This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.mft File: z4duDnrrYE0WMdSaAl4XitJ0qBI.mft (raw, json) Hash identifier: j8ABiB+yBRbJqb+0z+e+cp7X5Wq1F0HnXoXzJd+8uqY= Subject key identifier: 8A:1F:C4:2A:32:F2:E1:25:97:21:4F:C2:24:4C:1B:AC:9A:1D:C8:D2 Authority key identifier: CF:87:6E:0E:7A:EB:60:4D:16:31:D4:9A:02:5E:17:8A:D2:74:A8:12 Certificate issuer: /CN=cf876e0e7aeb604d1631d49a025e178ad274a812 Certificate serial: 019AF20910FB7F7547EFFA63A3CBA0E8277F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z4duDnrrYE0WMdSaAl4XitJ0qBI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.mft Manifest number: 175E Signing time: Sat 06 Dec 2025 05:01:11 +0000 Manifest this update: Sat 06 Dec 2025 05:01:11 +0000 Manifest next update: Sun 07 Dec 2025 05:01:11 +0000 Files and hashes: 1: z4duDnrrYE0WMdSaAl4XitJ0qBI.crl (hash: PUgbflUyGtUFyAgN3sn63Fcz/6UvP7aj9COoqkMFmS8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.crl rsync://rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.mft rsync://rpki.ripe.net/repository/DEFAULT/z4duDnrrYE0WMdSaAl4XitJ0qBI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:09:10:fb:7f:75:47:ef:fa:63:a3:cb:a0:e8:27:7f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cf876e0e7aeb604d1631d49a025e178ad274a812 Validity Not Before: Dec 6 05:01:11 2025 GMT Not After : Dec 7 05:01:11 2025 GMT Subject: CN=8a1fc42a32f2e12597214fc2244c1bac9a1dc8d2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:f1:fd:ad:96:84:ef:c9:e8:b0:41:45:f1:e1: 38:10:b8:75:bd:cd:fd:9b:a4:7d:0f:94:c0:bf:c6: 36:ec:6d:67:0e:f2:b1:fd:f7:05:5a:d0:b0:df:0a: 29:1e:15:3f:d7:b5:2e:1b:55:5d:61:12:f4:13:b5: d1:e4:03:45:de:da:17:2f:89:f3:d0:82:16:c8:49: 99:c3:1a:e6:53:3f:58:ef:38:9e:25:24:df:da:1d: 7c:85:4b:6e:f5:75:3c:b8:17:59:ac:f4:d7:04:5c: 3e:6a:df:db:b3:a5:78:07:0e:16:4d:f8:35:5c:3a: f6:41:b6:15:37:e3:1f:73:c7:ad:8c:b2:ce:68:06: 14:06:24:61:1c:b3:9d:d6:0d:82:7b:92:94:45:6a: 47:87:e2:43:70:06:f0:f4:a8:c2:49:06:78:2b:cf: e8:a3:c0:03:41:d3:52:35:cf:07:72:7e:29:7c:81: 1e:13:b2:99:48:1e:b3:82:8a:c0:f8:c5:a2:9b:7a: 5c:00:64:2c:72:43:95:da:ed:8d:f0:68:92:24:7e: b5:29:26:90:5f:7f:2c:64:48:ff:9b:68:27:2f:b3: 55:a4:d7:0c:16:62:01:3f:08:9a:eb:42:23:1c:6e: a6:29:a6:a3:d0:1c:a8:d7:6f:40:03:3d:88:05:07: 4e:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:1F:C4:2A:32:F2:E1:25:97:21:4F:C2:24:4C:1B:AC:9A:1D:C8:D2 X509v3 Authority Key Identifier: keyid:CF:87:6E:0E:7A:EB:60:4D:16:31:D4:9A:02:5E:17:8A:D2:74:A8:12 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z4duDnrrYE0WMdSaAl4XitJ0qBI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption