This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/72892a-3bc0-4f57-bc5b-75039750bd68/1/pz1kDZC_PWfySYE4zDcfZUZH3a0.mft File: pz1kDZC_PWfySYE4zDcfZUZH3a0.mft (raw, json) Hash identifier: mWCqcnUWPqpDOK9lL64LK+vEB7CJCy4mnHFgmrsIZdI= Subject key identifier: EE:98:45:77:85:B7:80:06:07:7C:40:03:63:E8:20:39:BF:5C:9F:B1 Authority key identifier: A7:3D:64:0D:90:BF:3D:67:F2:49:81:38:CC:37:1F:65:46:47:DD:AD Certificate issuer: /CN=a73d640d90bf3d67f2498138cc371f654647ddad Certificate serial: 019AF31D5FAFE2B45B161CF074AF1E8DC9EE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pz1kDZC_PWfySYE4zDcfZUZH3a0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/72892a-3bc0-4f57-bc5b-75039750bd68/1/pz1kDZC_PWfySYE4zDcfZUZH3a0.mft Manifest number: 115D Signing time: Sat 06 Dec 2025 10:02:59 +0000 Manifest this update: Sat 06 Dec 2025 10:02:59 +0000 Manifest next update: Sun 07 Dec 2025 10:02:59 +0000 Files and hashes: 1: 5fcpJVl5DXDFgBV-5G0BOvh2tGg.roa (hash: urXegQalP46Ga7kO5s8Ojf4B2voXZNk4EbUTvjtFENw=) 2: pz1kDZC_PWfySYE4zDcfZUZH3a0.crl (hash: 9DO4t6uMgdsRihK8oYJL1uVtXG4rYL5ZYVepqEbiT8I=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/98/72892a-3bc0-4f57-bc5b-75039750bd68/1/pz1kDZC_PWfySYE4zDcfZUZH3a0.crl rsync://rpki.ripe.net/repository/DEFAULT/98/72892a-3bc0-4f57-bc5b-75039750bd68/1/pz1kDZC_PWfySYE4zDcfZUZH3a0.mft rsync://rpki.ripe.net/repository/DEFAULT/pz1kDZC_PWfySYE4zDcfZUZH3a0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1d:5f:af:e2:b4:5b:16:1c:f0:74:af:1e:8d:c9:ee Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a73d640d90bf3d67f2498138cc371f654647ddad Validity Not Before: Dec 6 10:02:59 2025 GMT Not After : Dec 7 10:02:59 2025 GMT Subject: CN=ee98457785b78006077c400363e82039bf5c9fb1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:88:1b:5b:6a:46:b8:81:aa:05:71:eb:1c:19:42: ce:eb:a7:33:f9:d9:97:97:f7:a1:dc:d8:5e:93:49: 16:61:91:2e:cf:df:1c:8f:8b:d0:d4:70:9e:9e:53: f2:c7:89:9b:99:c6:59:08:09:70:ff:44:1a:45:08: b3:5f:21:05:8e:24:f4:47:af:5e:13:d3:d3:7e:24: 5d:41:c8:64:03:4a:99:8b:77:97:6f:05:89:17:a5: 04:fe:02:84:97:67:32:70:e8:ac:55:31:cb:66:40: 05:43:87:23:06:7c:7f:e3:a7:d3:21:32:e8:c3:12: 2f:92:e6:06:51:3b:3d:2e:a2:65:6b:34:23:05:56: 98:80:6d:f6:b1:73:ed:d8:59:33:5b:d3:8a:d7:a0: 04:31:7f:3a:63:1a:62:69:a7:a0:df:21:e2:de:72: b5:f6:8f:2e:1e:76:a9:d4:fa:b0:0b:80:e6:63:fd: 33:9f:3a:c9:98:f4:69:fd:5a:a6:7f:ea:13:62:ce: be:58:2f:bc:47:b8:53:dc:31:be:0d:fb:fa:e6:28: b2:9b:3b:6a:df:f5:f2:b5:e9:a4:98:d7:a4:85:4b: ac:45:e0:c5:82:cc:ad:f8:cb:d5:ab:4e:88:c7:fe: 75:20:38:9c:82:58:8b:e8:bb:57:c1:f4:05:35:08: 85:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EE:98:45:77:85:B7:80:06:07:7C:40:03:63:E8:20:39:BF:5C:9F:B1 X509v3 Authority Key Identifier: