This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/20e5a2-0e64-4ea3-8c86-6c02ec19b809/1/zTwRDf139XdXORwPrt7r42CGVx0.mft File: zTwRDf139XdXORwPrt7r42CGVx0.mft (raw, json) Hash identifier: hpY/BsGLgbkFFOIHreouEPAIQMlw3fYzvCnPGmgxsfo= Subject key identifier: DA:39:EC:63:21:B0:71:63:24:C4:10:AD:F1:8D:C4:11:0F:7D:86:51 Authority key identifier: CD:3C:11:0D:FD:77:F5:77:57:39:1C:0F:AE:DE:EB:E3:60:86:57:1D Certificate issuer: /CN=cd3c110dfd77f57757391c0faedeebe36086571d Certificate serial: 019AF1D1E77710F4E2A6E2B9D56E9439C6E5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zTwRDf139XdXORwPrt7r42CGVx0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/20e5a2-0e64-4ea3-8c86-6c02ec19b809/1/zTwRDf139XdXORwPrt7r42CGVx0.mft Manifest number: 0F7D Signing time: Sat 06 Dec 2025 04:00:56 +0000 Manifest this update: Sat 06 Dec 2025 04:00:56 +0000 Manifest next update: Sun 07 Dec 2025 04:00:56 +0000 Files and hashes: 1: n79crWM-L0W_-YTIs0SA8x1g-4g.roa (hash: WTPugh0CrOL+7geJ0TTyRViJCXrCGCyNH+3nK4QxB48=) 2: zTwRDf139XdXORwPrt7r42CGVx0.crl (hash: ZH4UsspMpitn8da8R09FWN03Ts08kNKO1bjmHZZxLkY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/20e5a2-0e64-4ea3-8c86-6c02ec19b809/1/zTwRDf139XdXORwPrt7r42CGVx0.crl rsync://rpki.ripe.net/repository/DEFAULT/8e/20e5a2-0e64-4ea3-8c86-6c02ec19b809/1/zTwRDf139XdXORwPrt7r42CGVx0.mft rsync://rpki.ripe.net/repository/DEFAULT/zTwRDf139XdXORwPrt7r42CGVx0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:d1:e7:77:10:f4:e2:a6:e2:b9:d5:6e:94:39:c6:e5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cd3c110dfd77f57757391c0faedeebe36086571d Validity Not Before: Dec 6 04:00:56 2025 GMT Not After : Dec 7 04:00:56 2025 GMT Subject: CN=da39ec6321b0716324c410adf18dc4110f7d8651 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:d8:67:a2:a6:c1:95:da:f8:94:f5:42:4b:74: 6f:24:33:de:9a:e4:79:e4:50:9d:1a:2e:69:f2:18: 0b:27:db:6f:b0:fa:3f:40:64:de:e4:87:98:45:bf: 52:5c:63:63:df:f6:e4:2d:ab:67:28:84:78:96:cf: e4:cb:4b:71:55:a9:a9:4e:0e:7e:a6:d5:00:49:c4: d1:b8:78:4b:44:39:7b:d0:45:9e:91:af:87:2c:51: c4:a7:8d:c1:ad:22:94:7c:c6:f7:0b:76:f0:bb:57: ab:fa:b6:a9:ef:7e:5c:b9:ef:40:d6:69:64:4c:62: cf:97:b2:dd:a0:6f:90:6b:c8:32:12:4b:69:9b:1a: 0f:11:94:23:18:b8:da:50:b6:de:b9:99:15:8b:ea: 95:5c:a7:cf:bd:bb:0a:f6:86:f6:3d:ac:38:28:73: 97:6a:cd:83:0d:4f:5d:b6:bc:67:1b:24:7b:78:b8: 8b:fe:86:f3:13:9a:f5:1e:fc:73:e0:8d:d7:a4:18: d1:54:da:47:32:8a:a4:bd:6e:e0:8c:1c:16:ce:53: 11:1d:b0:a9:5b:64:59:ab:03:c5:a5:96:5a:94:95: 1c:69:dd:fa:fc:c3:74:1f:8b:8d:72:2e:ae:79:d1: 71:82:e2:43:f5:c5:c2:95:7c:0d:64:bb:ae:2e:ab: c7:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:39:EC:63:21:B0:71:63:24:C4:10:AD:F1:8D:C4:11:0F:7D:86:51 X509v3 Authority Key Identifier: