWpEkK3Hbdq85v/I0y/gtRD04= Subject key identifier: D9:52:F2:BF:3B:7B:83:32:93:7A:18:23:35:2E:40:D5:73:42:A6:CC Authority key identifier: 45:9C:CC:1B:B0:11:60:68:68:06:DB:35:A9:33:51:B2:1B:3E:60:DC Certificate issuer: /CN=459ccc1bb01160686806db35a93351b21b3e60dc Certificate serial: 019AF4654249C6C6CA6EC46B69CAB228CF75 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RZzMG7ARYGhoBts1qTNRshs-YNw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/60d338-4b36-4054-b4bc-6473b092aadd/1/RZzMG7ARYGhoBts1qTNRshs-YNw.mft Manifest number: 14D8 Signing time: Sat 06 Dec 2025 16:01:07 +0000 Manifest this update: Sat 06 Dec 2025 16:01:07 +0000 Manifest next update: Sun 07 Dec 2025 16:01:07 +0000 Files and hashes: 1: RZzMG7ARYGhoBts1qTNRshs-YNw.crl (hash: A0ucvegnKSghV0EwHAH7fRm33upU7BAdXngbtEalyaI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/60d338-4b36-4054-b4bc-6473b092aadd/1/RZzMG7ARYGhoBts1qTNRshs-YNw.crl rsync://rpki.ripe.net/repository/DEFAULT/24/60d338-4b36-4054-b4bc-6473b092aadd/1/RZzMG7ARYGhoBts1qTNRshs-YNw.mft rsync://rpki.ripe.net/repository/DEFAULT/RZzMG7ARYGhoBts1qTNRshs-YNw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f4:65:42:49:c6:c6:ca:6e:c4:6b:69:ca:b2:28:cf:75 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=459ccc1bb01160686806db35a93351b21b3e60dc Validity Not Before: Dec 6 16:01:07 2025 GMT Not After : Dec 7 16:01:07 2025 GMT Subject: CN=d952f2bf3b7b8332937a1823352e40d57342a6cc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:1b:60:79:5f:48:d4:e1:da:09:a6:98:f8:eb: 3d:93:f1:d7:bf:66:b2:83:d0:af:a9:46:2d:6d:2b: ff:8b:0e:45:23:1b:73:a9:fd:47:c1:70:7f:31:95: 52:cc:34:08:86:55:10:18:22:1c:fc:f2:7b:61:9c: 43:d9:4d:64:30:db:39:68:2c:ce:6b:d3:ef:29:90: c9:7a:3d:f1:0f:0f:b0:6e:a3:e0:aa:7d:ca:fd:b1: b7:7f:c7:9e:33:c7:8c:d8:ba:d2:0a:bf:ad:a1:fd: 2b:92:49:e1:f5:28:ee:b3:84:0a:4d:f2:6e:e8:60: f3:e9:b9:d4:01:b2:26:9f:6f:81:da:2a:8b:da:ad: 41:bc:84:34:df:73:9c:0f:9a:38:fc:bd:51:15:ce: 11:5e:28:b5:b1:83:c4:f6:32:6d:20:e5:f8:1d:68: ca:9b:86:08:da:14:3a:38:b1:7e:0b:68:a8:40:f7: 91:cf:fe:8a:a4:10:e1:72:4a:7c:8e:08:ff:f1:3b: 3b:0c:72:e7:47:18:cb:80:5e:27:26:46:7d:b2:c7: c0:66:68:c4:98:00:a3:a8:34:ad:bc:e5:56:4d:67: 0f:2f:a0:21:9f:b8:ea:b3:f7:f7:ed:79:30:8d:5f: 83:5c:ad:8b:ee:4f:4f:be:11:d4:8a:ae:03:c8:1d: b7:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:52:F2:BF:3B:7B:83:32:93:7A:18:23:35:2E:40:D5:73:42:A6:CC X509v3 Authority Key Identifier: