This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/ef9479-2994-449c-9d9c-e1dc69e333df/1/z39cWYBZ4a5ZdsgeorgmaX7hmQY.mft File: z39cWYBZ4a5ZdsgeorgmaX7hmQY.mft (raw, json) Hash identifier: CopkStmQPKcVYzVIOnxISC4F18Pl0VKbs2bJEC2Ttr0= Subject key identifier: 33:14:C8:32:83:47:AE:8E:A7:D0:0E:94:FC:C8:9E:41:8E:EE:35:F2 Authority key identifier: CF:7F:5C:59:80:59:E1:AE:59:76:C8:1E:A2:B8:26:69:7E:E1:99:06 Certificate issuer: /CN=cf7f5c598059e1ae5976c81ea2b826697ee19906 Certificate serial: 019AF208FEA6A4E2A8676DF87499E1AA90AF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z39cWYBZ4a5ZdsgeorgmaX7hmQY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/ef9479-2994-449c-9d9c-e1dc69e333df/1/z39cWYBZ4a5ZdsgeorgmaX7hmQY.mft Manifest number: 0600 Signing time: Sat 06 Dec 2025 05:01:06 +0000 Manifest this update: Sat 06 Dec 2025 05:01:06 +0000 Manifest next update: Sun 07 Dec 2025 05:01:06 +0000 Files and hashes: 1: z39cWYBZ4a5ZdsgeorgmaX7hmQY.crl (hash: gzyG0IYoVQy50cuQTg3Gplvf8L5tL4FodPVryemYUXE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7d/ef9479-2994-449c-9d9c-e1dc69e333df/1/z39cWYBZ4a5ZdsgeorgmaX7hmQY.crl rsync://rpki.ripe.net/repository/DEFAULT/7d/ef9479-2994-449c-9d9c-e1dc69e333df/1/z39cWYBZ4a5ZdsgeorgmaX7hmQY.mft rsync://rpki.ripe.net/repository/DEFAULT/z39cWYBZ4a5ZdsgeorgmaX7hmQY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:08:fe:a6:a4:e2:a8:67:6d:f8:74:99:e1:aa:90:af Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cf7f5c598059e1ae5976c81ea2b826697ee19906 Validity Not Before: Dec 6 05:01:06 2025 GMT Not After : Dec 7 05:01:06 2025 GMT Subject: CN=3314c8328347ae8ea7d00e94fcc89e418eee35f2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:80:d3:9e:bc:1f:05:ca:b7:0a:55:b1:b0:91: 4c:93:9f:f9:6e:6a:0b:46:a3:f3:a2:a4:f0:f3:c4: 74:e9:e0:12:96:dc:c5:dc:1e:8d:a6:c8:4c:b1:3a: d0:59:cc:ac:a4:94:67:55:58:9e:53:97:35:35:1e: 74:3f:61:5d:a5:d6:e2:45:52:7d:16:ad:1b:2a:e3: 3e:30:60:e9:ff:e6:e9:b8:c4:e0:5e:3d:a0:db:1d: c4:b2:77:69:7c:93:f9:1a:2b:b4:c6:ca:80:5b:0e: 01:93:00:dc:18:fe:0b:c1:31:6d:e9:13:99:b5:73: 2d:e2:78:35:14:dd:16:74:0b:ba:30:ce:22:ed:d3: 4d:ee:53:c3:45:54:c4:ba:5e:e7:ae:de:35:6a:9c: 48:76:3b:81:2d:8f:ff:86:d9:96:76:0a:52:db:0d: 14:ac:09:8b:3b:9b:41:fc:20:4c:08:7f:48:44:8e: b9:82:7d:8a:71:e3:dd:dc:cb:6d:72:c8:2d:36:0c: 40:51:68:76:7d:d9:56:8e:db:5e:e2:c5:28:ae:f7: 25:72:dc:94:b2:ba:72:7b:f8:95:61:8c:b1:83:98: e0:a7:be:b3:e4:e2:76:44:f6:4d:de:22:34:97:06: 8f:c3:df:2b:92:49:b1:1c:af:fa:7f:01:52:67:fc: 24:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:14:C8:32:83:47:AE:8E:A7:D0:0E:94:FC:C8:9E:41:8E:EE:35:F2 X509v3 Authority Key Identifier: keyid:CF:7F:5C:59:80:59:E1:AE:59:76:C8:1E:A2:B8:26:69:7E:E1:99:06 