This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/39e0d9-52a2-437c-895f-4c582c28fba3/1/z6XOwUOirx7RwtmWlvHxaH9Fhkk.mft File: z6XOwUOirx7RwtmWlvHxaH9Fhkk.mft (raw, json) Hash identifier: ekMvlFUPC0XETVc/Vxeod5LL5dPRFVq4ps+EGzG4D5U= Subject key identifier: 9A:BB:BD:BD:EB:53:37:0A:63:D1:E5:63:F8:CD:55:37:5A:D7:14:22 Authority key identifier: CF:A5:CE:C1:43:A2:AF:1E:D1:C2:D9:96:96:F1:F1:68:7F:45:86:49 Certificate issuer: /CN=cfa5cec143a2af1ed1c2d99696f1f1687f458649 Certificate serial: 019AF12E38B3A035440F807225E1E52CE8F7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z6XOwUOirx7RwtmWlvHxaH9Fhkk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/39e0d9-52a2-437c-895f-4c582c28fba3/1/z6XOwUOirx7RwtmWlvHxaH9Fhkk.mft Manifest number: 175E Signing time: Sat 06 Dec 2025 01:02:09 +0000 Manifest this update: Sat 06 Dec 2025 01:02:09 +0000 Manifest next update: Sun 07 Dec 2025 01:02:09 +0000 Files and hashes: 1: z6XOwUOirx7RwtmWlvHxaH9Fhkk.crl (hash: e+V7HJw9+yGr2NcPAoJAXs8S4VBT0AlUFGZO7xcFupI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d8/39e0d9-52a2-437c-895f-4c582c28fba3/1/z6XOwUOirx7RwtmWlvHxaH9Fhkk.crl rsync://rpki.ripe.net/repository/DEFAULT/d8/39e0d9-52a2-437c-895f-4c582c28fba3/1/z6XOwUOirx7RwtmWlvHxaH9Fhkk.mft rsync://rpki.ripe.net/repository/DEFAULT/z6XOwUOirx7RwtmWlvHxaH9Fhkk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:02:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2e:38:b3:a0:35:44:0f:80:72:25:e1:e5:2c:e8:f7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cfa5cec143a2af1ed1c2d99696f1f1687f458649 Validity Not Before: Dec 6 01:02:09 2025 GMT Not After : Dec 7 01:02:09 2025 GMT Subject: CN=9abbbdbdeb53370a63d1e563f8cd55375ad71422 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:07:8a:6f:5e:8d:c5:76:59:c1:29:89:2b:eb: 99:28:6e:dd:46:4d:be:46:4a:fb:84:4d:a7:b3:d8: 7e:bf:01:d6:96:d4:85:37:8a:f4:26:e7:71:35:9e: a4:7a:a9:b0:27:ae:c1:23:7d:f1:b4:61:59:4d:3d: e1:93:91:6b:27:7d:89:56:53:57:6c:65:b7:2a:73: d7:43:6c:6f:a0:26:f1:1b:d2:4d:f5:f8:8d:3b:f4: ff:8d:f9:70:29:f8:64:39:2d:ff:dd:29:9f:7f:bf: af:a7:4a:02:00:2c:8e:9a:5f:4f:17:9b:94:86:87: a3:3c:84:ea:2f:a6:c1:dc:92:1e:39:d1:b7:01:ec: ef:aa:9c:37:66:62:b9:9a:d2:f5:df:0b:e3:8d:7e: e4:e6:3c:4a:5b:d6:e4:71:9e:1d:02:dd:07:4d:46: 31:7d:e8:76:b6:58:7c:44:12:d9:72:66:cb:db:ff: ef:e4:a5:41:08:c7:f1:84:17:b9:4b:33:a1:35:8e: 5f:0e:09:98:83:42:63:d2:72:f4:73:ed:c3:11:68: d8:55:7d:d6:cf:a1:6d:af:67:fc:43:c4:b3:7d:49: 42:7a:b9:3f:64:f6:a5:b1:46:bb:15:af:14:7b:09: 19:72:b6:cf:2f:c2:06:d7:d4:67:bc:b7:f7:ef:df: 3c:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9A:BB:BD:BD:EB:53:37:0A:63:D1:E5:63:F8:CD:55:37:5A:D7:14:22 X509v3 Authority Key Identifier: keyid:CF:A5:CE:C1:43:A2:AF:1E:D1:C2:D9:96:96:F1:F1:68:7F:45:86:49 