This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/4861ba-4d1c-493c-a90d-60cf660ad533/1/rzRlQ3ZpzlhiYaBmzErR6kZOtmM.mft File: rzRlQ3ZpzlhiYaBmzErR6kZOtmM.mft (raw, json) Hash identifier: U563KYxBkq1a1FnVc2ikZF01gTinF2FfDhtaM2Q1tLI= Subject key identifier: 11:C5:0D:A7:88:27:83:7F:A9:F5:7E:92:71:A1:E0:C6:98:42:BC:9F Authority key identifier: AF:34:65:43:76:69:CE:58:62:61:A0:66:CC:4A:D1:EA:46:4E:B6:63 Certificate issuer: /CN=af3465437669ce586261a066cc4ad1ea464eb663 Certificate serial: 019AF31B89058619284667576EC4380CBF80 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rzRlQ3ZpzlhiYaBmzErR6kZOtmM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/4861ba-4d1c-493c-a90d-60cf660ad533/1/rzRlQ3ZpzlhiYaBmzErR6kZOtmM.mft Manifest number: 1011 Signing time: Sat 06 Dec 2025 10:00:59 +0000 Manifest this update: Sat 06 Dec 2025 10:00:59 +0000 Manifest next update: Sun 07 Dec 2025 10:00:59 +0000 Files and hashes: 1: rzRlQ3ZpzlhiYaBmzErR6kZOtmM.crl (hash: MsYpxQnMDiI+WoNAtnOxUTG77AYUVmStdLQSzt5elAQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ce/4861ba-4d1c-493c-a90d-60cf660ad533/1/rzRlQ3ZpzlhiYaBmzErR6kZOtmM.crl rsync://rpki.ripe.net/repository/DEFAULT/ce/4861ba-4d1c-493c-a90d-60cf660ad533/1/rzRlQ3ZpzlhiYaBmzErR6kZOtmM.mft rsync://rpki.ripe.net/repository/DEFAULT/rzRlQ3ZpzlhiYaBmzErR6kZOtmM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1b:89:05:86:19:28:46:67:57:6e:c4:38:0c:bf:80 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=af3465437669ce586261a066cc4ad1ea464eb663 Validity Not Before: Dec 6 10:00:59 2025 GMT Not After : Dec 7 10:00:59 2025 GMT Subject: CN=11c50da78827837fa9f57e9271a1e0c69842bc9f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:9d:0b:f7:e4:5e:0c:90:7c:7d:27:4c:45:9d: cc:72:fb:34:26:c5:74:8e:ba:62:31:ae:6e:b8:d0: d2:bd:af:2b:cd:c4:4d:d0:20:a0:ce:e3:29:50:d8: 7d:ad:f9:d3:12:2d:6a:11:67:93:2a:c6:77:48:43: 3d:01:64:10:9e:3d:09:58:f1:40:84:2c:57:ab:f6: 57:a5:fa:f5:32:80:22:e3:2b:a6:1a:31:82:48:a7: 9a:09:ba:ae:4c:08:1b:12:48:14:f6:4a:6e:ea:26: 49:f4:fb:80:66:82:04:6f:05:3f:0a:93:df:ed:a2: 0e:8f:91:0d:27:2b:52:58:82:53:df:ec:3e:78:69: a3:fe:93:05:e0:09:ed:0d:fb:f8:28:c0:c3:a8:1b: 28:70:0a:60:10:e3:f0:88:2f:20:74:68:e9:5d:74: b5:fa:e9:4f:31:9d:53:42:4b:b4:b5:d5:0a:14:4f: 61:7a:13:91:91:ee:6e:f0:32:23:ba:cc:fb:18:72: 6e:f7:3f:d7:42:0c:c9:ea:8e:05:9c:e1:d2:a3:80: 66:26:e1:c4:ba:d6:61:39:c3:1d:e7:d6:56:2f:4a: 59:23:e2:f7:22:77:a5:6b:5a:72:0b:4a:f7:04:e6: 79:08:a8:1e:60:3c:8e:dd:16:86:bf:5e:4b:8d:a4: b6:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 11:C5:0D:A7:88:27:83:7F:A9:F5:7E:92:71:A1:E0:C6:98:42:BC:9F X509v3 Authority Key Identifier: keyid:AF:34:65:43:76:69:CE:58:62:61:A0:66:CC:4A:D1:EA:46:4E:B6:63 