keyid:45:9C:CC:1B:B0:11:60:68:68:06:DB:35:A9:33:51:B2:1B:3E:60:DC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RZzMG7ARYGhoBts1qTNRshs-YNw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/60d338-4b36-4054-b4bc-6473b092aadd/1/RZzMG7ARYGhoBts1qTNRshs-YNw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/24/60d338-4b36-4054-b4bc-6473b092aadd/1/RZzMG7ARYGhoBts1qTNRshs-YNw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1b:ba:f8:b0:a1:a6:ea:74:dc:2c:09:a4:b5:6b:8c:cc:f1:37: 63:1d:97:63:58:fc:f6:c0:44:be:f2:66:52:90:35:67:ac:30: 2c:f1:0c:bc:d5:f1:69:61:d8:2c:66:5a:38:a3:16:7e:7d:f2: 87:19:22:73:a8:05:a9:7f:7e:7b:8f:d0:4f:1d:38:8d:5f:fc: 9c:98:02:fe:73:1b:a3:5d:b4:f6:54:3f:2f:ca:ed:c9:bc:fe: b2:11:b6:4e:98:d8:57:59:b9:ad:7c:0c:fe:15:17:0b:5b:44: fa:bd:73:d0:3f:d2:f5:c2:08:06:b3:48:f9:29:4c:ef:1d:b5: e4:a0:6d:a5:c3:f8:34:ed:82:39:ef:f3:66:59:8a:02:06:ee: 0d:d5:eb:51:7d:8c:27:5e:38:cc:13:e5:7c:61:d9:a7:1d:76: 7f:c1:67:d1:4d:85:e5:98:d0:84:54:d4:74:c2:91:1c:53:8f: 00:8d:57:b3:1d:2d:13:9b:0f:54:14:53:4f:f5:b8:f9:6e:d1: b0:2a:25:e9:1f:96:d4:9a:0a:49:82:db:05:a4:0f:aa:cf:35: c4:4e:41:03:42:a8:fa:ea:2d:f1:be:38:7f:38:64:6a:61:bd: 2c:18:1e:ca:7e:cf:a6:b7:bd:30:8a:5d:50:ca:16:be:4a:c8: 74:d2:71:70 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr0ZUJJxsbKbsRracqyKM91MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQ1OWNjYzFiYjAxMTYwNjg2ODA2ZGIzNWE5MzM1MWIyMWIz ZTYwZGMwHhcNMjUxMjA2MTYwMTA3WhcNMjUxMjA3MTYwMTA3WjAzMTEwLwYDVQQD EyhkOTUyZjJiZjNiN2I4MzMyOTM3YTE4MjMzNTJlNDBkNTczNDJhNmNjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtRtgeV9I1OHaCaaY+Os9k/HXv2ay g9CvqUYtbSv/iw5FIxtzqf1HwXB/MZVSzDQIhlUQGCIc/PJ7YZxD2U1kMNs5aCzO a9PvKZDJej3xDw+wbqPgqn3K/bG3f8eeM8eM2LrSCr+tof0rkknh9Sjus4QKTfJu 6GDz6bnUAbImn2+B2iqL2q1BvIQ033OcD5o4/L1RFc4RXii1sYPE9jJtIOX4HWjK m4YI2hQ6OLF+C2ioQPeRz/6KpBDhckp8jgj/8Ts7DHLnRxjLgF4nJkZ9ssfAZmjE mACjqDStvOVWTWcPL6Ahn7jqs/f37XkwjV+DXK2L7k9PvhHUiq4DyB23IwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNlS8r87e4Myk3oYIzUuQNVzQqbMMB8GA1UdIwQY MBaAFEWczBuwEWBoaAbbNakzUbIbPmDcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUlp6TUc3QVJZR2hvQnRzMXFUTlJzaHMtWU53LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC82MGQzMzgtNGIzNi00MDU0LWI0YmMt NjQ3M2IwOTJhYWRkLzEvUlp6TUc3QVJZR2hvQnRzMXFUTlJzaHMtWU53Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNC82MGQzMzgtNGIzNi00MDU0LWI0YmMtNjQ3M2IwOTJhYWRk LzEvUlp6TUc3QVJZR2hvQnRzMXFUTlJzaHMtWU53LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG7r4sKGm 6nTcLAmktWuMzPE3Yx2XY1j89sBEvvJmUpA1Z6wwLPEMvNXxaWHYLGZaOKMWfn3y hxkic6gFqX9+e4/QTx04jV/8nJgC/nMbo1209lQ/L8rtybz+shG2TpjYV1m5rXwM /hUXC1tE+r1z0D/S9cIIBrNI+SlM7x215KBtpcP4NO2COe/zZlmKAgbuDdXrUX2M J144zBPlfGHZpx12f8Fn0U2F5ZjQhFTUdMKRHFOPAI1Xsx0tE5sPVBRTT/W4+W7R sCol6R+W1JoKSYLbBaQPqs81xE5BA0Ko+uot8b44fzhkamG9LBgeyn7Ppre9MIpd UMoWvkrIdNJxcA== -----END CERTIFICATE-----Generated at Sat Dec 6 20:41:52 2025 by rpki-client