This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/4168da-e65c-47b6-bb61-36f24ad4a04f/1/z8cAjG-Rci3DsSdSdVjr2rxoDOY.mft File: z8cAjG-Rci3DsSdSdVjr2rxoDOY.mft (raw, json) Hash identifier: 3Ik2UKkRJNkevVT/oKByBLxfFLOLs8e3L02A3gbMEP0= Subject key identifier: 77:CF:A1:78:4B:8A:6B:A4:0A:B2:05:3C:1A:BC:A8:34:57:A3:51:ED Authority key identifier: CF:C7:00:8C:6F:91:72:2D:C3:B1:27:52:75:58:EB:DA:BC:68:0C:E6 Certificate issuer: /CN=cfc7008c6f91722dc3b127527558ebdabc680ce6 Certificate serial: 019AF12CDEE09825C68D241EB590B44E5EFB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z8cAjG-Rci3DsSdSdVjr2rxoDOY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/4168da-e65c-47b6-bb61-36f24ad4a04f/1/z8cAjG-Rci3DsSdSdVjr2rxoDOY.mft Manifest number: 10C1 Signing time: Sat 06 Dec 2025 01:00:40 +0000 Manifest this update: Sat 06 Dec 2025 01:00:40 +0000 Manifest next update: Sun 07 Dec 2025 01:00:40 +0000 Files and hashes: 1: z8cAjG-Rci3DsSdSdVjr2rxoDOY.crl (hash: 4ol2rxV2PvRz21zZEhw62LVS9MSla88vrQdTiLw0arM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/4168da-e65c-47b6-bb61-36f24ad4a04f/1/z8cAjG-Rci3DsSdSdVjr2rxoDOY.crl rsync://rpki.ripe.net/repository/DEFAULT/aa/4168da-e65c-47b6-bb61-36f24ad4a04f/1/z8cAjG-Rci3DsSdSdVjr2rxoDOY.mft rsync://rpki.ripe.net/repository/DEFAULT/z8cAjG-Rci3DsSdSdVjr2rxoDOY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:00:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2c:de:e0:98:25:c6:8d:24:1e:b5:90:b4:4e:5e:fb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cfc7008c6f91722dc3b127527558ebdabc680ce6 Validity Not Before: Dec 6 01:00:40 2025 GMT Not After : Dec 7 01:00:40 2025 GMT Subject: CN=77cfa1784b8a6ba40ab2053c1abca83457a351ed Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:b7:ff:5e:9d:a7:38:04:a5:81:6a:af:03:b2: 89:e8:f3:87:2b:52:5c:3e:5b:9a:67:03:44:90:43: 7e:8a:1a:b8:84:e2:d7:8c:d7:74:6f:74:cc:53:cf: 9a:cc:3f:fd:ee:5b:91:f7:c3:d4:54:6d:d4:51:fa: d4:a0:d1:82:8e:aa:d7:08:7e:2c:8e:ea:47:51:a7: f9:ce:cc:9e:51:61:7f:7a:38:ee:e9:33:ee:ed:35: 1f:88:43:fa:d4:0b:31:6a:cb:d5:d1:47:51:ba:11: a5:10:5b:58:8d:6a:71:42:43:23:f9:94:15:f6:e6: b0:2c:f8:79:3b:77:ad:8b:98:57:86:a5:9c:24:c2: e3:ce:0a:86:26:fe:21:67:96:b6:3c:1a:75:f8:0b: ae:95:9b:49:2a:eb:06:cb:93:e5:4f:16:3b:7f:c6: 7d:b8:7c:ef:90:61:49:64:b4:10:ca:b2:5c:34:ec: 67:05:c7:19:de:8c:a1:7e:0d:02:a6:cc:85:b1:0e: 95:83:d0:71:72:66:3c:6b:a9:c8:a5:44:b8:9d:44: 75:ed:da:a9:15:90:42:2d:47:d0:d5:7e:a8:33:27: ab:b6:bf:a2:02:ce:67:62:4a:5b:0b:3c:7d:82:b7: 56:3d:da:56:99:38:d7:1c:c1:8a:72:0d:6c:8c:60: 0b:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 77:CF:A1:78:4B:8A:6B:A4:0A:B2:05:3C:1A:BC:A8:34:57:A3:51:ED X509v3 Authority Key Identifier: keyid:CF:C7:00:8C:6F:91:72:2D:C3:B1:27:52:75:58:EB:DA:BC:68:0C:E6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z8cAjG-Rci3DsSdSdVjr2rxoDOY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/4168da-e65c-47b6-bb61-36f24ad4a04f/1/z8cAjG-Rci3DsSdSdVjr2rxoDOY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/4168da-e65c-47b6-bb61-36f24ad4a04f/1/z8cAjG-Rci3DsSdSdVjr2rxoDOY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 56:aa:61:08:48:ec:7c:76:f7:da:81:e8:a3:18:30:f8:0b:61: 4c:e8:1c:ab:1b:a8:95:de:4f:31:10:18:f2:e9:95:9f:6e:3b: 8f:fe:ad:3a:8e:04:a7:88:4e:d2:76:af:1f:4a:1c:8c:fd:d2: 54:55:46:f7:fe:9b:34:20:12:84:e7:5d:71:3c:3e:a5:20:d5: 35:fb:36:9f:5f:d6:ab:5a:2e:f6:20:0c:97:70:89:52:da:ce: 0a:12:29:cc:b2:64:ef:64:46:1f:68:ae:fa:7c:0d:e3:b4:a4: 2f:fe:78:e7:ad:cd:c7:25:1a:21:21:6a:b7:99:aa:15:e8:2d: e8:24:da:43:c4:c6:f7:c9:5e:d7:af:5b:a1:e7:69:6e:19:2b: 9c:70:22:07:fb:92:34:6b:e8:c4:db:3b:47:b4:76:82:a2:7d: a4:fa:a2:22:76:24:3b:f7:a6:7d:a4:45:3b:e1:39:f7:c3:57: 5c:c7:75:05:b4:df:b1:be:53:a3:ad:47:77:1b:d5:e0:18:62: 68:05:a0:18:fb:80:97:29:c2:0e:47:aa:15:b5:e3:2a:f3:f7: 18:6f:b1:68:03:f2:22:ec:fb:fc:e5:b2:31:ca:7c:95:a0:32: de:f0:89:32:ce:b1:13:b1:06:08:c6:fe:3f:e8:27:ed:46:23: 22:1e:2f:d2 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLN7gmCXGjSQetZC0Tl77MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNmYzcwMDhjNmY5MTcyMmRjM2IxMjc1Mjc1NThlYmRhYmM2 ODBjZTYwHhcNMjUxMjA2MDEwMDQwWhcNMjUxMjA3MDEwMDQwWjAzMTEwLwYDVQQD Eyg3N2NmYTE3ODRiOGE2YmE0MGFiMjA1M2MxYWJjYTgzNDU3YTM1MWVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApLf/Xp2nOASlgWqvA7KJ6POHK1Jc PluaZwNEkEN+ihq4hOLXjNd0b3TMU8+azD/97luR98PUVG3UUfrUoNGCjqrXCH4s jupHUaf5zsyeUWF/ejju6TPu7TUfiEP61AsxasvV0UdRuhGlEFtYjWpxQkMj+ZQV 9uawLPh5O3eti5hXhqWcJMLjzgqGJv4hZ5a2PBp1+AuulZtJKusGy5PlTxY7f8Z9 uHzvkGFJZLQQyrJcNOxnBccZ3oyhfg0CpsyFsQ6Vg9BxcmY8a6nIpUS4nUR17dqp FZBCLUfQ1X6oMyertr+iAs5nYkpbCzx9grdWPdpWmTjXHMGKcg1sjGALLQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHfPoXhLimukCrIFPBq8qDRXo1HtMB8GA1UdIwQY MBaAFM/HAIxvkXItw7EnUnVY69q8aAzmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvejhjQWpHLVJjaTNEc1NkU2RWanIycnhvRE9ZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS80MTY4ZGEtZTY1Yy00N2I2LWJiNjEt MzZmMjRhZDRhMDRmLzEvejhjQWpHLVJjaTNEc1NkU2RWanIycnhvRE9ZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hYS80MTY4ZGEtZTY1Yy00N2I2LWJiNjEtMzZmMjRhZDRhMDRm LzEvejhjQWpHLVJjaTNEc1NkU2RWanIycnhvRE9ZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVqphCEjs fHb32oHooxgw+AthTOgcqxuold5PMRAY8umVn247j/6tOo4Ep4hO0navH0ocjP3S VFVG9/6bNCAShOddcTw+pSDVNfs2n1/Wq1ou9iAMl3CJUtrOChIpzLJk72RGH2iu +nwN47SkL/54563NxyUaISFqt5mqFegt6CTaQ8TG98le169boedpbhkrnHAiB/uS NGvoxNs7R7R2gqJ9pPqiInYkO/emfaRFO+E598NXXMd1BbTfsb5To61HdxvV4Bhi aAWgGPuAlynCDkeqFbXjKvP3GG+xaAPyIuz7/OWyMcp8laAy3vCJMs6xE7EGCMb+ P+gn7UYjIh4v0g== -----END CERTIFICATE-----Generated at Sat Dec 6 11:05:46 2025 by rpki-client