This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/4ceff0-0ae4-414c-a0f6-e51e6ef5d3b1/1/czFVtC-vxzVab8gJx9nM9bL4zcI.mft File: czFVtC-vxzVab8gJx9nM9bL4zcI.mft (raw, json) Hash identifier: W49x2N3q9q27xrS75DJub/zppEbpDuHa6jwBDUEDet0= Subject key identifier: 43:F1:B4:03:8E:B6:08:01:65:9D:F8:55:AB:52:04:E1:17:9A:53:EA Authority key identifier: 73:31:55:B4:2F:AF:C7:35:5A:6F:C8:09:C7:D9:CC:F5:B2:F8:CD:C2 Certificate issuer: /CN=733155b42fafc7355a6fc809c7d9ccf5b2f8cdc2 Certificate serial: 019AF389B00FDD980C0E9273A149330D80B4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/czFVtC-vxzVab8gJx9nM9bL4zcI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/4ceff0-0ae4-414c-a0f6-e51e6ef5d3b1/1/czFVtC-vxzVab8gJx9nM9bL4zcI.mft Manifest number: 068A Signing time: Sat 06 Dec 2025 12:01:18 +0000 Manifest this update: Sat 06 Dec 2025 12:01:18 +0000 Manifest next update: Sun 07 Dec 2025 12:01:18 +0000 Files and hashes: 1: czFVtC-vxzVab8gJx9nM9bL4zcI.crl (hash: sPitqog30FM+U2cHjT8pLd98muM/gGXdj51tNUZq51I=) 2: l0CnYB9TqdwdMbmMIDN6gmU04y4.roa (hash: uHgPuHlAwsjfMv6nb8pkc75mAM6+gk2FAGFMxkvLSjo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/95/4ceff0-0ae4-414c-a0f6-e51e6ef5d3b1/1/czFVtC-vxzVab8gJx9nM9bL4zcI.crl rsync://rpki.ripe.net/repository/DEFAULT/95/4ceff0-0ae4-414c-a0f6-e51e6ef5d3b1/1/czFVtC-vxzVab8gJx9nM9bL4zcI.mft rsync://rpki.ripe.net/repository/DEFAULT/czFVtC-vxzVab8gJx9nM9bL4zcI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 12:01:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:89:b0:0f:dd:98:0c:0e:92:73:a1:49:33:0d:80:b4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=733155b42fafc7355a6fc809c7d9ccf5b2f8cdc2 Validity Not Before: Dec 6 12:01:18 2025 GMT Not After : Dec 7 12:01:18 2025 GMT Subject: CN=43f1b4038eb60801659df855ab5204e1179a53ea Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:29:8b:f0:07:37:67:94:d0:fb:f5:69:be:f3: dd:ef:64:82:93:d7:ec:f1:b8:99:36:6f:67:b8:f7: 4c:cc:d1:64:a4:bc:13:f7:d6:10:88:7f:3b:67:0a: da:ba:8a:d4:a6:d7:22:40:96:a9:d3:90:b0:a6:d2: 2c:10:49:e4:81:dc:ad:f4:be:44:01:db:f6:69:ed: 1f:9d:2c:1c:9a:8c:5f:6c:8b:31:a4:a7:d5:91:d3: 9f:13:89:f5:90:7f:29:a7:50:53:e4:66:84:a0:ef: 7b:9b:30:7e:eb:34:65:82:f3:b3:3a:3e:cc:8b:66: 50:ec:bb:b5:22:71:dd:ed:20:27:28:f2:13:a6:70: d1:d6:98:64:8c:3e:79:87:13:aa:89:51:5b:a1:ab: 52:f5:f5:7f:7c:4d:9a:aa:9d:6a:3e:b5:ee:47:24: 9d:36:0d:04:8b:a0:1d:97:4b:23:1f:12:cc:de:bb: 0a:f9:33:b6:5c:1c:25:40:24:d4:da:a6:78:fd:3d: 06:35:72:ff:6f:3d:50:bf:b9:98:67:8d:67:41:ae: 74:f1:cb:50:64:85:33:e8:0e:89:ae:9b:59:bd:5d: 9e:18:53:a3:ad:51:6b:19:5e:df:02:9a:26:4a:63: 2c:6b:73:50:b3:b6:80:b2:d8:f3:33:79:01:54:4b: b1:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 43:F1:B4:03:8E:B6:08:01:65:9D:F8:55:AB:52:04:E1:17:9A:53:EA X509v3 Authority Key Identifier: