This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/2482ba-41ce-409a-8e7e-b295838abbd9/1/D9zw7HuvNJ6JLVERXCLA29Q1C44.mft File: D9zw7HuvNJ6JLVERXCLA29Q1C44.mft (raw, json) Hash identifier: qGhbl507krGZK6/jijOPrZFVx0D36DAXvWGiSTL4nUU= Subject key identifier: 32:75:15:52:0C:37:83:14:D4:6F:6C:64:42:F8:98:DB:F8:DA:DC:57 Authority key identifier: 0F:DC:F0:EC:7B:AF:34:9E:89:2D:51:11:5C:22:C0:DB:D4:35:0B:8E Certificate issuer: /CN=0fdcf0ec7baf349e892d51115c22c0dbd4350b8e Certificate serial: 019AF31D10B4C4DDA69AF50830EABB27A2A1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D9zw7HuvNJ6JLVERXCLA29Q1C44.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/2482ba-41ce-409a-8e7e-b295838abbd9/1/D9zw7HuvNJ6JLVERXCLA29Q1C44.mft Manifest number: 041A Signing time: Sat 06 Dec 2025 10:02:39 +0000 Manifest this update: Sat 06 Dec 2025 10:02:39 +0000 Manifest next update: Sun 07 Dec 2025 10:02:39 +0000 Files and hashes: 1: D9zw7HuvNJ6JLVERXCLA29Q1C44.crl (hash: NW3iOJ52NNF+TlPfL//0OPRFrd+DclSGjnXJcZKuYEU=) 2: LkbZ9NbuqV8kVwW0R6t_W7E36SY.roa (hash: OFwtZ8nR+nHbeTcy4UO/g/3elRZlu1GMxchq0zT/W/U=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/2482ba-41ce-409a-8e7e-b295838abbd9/1/D9zw7HuvNJ6JLVERXCLA29Q1C44.crl rsync://rpki.ripe.net/repository/DEFAULT/68/2482ba-41ce-409a-8e7e-b295838abbd9/1/D9zw7HuvNJ6JLVERXCLA29Q1C44.mft rsync://rpki.ripe.net/repository/DEFAULT/D9zw7HuvNJ6JLVERXCLA29Q1C44.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1d:10:b4:c4:dd:a6:9a:f5:08:30:ea:bb:27:a2:a1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0fdcf0ec7baf349e892d51115c22c0dbd4350b8e Validity Not Before: Dec 6 10:02:39 2025 GMT Not After : Dec 7 10:02:39 2025 GMT Subject: CN=327515520c378314d46f6c6442f898dbf8dadc57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:9b:b3:80:64:84:e5:7b:30:42:93:2f:c2:1f: 35:38:80:4d:e4:89:b4:d5:63:5b:bf:ee:73:3c:16: 37:45:c9:32:04:f7:58:5e:a5:7c:c9:13:46:86:de: fa:b1:af:c2:b1:88:a9:a4:b3:8b:1f:3e:36:5b:f2: 2d:13:0a:1c:aa:f0:8d:97:1c:3f:08:28:d2:a7:de: e1:15:84:21:1d:30:db:91:d9:9c:64:ed:51:9b:02: 65:2d:a5:58:93:63:c5:d8:8a:7a:0b:60:16:bd:48: d3:4d:47:45:d6:59:53:16:65:6d:70:e5:58:06:91: 30:83:26:89:29:40:34:ab:d4:0d:6d:39:44:5e:58: 67:b9:f1:fb:5a:49:13:d7:99:3d:3c:00:8a:51:47: 15:d2:f2:2a:db:a2:53:5c:f3:0d:cc:48:2b:5b:15: 59:06:73:06:94:60:03:c4:17:9b:bd:f7:cf:a3:88: 23:44:67:94:76:8a:d9:33:ec:6e:e8:8e:df:8e:33: f6:06:19:ec:93:5e:4f:8e:17:65:4a:93:57:a1:e2: 2a:2f:15:f9:a9:59:08:93:b4:1c:a2:ff:ea:8c:dc: c3:b1:15:82:c6:c4:29:99:50:41:1f:80:25:1e:6c: e4:7f:9a:c2:8f:43:9f:25:ca:31:5d:e5:1d:c6:05: 35:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:75:15:52:0C:37:83:14:D4:6F:6C:64:42:F8:98:DB:F8:DA:DC:57 X509v3 Authority Key Identifier: keyid:0F:DC:F0:EC:7B:AF:34:9E:89:2D:51:11:5C:22:C0:DB:D4:35:0B:8E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D9zw7HuvNJ6JLVERXCLA29Q1C44.