This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/196b71-587e-4099-bdb2-b954c50fdbb0/1/z2YiS8-4uC3qq6yMTKJQNxuXRhE.mft File: z2YiS8-4uC3qq6yMTKJQNxuXRhE.mft (raw, json) Hash identifier: z50TSC7UP8ZdZgZ/gJblPwFY7GGouoXvDcZNAjA8ltE= Subject key identifier: 37:96:5B:1A:A4:E9:9F:B3:C5:2F:F7:AD:56:CA:81:9A:65:C5:CF:BB Authority key identifier: CF:66:22:4B:CF:B8:B8:2D:EA:AB:AC:8C:4C:A2:50:37:1B:97:46:11 Certificate issuer: /CN=cf66224bcfb8b82deaabac8c4ca250371b974611 Certificate serial: 019AF20908FF0B96A0E2910A47F0BFC4D008 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z2YiS8-4uC3qq6yMTKJQNxuXRhE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/196b71-587e-4099-bdb2-b954c50fdbb0/1/z2YiS8-4uC3qq6yMTKJQNxuXRhE.mft Manifest number: 1762 Signing time: Sat 06 Dec 2025 05:01:09 +0000 Manifest this update: Sat 06 Dec 2025 05:01:09 +0000 Manifest next update: Sun 07 Dec 2025 05:01:09 +0000 Files and hashes: 1: hPBXvKQdaqlVU4nQ-2Te7vaa8Bo.roa (hash: c9xr2QPdOJHBS76dYaN+BTyMMmlA60SbcteFKaCmJMA=) 2: z2YiS8-4uC3qq6yMTKJQNxuXRhE.crl (hash: 5mtpHXIPidOBCxMstsIeFr1VC55dop1W1YY0MtiiRhw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/196b71-587e-4099-bdb2-b954c50fdbb0/1/z2YiS8-4uC3qq6yMTKJQNxuXRhE.crl rsync://rpki.ripe.net/repository/DEFAULT/44/196b71-587e-4099-bdb2-b954c50fdbb0/1/z2YiS8-4uC3qq6yMTKJQNxuXRhE.mft rsync://rpki.ripe.net/repository/DEFAULT/z2YiS8-4uC3qq6yMTKJQNxuXRhE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:09:08:ff:0b:96:a0:e2:91:0a:47:f0:bf:c4:d0:08 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cf66224bcfb8b82deaabac8c4ca250371b974611 Validity Not Before: Dec 6 05:01:09 2025 GMT Not After : Dec 7 05:01:09 2025 GMT Subject: CN=37965b1aa4e99fb3c52ff7ad56ca819a65c5cfbb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:69:de:09:f9:e8:0d:87:95:a4:37:b8:76:4e: fc:c9:7a:7e:aa:8b:ad:dd:73:d9:89:4f:4c:0e:da: da:f9:ef:18:15:d7:d6:84:32:d4:e0:ba:0a:f9:e4: 70:53:f1:a1:49:e1:c3:2c:bc:63:d9:ae:28:9c:2d: 1c:20:74:6a:20:04:bb:97:3a:b5:cc:ea:aa:ac:82: d2:f1:57:ee:ff:01:aa:17:e2:03:a6:64:16:bc:9e: a7:60:1f:06:83:b7:ec:27:93:87:4c:5a:7e:40:08: 0b:56:0d:9e:b9:aa:a8:90:ab:f4:2b:83:47:fb:2a: 59:34:ec:80:26:36:9e:96:fb:ea:ca:fc:0b:0a:4c: bf:fb:f3:e2:5e:eb:d6:ee:8e:88:46:e5:7a:64:5d: 74:4d:00:b6:98:8c:eb:05:88:19:a1:91:54:da:c7: 3f:30:1d:1a:a7:e2:45:7b:54:07:52:cf:a2:7c:01: e6:40:be:f1:15:38:f9:3b:b2:16:15:7c:a6:0c:bd: d0:40:b0:5c:af:74:f0:c5:d2:89:b8:7e:3a:3f:51: d1:b2:65:33:30:5f:a9:7a:12:44:5d:bb:04:c0:dd: a7:9e:d1:18:ba:c2:9a:9c:e9:32:b1:26:54:a3:b5: 85:e5:8a:fd:b7:c4:50:70:c0:18:4c:67:f9:c2:c3: c0:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 37:96:5B:1A:A4:E9:9F:B3:C5:2F:F7:AD:56:CA:81:9A:65:C5:CF:BB X509v3 Authority Key Identifier: keyid:CF:66:22:4B:CF:B8:B8:2D:EA:AB:AC:8C:4C:A2:50:37:1B:97:46:11 