keyid:A7:3D:64:0D:90:BF:3D:67:F2:49:81:38:CC:37:1F:65:46:47:DD:AD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pz1kDZC_PWfySYE4zDcfZUZH3a0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/72892a-3bc0-4f57-bc5b-75039750bd68/1/pz1kDZC_PWfySYE4zDcfZUZH3a0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/98/72892a-3bc0-4f57-bc5b-75039750bd68/1/pz1kDZC_PWfySYE4zDcfZUZH3a0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 80:70:cb:15:3f:d9:2f:c0:9d:34:ef:d7:66:a0:99:50:70:31: 54:2d:32:3c:b9:8b:a3:0a:7e:55:65:4d:39:91:16:b6:0d:d0: 55:80:ce:14:22:d7:7d:f5:ea:b4:87:5a:fd:5f:ba:95:fc:13: 06:e0:23:db:ce:c7:24:dc:92:6a:36:c1:6c:cc:de:24:ac:74: 5a:cc:31:69:26:8f:66:13:17:72:b4:54:ea:fe:6c:50:03:a3: fe:5d:10:45:b0:3d:d9:61:bd:0e:2f:5e:28:f5:e7:f6:3f:9b: 9e:63:e4:0d:7c:76:eb:69:fc:79:bf:4f:d4:4d:ec:30:38:d1: c0:ca:43:37:17:08:cd:f7:48:41:83:3a:b6:e3:e4:5c:dc:5a: d6:40:4f:b0:51:88:87:70:b5:b4:f6:b9:1a:a7:8c:36:9e:0c: 53:eb:4a:90:c0:01:b9:d3:f7:cf:c7:53:4b:7b:b1:42:c2:04: 5d:4c:e4:5b:0c:8f:36:c2:48:32:04:38:45:d6:4b:f5:23:5c: 16:b9:0b:1c:79:9d:17:e0:b8:ac:98:3d:16:e8:da:8a:2c:8d: db:e6:22:86:65:fb:20:c6:00:66:77:ab:04:20:9d:cf:86:ae: 80:83:29:14:9a:04:ce:b5:9f:30:fc:ea:a7:b5:50:36:b6:f9: 64:83:4e:94 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzHV+v4rRbFhzwdK8ejcnuMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE3M2Q2NDBkOTBiZjNkNjdmMjQ5ODEzOGNjMzcxZjY1NDY0 N2RkYWQwHhcNMjUxMjA2MTAwMjU5WhcNMjUxMjA3MTAwMjU5WjAzMTEwLwYDVQQD EyhlZTk4NDU3Nzg1Yjc4MDA2MDc3YzQwMDM2M2U4MjAzOWJmNWM5ZmIxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiBtbaka4gaoFcescGULO66cz+dmX l/eh3Nhek0kWYZEuz98cj4vQ1HCenlPyx4mbmcZZCAlw/0QaRQizXyEFjiT0R69e E9PTfiRdQchkA0qZi3eXbwWJF6UE/gKEl2cycOisVTHLZkAFQ4cjBnx/46fTITLo wxIvkuYGUTs9LqJlazQjBVaYgG32sXPt2FkzW9OK16AEMX86Yxpiaaeg3yHi3nK1 9o8uHnap1PqwC4DmY/0znzrJmPRp/Vqmf+oTYs6+WC+8R7hT3DG+Dfv65iiymztq 3/XytemkmNekhUusReDFgsyt+MvVq06Ix/51IDicgliL6LtXwfQFNQiF4QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFO6YRXeFt4AGB3xAA2PoIDm/XJ+xMB8GA1UdIwQY MBaAFKc9ZA2Qvz1n8kmBOMw3H2VGR92tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcHoxa0RaQ19QV2Z5U1lFNHpEY2ZaVVpIM2EwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC83Mjg5MmEtM2JjMC00ZjU3LWJjNWIt NzUwMzk3NTBiZDY4LzEvcHoxa0RaQ19QV2Z5U1lFNHpEY2ZaVVpIM2EwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85OC83Mjg5MmEtM2JjMC00ZjU3LWJjNWItNzUwMzk3NTBiZDY4 LzEvcHoxa0RaQ19QV2Z5U1lFNHpEY2ZaVVpIM2EwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgHDLFT/Z L8CdNO/XZqCZUHAxVC0yPLmLowp+VWVNOZEWtg3QVYDOFCLXffXqtIda/V+6lfwT BuAj287HJNySajbBbMzeJKx0WswxaSaPZhMXcrRU6v5sUAOj/l0QRbA92WG9Di9e KPXn9j+bnmPkDXx262n8eb9P1E3sMDjRwMpDNxcIzfdIQYM6tuPkXNxa1kBPsFGI h3C1tPa5GqeMNp4MU+tKkMABudP3z8dTS3uxQsIEXUzkWwyPNsJIMgQ4RdZL9SNc FrkLHHmdF+C4rJg9FujaiiyN2+YihmX7IMYAZnerBCCdz4augIMpFJoEzrWfMPzq p7VQNrb5ZINOlA== -----END CERTIFICATE-----Generated at Sat Dec 6 13:23:42 2025 by rpki-client