This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/da9c62-8e16-46df-be2b-06b9ed99f16c/1/PZTfZaO93ftVYJ8YUOFJ-CvqePc.mft File: PZTfZaO93ftVYJ8YUOFJ-CvqePc.mft (raw, json) Hash identifier: 3O4mcVFFOVZhKsmJYVKvY3TpqCfjemlhklQ7Pd7dy9A= Subject key identifier: 4D:47:1E:70:4A:48:7E:35:29:C6:6B:CA:39:DE:10:DB:4C:EF:82:BA Authority key identifier: 3D:94:DF:65:A3:BD:DD:FB:55:60:9F:18:50:E1:49:F8:2B:EA:78:F7 Certificate issuer: /CN=3d94df65a3bdddfb55609f1850e149f82bea78f7 Certificate serial: 019AF24014078AFA2A94B11D447A45702251 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PZTfZaO93ftVYJ8YUOFJ-CvqePc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/da9c62-8e16-46df-be2b-06b9ed99f16c/1/PZTfZaO93ftVYJ8YUOFJ-CvqePc.mft Manifest number: 0C7E Signing time: Sat 06 Dec 2025 06:01:16 +0000 Manifest this update: Sat 06 Dec 2025 06:01:16 +0000 Manifest next update: Sun 07 Dec 2025 06:01:16 +0000 Files and hashes: 1: 4HFAWmQXrJvJPwvQ-nacdREAjwA.roa (hash: smesMzM3abS3/IiONa1NHYIBIDWL+noqBcVPlJGz8P8=) 2: PZTfZaO93ftVYJ8YUOFJ-CvqePc.crl (hash: 2eU54DZikuGVUJo1ms5lhk3CXQ60RGwoycZOMxZLqHs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/98/da9c62-8e16-46df-be2b-06b9ed99f16c/1/PZTfZaO93ftVYJ8YUOFJ-CvqePc.crl rsync://rpki.ripe.net/repository/DEFAULT/98/da9c62-8e16-46df-be2b-06b9ed99f16c/1/PZTfZaO93ftVYJ8YUOFJ-CvqePc.mft rsync://rpki.ripe.net/repository/DEFAULT/PZTfZaO93ftVYJ8YUOFJ-CvqePc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:40:14:07:8a:fa:2a:94:b1:1d:44:7a:45:70:22:51 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3d94df65a3bdddfb55609f1850e149f82bea78f7 Validity Not Before: Dec 6 06:01:16 2025 GMT Not After : Dec 7 06:01:16 2025 GMT Subject: CN=4d471e704a487e3529c66bca39de10db4cef82ba Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:a8:5b:05:e0:f2:85:56:0a:0c:8d:ab:99:8e: 91:e2:07:9f:b0:61:09:09:4a:66:c0:05:21:2c:b8: 9a:d8:c2:c9:3b:7c:46:14:d7:41:6a:59:75:d0:ba: 1a:13:d4:96:dc:eb:a5:dd:a7:fc:54:b1:87:cb:a1: 48:40:90:dd:36:57:b7:35:6b:ec:bb:4d:86:49:5e: 22:2b:4f:3f:51:18:1e:16:69:0c:50:c4:0b:6c:f5: c9:ae:ac:c0:37:7a:16:fb:66:2a:69:c3:f0:94:d7: 41:bc:cc:38:c7:99:2a:b7:59:6e:e2:ff:24:9a:5e: 3d:4e:97:75:46:58:f0:83:20:97:dd:6c:c2:9c:ff: 30:8e:14:9e:4b:2d:9a:bf:10:48:eb:00:84:be:96: 7f:0d:75:70:8b:71:3f:6c:7a:1f:4b:63:6c:e7:dd: 56:e5:44:ea:a5:d7:58:6d:ca:ee:a6:06:97:1d:d5: 7f:58:9b:2f:34:a1:4f:cf:e1:56:5e:66:57:4a:37: aa:0e:e3:45:77:7e:73:97:76:67:b2:a2:25:c2:c9: 1e:e0:c1:17:7a:fb:be:ee:73:69:cb:ad:7d:23:76: 7d:16:cc:e8:b4:41:0f:c3:6a:35:1a:ab:e7:b4:19: 95:27:bd:62:08:02:3b:82:a7:9f:9d:db:53:5d:bf: ff:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:47:1E:70:4A:48:7E:35:29:C6:6B:CA:39:DE:10:DB:4C:EF:82:BA X509v3 Authority Key Identifier: keyid:3D:94:DF:65:A3:BD:DD:FB:55:60:9F:18:50:E1:49:F8:2B:EA:78:F7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PZTfZaO93ftVYJ8YUOFJ-CvqePc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/da9c62-8e16-46df-be2b-06b9ed99f16c/1/PZTfZaO93ftVYJ8YUOFJ-CvqePc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/98/da9c62-8e16-46df-be2b-06b9ed99f16c/1/PZTfZaO93ftVYJ8YUOFJ-CvqePc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 07:85:ca:ed:a2:a6:4a:0b:47:ee:10:da:e1:8b:76:d7:63:65: af:4d:82:e4:fd:f5:a3:63:cd:58:74:6d:81:ae:ae:cb:fa:21: f8:04:05:c0:b1:c2:04:88:52:00:3f:75:55:4e:34:0f:9e:2c: 10:63:1d:36:64:68:5c:16:3a:d9:1b:25:98:7a:31:1c:41:1b: 56:40:4f:f1:6e:45:83:44:ed:3a:a6:39:3f:c9:c9:9b:02:b2: a3:18:f4:96:c4:08:e0:c7:41:0a:dd:f1:c6:f5:4a:7d:23:8b: 80:bd:e0:85:36:26:5e:62:9e:4c:0c:21:13:d5:4e:8d:ee:63: 75:4b:0f:f0:5c:54:4a:47:23:92:85:06:49:ce:d2:e4:66:d8: 52:6a:3f:3a:11:77:e6:bb:2e:7c:36:68:dd:f4:6a:74:aa:de: 52:62:5f:18:2d:81:4f:c6:06:38:70:56:dc:e9:f5:f3:a0:15: 2d:5b:a4:98:db:5e:93:73:8c:7e:75:2d:af:29:c4:c9:90:80: 1c:b7:e9:18:4a:60:fa:df:5b:09:0f:9c:ba:4d:2e:0e:01:09: 2f:66:7d:f7:d6:f3:1a:70:42:5d:b3:c1:e8:bb:ff:b8:f3:31: bc:a8:da:74:e1:30:bc:36:9b:64:6f:88:c0:0f:51:55:ff:75: c4:61:c7:8d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryQBQHivoqlLEdRHpFcCJRMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNkOTRkZjY1YTNiZGRkZmI1NTYwOWYxODUwZTE0OWY4MmJl YTc4ZjcwHhcNMjUxMjA2MDYwMTE2WhcNMjUxMjA3MDYwMTE2WjAzMTEwLwYDVQQD Eyg0ZDQ3MWU3MDRhNDg3ZTM1MjljNjZiY2EzOWRlMTBkYjRjZWY4MmJhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyqhbBeDyhVYKDI2rmY6R4gefsGEJ CUpmwAUhLLia2MLJO3xGFNdBall10LoaE9SW3Oul3af8VLGHy6FIQJDdNle3NWvs u02GSV4iK08/URgeFmkMUMQLbPXJrqzAN3oW+2YqacPwlNdBvMw4x5kqt1lu4v8k ml49Tpd1RljwgyCX3WzCnP8wjhSeSy2avxBI6wCEvpZ/DXVwi3E/bHofS2Ns591W 5UTqpddYbcrupgaXHdV/WJsvNKFPz+FWXmZXSjeqDuNFd35zl3ZnsqIlwske4MEX evu+7nNpy619I3Z9FszotEEPw2o1GqvntBmVJ71iCAI7gqefndtTXb//VwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFE1HHnBKSH41KcZryjneENtM74K6MB8GA1UdIwQY MBaAFD2U32Wjvd37VWCfGFDhSfgr6nj3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUFpUZlphTzkzZnRWWUo4WVVPRkotQ3ZxZVBjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC9kYTljNjItOGUxNi00NmRmLWJlMmIt MDZiOWVkOTlmMTZjLzEvUFpUZlphTzkzZnRWWUo4WVVPRkotQ3ZxZVBjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85OC9kYTljNjItOGUxNi00NmRmLWJlMmItMDZiOWVkOTlmMTZj LzEvUFpUZlphTzkzZnRWWUo4WVVPRkotQ3ZxZVBjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAB4XK7aKm SgtH7hDa4Yt212Nlr02C5P31o2PNWHRtga6uy/oh+AQFwLHCBIhSAD91VU40D54s EGMdNmRoXBY62RslmHoxHEEbVkBP8W5Fg0TtOqY5P8nJmwKyoxj0lsQI4MdBCt3x xvVKfSOLgL3ghTYmXmKeTAwhE9VOje5jdUsP8FxUSkcjkoUGSc7S5GbYUmo/OhF3 5rsufDZo3fRqdKreUmJfGC2BT8YGOHBW3On186AVLVukmNtek3OMfnUtrynEyZCA HLfpGEpg+t9bCQ+cuk0uDgEJL2Z999bzGnBCXbPB6Lv/uPMxvKjadOEwvDabZG+I wA9RVf91xGHHjQ== -----END CERTIFICATE-----Generated at Sat Dec 6 10:08:46 2025 by rpki-client