bd:e3:8d:0f:18:c2:92:6c:61:1e:ee:76:45:62:17:2c:97:a4: 13:db:9d:ec:18:82:0e:a9:b9:8a:68:40:bf:25:f0:d6:d3:7a: 0e:ac:25:36:a4:3f:5a:f8:ef:74:09:2f:58:7b:b4:4e:48:fe: 5a:58:3d:c5:1d:69:c3:6d:6d:85:e0:05:d9:f1:22:65:60:e2: 69:12:c4:c5:dc:fd:7d:d4:f4:3e:26:7c:ac:7d:8e:d4:d5:d3: 90:15:dd:d2:42:88:34:cc:d3:c3:79:e7:56:d1:4d:08:fa:ba: 89:c7:0c:23:35:d9:b5:c7:c1:38:1f:35:ae:99:8e:56:24:61: f7:1e:8b:ab:ba:42:f3:88:97:61:01:3a:75:96:b0:fc:c7:d6: 48:c2:73:5d:d3:eb:3c:c2:d1:97:2b:6c:99:9e:0a:e2:5d:54: ea:f3:d8:64:d1:99:15:11:7f:88:9b:5d:12:17:f6:46:62:44: 8f:da:fd:c3:16:c7:11:aa:2a:a5:21:4f:1a:5f:5a:2d:65:5d: 56:88:d9:5e:ab:87:34:b6:13:27:fd:8f:99:1d:f4:44:af:62: 71:3e:9e:e5:68:73:f6:51:a6:46:29:17:5f:c1:18:52:67:29: 2d:d7:87:86:c7:55:55:3f:86:48:db:e5:c3:17:15:10:e9:07: 78:ed:0f:6e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryCRD7f3VH7/pjo8ug6Cd/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNmODc2ZTBlN2FlYjYwNGQxNjMxZDQ5YTAyNWUxNzhhZDI3 NGE4MTIwHhcNMjUxMjA2MDUwMTExWhcNMjUxMjA3MDUwMTExWjAzMTEwLwYDVQQD Eyg4YTFmYzQyYTMyZjJlMTI1OTcyMTRmYzIyNDRjMWJhYzlhMWRjOGQyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyPH9rZaE78nosEFF8eE4ELh1vc39 m6R9D5TAv8Y27G1nDvKx/fcFWtCw3wopHhU/17UuG1VdYRL0E7XR5ANF3toXL4nz 0IIWyEmZwxrmUz9Y7zieJSTf2h18hUtu9XU8uBdZrPTXBFw+at/bs6V4Bw4WTfg1 XDr2QbYVN+Mfc8etjLLOaAYUBiRhHLOd1g2Ce5KURWpHh+JDcAbw9KjCSQZ4K8/o o8ADQdNSNc8Hcn4pfIEeE7KZSB6zgorA+MWim3pcAGQsckOV2u2N8GiSJH61KSaQ X38sZEj/m2gnL7NVpNcMFmIBPwia60IjHG6mKaaj0Byo129AAz2IBQdOAwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIofxCoy8uEllyFPwiRMG6yaHcjSMB8GA1UdIwQY MBaAFM+Hbg5662BNFjHUmgJeF4rSdKgSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvejRkdURucnJZRTBXTWRTYUFsNFhpdEowcUJJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9hNWJjOGEtMDQ5ZC00MzE0LTliMWEt Mjk3NTVhN2M5NGZkLzEvejRkdURucnJZRTBXTWRTYUFsNFhpdEowcUJJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNy9hNWJjOGEtMDQ5ZC00MzE0LTliMWEtMjk3NTVhN2M5NGZk LzEvejRkdURucnJZRTBXTWRTYUFsNFhpdEowcUJJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAveONDxjC kmxhHu52RWIXLJekE9ud7BiCDqm5imhAvyXw1tN6DqwlNqQ/WvjvdAkvWHu0Tkj+ Wlg9xR1pw21theAF2fEiZWDiaRLExdz9fdT0PiZ8rH2O1NXTkBXd0kKINMzTw3nn VtFNCPq6iccMIzXZtcfBOB81rpmOViRh9x6Lq7pC84iXYQE6dZaw/MfWSMJzXdPr PMLRlytsmZ4K4l1U6vPYZNGZFRF/iJtdEhf2RmJEj9r9wxbHEaoqpSFPGl9aLWVd VojZXquHNLYTJ/2PmR30RK9icT6e5Whz9lGmRikXX8EYUmcpLdeHhsdVVT+GSNvl wxcVEOkHeO0Pbg== -----END CERTIFICATE-----Generated at Sat Dec 6 13:26:50 2025 by rpki-client