keyid:CD:3C:11:0D:FD:77:F5:77:57:39:1C:0F:AE:DE:EB:E3:60:86:57:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zTwRDf139XdXORwPrt7r42CGVx0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/20e5a2-0e64-4ea3-8c86-6c02ec19b809/1/zTwRDf139XdXORwPrt7r42CGVx0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/20e5a2-0e64-4ea3-8c86-6c02ec19b809/1/zTwRDf139XdXORwPrt7r42CGVx0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption ba:9b:96:5c:e8:06:d8:66:ad:dc:7e:b4:17:1e:8a:ed:08:ca: 84:b3:8c:73:8b:e1:1c:ca:bd:cc:ce:cc:10:fd:8f:5b:16:89: 65:f3:ca:b9:1a:cc:a6:af:18:0c:a4:e4:29:fa:14:36:9a:56: 48:dc:a4:8c:b2:4a:58:ce:2f:f8:fa:11:a5:5d:0c:63:f5:7d: 01:7a:02:a4:ad:b0:f0:7a:4e:ac:66:4a:ba:22:cc:a5:24:6e: 8d:f6:0d:73:97:fa:f2:6c:5a:bc:13:c9:ff:e5:ec:54:59:8d: c8:5c:9c:d0:a9:a9:17:4e:12:e0:db:61:00:d5:6d:07:c8:44: f2:d6:9c:0d:e8:76:a2:07:72:64:42:70:a6:a7:8a:5b:58:60: fc:48:19:9d:d9:97:8b:af:1c:61:ee:c4:e1:49:ec:ed:c9:27: 24:70:02:76:4b:b9:16:a6:c5:5e:ef:43:c2:bc:1a:48:37:2c: d6:2a:56:78:6d:ff:1a:6f:e9:19:21:82:3f:9f:54:b0:19:02: b5:88:42:d7:48:05:91:86:e5:20:5d:59:e2:53:9e:9b:2b:da: 11:89:7f:eb:75:fb:78:7b:fd:e2:7f:32:ba:b9:b2:09:f0:2c: fc:5b:08:40:51:7e:bc:43:ea:cc:df:e6:59:e4:1c:7c:35:1a: e1:22:49:36 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrx0ed3EPTipuK51W6UOcblMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNkM2MxMTBkZmQ3N2Y1Nzc1NzM5MWMwZmFlZGVlYmUzNjA4 NjU3MWQwHhcNMjUxMjA2MDQwMDU2WhcNMjUxMjA3MDQwMDU2WjAzMTEwLwYDVQQD EyhkYTM5ZWM2MzIxYjA3MTYzMjRjNDEwYWRmMThkYzQxMTBmN2Q4NjUxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzdhnoqbBldr4lPVCS3RvJDPemuR5 5FCdGi5p8hgLJ9tvsPo/QGTe5IeYRb9SXGNj3/bkLatnKIR4ls/ky0txVampTg5+ ptUAScTRuHhLRDl70EWeka+HLFHEp43BrSKUfMb3C3bwu1er+rap735cue9A1mlk TGLPl7LdoG+Qa8gyEktpmxoPEZQjGLjaULbeuZkVi+qVXKfPvbsK9ob2Paw4KHOX as2DDU9dtrxnGyR7eLiL/obzE5r1Hvxz4I3XpBjRVNpHMoqkvW7gjBwWzlMRHbCp W2RZqwPFpZZalJUcad36/MN0H4uNci6uedFxguJD9cXClXwNZLuuLqvHuQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNo57GMhsHFjJMQQrfGNxBEPfYZRMB8GA1UdIwQY MBaAFM08EQ39d/V3VzkcD67e6+NghlcdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvelR3UkRmMTM5WGRYT1J3UHJ0N3I0MkNHVngwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8yMGU1YTItMGU2NC00ZWEzLThjODYt NmMwMmVjMTliODA5LzEvelR3UkRmMTM5WGRYT1J3UHJ0N3I0MkNHVngwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84ZS8yMGU1YTItMGU2NC00ZWEzLThjODYtNmMwMmVjMTliODA5 LzEvelR3UkRmMTM5WGRYT1J3UHJ0N3I0MkNHVngwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAupuWXOgG 2Gat3H60Fx6K7QjKhLOMc4vhHMq9zM7MEP2PWxaJZfPKuRrMpq8YDKTkKfoUNppW SNykjLJKWM4v+PoRpV0MY/V9AXoCpK2w8HpOrGZKuiLMpSRujfYNc5f68mxavBPJ /+XsVFmNyFyc0KmpF04S4NthANVtB8hE8tacDeh2ogdyZEJwpqeKW1hg/EgZndmX i68cYe7E4Uns7cknJHACdku5FqbFXu9DwrwaSDcs1ipWeG3/Gm/pGSGCP59UsBkC tYhC10gFkYblIF1Z4lOemyvaEYl/63X7eHv94n8yurmyCfAs/FsIQFF+vEPqzN/m WeQcfDUa4SJJNg== -----END CERTIFICATE-----Generated at Sat Dec 6 09:26:50 2025 by rpki-client