This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/c54f42-912f-4b81-8b00-5c00fcd73619/1/Kz9vqfA3dl50vfKsgsy6vH5PyO0.mft File: Kz9vqfA3dl50vfKsgsy6vH5PyO0.mft (raw, json) Hash identifier: dzecOuzRNleXrIEiI//PPG5FrF2V5afJ5E/zh8cdEEw= Subject key identifier: 75:23:CE:D2:17:2E:AA:87:19:AB:17:79:82:B7:44:7E:E2:1A:ED:A7 Authority key identifier: 2B:3F:6F:A9:F0:37:76:5E:74:BD:F2:AC:82:CC:BA:BC:7E:4F:C8:ED Certificate issuer: /CN=2b3f6fa9f037765e74bdf2ac82ccbabc7e4fc8ed Certificate serial: 019AF0BF49F26DDC97B8FA0CA5FCA57BB7B9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Kz9vqfA3dl50vfKsgsy6vH5PyO0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/c54f42-912f-4b81-8b00-5c00fcd73619/1/Kz9vqfA3dl50vfKsgsy6vH5PyO0.mft Manifest number: 0354 Signing time: Fri 05 Dec 2025 23:00:59 +0000 Manifest this update: Fri 05 Dec 2025 23:00:59 +0000 Manifest next update: Sat 06 Dec 2025 23:00:59 +0000 Files and hashes: 1: 7RtSvYvJ-s26z4jJmihBpc9PPTg.roa (hash: +WPL+eLMOyDQbtRDqabesCoaqYzO2nUYgvkky6oLihM=) 2: Kz9vqfA3dl50vfKsgsy6vH5PyO0.crl (hash: rDBBIwQZFyMdgl/On/B4rAOBpc8rnMwI5JrqJJ8Ua8Y=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/c54f42-912f-4b81-8b00-5c00fcd73619/1/Kz9vqfA3dl50vfKsgsy6vH5PyO0.crl rsync://rpki.ripe.net/repository/DEFAULT/29/c54f42-912f-4b81-8b00-5c00fcd73619/1/Kz9vqfA3dl50vfKsgsy6vH5PyO0.mft rsync://rpki.ripe.net/repository/DEFAULT/Kz9vqfA3dl50vfKsgsy6vH5PyO0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 23:00:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f0:bf:49:f2:6d:dc:97:b8:fa:0c:a5:fc:a5:7b:b7:b9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2b3f6fa9f037765e74bdf2ac82ccbabc7e4fc8ed Validity Not Before: Dec 5 23:00:59 2025 GMT Not After : Dec 6 23:00:59 2025 GMT Subject: CN=7523ced2172eaa8719ab177982b7447ee21aeda7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:ff:2c:7d:ab:4f:f3:7d:93:d3:99:9b:ce:b1: 75:8c:0d:3c:29:f0:15:5c:29:40:2c:f4:0e:b5:06: 53:21:7d:c5:e8:7c:06:e3:72:77:55:08:17:3e:71: fd:5e:98:df:a8:49:e4:38:7a:c3:d4:1e:cd:9d:f8: 4b:bd:35:32:78:c3:fb:59:1c:15:04:1f:df:8f:9a: a7:2d:9d:21:b0:36:e0:46:9b:37:e0:5b:46:74:49: 5e:25:fa:7b:4e:a1:ea:f1:80:3e:55:b5:1e:bc:7a: 73:19:03:09:3c:3e:8b:a7:e0:f4:1e:34:f4:16:e5: 4c:e7:12:0f:b0:a1:5c:99:f8:98:31:aa:29:68:cc: 64:dd:90:33:c4:97:58:e3:49:25:af:16:00:31:75: 5a:59:1d:0c:aa:6c:1a:14:b9:eb:d2:71:2c:91:4e: 05:f6:53:ac:0e:dd:0f:7f:02:e7:26:6a:84:06:96: 8e:3e:8f:68:ff:04:5e:a3:0e:8d:3e:90:c4:57:ae: 7e:ad:f7:d2:5a:d1:2f:3e:12:cd:2a:fe:1e:2d:86: 06:6b:27:9e:22:10:44:fd:e6:8e:16:47:80:c7:a6: 3b:2f:23:99:4c:11:b1:a9:f1:29:85:52:45:98:51: 9d:ea:3b:12:27:1c:3f:96:63:48:32:00:97:d3:71: 71:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 75:23:CE:D2:17:2E:AA:87:19:AB:17:79:82:B7:44:7E:E2:1A:ED:A7 X509v3 Authority Key Identifier: keyid:2B:3F:6F:A9:F0:37:76:5E:74:BD:F2:AC:82:CC:BA:BC:7E:4F:C8:ED