This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/6cfb78-63bc-4820-b903-860c49d0eb6a/1/rzA4pxexVOHPpHEWgy2ibyiyowQ.mft File: rzA4pxexVOHPpHEWgy2ibyiyowQ.mft (raw, json) Hash identifier: PQOY0rY7DR+WTyjpgvzm07pTyL1OkySz0mL8Q1hkRa8= Subject key identifier: 0B:50:68:AD:04:EE:AB:78:C3:5B:24:00:35:0C:30:B7:FE:75:BE:57 Authority key identifier: AF:30:38:A7:17:B1:54:E1:CF:A4:71:16:83:2D:A2:6F:28:B2:A3:04 Certificate issuer: /CN=af3038a717b154e1cfa47116832da26f28b2a304 Certificate serial: 019AF35270293CA9E2CCD9F29393ED7C4989 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rzA4pxexVOHPpHEWgy2ibyiyowQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/6cfb78-63bc-4820-b903-860c49d0eb6a/1/rzA4pxexVOHPpHEWgy2ibyiyowQ.mft Manifest number: 1761 Signing time: Sat 06 Dec 2025 11:00:57 +0000 Manifest this update: Sat 06 Dec 2025 11:00:57 +0000 Manifest next update: Sun 07 Dec 2025 11:00:57 +0000 Files and hashes: 1: 9-nqsKi4Ev5jKkuKWzG_WIBo83k.roa (hash: SHAm2ssxR7ZkFZ7Brw788jEHfHi8MZS6JxMLuTDqDJs=) 2: rzA4pxexVOHPpHEWgy2ibyiyowQ.crl (hash: JXw/DvooyCy6l/xiezpc1nt9RAByNTzg8iM3O+n+348=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e7/6cfb78-63bc-4820-b903-860c49d0eb6a/1/rzA4pxexVOHPpHEWgy2ibyiyowQ.crl rsync://rpki.ripe.net/repository/DEFAULT/e7/6cfb78-63bc-4820-b903-860c49d0eb6a/1/rzA4pxexVOHPpHEWgy2ibyiyowQ.mft rsync://rpki.ripe.net/repository/DEFAULT/rzA4pxexVOHPpHEWgy2ibyiyowQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 11:00:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:52:70:29:3c:a9:e2:cc:d9:f2:93:93:ed:7c:49:89 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=af3038a717b154e1cfa47116832da26f28b2a304 Validity Not Before: Dec 6 11:00:57 2025 GMT Not After : Dec 7 11:00:57 2025 GMT Subject: CN=0b5068ad04eeab78c35b2400350c30b7fe75be57 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:4c:e6:0e:c0:b8:b6:55:16:99:b3:00:58:b9: 8c:5b:90:96:d2:23:fa:83:29:5f:3d:44:db:58:79: 4a:cf:34:84:0c:92:99:94:59:37:bd:89:de:2d:01: 51:6d:29:99:bb:ab:50:0e:12:47:95:77:09:87:6c: 6d:a5:ff:97:e6:96:17:36:fa:0c:c9:6b:36:99:c2: 70:c1:71:c2:d6:68:92:13:11:ad:db:94:1c:b7:0c: c4:42:c5:aa:98:51:9c:f3:1c:11:a3:ac:66:0b:bc: d9:1e:d1:a8:27:06:e3:e7:1d:37:2a:b4:33:17:a1: 74:9b:cb:6f:80:67:e6:44:38:ac:4b:e0:5f:e3:f2: 90:20:71:dc:75:c6:c9:a5:75:dd:cf:cc:8a:08:7c: d6:6c:d5:69:a5:3d:28:6e:e6:8e:f3:d0:e9:aa:c8: 97:5f:b7:49:39:fc:e0:a8:6c:9e:92:f3:4c:7a:c0: dd:ec:98:bb:34:25:58:c7:0d:38:bd:ec:06:29:ee: 0b:bd:6b:f9:15:d7:a5:06:3c:67:c8:62:40:46:98: f2:71:8c:75:8d:27:f9:11:cf:a6:ce:f0:08:df:31: 46:91:89:32:03:5a:fd:3f:5f:67:4c:bf:6f:e4:db: 1e:a6:3b:63:f1:02:04:8e:1a:6f:c1:d3:6f:17:4a: be:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0B:50:68:AD:04:EE:AB:78:C3:5B:24:00:35:0C:30:B7:FE:75:BE:57 X509v3 Authority Key Identifier: keyid:AF:30:38:A7:17:B1:54:E1:CF:A4:71:16:83:2D:A2:6F:28:B2:A3:04 