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z39cWYBZ4a5ZdsgeorgmaX7hmQY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/ef9479-2994-449c-9d9c-e1dc69e333df/1/z39cWYBZ4a5ZdsgeorgmaX7hmQY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/ef9479-2994-449c-9d9c-e1dc69e333df/1/z39cWYBZ4a5ZdsgeorgmaX7hmQY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 74:65:5a:14:fb:30:b3:09:ea:7d:bd:bb:d6:8a:23:cb:84:dd: 35:aa:2c:5a:cd:de:1d:97:02:3c:12:66:93:a3:e1:f0:44:e3: cd:34:b3:c7:30:4d:fd:d7:89:4b:5b:8a:93:48:38:63:1b:c6: 94:69:2b:f1:69:90:04:4f:38:f2:f2:f7:13:84:71:ce:ce:da: e0:2a:c4:02:52:0b:cb:3d:7c:9f:1a:60:7d:5a:97:7a:9e:4c: e9:2a:ea:92:e0:fc:ef:5c:df:74:1c:d2:f9:72:0c:63:55:2e: 00:ca:b3:e7:ef:ba:8c:e5:6e:c3:81:20:b6:57:cc:bb:69:6a: e3:ad:d2:22:c6:ea:fc:cd:61:5f:83:a2:18:2e:ce:60:e6:5c: 44:24:e3:96:15:23:8c:86:e3:c0:cb:83:e3:44:f5:41:aa:9d: 0f:f2:78:89:a4:e6:85:74:61:2e:47:c2:a1:13:e7:a4:50:f6: a8:e2:fb:e1:35:3a:1d:70:ce:d9:aa:97:2c:64:78:ed:86:42: 67:cb:38:32:d0:81:64:f0:25:04:97:b9:77:11:2f:bf:d6:60: 0c:86:a4:0d:1a:96:f0:7e:e2:51:da:72:34:d9:86:fe:5a:d9: 0f:f8:00:5c:9c:76:06:a5:25:5c:04:5d:d3:55:6c:06:fb:2f: e2:4f:8e:3e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryCP6mpOKoZ234dJnhqpCvMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNmN2Y1YzU5ODA1OWUxYWU1OTc2YzgxZWEyYjgyNjY5N2Vl MTk5MDYwHhcNMjUxMjA2MDUwMTA2WhcNMjUxMjA3MDUwMTA2WjAzMTEwLwYDVQQD EygzMzE0YzgzMjgzNDdhZThlYTdkMDBlOTRmY2M4OWU0MThlZWUzNWYyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyYDTnrwfBcq3ClWxsJFMk5/5bmoL RqPzoqTw88R06eASltzF3B6NpshMsTrQWcyspJRnVVieU5c1NR50P2FdpdbiRVJ9 Fq0bKuM+MGDp/+bpuMTgXj2g2x3EsndpfJP5Giu0xsqAWw4BkwDcGP4LwTFt6ROZ tXMt4ng1FN0WdAu6MM4i7dNN7lPDRVTEul7nrt41apxIdjuBLY//htmWdgpS2w0U rAmLO5tB/CBMCH9IRI65gn2KcePd3MttcsgtNgxAUWh2fdlWjtte4sUorvclctyU srpye/iVYYyxg5jgp76z5OJ2RPZN3iI0lwaPw98rkkmxHK/6fwFSZ/wkXwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDMUyDKDR66Op9AOlPzInkGO7jXyMB8GA1UdIwQY MBaAFM9/XFmAWeGuWXbIHqK4Jml+4ZkGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvejM5Y1dZQlo0YTVaZHNnZW9yZ21hWDdobVFZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9lZjk0NzktMjk5NC00NDljLTlkOWMt ZTFkYzY5ZTMzM2RmLzEvejM5Y1dZQlo0YTVaZHNnZW9yZ21hWDdobVFZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83ZC9lZjk0NzktMjk5NC00NDljLTlkOWMtZTFkYzY5ZTMzM2Rm LzEvejM5Y1dZQlo0YTVaZHNnZW9yZ21hWDdobVFZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdGVaFPsw swnqfb271oojy4TdNaosWs3eHZcCPBJmk6Ph8ETjzTSzxzBN/deJS1uKk0g4YxvG lGkr8WmQBE848vL3E4Rxzs7a4CrEAlILyz18nxpgfVqXep5M6SrqkuD871zfdBzS +XIMY1UuAMqz5++6jOVuw4EgtlfMu2lq463SIsbq/M1hX4OiGC7OYOZcRCTjlhUj jIbjwMuD40T1QaqdD/J4iaTmhXRhLkfCoRPnpFD2qOL74TU6HXDO2aqXLGR47YZC Z8s4MtCBZPAlBJe5dxEvv9ZgDIakDRqW8H7iUdpyNNmG/lrZD/gAXJx2BqUlXARd 01VsBvsv4k+OPg== -----END CERTIFICATE-----Generated at Sat Dec 6 10:32:12 2025 by rpki-client