This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/761b48-69ea-40e4-8d7c-64cd194f7f4f/1/z2hDzhUimoAj2X-iejflkniyv9c.mft File: z2hDzhUimoAj2X-iejflkniyv9c.mft (raw, json) Hash identifier: NXsUCRMbLsx5oNtitxBSt1GYq+tHq6j6IwARbxHaPC4= Subject key identifier: 2A:72:F3:EA:B9:24:54:4C:AA:0D:70:1A:73:46:E0:36:E1:AF:8F:F7 Authority key identifier: CF:68:43:CE:15:22:9A:80:23:D9:7F:A2:7A:37:E5:92:78:B2:BF:D7 Certificate issuer: /CN=cf6843ce15229a8023d97fa27a37e59278b2bfd7 Certificate serial: 019AF2AD53EA53EC5B1A98281FB3FB714F3B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z2hDzhUimoAj2X-iejflkniyv9c.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/761b48-69ea-40e4-8d7c-64cd194f7f4f/1/z2hDzhUimoAj2X-iejflkniyv9c.mft Manifest number: 0D4F Signing time: Sat 06 Dec 2025 08:00:36 +0000 Manifest this update: Sat 06 Dec 2025 08:00:36 +0000 Manifest next update: Sun 07 Dec 2025 08:00:36 +0000 Files and hashes: 1: pZ2-rl1wvNOlZXWq6r9tiMcpCLE.roa (hash: UTgRZg+3/3Y1WSaSgU/Ax1MIkqu5a18zaZd2IsaahgY=) 2: z2hDzhUimoAj2X-iejflkniyv9c.crl (hash: jGeujeDyab3lMXshbRprBfaDsqxPGeCC+kVsNDqXdIA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7c/761b48-69ea-40e4-8d7c-64cd194f7f4f/1/z2hDzhUimoAj2X-iejflkniyv9c.crl rsync://rpki.ripe.net/repository/DEFAULT/7c/761b48-69ea-40e4-8d7c-64cd194f7f4f/1/z2hDzhUimoAj2X-iejflkniyv9c.mft rsync://rpki.ripe.net/repository/DEFAULT/z2hDzhUimoAj2X-iejflkniyv9c.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:ad:53:ea:53:ec:5b:1a:98:28:1f:b3:fb:71:4f:3b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cf6843ce15229a8023d97fa27a37e59278b2bfd7 Validity Not Before: Dec 6 08:00:36 2025 GMT Not After : Dec 7 08:00:36 2025 GMT Subject: CN=2a72f3eab924544caa0d701a7346e036e1af8ff7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:a4:b7:e2:ff:33:a8:e1:41:ab:e6:9f:01:cc: 95:56:e2:20:c7:3f:d1:1f:7d:ff:da:33:4f:c5:bf: 02:31:1a:78:16:a0:f2:06:2e:1e:d0:71:d4:79:84: 36:94:51:6f:f7:6c:93:5c:c6:6f:3c:01:71:70:61: 6a:0f:a8:fa:fd:58:ae:99:ae:63:e7:81:b1:ec:c6: fa:d2:b3:7a:34:a6:f9:4a:c0:3d:31:ae:02:6b:da: ce:af:50:9a:bd:1a:95:f3:db:b4:0d:1b:1e:23:4a: bb:32:34:7c:44:70:61:9a:ca:18:2f:ec:36:2c:0c: 83:ee:3c:64:5c:ef:75:05:6e:f5:88:bf:12:72:70: 74:a3:49:c1:bc:ff:4c:4e:1b:48:8c:5e:52:25:c8: 72:6b:a8:a6:71:9d:35:25:ef:b4:47:b0:11:f6:83: 5e:3c:96:51:ef:88:c4:75:a3:5a:fa:df:2e:f1:ac: 58:9e:2d:a0:41:e3:5d:37:83:9d:fe:dd:b2:e5:6e: 00:e8:b7:b2:31:dd:e7:6a:69:2c:8b:5a:d0:f5:ea: b6:c9:f2:46:26:ba:7a:68:e6:69:0a:2a:e8:1b:a6: 8c:7b:25:67:de:28:39:d7:17:a2:76:c0:b8:78:45: cd:b3:d6:44:1c:6f:a6:11:76:f5:8b:65:97:c3:4c: ba:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:72:F3:EA:B9:24:54:4C:AA:0D:70:1A:73:46:E0:36:E1:AF:8F:F7 X509v3 Authority Key Identifier: keyid:CF:68:43:CE:15:22:9A:80:23:D9:7F:A2:7A:37:E5:92:78:B2:BF:D7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z2hDzhUimoAj2X-iejflkniyv9c.