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rzA4pxexVOHPpHEWgy2ibyiyowQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/6cfb78-63bc-4820-b903-860c49d0eb6a/1/rzA4pxexVOHPpHEWgy2ibyiyowQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/6cfb78-63bc-4820-b903-860c49d0eb6a/1/rzA4pxexVOHPpHEWgy2ibyiyowQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption ad:1a:76:29:b5:98:39:b4:d6:99:af:5e:99:41:53:29:48:a7: e0:f1:d5:ef:5f:f2:c8:24:28:af:ea:43:40:ea:f1:64:8f:e1: 65:71:9e:a3:71:c5:7d:a9:ed:70:43:53:0e:5f:96:47:da:c6: b7:ca:3e:1c:f3:98:06:58:63:8a:e7:68:60:1e:e5:d1:54:c8: 05:a7:57:9c:d8:f1:59:b3:fa:6a:a9:71:e7:9f:2e:eb:2e:35: f8:2e:b0:50:24:f6:6b:ca:00:11:0a:20:c1:96:c4:e4:07:38: 11:96:2a:8e:b1:68:af:3c:91:10:78:15:84:bd:81:16:14:84: 40:c1:eb:51:ad:49:97:cb:af:7f:22:87:18:52:8a:03:d3:eb: 35:6d:b1:56:e2:02:d3:55:74:01:2f:93:4b:2b:18:42:de:87: 1d:a7:fb:44:4b:4a:86:3f:e8:19:35:21:0d:2e:0b:43:08:a0: 96:8c:a9:a6:33:98:43:07:f6:be:04:10:ce:5a:6d:bc:35:3c: aa:e2:1f:5a:9c:24:c7:5e:bb:0b:98:81:5f:ec:45:52:d9:7c: 1d:71:3c:6f:0a:86:a5:a4:c7:1c:e4:ff:75:74:e3:4a:f7:52: 53:64:33:78:66:3a:cc:7a:29:80:3c:f8:03:33:0a:22:cf:32: b6:02:18:0d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzUnApPKnizNnyk5PtfEmJMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFmMzAzOGE3MTdiMTU0ZTFjZmE0NzExNjgzMmRhMjZmMjhi MmEzMDQwHhcNMjUxMjA2MTEwMDU3WhcNMjUxMjA3MTEwMDU3WjAzMTEwLwYDVQQD EygwYjUwNjhhZDA0ZWVhYjc4YzM1YjI0MDAzNTBjMzBiN2ZlNzViZTU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1UzmDsC4tlUWmbMAWLmMW5CW0iP6 gylfPUTbWHlKzzSEDJKZlFk3vYneLQFRbSmZu6tQDhJHlXcJh2xtpf+X5pYXNvoM yWs2mcJwwXHC1miSExGt25QctwzEQsWqmFGc8xwRo6xmC7zZHtGoJwbj5x03KrQz F6F0m8tvgGfmRDisS+Bf4/KQIHHcdcbJpXXdz8yKCHzWbNVppT0obuaO89DpqsiX X7dJOfzgqGyekvNMesDd7Ji7NCVYxw04vewGKe4LvWv5FdelBjxnyGJARpjycYx1 jSf5Ec+mzvAI3zFGkYkyA1r9P19nTL9v5Nsepjtj8QIEjhpvwdNvF0q+iwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAtQaK0E7qt4w1skADUMMLf+db5XMB8GA1UdIwQY MBaAFK8wOKcXsVThz6RxFoMtom8osqMEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcnpBNHB4ZXhWT0hQcEhFV2d5MmlieWl5b3dRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy82Y2ZiNzgtNjNiYy00ODIwLWI5MDMt ODYwYzQ5ZDBlYjZhLzEvcnpBNHB4ZXhWT0hQcEhFV2d5MmlieWl5b3dRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lNy82Y2ZiNzgtNjNiYy00ODIwLWI5MDMtODYwYzQ5ZDBlYjZh LzEvcnpBNHB4ZXhWT0hQcEhFV2d5MmlieWl5b3dRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArRp2KbWY ObTWma9emUFTKUin4PHV71/yyCQor+pDQOrxZI/hZXGeo3HFfantcENTDl+WR9rG t8o+HPOYBlhjiudoYB7l0VTIBadXnNjxWbP6aqlx558u6y41+C6wUCT2a8oAEQog wZbE5Ac4EZYqjrForzyREHgVhL2BFhSEQMHrUa1Jl8uvfyKHGFKKA9PrNW2xVuIC 01V0AS+TSysYQt6HHaf7REtKhj/oGTUhDS4LQwigloyppjOYQwf2vgQQzlptvDU8 quIfWpwkx167C5iBX+xFUtl8HXE8bwqGpaTHHOT/dXTjSvdSU2QzeGY6zHopgDz4 AzMKIs8ytgIYDQ== -----END CERTIFICATE-----Generated at Sat Dec 6 20:26:44 2025 by rpki-client