This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/b2f963-3939-44c5-9b9d-b16242b9bde7/1/rZR5r-OpoY4cN0_KAi0f8qJVsa8.mft File: rZR5r-OpoY4cN0_KAi0f8qJVsa8.mft (raw, json) Hash identifier: 1T+c+9LECPSky+as36VHJLrHJHQNVugcPUpwNoWyIDM= Subject key identifier: B0:61:5D:26:EA:CB:F8:6C:9B:D5:BE:91:67:3C:4B:F9:AD:95:5A:E7 Authority key identifier: AD:94:79:AF:E3:A9:A1:8E:1C:37:4F:CA:02:2D:1F:F2:A2:55:B1:AF Certificate issuer: /CN=ad9479afe3a9a18e1c374fca022d1ff2a255b1af Certificate serial: 019AF0BF40F32DDA8772BCFD8BA2DCABDF31 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rZR5r-OpoY4cN0_KAi0f8qJVsa8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/b2f963-3939-44c5-9b9d-b16242b9bde7/1/rZR5r-OpoY4cN0_KAi0f8qJVsa8.mft Manifest number: 0216 Signing time: Fri 05 Dec 2025 23:00:57 +0000 Manifest this update: Fri 05 Dec 2025 23:00:57 +0000 Manifest next update: Sat 06 Dec 2025 23:00:57 +0000 Files and hashes: 1: rZR5r-OpoY4cN0_KAi0f8qJVsa8.crl (hash: IfpeniSJSJmO6JnP2WuBAXd50RYp6Md2QNhsdhyEsBY=) 2: y_jzZWxrMh2AT3qjdH5sDFcbnso.roa (hash: UBOvdV+QBpMo/gPKyJWNtGffNnN28PAA/OvI521Vudc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/82/b2f963-3939-44c5-9b9d-b16242b9bde7/1/rZR5r-OpoY4cN0_KAi0f8qJVsa8.crl rsync://rpki.ripe.net/repository/DEFAULT/82/b2f963-3939-44c5-9b9d-b16242b9bde7/1/rZR5r-OpoY4cN0_KAi0f8qJVsa8.mft rsync://rpki.ripe.net/repository/DEFAULT/rZR5r-OpoY4cN0_KAi0f8qJVsa8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 23:00:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f0:bf:40:f3:2d:da:87:72:bc:fd:8b:a2:dc:ab:df:31 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ad9479afe3a9a18e1c374fca022d1ff2a255b1af Validity Not Before: Dec 5 23:00:57 2025 GMT Not After : Dec 6 23:00:57 2025 GMT Subject: CN=b0615d26eacbf86c9bd5be91673c4bf9ad955ae7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:85:1b:92:73:a3:32:ae:67:fc:db:84:54:58: 72:88:29:92:c0:0f:c5:bf:c7:6d:a3:8e:9f:17:fd: 6e:07:cb:3c:60:94:7b:e2:c2:6e:7c:f4:b0:52:99: f9:b9:2f:e3:9d:4b:b5:68:4e:e0:e8:2b:93:ab:96: 26:f1:99:4a:c8:d9:69:fe:40:95:ec:6a:3c:68:60: 07:8c:d0:51:af:10:f7:32:ff:1a:e1:22:91:33:42: b7:c1:05:9d:f5:e4:6e:2b:fe:e9:fa:6d:d4:67:b7: 26:69:5c:0a:04:fc:2a:15:f0:4e:55:26:ec:9a:c6: e1:03:80:04:4c:44:25:76:cc:05:88:1b:f5:d7:bc: d6:71:6e:25:8c:ed:c9:55:57:2a:4e:2c:81:12:ee: 65:f6:62:0c:1c:19:2c:16:08:05:aa:b3:04:bb:f9: 3f:df:8e:28:db:49:b9:08:d5:b0:ce:22:a3:36:16: 03:4a:e7:53:ce:22:4f:0c:3a:6e:84:cb:f7:89:ed: 58:ad:a9:b7:f2:05:a3:49:e7:0b:4d:fb:a7:74:f7: ca:88:93:01:df:09:c6:ce:93:66:de:6d:12:78:0b: 06:b2:5c:27:da:9c:07:d8:a6:5b:06:c1:40:8c:98: 23:d4:b3:55:52:57:98:bc:6a:9b:c7:0b:cb:6a:72: be:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B0:61:5D:26:EA:CB:F8:6C:9B:D5:BE:91:67:3C:4B:F9:AD:95:5A:E7 X509v3 Authority Key Identifier: