This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/e6de68-a6e2-4ade-a096-56078c84dc17/1/z9rC7BEEwkXZyrqOthY46drxADk.mft File: z9rC7BEEwkXZyrqOthY46drxADk.mft (raw, json) Hash identifier: 9sG/kFiCLE5ASYbHaYjoS0er28o3rDU4K9wtAe6lNgA= Subject key identifier: 42:F3:06:D9:3E:17:04:32:56:C5:56:6D:B7:6C:0C:0C:F1:52:3B:E3 Authority key identifier: CF:DA:C2:EC:11:04:C2:45:D9:CA:BA:8E:B6:16:38:E9:DA:F1:00:39 Certificate issuer: /CN=cfdac2ec1104c245d9caba8eb61638e9daf10039 Certificate serial: 019AF12CD82F5E6939ADBCEB2E2976469E64 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z9rC7BEEwkXZyrqOthY46drxADk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/e6de68-a6e2-4ade-a096-56078c84dc17/1/z9rC7BEEwkXZyrqOthY46drxADk.mft Manifest number: 129E Signing time: Sat 06 Dec 2025 01:00:39 +0000 Manifest this update: Sat 06 Dec 2025 01:00:39 +0000 Manifest next update: Sun 07 Dec 2025 01:00:39 +0000 Files and hashes: 1: z9rC7BEEwkXZyrqOthY46drxADk.crl (hash: TGnLZbyGX3Xge4mE+YRm7D/N7JJHypCqbAQC8DiXL8E=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/e6de68-a6e2-4ade-a096-56078c84dc17/1/z9rC7BEEwkXZyrqOthY46drxADk.crl rsync://rpki.ripe.net/repository/DEFAULT/ca/e6de68-a6e2-4ade-a096-56078c84dc17/1/z9rC7BEEwkXZyrqOthY46drxADk.mft rsync://rpki.ripe.net/repository/DEFAULT/z9rC7BEEwkXZyrqOthY46drxADk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:00:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2c:d8:2f:5e:69:39:ad:bc:eb:2e:29:76:46:9e:64 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cfdac2ec1104c245d9caba8eb61638e9daf10039 Validity Not Before: Dec 6 01:00:39 2025 GMT Not After : Dec 7 01:00:39 2025 GMT Subject: CN=42f306d93e17043256c5566db76c0c0cf1523be3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:7f:c9:6f:13:bb:3e:47:3c:7c:57:e4:47:8b: 00:2c:72:1e:6a:fd:fe:48:1f:48:1c:09:b8:5c:64: cb:96:71:f5:79:8a:fe:f2:a9:49:6e:75:b0:bc:69: c3:51:7e:87:c0:82:70:89:ad:4f:bd:e0:80:c9:af: b3:4c:e6:d0:b8:25:f6:a0:10:78:7b:89:db:28:b2: 69:29:20:6f:83:f9:ce:7c:a2:73:e8:e5:60:de:f1: 59:46:bc:5f:c9:f8:de:0b:1a:ec:6e:9e:5e:36:d3: 76:76:3b:01:b4:9f:8b:4e:32:a4:77:d4:4a:8c:f9: 05:3c:7a:af:7c:fe:87:1b:e0:9e:d5:3a:bd:2b:fe: 98:95:ef:61:06:85:55:77:bc:1f:d5:d3:60:38:7f: d5:29:28:ba:9e:ca:bc:d3:17:df:fb:13:1a:f9:8c: c5:54:c6:57:d3:ee:22:9a:2e:0a:b4:1a:21:d6:d3: 99:f4:c5:47:ef:79:91:73:2e:32:46:cb:e0:dc:63: 39:4d:18:3a:b1:1c:eb:c6:00:cd:9b:8c:e6:64:fc: c4:09:bc:24:77:02:78:58:f4:8b:38:02:f8:ac:17: 42:83:7c:08:e5:57:33:e0:5e:4b:ed:5f:44:38:2d: 8a:df:5c:b4:4b:ae:74:d5:84:61:ef:78:34:cf:07: 8d:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:F3:06:D9:3E:17:04:32:56:C5:56:6D:B7:6C:0C:0C:F1:52:3B:E3 X509v3 Authority Key Identifier: keyid:CF:DA:C2:EC:11:04:C2:45:D9:CA:BA:8E:B6:16:38:E9:DA:F1:00:39 