This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/da9c62-8e16-46df-be2b-06b9ed99f16c/1/PZTfZaO93ftVYJ8YUOFJ-CvqePc.mft File: PZTfZaO93ftVYJ8YUOFJ-CvqePc.mft (raw, json) Hash identifier: ErYt9VA6OPYG2vb9bZxGftnwrJVzI7XaWQZc3ta3tUI= Subject key identifier: B7:99:61:B1:6F:46:91:19:79:A9:01:37:76:B6:65:23:4A:05:AD:C7 Authority key identifier: 3D:94:DF:65:A3:BD:DD:FB:55:60:9F:18:50:E1:49:F8:2B:EA:78:F7 Certificate issuer: /CN=3d94df65a3bdddfb55609f1850e149f82bea78f7 Certificate serial: 019B266440AEDC58AFB96B2EC0FBD04B4432 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PZTfZaO93ftVYJ8YUOFJ-CvqePc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/da9c62-8e16-46df-be2b-06b9ed99f16c/1/PZTfZaO93ftVYJ8YUOFJ-CvqePc.mft Manifest number: 0C99 Signing time: Tue 16 Dec 2025 09:01:02 +0000 Manifest this update: Tue 16 Dec 2025 09:01:02 +0000 Manifest next update: Wed 17 Dec 2025 09:01:02 +0000 Files and hashes: 1: 4HFAWmQXrJvJPwvQ-nacdREAjwA.roa (hash: smesMzM3abS3/IiONa1NHYIBIDWL+noqBcVPlJGz8P8=) 2: PZTfZaO93ftVYJ8YUOFJ-CvqePc.crl (hash: F610L4FX0Hg+z5DKO+lky7ljW319Yqu8qJySm9I/utY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/98/da9c62-8e16-46df-be2b-06b9ed99f16c/1/PZTfZaO93ftVYJ8YUOFJ-CvqePc.crl rsync://rpki.ripe.net/repository/DEFAULT/98/da9c62-8e16-46df-be2b-06b9ed99f16c/1/PZTfZaO93ftVYJ8YUOFJ-CvqePc.mft rsync://rpki.ripe.net/repository/DEFAULT/PZTfZaO93ftVYJ8YUOFJ-CvqePc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 17 Dec 2025 09:01:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:26:64:40:ae:dc:58:af:b9:6b:2e:c0:fb:d0:4b:44:32 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3d94df65a3bdddfb55609f1850e149f82bea78f7 Validity Not Before: Dec 16 09:01:02 2025 GMT Not After : Dec 17 09:01:02 2025 GMT Subject: CN=b79961b16f46911979a9013776b665234a05adc7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:97:46:df:8e:60:90:d5:41:d1:db:b3:75:a9: fa:9e:4a:c6:18:95:6f:b0:c5:9e:b5:f4:62:41:73: 0b:aa:b0:5a:d2:3c:03:58:8c:23:2f:b9:2e:81:5b: ad:cf:bd:66:cf:cb:13:46:0d:1c:a8:74:e0:3d:a4: 30:8d:83:0e:d5:95:e8:57:1a:4c:25:b4:ec:f6:cc: fb:47:b4:7c:f4:58:8d:c1:3b:28:52:db:6b:e0:44: 17:34:f3:1c:01:9b:5c:48:be:5b:86:69:98:bb:3e: ae:37:04:20:db:7d:f8:cd:25:e8:77:e3:9e:70:e4: 76:c5:4d:2c:ce:76:95:cb:a9:cf:ff:a2:ca:6a:6c: 4f:fe:03:ab:51:eb:aa:52:72:7c:06:20:dc:77:83: 48:b5:29:02:1f:68:0d:c5:98:c2:42:70:4c:b7:3e: 9c:5f:5c:83:97:cb:0b:fd:7a:4e:a1:b9:2a:ee:d6: 12:e9:c3:be:c1:ba:b1:17:66:64:d0:98:8c:52:36: c1:b8:c9:e2:ad:b2:99:ae:46:c3:06:81:3b:29:dd: 9d:2e:95:d1:6a:67:70:00:05:32:43:40:68:7c:b0: 5d:dd:f8:b7:fa:3b:35:41:d6:36:71:c5:d2:86:2d: f3:0d:a6:8c:1d:79:74:5e:24:e4:b6:f9:fe:cf:1a: cd:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B7:99:61:B1:6F:46:91:19:79:A9:01:37:76:B6:65:23:4A:05:AD:C7 X509v3 Authority Key Identifier: keyid:3D:94:DF:65:A3:BD:DD:FB:55:60:9F:18:50:E1:49:F8:2B:EA:78:F7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PZTfZaO93ftVYJ8YUOFJ-CvqePc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/da9c62-8e16-46df-be2b-06b9ed99f16c/1/PZTfZaO93ftVYJ8YUOFJ-CvqePc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/98/da9c62-8e16-46df-be2b-06b9ed99f16c/1/PZTfZaO93ftVYJ8YUOFJ-CvqePc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3b:d3:18:43:aa:9a:73:45:b0:01:91:f2:82:aa:79:6d:5c:f5: 73:ce:ca:da:17:6b:60:56:96:dd:eb:75:ce:0d:e0:e4:5e:a4: 8c:3a:92:7a:0d:d8:3c:49:69:b6:cf:2f:15:a2:99:0a:65:bd: f7:59:2f:ae:00:24:0b:00:a7:73:96:f1:20:9f:ab:ad:e8:6b: c2:e9:18:4d:12:a4:62:a3:c3:54:59:75:a2:a2:d3:e6:33:2e: 5d:3e:f9:15:d0:c3:d0:2e:bd:93:9b:28:3f:c9:e7:92:5b:3d: c0:62:33:ba:1c:dd:9a:44:1a:05:a8:33:32:0e:e9:a8:e6:fd: 58:52:9a:8f:9c:75:ee:b6:78:a8:44:fc:24:8c:46:e8:e2:b5: dd:02:34:97:7c:fc:14:c1:b1:bf:d8:ea:cd:02:e2:d4:d3:62: 5f:53:d3:b4:cf:47:71:93:f2:f9:36:28:c4:d0:05:6f:5f:1a: 24:44:b2:ad:3b:b2:a1:d9:c4:17:8d:9f:38:e0:6d:b3:60:bc: 84:fb:ea:62:09:34:04:ff:f2:75:b1:c4:f2:8e:c9:e4:42:d8: 20:75:d1:45:81:78:bf:38:4c:6a:4f:c8:8b:18:f9:ed:3f:8b: da:dc:4a:a4:d0:a6:84:a6:89:22:24:10:02:ce:e8:d9:10:b2: 8d:2e:7a:a0 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsmZECu3FivuWsuwPvQS0QyMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNkOTRkZjY1YTNiZGRkZmI1NTYwOWYxODUwZTE0OWY4MmJl YTc4ZjcwHhcNMjUxMjE2MDkwMTAyWhcNMjUxMjE3MDkwMTAyWjAzMTEwLwYDVQQD EyhiNzk5NjFiMTZmNDY5MTE5NzlhOTAxMzc3NmI2NjUyMzRhMDVhZGM3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyJdG345gkNVB0duzdan6nkrGGJVv sMWetfRiQXMLqrBa0jwDWIwjL7kugVutz71mz8sTRg0cqHTgPaQwjYMO1ZXoVxpM JbTs9sz7R7R89FiNwTsoUttr4EQXNPMcAZtcSL5bhmmYuz6uNwQg2334zSXod+Oe cOR2xU0sznaVy6nP/6LKamxP/gOrUeuqUnJ8BiDcd4NItSkCH2gNxZjCQnBMtz6c X1yDl8sL/XpOobkq7tYS6cO+wbqxF2Zk0JiMUjbBuMnirbKZrkbDBoE7Kd2dLpXR amdwAAUyQ0BofLBd3fi3+js1QdY2ccXShi3zDaaMHXl0XiTktvn+zxrNXwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLeZYbFvRpEZeakBN3a2ZSNKBa3HMB8GA1UdIwQY MBaAFD2U32Wjvd37VWCfGFDhSfgr6nj3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUFpUZlphTzkzZnRWWUo4WVVPRkotQ3ZxZVBjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC9kYTljNjItOGUxNi00NmRmLWJlMmIt MDZiOWVkOTlmMTZjLzEvUFpUZlphTzkzZnRWWUo4WVVPRkotQ3ZxZVBjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85OC9kYTljNjItOGUxNi00NmRmLWJlMmItMDZiOWVkOTlmMTZj LzEvUFpUZlphTzkzZnRWWUo4WVVPRkotQ3ZxZVBjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO9MYQ6qa c0WwAZHygqp5bVz1c87K2hdrYFaW3et1zg3g5F6kjDqSeg3YPElpts8vFaKZCmW9 91kvrgAkCwCnc5bxIJ+rrehrwukYTRKkYqPDVFl1oqLT5jMuXT75FdDD0C69k5so P8nnkls9wGIzuhzdmkQaBagzMg7pqOb9WFKaj5x17rZ4qET8JIxG6OK13QI0l3z8 FMGxv9jqzQLi1NNiX1PTtM9HcZPy+TYoxNAFb18aJESyrTuyodnEF42fOOBts2C8 hPvqYgk0BP/ydbHE8o7J5ELYIHXRRYF4vzhMak/Iixj57T+L2txKpNCmhKaJIiQQ As7o2RCyjS56oA== -----END CERTIFICATE-----Generated at Tue Dec 16 19:10:10 2025 by rpki-client