This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/bda7cc-645c-4821-ad22-3e44fcac3bc5/1/z1PAwqcKnguguGDSKQTbsOkrkgs.mft File: z1PAwqcKnguguGDSKQTbsOkrkgs.mft (raw, json) Hash identifier: vdghOq0RzsWJktG02hiMqetgSPwEYXb3R/B4hpd6F7Y= Subject key identifier: D9:DD:23:91:90:17:4C:FD:7A:4E:14:97:93:26:8C:F0:85:BE:6C:5F Authority key identifier: CF:53:C0:C2:A7:0A:9E:0B:A0:B8:60:D2:29:04:DB:B0:E9:2B:92:0B Certificate issuer: /CN=cf53c0c2a70a9e0ba0b860d22904dbb0e92b920b Certificate serial: 019AF12DCD2C8815D7801E1A894BB3CDFDF7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z1PAwqcKnguguGDSKQTbsOkrkgs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/bda7cc-645c-4821-ad22-3e44fcac3bc5/1/z1PAwqcKnguguGDSKQTbsOkrkgs.mft Manifest number: 06CF Signing time: Sat 06 Dec 2025 01:01:41 +0000 Manifest this update: Sat 06 Dec 2025 01:01:41 +0000 Manifest next update: Sun 07 Dec 2025 01:01:41 +0000 Files and hashes: 1: PYhNNzuk9SlKthV_33iOWNORmCM.roa (hash: 8PTIGwrPsJPGQk8kIZHLm7NCCrY0xp7lDA1kLSNWPlg=) 2: z1PAwqcKnguguGDSKQTbsOkrkgs.crl (hash: B+mqUh16I5rMOGf6kZRS0Ag4lIPRa2+jDeHNXidZ4SA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/bda7cc-645c-4821-ad22-3e44fcac3bc5/1/z1PAwqcKnguguGDSKQTbsOkrkgs.crl rsync://rpki.ripe.net/repository/DEFAULT/c4/bda7cc-645c-4821-ad22-3e44fcac3bc5/1/z1PAwqcKnguguGDSKQTbsOkrkgs.mft rsync://rpki.ripe.net/repository/DEFAULT/z1PAwqcKnguguGDSKQTbsOkrkgs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:01:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2d:cd:2c:88:15:d7:80:1e:1a:89:4b:b3:cd:fd:f7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cf53c0c2a70a9e0ba0b860d22904dbb0e92b920b Validity Not Before: Dec 6 01:01:41 2025 GMT Not After : Dec 7 01:01:41 2025 GMT Subject: CN=d9dd239190174cfd7a4e149793268cf085be6c5f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:87:ec:b8:d5:e7:21:26:2b:f4:2d:8a:3e:a9: 53:6c:85:e8:4d:34:de:4a:ee:e9:51:68:e0:f2:d1: 8b:82:16:3f:10:1d:0a:99:a5:ba:64:c7:6a:d6:64: 9f:f4:29:1b:30:e8:b7:c0:8c:2b:e2:ef:f8:20:c8: 9f:1b:32:e1:6f:21:48:92:42:cd:40:9d:47:02:43: 7c:35:d5:38:d0:32:44:51:08:34:99:fd:9e:91:fe: f5:0e:65:ba:6a:e0:ae:79:9a:34:f4:68:90:14:db: b1:b3:36:5d:4b:dd:50:8a:47:94:81:3d:39:f1:bb: 2c:1a:b0:8c:1f:ff:e2:2f:de:9a:cd:0e:9d:58:cb: 65:ab:0e:31:62:39:94:40:84:68:a0:e8:b5:34:d5: ca:83:72:de:3d:36:0d:f2:4b:fe:dc:10:ca:bb:37: 6d:6d:05:f2:1b:f7:ee:67:59:78:6d:57:80:70:12: 4a:65:e3:16:96:b4:e9:b2:00:10:81:77:c5:23:f3: 0a:4f:9b:50:6c:03:e0:9c:29:66:c9:d7:4a:ef:6d: 24:93:3d:b1:65:86:92:e1:4e:8a:3f:cb:1c:bd:cf: 4d:3c:c9:a6:6a:88:00:61:15:d9:3e:31:b0:42:55: 1a:84:a9:8b:dc:13:8b:d2:df:cd:04:e9:80:d5:15: 33:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:DD:23:91:90:17:4C:FD:7A:4E:14:97:93:26:8C:F0:85:BE:6C:5F X509v3 Authority Key Identifier: keyid:CF:53:C0:C2:A7:0A:9E:0B:A0:B8:60:D2:29:04:DB:B0:E9:2B:92:0B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z1PAwqcKnguguGDSKQTbsOkrkgs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/bda7cc-645c-4821-ad22-3e44fcac3bc5/1/z1PAwqcKnguguGDSKQTbsOkrkgs.