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z2YiS8-4uC3qq6yMTKJQNxuXRhE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/196b71-587e-4099-bdb2-b954c50fdbb0/1/z2YiS8-4uC3qq6yMTKJQNxuXRhE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/44/196b71-587e-4099-bdb2-b954c50fdbb0/1/z2YiS8-4uC3qq6yMTKJQNxuXRhE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 29:c8:97:3f:18:d3:db:f6:5e:9b:6f:18:f0:a3:50:11:a1:3e: 28:32:23:36:03:17:30:6c:84:f6:65:0a:03:21:dd:16:f7:c1: 5d:a3:45:7d:2d:cf:29:47:d0:e7:49:aa:2c:9f:3e:1e:28:94: 6d:fd:71:eb:1c:d3:7e:7a:cc:bf:e5:c9:43:c9:bd:28:e1:97: c6:97:5e:f4:de:ce:b4:0d:be:9f:40:64:b0:1d:7b:d8:e9:87: 03:bc:6a:7c:40:6a:d1:62:7e:31:64:8a:cd:c7:01:01:26:3b: 80:87:e2:5d:d3:4a:f1:c1:ff:fa:26:82:3d:d8:5b:9d:71:14: 84:f4:fc:35:44:13:53:73:f4:71:80:58:c3:8e:f6:0b:aa:99: 30:06:c7:f9:15:3c:1e:03:38:98:fd:e1:b4:c5:e8:81:84:1a: 9a:33:6b:ce:8d:26:5e:8d:fe:2d:16:f8:02:eb:03:26:a6:67: 01:a6:ac:cd:5d:32:bd:e5:58:1f:f3:38:8e:27:93:0c:fe:7a: cb:07:05:b0:a5:79:f2:87:0d:9b:c5:38:53:82:81:29:bf:29: 90:46:1d:a8:39:8d:18:b9:d5:2f:44:c1:47:fe:6d:92:eb:f2: 3c:15:8c:54:1a:8a:be:55:22:78:36:67:2f:fe:a5:87:12:59: 29:7f:b4:89 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryCQj/C5ag4pEKR/C/xNAIMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNmNjYyMjRiY2ZiOGI4MmRlYWFiYWM4YzRjYTI1MDM3MWI5 NzQ2MTEwHhcNMjUxMjA2MDUwMTA5WhcNMjUxMjA3MDUwMTA5WjAzMTEwLwYDVQQD EygzNzk2NWIxYWE0ZTk5ZmIzYzUyZmY3YWQ1NmNhODE5YTY1YzVjZmJiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1mneCfnoDYeVpDe4dk78yXp+qout 3XPZiU9MDtra+e8YFdfWhDLU4LoK+eRwU/GhSeHDLLxj2a4onC0cIHRqIAS7lzq1 zOqqrILS8Vfu/wGqF+IDpmQWvJ6nYB8Gg7fsJ5OHTFp+QAgLVg2euaqokKv0K4NH +ypZNOyAJjaelvvqyvwLCky/+/PiXuvW7o6IRuV6ZF10TQC2mIzrBYgZoZFU2sc/ MB0ap+JFe1QHUs+ifAHmQL7xFTj5O7IWFXymDL3QQLBcr3TwxdKJuH46P1HRsmUz MF+pehJEXbsEwN2nntEYusKanOkysSZUo7WF5Yr9t8RQcMAYTGf5wsPAJwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDeWWxqk6Z+zxS/3rVbKgZplxc+7MB8GA1UdIwQY MBaAFM9mIkvPuLgt6qusjEyiUDcbl0YRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvejJZaVM4LTR1QzNxcTZ5TVRLSlFOeHVYUmhFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC8xOTZiNzEtNTg3ZS00MDk5LWJkYjIt Yjk1NGM1MGZkYmIwLzEvejJZaVM4LTR1QzNxcTZ5TVRLSlFOeHVYUmhFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80NC8xOTZiNzEtNTg3ZS00MDk5LWJkYjItYjk1NGM1MGZkYmIw LzEvejJZaVM4LTR1QzNxcTZ5TVRLSlFOeHVYUmhFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKciXPxjT 2/Zem28Y8KNQEaE+KDIjNgMXMGyE9mUKAyHdFvfBXaNFfS3PKUfQ50mqLJ8+HiiU bf1x6xzTfnrMv+XJQ8m9KOGXxpde9N7OtA2+n0BksB172OmHA7xqfEBq0WJ+MWSK zccBASY7gIfiXdNK8cH/+iaCPdhbnXEUhPT8NUQTU3P0cYBYw472C6qZMAbH+RU8 HgM4mP3htMXogYQamjNrzo0mXo3+LRb4AusDJqZnAaaszV0yveVYH/M4jieTDP56 ywcFsKV58ocNm8U4U4KBKb8pkEYdqDmNGLnVL0TBR/5tkuvyPBWMVBqKvlUieDZn L/6lhxJZKX+0iQ== -----END CERTIFICATE-----Generated at Sat Dec 6 09:21:00 2025 by rpki-client