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z9rC7BEEwkXZyrqOthY46drxADk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/e6de68-a6e2-4ade-a096-56078c84dc17/1/z9rC7BEEwkXZyrqOthY46drxADk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/e6de68-a6e2-4ade-a096-56078c84dc17/1/z9rC7BEEwkXZyrqOthY46drxADk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 79:6a:39:4a:0d:21:7f:fb:b9:5f:6c:80:e8:3f:68:cd:d1:c7: 24:93:15:b2:c5:4d:aa:95:be:de:bc:a2:10:f7:2d:28:ed:b1: 17:75:a6:40:a3:d3:38:95:a4:25:ec:69:78:5b:8f:0b:aa:1a: 23:d6:9e:28:3e:47:e7:3f:af:ed:53:c9:59:aa:c0:7e:98:88: 2c:d6:42:fd:49:12:f3:e8:85:f2:c7:4f:d3:71:9a:0b:3f:95: 6c:09:d3:e3:8a:ed:cc:d2:4c:24:99:15:3b:91:84:bb:42:7a: 29:ce:1f:6c:f0:61:2d:37:4b:0e:31:12:49:3e:2b:2b:a3:28: 0e:df:70:60:67:e9:38:02:ea:71:e0:36:f0:46:e2:ce:1f:19: ba:1a:88:8c:7d:34:ce:e1:fa:0e:72:a1:d3:4e:c8:83:58:0f: e1:73:c0:b1:35:09:7a:4e:6e:e8:a8:25:15:f9:91:82:4c:92: 2f:32:a7:2e:dd:ba:da:0c:80:ec:08:f9:63:52:57:4d:23:15: 78:1b:28:93:db:ec:62:62:bb:dc:36:65:99:7f:38:fc:20:db: ba:47:01:15:25:0a:dd:24:90:60:32:13:be:87:25:4c:30:3d: 74:2d:f8:bc:54:47:c5:99:de:2b:63:de:19:82:c3:53:1e:66: 92:81:4b:c7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLNgvXmk5rbzrLil2Rp5kMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNmZGFjMmVjMTEwNGMyNDVkOWNhYmE4ZWI2MTYzOGU5ZGFm MTAwMzkwHhcNMjUxMjA2MDEwMDM5WhcNMjUxMjA3MDEwMDM5WjAzMTEwLwYDVQQD Eyg0MmYzMDZkOTNlMTcwNDMyNTZjNTU2NmRiNzZjMGMwY2YxNTIzYmUzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7X/JbxO7Pkc8fFfkR4sALHIeav3+ SB9IHAm4XGTLlnH1eYr+8qlJbnWwvGnDUX6HwIJwia1PveCAya+zTObQuCX2oBB4 e4nbKLJpKSBvg/nOfKJz6OVg3vFZRrxfyfjeCxrsbp5eNtN2djsBtJ+LTjKkd9RK jPkFPHqvfP6HG+Ce1Tq9K/6Yle9hBoVVd7wf1dNgOH/VKSi6nsq80xff+xMa+YzF VMZX0+4imi4KtBoh1tOZ9MVH73mRcy4yRsvg3GM5TRg6sRzrxgDNm4zmZPzECbwk dwJ4WPSLOAL4rBdCg3wI5Vcz4F5L7V9EOC2K31y0S6501YRh73g0zweNgwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFELzBtk+FwQyVsVWbbdsDAzxUjvjMB8GA1UdIwQY MBaAFM/awuwRBMJF2cq6jrYWOOna8QA5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvejlyQzdCRUV3a1haeXJxT3RoWTQ2ZHJ4QURrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9lNmRlNjgtYTZlMi00YWRlLWEwOTYt NTYwNzhjODRkYzE3LzEvejlyQzdCRUV3a1haeXJxT3RoWTQ2ZHJ4QURrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jYS9lNmRlNjgtYTZlMi00YWRlLWEwOTYtNTYwNzhjODRkYzE3 LzEvejlyQzdCRUV3a1haeXJxT3RoWTQ2ZHJ4QURrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeWo5Sg0h f/u5X2yA6D9ozdHHJJMVssVNqpW+3ryiEPctKO2xF3WmQKPTOJWkJexpeFuPC6oa I9aeKD5H5z+v7VPJWarAfpiILNZC/UkS8+iF8sdP03GaCz+VbAnT44rtzNJMJJkV O5GEu0J6Kc4fbPBhLTdLDjESST4rK6MoDt9wYGfpOALqceA28Ebizh8ZuhqIjH00 zuH6DnKh007Ig1gP4XPAsTUJek5u6KglFfmRgkySLzKnLt262gyA7Aj5Y1JXTSMV eBsok9vsYmK73DZlmX84/CDbukcBFSUK3SSQYDITvoclTDA9dC34vFRHxZneK2Pe GYLDUx5mkoFLxw== -----END CERTIFICATE-----Generated at Sat Dec 6 07:12:40 2025 by rpki-client