keyid:73:31:55:B4:2F:AF:C7:35:5A:6F:C8:09:C7:D9:CC:F5:B2:F8:CD:C2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/czFVtC-vxzVab8gJx9nM9bL4zcI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/4ceff0-0ae4-414c-a0f6-e51e6ef5d3b1/1/czFVtC-vxzVab8gJx9nM9bL4zcI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/95/4ceff0-0ae4-414c-a0f6-e51e6ef5d3b1/1/czFVtC-vxzVab8gJx9nM9bL4zcI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 02:b2:7e:0c:aa:d8:e6:8b:1f:aa:31:dd:56:a1:8c:fb:3f:85: 70:ec:ad:23:ea:a8:10:aa:de:48:7c:86:f3:e0:4f:07:a9:63: 11:66:42:31:0d:47:c0:f6:27:2c:66:b5:9b:83:ce:c7:00:b7: 22:47:d9:ec:4f:04:c0:b0:9f:be:84:19:8b:57:5b:ec:f5:7f: d0:5f:ad:e9:04:5f:a1:ee:9a:8a:e0:9d:06:2e:0d:5e:09:5e: 66:22:12:c4:d1:24:20:7b:9d:a2:ca:e9:bb:07:c9:4c:eb:4a: 40:11:51:42:64:c3:cf:8a:07:92:e2:7f:e4:4f:c5:6c:9f:66: c1:e2:db:10:53:f8:3a:cc:41:1d:e1:27:ba:7b:fd:a3:cd:79: d8:8f:aa:a3:a6:30:d6:b8:9b:28:4f:04:69:47:a2:94:35:11: 32:08:df:de:f9:87:6e:2d:7c:9e:42:1f:d8:d1:53:26:50:14: b8:fb:16:1c:9c:26:d7:67:34:86:e5:30:15:0a:df:95:c5:1e: 40:ee:55:65:7e:5f:b2:77:5a:17:93:b4:2a:82:8e:0b:ff:c8: 73:f8:38:06:89:6a:66:3b:f6:42:3d:c5:4b:8a:cd:16:01:b0: 5b:26:45:94:b1:c2:63:11:c7:84:77:0c:76:50:09:2d:c3:93: f0:bc:e2:d2 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzibAP3ZgMDpJzoUkzDYC0MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDczMzE1NWI0MmZhZmM3MzU1YTZmYzgwOWM3ZDljY2Y1YjJm OGNkYzIwHhcNMjUxMjA2MTIwMTE4WhcNMjUxMjA3MTIwMTE4WjAzMTEwLwYDVQQD Eyg0M2YxYjQwMzhlYjYwODAxNjU5ZGY4NTVhYjUyMDRlMTE3OWE1M2VhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7SmL8Ac3Z5TQ+/VpvvPd72SCk9fs 8biZNm9nuPdMzNFkpLwT99YQiH87ZwrauorUptciQJap05CwptIsEEnkgdyt9L5E Adv2ae0fnSwcmoxfbIsxpKfVkdOfE4n1kH8pp1BT5GaEoO97mzB+6zRlgvOzOj7M i2ZQ7Lu1InHd7SAnKPITpnDR1phkjD55hxOqiVFboatS9fV/fE2aqp1qPrXuRySd Ng0Ei6Adl0sjHxLM3rsK+TO2XBwlQCTU2qZ4/T0GNXL/bz1Qv7mYZ41nQa508ctQ ZIUz6A6JrptZvV2eGFOjrVFrGV7fApomSmMsa3NQs7aAstjzM3kBVEuxfwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEPxtAOOtggBZZ34VatSBOEXmlPqMB8GA1UdIwQY MBaAFHMxVbQvr8c1Wm/ICcfZzPWy+M3CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY3pGVnRDLXZ4elZhYjhnSng5bk05Ykw0emNJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS80Y2VmZjAtMGFlNC00MTRjLWEwZjYt ZTUxZTZlZjVkM2IxLzEvY3pGVnRDLXZ4elZhYjhnSng5bk05Ykw0emNJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85NS80Y2VmZjAtMGFlNC00MTRjLWEwZjYtZTUxZTZlZjVkM2Ix LzEvY3pGVnRDLXZ4elZhYjhnSng5bk05Ykw0emNJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAArJ+DKrY 5osfqjHdVqGM+z+FcOytI+qoEKreSHyG8+BPB6ljEWZCMQ1HwPYnLGa1m4POxwC3 IkfZ7E8EwLCfvoQZi1db7PV/0F+t6QRfoe6aiuCdBi4NXgleZiISxNEkIHudosrp uwfJTOtKQBFRQmTDz4oHkuJ/5E/FbJ9mweLbEFP4OsxBHeEnunv9o8152I+qo6Yw 1ribKE8EaUeilDURMgjf3vmHbi18nkIf2NFTJlAUuPsWHJwm12c0huUwFQrflcUe QO5VZX5fsndaF5O0KoKOC//Ic/g4BolqZjv2Qj3FS4rNFgGwWyZFlLHCYxHHhHcM dlAJLcOT8Lzi0g== -----END CERTIFICATE-----Generated at Sat Dec 6 20:36:42 2025 by rpki-client