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rzRlQ3ZpzlhiYaBmzErR6kZOtmM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/4861ba-4d1c-493c-a90d-60cf660ad533/1/rzRlQ3ZpzlhiYaBmzErR6kZOtmM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/4861ba-4d1c-493c-a90d-60cf660ad533/1/rzRlQ3ZpzlhiYaBmzErR6kZOtmM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption ab:b9:c6:94:ca:c8:fe:b2:72:1f:a1:dc:d4:e2:cd:1a:c2:4d: e8:7c:18:20:e5:70:c8:08:d6:7f:95:df:5f:fa:d4:c1:03:2e: 83:03:7a:93:ec:b0:34:84:ac:c8:71:0f:bb:ee:eb:45:d6:57: f2:14:a7:a9:6d:b0:23:92:58:cc:92:fc:f2:ef:e9:ba:73:16: b4:be:50:7a:a7:7c:50:b2:90:1b:0b:8b:c4:a9:e7:7c:36:dd: bf:ae:67:7d:cf:a2:f4:c0:2d:80:2d:2f:5e:5b:77:e4:5b:ea: 21:26:bc:6e:bd:98:c2:86:f7:00:5e:ab:1d:af:4c:d2:d6:cb: 9e:27:12:d3:9b:74:60:1a:eb:d3:41:01:05:07:32:da:8b:6f: b1:d2:66:6c:66:ed:24:1a:69:be:75:17:59:e7:21:b4:26:7a: c1:aa:db:35:9e:a8:61:7e:47:aa:41:24:b8:31:c7:f1:17:24: 72:55:20:c4:5b:c0:38:09:76:ff:43:a3:bf:d1:0a:9a:7f:b1: e8:93:64:26:47:a2:bb:d5:a3:64:47:d5:28:66:99:01:01:af: 15:42:69:7d:93:2b:c9:83:09:b7:ea:8e:d1:88:f9:46:1d:a5: 1b:18:64:30:f0:51:b1:5a:72:36:55:31:11:b4:e7:fd:71:0e: e5:b4:76:03 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzG4kFhhkoRmdXbsQ4DL+AMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFmMzQ2NTQzNzY2OWNlNTg2MjYxYTA2NmNjNGFkMWVhNDY0 ZWI2NjMwHhcNMjUxMjA2MTAwMDU5WhcNMjUxMjA3MTAwMDU5WjAzMTEwLwYDVQQD EygxMWM1MGRhNzg4Mjc4MzdmYTlmNTdlOTI3MWExZTBjNjk4NDJiYzlmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv50L9+ReDJB8fSdMRZ3Mcvs0JsV0 jrpiMa5uuNDSva8rzcRN0CCgzuMpUNh9rfnTEi1qEWeTKsZ3SEM9AWQQnj0JWPFA hCxXq/ZXpfr1MoAi4yumGjGCSKeaCbquTAgbEkgU9kpu6iZJ9PuAZoIEbwU/CpPf 7aIOj5ENJytSWIJT3+w+eGmj/pMF4AntDfv4KMDDqBsocApgEOPwiC8gdGjpXXS1 +ulPMZ1TQku0tdUKFE9hehORke5u8DIjusz7GHJu9z/XQgzJ6o4FnOHSo4BmJuHE utZhOcMd59ZWL0pZI+L3Inela1pyC0r3BOZ5CKgeYDyO3RaGv15LjaS2awIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBHFDaeIJ4N/qfV+knGh4MaYQryfMB8GA1UdIwQY MBaAFK80ZUN2ac5YYmGgZsxK0epGTrZjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcnpSbFEzWnB6bGhpWWFCbXpFclI2a1pPdG1NLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS80ODYxYmEtNGQxYy00OTNjLWE5MGQt NjBjZjY2MGFkNTMzLzEvcnpSbFEzWnB6bGhpWWFCbXpFclI2a1pPdG1NLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jZS80ODYxYmEtNGQxYy00OTNjLWE5MGQtNjBjZjY2MGFkNTMz LzEvcnpSbFEzWnB6bGhpWWFCbXpFclI2a1pPdG1NLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAq7nGlMrI /rJyH6Hc1OLNGsJN6HwYIOVwyAjWf5XfX/rUwQMugwN6k+ywNISsyHEPu+7rRdZX 8hSnqW2wI5JYzJL88u/punMWtL5Qeqd8ULKQGwuLxKnnfDbdv65nfc+i9MAtgC0v Xlt35FvqISa8br2Ywob3AF6rHa9M0tbLnicS05t0YBrr00EBBQcy2otvsdJmbGbt JBppvnUXWechtCZ6warbNZ6oYX5HqkEkuDHH8RckclUgxFvAOAl2/0Ojv9EKmn+x 6JNkJkeiu9WjZEfVKGaZAQGvFUJpfZMryYMJt+qO0Yj5Rh2lGxhkMPBRsVpyNlUx EbTn/XEO5bR2Aw== -----END CERTIFICATE-----Generated at Sat Dec 6 12:38:58 2025 by rpki-client