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/2482ba-41ce-409a-8e7e-b295838abbd9/1/D9zw7HuvNJ6JLVERXCLA29Q1C44.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/68/2482ba-41ce-409a-8e7e-b295838abbd9/1/D9zw7HuvNJ6JLVERXCLA29Q1C44.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 54:f5:fb:7f:5b:07:6c:80:47:e3:10:b4:bb:bb:85:d2:14:8b: 85:96:f3:9f:6c:53:e8:2c:5c:86:70:9f:fc:cc:c9:86:69:75: 34:d3:61:82:96:b6:10:76:3b:31:65:55:84:70:0b:ae:ef:c2: a3:a2:63:72:ce:07:e1:45:cc:89:e9:33:78:da:85:a2:ed:bc: c9:2b:17:9c:66:ff:ec:78:af:03:ed:73:3d:63:0e:92:63:d5: 82:a6:7c:80:50:37:1f:f0:ec:f2:35:48:08:32:f9:cf:4e:3d: be:14:2a:3b:69:10:29:c8:61:5c:04:5e:b7:72:39:70:ed:6a: a0:ac:25:ab:86:10:85:00:74:f6:6f:db:5f:f7:46:ac:35:7c: 44:2b:09:30:57:67:9a:f0:17:9b:af:ce:82:54:c6:46:8e:4b: 1d:79:99:78:5a:8f:3c:cd:14:0c:92:9d:bd:6a:ba:5b:36:c6: 1d:a3:7f:32:54:e1:01:50:05:a9:61:85:bb:3e:2b:a2:c4:ea: 31:aa:30:35:42:bc:c8:d8:5f:ba:15:4e:a2:e3:a5:d0:68:c6: e2:c5:06:5f:fd:6b:24:1b:44:e8:9e:32:02:b7:c0:d6:ca:a3: 03:ec:7f:19:3d:3b:49:33:d7:ad:fb:35:b5:76:15:9c:ff:a2: 2c:cc:62:00 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzHRC0xN2mmvUIMOq7J6KhMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBmZGNmMGVjN2JhZjM0OWU4OTJkNTExMTVjMjJjMGRiZDQz NTBiOGUwHhcNMjUxMjA2MTAwMjM5WhcNMjUxMjA3MTAwMjM5WjAzMTEwLwYDVQQD EygzMjc1MTU1MjBjMzc4MzE0ZDQ2ZjZjNjQ0MmY4OThkYmY4ZGFkYzU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsZuzgGSE5XswQpMvwh81OIBN5Im0 1WNbv+5zPBY3RckyBPdYXqV8yRNGht76sa/CsYippLOLHz42W/ItEwocqvCNlxw/ CCjSp97hFYQhHTDbkdmcZO1RmwJlLaVYk2PF2Ip6C2AWvUjTTUdF1llTFmVtcOVY BpEwgyaJKUA0q9QNbTlEXlhnufH7WkkT15k9PACKUUcV0vIq26JTXPMNzEgrWxVZ BnMGlGADxBebvffPo4gjRGeUdorZM+xu6I7fjjP2Bhnsk15PjhdlSpNXoeIqLxX5 qVkIk7Qcov/qjNzDsRWCxsQpmVBBH4AlHmzkf5rCj0OfJcoxXeUdxgU18wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDJ1FVIMN4MU1G9sZEL4mNv42txXMB8GA1UdIwQY MBaAFA/c8Ox7rzSeiS1REVwiwNvUNQuOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRDl6dzdIdXZOSjZKTFZFUlhDTEEyOVExQzQ0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8yNDgyYmEtNDFjZS00MDlhLThlN2Ut YjI5NTgzOGFiYmQ5LzEvRDl6dzdIdXZOSjZKTFZFUlhDTEEyOVExQzQ0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82OC8yNDgyYmEtNDFjZS00MDlhLThlN2UtYjI5NTgzOGFiYmQ5 LzEvRDl6dzdIdXZOSjZKTFZFUlhDTEEyOVExQzQ0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVPX7f1sH bIBH4xC0u7uF0hSLhZbzn2xT6CxchnCf/MzJhml1NNNhgpa2EHY7MWVVhHALru/C o6Jjcs4H4UXMiekzeNqFou28ySsXnGb/7HivA+1zPWMOkmPVgqZ8gFA3H/Ds8jVI CDL5z049vhQqO2kQKchhXARet3I5cO1qoKwlq4YQhQB09m/bX/dGrDV8RCsJMFdn mvAXm6/OglTGRo5LHXmZeFqPPM0UDJKdvWq6WzbGHaN/MlThAVAFqWGFuz4rosTq MaowNUK8yNhfuhVOouOl0GjG4sUGX/1rJBtE6J4yArfA1sqjA+x/GT07STPXrfs1 tXYVnP+iLMxiAA== -----END CERTIFICATE-----Generated at Sat Dec 6 12:43:00 2025 by rpki-client