X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kz9vqfA3dl50vfKsgsy6vH5PyO0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c54f42-912f-4b81-8b00-5c00fcd73619/1/Kz9vqfA3dl50vfKsgsy6vH5PyO0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c54f42-912f-4b81-8b00-5c00fcd73619/1/Kz9vqfA3dl50vfKsgsy6vH5PyO0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 63:c2:f1:f0:49:d0:33:d5:c7:7f:d7:65:d1:15:28:18:2c:58: 1b:14:2c:ef:c9:a0:9b:93:7d:37:ca:69:38:31:9c:31:a5:24: f4:aa:0c:07:72:b9:9f:58:00:fc:14:25:4f:d5:0d:46:3b:82: 92:9b:a4:bc:6e:f3:6a:b4:b6:08:56:4b:34:cd:64:60:11:d7: 8e:d1:b0:58:49:6f:4d:7d:81:dc:10:43:3d:a1:f5:4b:43:46: bc:96:ea:a5:2c:c8:de:b3:29:bd:22:68:a7:25:a5:cf:0d:f6: 8f:5f:c7:14:7c:97:f8:9e:d7:62:3f:9e:d6:cf:08:49:d4:93: d3:d7:5d:4c:30:44:99:50:81:2a:eb:c4:3e:e0:09:c3:9d:ff: cc:4d:75:84:bc:6c:bf:9d:40:fe:27:0a:14:74:3a:dc:0b:9a: f8:1c:43:0e:d5:cb:83:f3:18:72:d9:21:8e:b7:88:eb:e1:34: 7b:c9:3d:05:1c:09:5c:55:8b:4f:cc:2c:c3:bb:07:93:01:bf: 53:fe:85:26:6f:ce:20:bd:0f:ee:c6:a3:f2:e9:2b:15:4c:f8: b7:46:39:15:08:c4:36:69:d0:2d:14:b8:f7:3a:b9:a6:47:02: 37:ca:51:3f:94:d2:73:d0:01:59:81:70:bb:eb:59:35:7a:c4: 90:03:74:db -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrwv0nybdyXuPoMpfyle7e5MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJiM2Y2ZmE5ZjAzNzc2NWU3NGJkZjJhYzgyY2NiYWJjN2U0 ZmM4ZWQwHhcNMjUxMjA1MjMwMDU5WhcNMjUxMjA2MjMwMDU5WjAzMTEwLwYDVQQD Eyg3NTIzY2VkMjE3MmVhYTg3MTlhYjE3Nzk4MmI3NDQ3ZWUyMWFlZGE3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuf8sfatP832T05mbzrF1jA08KfAV XClALPQOtQZTIX3F6HwG43J3VQgXPnH9XpjfqEnkOHrD1B7NnfhLvTUyeMP7WRwV BB/fj5qnLZ0hsDbgRps34FtGdEleJfp7TqHq8YA+VbUevHpzGQMJPD6Lp+D0HjT0 FuVM5xIPsKFcmfiYMaopaMxk3ZAzxJdY40klrxYAMXVaWR0MqmwaFLnr0nEskU4F 9lOsDt0PfwLnJmqEBpaOPo9o/wReow6NPpDEV65+rffSWtEvPhLNKv4eLYYGayee IhBE/eaOFkeAx6Y7LyOZTBGxqfEphVJFmFGd6jsSJxw/lmNIMgCX03FxAwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHUjztIXLqqHGasXeYK3RH7iGu2nMB8GA1UdIwQY MBaAFCs/b6nwN3ZedL3yrILMurx+T8jtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS3o5dnFmQTNkbDUwdmZLc2dzeTZ2SDVQeU8wLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9jNTRmNDItOTEyZi00YjgxLThiMDAt NWMwMGZjZDczNjE5LzEvS3o5dnFmQTNkbDUwdmZLc2dzeTZ2SDVQeU8wLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yOS9jNTRmNDItOTEyZi00YjgxLThiMDAtNWMwMGZjZDczNjE5 LzEvS3o5dnFmQTNkbDUwdmZLc2dzeTZ2SDVQeU8wLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY8Lx8EnQ M9XHf9dl0RUoGCxYGxQs78mgm5N9N8ppODGcMaUk9KoMB3K5n1gA/BQlT9UNRjuC kpukvG7zarS2CFZLNM1kYBHXjtGwWElvTX2B3BBDPaH1S0NGvJbqpSzI3rMpvSJo pyWlzw32j1/HFHyX+J7XYj+e1s8ISdST09ddTDBEmVCBKuvEPuAJw53/zE11hLxs v51A/icKFHQ63Aua+BxDDtXLg/MYctkhjreI6+E0e8k9BRwJXFWLT8wsw7sHkwG/ U/6FJm/OIL0P7saj8ukrFUz4t0Y5FQjENmnQLRS49zq5pkcCN8pRP5TSc9ABWYFw u+tZNXrEkAN02w== -----END CERTIFICATE-----Generated at Sat Dec 6 09:23:24 2025 by rpki-client