keyid:AD:94:79:AF:E3:A9:A1:8E:1C:37:4F:CA:02:2D:1F:F2:A2:55:B1:AF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rZR5r-OpoY4cN0_KAi0f8qJVsa8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/b2f963-3939-44c5-9b9d-b16242b9bde7/1/rZR5r-OpoY4cN0_KAi0f8qJVsa8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/82/b2f963-3939-44c5-9b9d-b16242b9bde7/1/rZR5r-OpoY4cN0_KAi0f8qJVsa8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 32:8f:1a:1e:db:a4:32:67:80:52:48:1a:17:ca:9d:e8:ea:f7: 38:92:b3:f3:23:93:28:50:18:5c:b2:1f:8e:a4:1c:58:10:01: 18:39:c7:93:d7:43:66:99:b5:76:9f:81:46:05:0b:dd:f4:6d: 64:5d:33:cf:57:73:c9:92:57:f4:54:ec:7e:4d:50:4c:16:a8: 58:ba:14:32:55:54:c6:dc:c4:8d:27:ae:3d:3a:8c:55:97:b2: 47:c7:2d:fc:1f:2d:b0:63:3c:87:a9:5f:92:71:09:4a:5d:6f: 20:3d:a9:a8:ad:80:9f:6b:49:73:d2:8f:c5:dc:dd:8d:4b:80: d2:01:45:59:a6:80:0d:30:ff:c9:12:33:5b:f6:9c:85:86:a7: 59:8c:76:0e:2f:33:db:c8:22:a3:a2:63:57:b5:6c:e9:55:3c: 13:de:56:82:7e:2a:1c:ec:b6:aa:cc:a0:e0:8b:06:3d:e2:e8: 94:67:49:3c:4b:d1:f1:05:ff:e0:6a:df:4a:f4:06:ae:be:c0: 24:85:5a:f2:dd:eb:64:ae:ee:f9:01:b0:eb:62:da:38:4d:71: 3c:74:21:ad:4b:e0:38:cb:7a:07:20:d9:34:8a:10:f3:33:73: 1a:0f:a8:aa:41:e7:fa:f3:d9:94:1c:5c:8d:50:6a:a3:1c:7b: 60:04:75:cc -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrwv0DzLdqHcrz9i6Lcq98xMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFkOTQ3OWFmZTNhOWExOGUxYzM3NGZjYTAyMmQxZmYyYTI1 NWIxYWYwHhcNMjUxMjA1MjMwMDU3WhcNMjUxMjA2MjMwMDU3WjAzMTEwLwYDVQQD EyhiMDYxNWQyNmVhY2JmODZjOWJkNWJlOTE2NzNjNGJmOWFkOTU1YWU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwoUbknOjMq5n/NuEVFhyiCmSwA/F v8dto46fF/1uB8s8YJR74sJufPSwUpn5uS/jnUu1aE7g6CuTq5Ym8ZlKyNlp/kCV 7Go8aGAHjNBRrxD3Mv8a4SKRM0K3wQWd9eRuK/7p+m3UZ7cmaVwKBPwqFfBOVSbs msbhA4AETEQldswFiBv117zWcW4ljO3JVVcqTiyBEu5l9mIMHBksFggFqrMEu/k/ 344o20m5CNWwziKjNhYDSudTziJPDDpuhMv3ie1Yram38gWjSecLTfundPfKiJMB 3wnGzpNm3m0SeAsGslwn2pwH2KZbBsFAjJgj1LNVUleYvGqbxwvLanK+awIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLBhXSbqy/hsm9W+kWc8S/mtlVrnMB8GA1UdIwQY MBaAFK2Uea/jqaGOHDdPygItH/KiVbGvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvclpSNXItT3BvWTRjTjBfS0FpMGY4cUpWc2E4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi9iMmY5NjMtMzkzOS00NGM1LTliOWQt YjE2MjQyYjliZGU3LzEvclpSNXItT3BvWTRjTjBfS0FpMGY4cUpWc2E4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Mi9iMmY5NjMtMzkzOS00NGM1LTliOWQtYjE2MjQyYjliZGU3 LzEvclpSNXItT3BvWTRjTjBfS0FpMGY4cUpWc2E4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMo8aHtuk MmeAUkgaF8qd6Or3OJKz8yOTKFAYXLIfjqQcWBABGDnHk9dDZpm1dp+BRgUL3fRt ZF0zz1dzyZJX9FTsfk1QTBaoWLoUMlVUxtzEjSeuPTqMVZeyR8ct/B8tsGM8h6lf knEJSl1vID2pqK2An2tJc9KPxdzdjUuA0gFFWaaADTD/yRIzW/achYanWYx2Di8z 28gio6JjV7Vs6VU8E95Wgn4qHOy2qsyg4IsGPeLolGdJPEvR8QX/4GrfSvQGrr7A JIVa8t3rZK7u+QGw62LaOE1xPHQhrUvgOMt6ByDZNIoQ8zNzGg+oqkHn+vPZlBxc jVBqoxx7YAR1zA== -----END CERTIFICATE-----Generated at Sat Dec 6 07:22:19 2025 by rpki-client