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z6XOwUOirx7RwtmWlvHxaH9Fhkk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/39e0d9-52a2-437c-895f-4c582c28fba3/1/z6XOwUOirx7RwtmWlvHxaH9Fhkk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/39e0d9-52a2-437c-895f-4c582c28fba3/1/z6XOwUOirx7RwtmWlvHxaH9Fhkk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 71:84:75:e9:d3:af:22:3b:d6:2b:05:f7:12:70:d1:5e:10:b4: 93:83:50:c4:c5:28:e6:c3:cf:c2:9c:34:45:fe:83:68:4f:14: e3:22:69:cd:3f:f0:91:16:96:09:c0:8d:45:83:c8:76:95:c6: 25:9c:f7:2e:3c:b8:3c:25:59:91:d4:cb:1c:ff:4a:ed:2b:13: 2f:ad:95:4d:9f:b2:da:ba:07:4a:6d:08:2e:6b:7e:5c:8b:29: a0:06:f9:5b:05:a0:d2:3c:0c:b6:8e:08:d2:58:91:e1:08:12: 15:19:c2:63:e4:f2:33:3f:90:a1:84:5d:64:78:cc:83:8d:49: fd:96:44:1d:0d:39:f6:67:a9:15:87:29:46:3d:13:90:e2:e1: ea:c0:79:96:8e:0b:dc:67:f9:67:e9:6d:e7:73:b3:20:e6:b9: d2:c4:10:d4:6f:39:80:da:86:05:10:62:f2:55:b2:2d:2d:ff: 8d:78:a5:38:7a:f1:d9:ad:17:5b:68:b6:8d:fa:5d:eb:3a:68: 4f:41:33:36:fa:0b:30:94:52:bc:63:ca:b8:49:c7:55:78:19: 5f:a8:41:3f:ac:19:26:46:c0:3e:92:e8:e2:4f:79:a8:e9:0c: d0:16:da:41:59:55:43:7e:5d:6c:4a:be:b3:50:3b:44:41:de: c1:46:84:e3 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLjizoDVED4ByJeHlLOj3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNmYTVjZWMxNDNhMmFmMWVkMWMyZDk5Njk2ZjFmMTY4N2Y0 NTg2NDkwHhcNMjUxMjA2MDEwMjA5WhcNMjUxMjA3MDEwMjA5WjAzMTEwLwYDVQQD Eyg5YWJiYmRiZGViNTMzNzBhNjNkMWU1NjNmOGNkNTUzNzVhZDcxNDIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0geKb16NxXZZwSmJK+uZKG7dRk2+ Rkr7hE2ns9h+vwHWltSFN4r0JudxNZ6keqmwJ67BI33xtGFZTT3hk5FrJ32JVlNX bGW3KnPXQ2xvoCbxG9JN9fiNO/T/jflwKfhkOS3/3Smff7+vp0oCACyOml9PF5uU hoejPITqL6bB3JIeOdG3Aezvqpw3ZmK5mtL13wvjjX7k5jxKW9bkcZ4dAt0HTUYx feh2tlh8RBLZcmbL2//v5KVBCMfxhBe5SzOhNY5fDgmYg0Jj0nL0c+3DEWjYVX3W z6Ftr2f8Q8SzfUlCerk/ZPalsUa7Fa8UewkZcrbPL8IG19RnvLf379889wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJq7vb3rUzcKY9HlY/jNVTda1xQiMB8GA1UdIwQY MBaAFM+lzsFDoq8e0cLZlpbx8Wh/RYZJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvejZYT3dVT2lyeDdSd3RtV2x2SHhhSDlGaGtrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC8zOWUwZDktNTJhMi00MzdjLTg5NWYt NGM1ODJjMjhmYmEzLzEvejZYT3dVT2lyeDdSd3RtV2x2SHhhSDlGaGtrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kOC8zOWUwZDktNTJhMi00MzdjLTg5NWYtNGM1ODJjMjhmYmEz LzEvejZYT3dVT2lyeDdSd3RtV2x2SHhhSDlGaGtrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcYR16dOv IjvWKwX3EnDRXhC0k4NQxMUo5sPPwpw0Rf6DaE8U4yJpzT/wkRaWCcCNRYPIdpXG JZz3Ljy4PCVZkdTLHP9K7SsTL62VTZ+y2roHSm0ILmt+XIspoAb5WwWg0jwMto4I 0liR4QgSFRnCY+TyMz+QoYRdZHjMg41J/ZZEHQ059mepFYcpRj0TkOLh6sB5lo4L 3Gf5Z+lt53OzIOa50sQQ1G85gNqGBRBi8lWyLS3/jXilOHrx2a0XW2i2jfpd6zpo T0EzNvoLMJRSvGPKuEnHVXgZX6hBP6wZJkbAPpLo4k95qOkM0BbaQVlVQ35dbEq+ s1A7REHewUaE4w== -----END CERTIFICATE-----Generated at Sat Dec 6 08:27:32 2025 by rpki-client