This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/5beaa0-4a31-4168-99b4-44d29657bab7/1/dZxU7z8HSxxmiPmXVM2KONmfbKw.mft File: dZxU7z8HSxxmiPmXVM2KONmfbKw.mft (raw, json) Hash identifier: WGO9h0jbAwgNBDSY7T/IYlpzfgCcJZG9AxG1t8z0l5I= Subject key identifier: A1:BC:E5:4C:68:EC:9F:0D:34:B9:6B:1B:F6:A6:91:11:74:9C:14:4B Authority key identifier: 75:9C:54:EF:3F:07:4B:1C:66:88:F9:97:54:CD:8A:38:D9:9F:6C:AC Certificate issuer: /CN=759c54ef3f074b1c6688f99754cd8a38d99f6cac Certificate serial: 019AF3C055A7D4DA779912B7811B9E3775C2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dZxU7z8HSxxmiPmXVM2KONmfbKw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/5beaa0-4a31-4168-99b4-44d29657bab7/1/dZxU7z8HSxxmiPmXVM2KONmfbKw.mft Manifest number: 0B02 Signing time: Sat 06 Dec 2025 13:00:59 +0000 Manifest this update: Sat 06 Dec 2025 13:00:59 +0000 Manifest next update: Sun 07 Dec 2025 13:00:59 +0000 Files and hashes: 1: dZxU7z8HSxxmiPmXVM2KONmfbKw.crl (hash: FqlNPCA6q6pgPwwF6vUnAMlZbOBmHs27FbVlTx5bMdU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/5beaa0-4a31-4168-99b4-44d29657bab7/1/dZxU7z8HSxxmiPmXVM2KONmfbKw.crl rsync://rpki.ripe.net/repository/DEFAULT/72/5beaa0-4a31-4168-99b4-44d29657bab7/1/dZxU7z8HSxxmiPmXVM2KONmfbKw.mft rsync://rpki.ripe.net/repository/DEFAULT/dZxU7z8HSxxmiPmXVM2KONmfbKw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:00:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:c0:55:a7:d4:da:77:99:12:b7:81:1b:9e:37:75:c2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=759c54ef3f074b1c6688f99754cd8a38d99f6cac Validity Not Before: Dec 6 13:00:59 2025 GMT Not After : Dec 7 13:00:59 2025 GMT Subject: CN=a1bce54c68ec9f0d34b96b1bf6a69111749c144b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:f4:11:e3:9f:1f:57:64:04:2b:de:57:1b:b5: 91:68:56:e1:40:b1:72:0d:25:0a:57:5b:53:03:d3: 68:ec:0c:d6:06:57:d0:c0:71:49:ef:0d:ad:47:55: 4c:35:89:a1:6e:ee:cf:32:c9:3f:87:67:83:d6:48: f0:bd:1f:59:32:64:49:1a:66:23:9f:98:08:e3:14: bd:9d:76:bc:3b:aa:19:04:87:f6:22:da:cd:cf:42: 0d:9b:d5:b6:9b:85:11:de:c7:e7:20:6b:97:31:0c: fc:0d:a0:e8:3a:1c:b8:3a:2c:79:4e:96:40:e8:a9: 5c:0e:5a:f8:ad:71:cb:3b:22:61:07:0b:ce:64:51: e8:c1:84:e9:91:fb:c7:c9:90:8e:c2:6a:2a:9e:53: 53:c8:df:e8:8e:1b:42:ca:4c:0c:7f:8a:9c:f9:f2: 64:b2:5e:28:e1:12:9c:09:4a:f6:a0:37:9d:b9:fc: 65:24:96:54:5e:54:93:84:a5:7d:b4:49:eb:1e:eb: f8:78:84:da:23:35:75:ae:2a:e2:7d:ca:a9:74:c7: 59:29:8c:19:82:96:cc:42:1f:ea:c1:2c:40:e0:f5: c2:01:0b:a5:be:d2:1c:71:76:dd:f3:56:81:55:63: 42:ce:f7:5a:3b:c6:14:40:58:8f:41:a0:a3:a0:5e: b1:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A1:BC:E5:4C:68:EC:9F:0D:34:B9:6B:1B:F6:A6:91:11:74:9C:14:4B X509v3 Authority Key Identifier: keyid:75:9C:54:EF:3F:07:4B:1C:66:88:F9:97:54:CD:8A:38:D9:9F:6C:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dZxU7z8HSxxmiPmXVM2KONmfbKw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/5beaa0-4a31-4168-99b4-44d29657bab7/1/dZxU7z8HSxxmiPmXVM2KONmfbKw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/72/5beaa0-4a31-4168-99b4-44d29657bab7/1/dZxU7z8HSxxmiPmXVM2KONmfbKw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 18:04:57:ef:a2:2b:b8:72:8f:71:3f:4a:57:59:0a:e1:fb:1f: 42:b6:a5:45:b8:05:14:67:20:7f:01:f7:a1:d5:d2:47:39:2b: 06:a1:82:46:e0:b6:e3:64:8a:d0:af:0b:54:d8:99:15:14:80: 16:1b:d9:3d:65:33:48:86:b9:e1:c3:d9:85:4a:ad:43:57:00: 2c:74:6b:3b:43:d5:f9:9e:6e:fc:78:cf:44:ca:24:0a:3a:7a: d3:c0:03:6b:6d:73:8d:cf:9d:e6:f4:ab:02:f2:43:3d:4b:a6: d7:23:8f:77:8f:03:10:86:3f:e6:af:d5:70:50:3f:01:96:6e: 44:fa:be:93:18:2e:68:3c:3a:3c:f3:47:05:d1:00:f2:40:51: e0:42:3d:83:08:db:45:10:f9:8c:4a:97:72:cf:33:ed:c6:c5: 01:37:89:ad:e3:bd:d3:22:31:e7:88:db:0f:5f:e8:67:a6:c2: 7c:21:75:8b:f0:ff:9f:9f:31:3c:8a:02:bb:cf:eb:09:2a:c5: 15:19:27:60:92:ac:e0:27:9b:e8:55:91:08:b5:c2:e2:a7:55: 66:02:44:32:92:6c:53:ce:4d:85:e8:b6:b2:6c:3e:62:c8:61: 56:04:0e:bf:c0:78:d0:88:fa:77:da:8f:ea:cb:54:c5:01:03: b1:28:f0:68 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzwFWn1Np3mRK3gRueN3XCMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc1OWM1NGVmM2YwNzRiMWM2Njg4Zjk5NzU0Y2Q4YTM4ZDk5 ZjZjYWMwHhcNMjUxMjA2MTMwMDU5WhcNMjUxMjA3MTMwMDU5WjAzMTEwLwYDVQQD EyhhMWJjZTU0YzY4ZWM5ZjBkMzRiOTZiMWJmNmE2OTExMTc0OWMxNDRiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwvQR458fV2QEK95XG7WRaFbhQLFy DSUKV1tTA9No7AzWBlfQwHFJ7w2tR1VMNYmhbu7PMsk/h2eD1kjwvR9ZMmRJGmYj n5gI4xS9nXa8O6oZBIf2ItrNz0INm9W2m4UR3sfnIGuXMQz8DaDoOhy4Oix5TpZA 6KlcDlr4rXHLOyJhBwvOZFHowYTpkfvHyZCOwmoqnlNTyN/ojhtCykwMf4qc+fJk sl4o4RKcCUr2oDedufxlJJZUXlSThKV9tEnrHuv4eITaIzV1ririfcqpdMdZKYwZ gpbMQh/qwSxA4PXCAQulvtIccXbd81aBVWNCzvdaO8YUQFiPQaCjoF6xcwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKG85Uxo7J8NNLlrG/amkRF0nBRLMB8GA1UdIwQY MBaAFHWcVO8/B0scZoj5l1TNijjZn2ysMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZFp4VTd6OEhTeHhtaVBtWFZNMktPTm1mYkt3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi81YmVhYTAtNGEzMS00MTY4LTk5YjQt NDRkMjk2NTdiYWI3LzEvZFp4VTd6OEhTeHhtaVBtWFZNMktPTm1mYkt3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83Mi81YmVhYTAtNGEzMS00MTY4LTk5YjQtNDRkMjk2NTdiYWI3 LzEvZFp4VTd6OEhTeHhtaVBtWFZNMktPTm1mYkt3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGARX76Ir uHKPcT9KV1kK4fsfQralRbgFFGcgfwH3odXSRzkrBqGCRuC242SK0K8LVNiZFRSA FhvZPWUzSIa54cPZhUqtQ1cALHRrO0PV+Z5u/HjPRMokCjp608ADa21zjc+d5vSr AvJDPUum1yOPd48DEIY/5q/VcFA/AZZuRPq+kxguaDw6PPNHBdEA8kBR4EI9gwjb RRD5jEqXcs8z7cbFATeJreO90yIx54jbD1/oZ6bCfCF1i/D/n58xPIoCu8/rCSrF FRknYJKs4Ceb6FWRCLXC4qdVZgJEMpJsU85Nhei2smw+YshhVgQOv8B40Ij6d9qP 6stUxQEDsSjwaA== -----END CERTIFICATE-----Generated at Sat Dec 6 21:34:29 2025 by rpki-client