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/761b48-69ea-40e4-8d7c-64cd194f7f4f/1/z2hDzhUimoAj2X-iejflkniyv9c.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/761b48-69ea-40e4-8d7c-64cd194f7f4f/1/z2hDzhUimoAj2X-iejflkniyv9c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption c2:11:34:90:4d:19:19:34:31:fd:09:19:3a:d6:81:aa:cd:e4: a8:26:08:47:a3:52:d6:5d:31:2a:f8:7a:76:a4:52:75:0d:87: c1:c7:45:d9:2a:6c:99:59:c2:0c:bd:2c:32:46:bf:55:fc:2b: fd:49:8e:da:41:1c:32:3f:17:4b:b2:19:51:41:fd:49:f1:84: 71:94:d4:5b:fb:ce:bd:30:82:0f:cb:30:e7:31:82:f9:88:1b: 9a:48:25:bc:ee:e4:7c:76:79:fd:57:87:56:ec:e8:79:4c:d3: 09:ac:69:78:76:54:31:59:89:26:b9:44:e9:a9:d9:7e:ef:a7: 90:a0:09:d3:6b:88:8b:34:5b:85:5c:67:b8:3c:88:7d:b6:a9: 33:62:47:c1:b6:3a:cd:80:0b:88:aa:61:86:5d:ab:6b:40:e3: 5e:bb:cc:f2:8a:a0:4a:01:58:0d:ea:a2:50:e5:2c:bc:df:00: 8c:30:e6:63:41:be:b8:7d:dc:da:76:8d:d2:9a:18:ff:d6:d0: 3f:55:43:a8:61:18:1b:95:04:45:93:62:87:eb:49:53:65:11: 48:e3:d8:fc:2a:fb:db:09:ca:e0:e6:20:ee:06:ba:1b:b4:54: 7c:ab:fa:cd:7b:6c:40:1d:70:33:03:a7:52:13:58:6b:40:f1: 16:60:dd:27 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryrVPqU+xbGpgoH7P7cU87MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNmNjg0M2NlMTUyMjlhODAyM2Q5N2ZhMjdhMzdlNTkyNzhi MmJmZDcwHhcNMjUxMjA2MDgwMDM2WhcNMjUxMjA3MDgwMDM2WjAzMTEwLwYDVQQD EygyYTcyZjNlYWI5MjQ1NDRjYWEwZDcwMWE3MzQ2ZTAzNmUxYWY4ZmY3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2qS34v8zqOFBq+afAcyVVuIgxz/R H33/2jNPxb8CMRp4FqDyBi4e0HHUeYQ2lFFv92yTXMZvPAFxcGFqD6j6/Viuma5j 54Gx7Mb60rN6NKb5SsA9Ma4Ca9rOr1CavRqV89u0DRseI0q7MjR8RHBhmsoYL+w2 LAyD7jxkXO91BW71iL8ScnB0o0nBvP9MThtIjF5SJchya6imcZ01Je+0R7AR9oNe PJZR74jEdaNa+t8u8axYni2gQeNdN4Od/t2y5W4A6LeyMd3namksi1rQ9eq2yfJG Jrp6aOZpCiroG6aMeyVn3ig51xeidsC4eEXNs9ZEHG+mEXb1i2WXw0y6PwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCpy8+q5JFRMqg1wGnNG4Dbhr4/3MB8GA1UdIwQY MBaAFM9oQ84VIpqAI9l/ono35ZJ4sr/XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvejJoRHpoVWltb0FqMlgtaWVqZmxrbml5djljLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy83NjFiNDgtNjllYS00MGU0LThkN2Mt NjRjZDE5NGY3ZjRmLzEvejJoRHpoVWltb0FqMlgtaWVqZmxrbml5djljLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83Yy83NjFiNDgtNjllYS00MGU0LThkN2MtNjRjZDE5NGY3ZjRm LzEvejJoRHpoVWltb0FqMlgtaWVqZmxrbml5djljLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwhE0kE0Z GTQx/QkZOtaBqs3kqCYIR6NS1l0xKvh6dqRSdQ2HwcdF2SpsmVnCDL0sMka/Vfwr /UmO2kEcMj8XS7IZUUH9SfGEcZTUW/vOvTCCD8sw5zGC+YgbmkglvO7kfHZ5/VeH VuzoeUzTCaxpeHZUMVmJJrlE6anZfu+nkKAJ02uIizRbhVxnuDyIfbapM2JHwbY6 zYALiKphhl2ra0DjXrvM8oqgSgFYDeqiUOUsvN8AjDDmY0G+uH3c2naN0poY/9bQ P1VDqGEYG5UERZNih+tJU2URSOPY/Cr72wnK4OYg7ga6G7RUfKv6zXtsQB1wMwOn UhNYa0DxFmDdJw== -----END CERTIFICATE-----Generated at Sat Dec 6 10:01:19 2025 by rpki-client