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/bda7cc-645c-4821-ad22-3e44fcac3bc5/1/z1PAwqcKnguguGDSKQTbsOkrkgs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 95:c1:fe:4e:68:9e:ee:38:dd:60:1e:af:56:a8:40:6e:96:1f: 34:23:a6:2b:73:72:6c:d3:33:a4:f3:a9:d0:22:3e:eb:82:c9: 34:e5:df:79:ec:c4:7f:f1:59:cc:94:5a:5d:40:c8:04:ef:40: ff:5b:e5:f2:96:b5:0e:28:93:eb:17:9e:99:5f:0a:f9:c6:13: 8c:56:cd:17:99:f1:19:fa:bd:95:2d:d0:3c:f0:d5:33:76:59: 02:45:03:f0:f8:d8:f2:91:15:dd:60:03:90:28:92:31:03:60: d2:b3:0f:08:4b:08:6c:f4:15:88:2a:8c:2b:ed:06:cb:13:76: 98:95:64:2f:28:b4:1f:a9:1c:66:92:7b:bd:65:75:0a:01:86: b8:d1:88:53:b7:93:41:6d:c9:b6:76:e4:35:26:51:6f:6c:b8: 44:48:50:0c:99:ec:43:a0:45:fd:86:f5:f4:05:2a:e2:71:7e: 8c:d8:20:f2:0e:ba:06:9e:ed:3a:59:d8:12:41:ae:06:d4:fc: c6:9c:1c:95:40:12:82:5c:5e:fe:e6:64:00:c3:3c:aa:4a:5e: bb:1b:af:5b:5c:95:ab:b1:cc:22:ee:7d:85:d4:27:40:a9:c8: bb:37:d0:50:90:5e:8b:fe:05:4a:14:df:5d:31:c3:31:3d:00: dd:7f:55:9b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLc0siBXXgB4aiUuzzf33MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNmNTNjMGMyYTcwYTllMGJhMGI4NjBkMjI5MDRkYmIwZTky YjkyMGIwHhcNMjUxMjA2MDEwMTQxWhcNMjUxMjA3MDEwMTQxWjAzMTEwLwYDVQQD EyhkOWRkMjM5MTkwMTc0Y2ZkN2E0ZTE0OTc5MzI2OGNmMDg1YmU2YzVmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvYfsuNXnISYr9C2KPqlTbIXoTTTe Su7pUWjg8tGLghY/EB0KmaW6ZMdq1mSf9CkbMOi3wIwr4u/4IMifGzLhbyFIkkLN QJ1HAkN8NdU40DJEUQg0mf2ekf71DmW6auCueZo09GiQFNuxszZdS91QikeUgT05 8bssGrCMH//iL96azQ6dWMtlqw4xYjmUQIRooOi1NNXKg3LePTYN8kv+3BDKuzdt bQXyG/fuZ1l4bVeAcBJKZeMWlrTpsgAQgXfFI/MKT5tQbAPgnClmyddK720kkz2x ZYaS4U6KP8scvc9NPMmmaogAYRXZPjGwQlUahKmL3BOL0t/NBOmA1RUzAQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNndI5GQF0z9ek4Ul5MmjPCFvmxfMB8GA1UdIwQY MBaAFM9TwMKnCp4LoLhg0ikE27DpK5ILMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvejFQQXdxY0tuZ3VndUdEU0tRVGJzT2tya2dzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9iZGE3Y2MtNjQ1Yy00ODIxLWFkMjIt M2U0NGZjYWMzYmM1LzEvejFQQXdxY0tuZ3VndUdEU0tRVGJzT2tya2dzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jNC9iZGE3Y2MtNjQ1Yy00ODIxLWFkMjItM2U0NGZjYWMzYmM1 LzEvejFQQXdxY0tuZ3VndUdEU0tRVGJzT2tya2dzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlcH+Tmie 7jjdYB6vVqhAbpYfNCOmK3NybNMzpPOp0CI+64LJNOXfeezEf/FZzJRaXUDIBO9A /1vl8pa1DiiT6xeemV8K+cYTjFbNF5nxGfq9lS3QPPDVM3ZZAkUD8PjY8pEV3WAD kCiSMQNg0rMPCEsIbPQViCqMK+0GyxN2mJVkLyi0H6kcZpJ7vWV1CgGGuNGIU7eT QW3JtnbkNSZRb2y4REhQDJnsQ6BF/Yb19AUq4nF+jNgg8g66Bp7tOlnYEkGuBtT8 xpwclUASglxe/uZkAMM8qkpeuxuvW1yVq7HMIu59hdQnQKnIuzfQUJBei/4FShTf XTHDMT0A3X9Vmw== -----END CERTIFICATE-----Generated at Sat Dec 6 08:34:58 2025 by rpki-client