This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/f1f0a0-da3c-4d95-a638-506672769d9c/1/CZoxZcQAepQBMaMnzHfMIhzBadk.mft File: CZoxZcQAepQBMaMnzHfMIhzBadk.mft (raw, json) Hash identifier: X5Fwmi5Kx+ZG5fDbtmmKQd9lIFebQAelG7pEE1cTx/A= Subject key identifier: BA:C2:F3:CD:26:E8:43:11:11:89:CD:4F:27:D5:65:2E:64:40:59:86 Authority key identifier: 09:9A:31:65:C4:00:7A:94:01:31:A3:27:CC:77:CC:22:1C:C1:69:D9 Certificate issuer: /CN=099a3165c4007a940131a327cc77cc221cc169d9 Certificate serial: 019AF31D352BBF8991DAF075CE5F5044C224 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CZoxZcQAepQBMaMnzHfMIhzBadk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/f1f0a0-da3c-4d95-a638-506672769d9c/1/CZoxZcQAepQBMaMnzHfMIhzBadk.mft Manifest number: 175E Signing time: Sat 06 Dec 2025 10:02:48 +0000 Manifest this update: Sat 06 Dec 2025 10:02:48 +0000 Manifest next update: Sun 07 Dec 2025 10:02:48 +0000 Files and hashes: 1: CZoxZcQAepQBMaMnzHfMIhzBadk.crl (hash: NC/4ePXjUnZ6/3IhnyMmZmkh9sdpWUmEEKsvn8qyuok=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/f1f0a0-da3c-4d95-a638-506672769d9c/1/CZoxZcQAepQBMaMnzHfMIhzBadk.crl rsync://rpki.ripe.net/repository/DEFAULT/f7/f1f0a0-da3c-4d95-a638-506672769d9c/1/CZoxZcQAepQBMaMnzHfMIhzBadk.mft rsync://rpki.ripe.net/repository/DEFAULT/CZoxZcQAepQBMaMnzHfMIhzBadk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 10:02:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1d:35:2b:bf:89:91:da:f0:75:ce:5f:50:44:c2:24 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=099a3165c4007a940131a327cc77cc221cc169d9 Validity Not Before: Dec 6 10:02:48 2025 GMT Not After : Dec 7 10:02:48 2025 GMT Subject: CN=bac2f3cd26e843111189cd4f27d5652e64405986 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:04:60:c1:93:d4:a9:c7:7d:9a:6d:5e:0f:f1: 97:e7:20:fc:db:9d:a9:a8:b6:cd:84:92:2d:91:b2: 37:dc:34:04:ad:44:96:3e:4f:b3:8a:39:58:20:04: 9b:a4:f9:cf:e0:5a:8e:af:c2:22:45:35:ce:80:24: 54:5a:d4:93:62:fd:ff:a5:9b:8e:6f:c8:8f:bb:e5: 08:46:f3:8b:4d:46:28:d7:1d:b1:b6:31:af:22:27: 26:cd:1c:1f:d8:e9:d0:a6:46:71:c8:72:d1:cf:b6: 5c:b0:c4:67:a4:b7:2a:a9:98:11:cf:99:11:4d:1b: a3:7a:59:8f:c9:b8:10:ac:ce:d8:62:88:a8:e3:f5: b2:80:f6:b1:89:51:2a:9c:98:9d:c6:66:04:90:a6: 8c:9a:f0:b6:48:cb:42:20:3f:96:96:14:5a:3a:85: e6:3d:81:84:a7:4b:f4:2e:94:4c:a2:8b:ac:4e:11: 93:1b:a2:ab:94:12:7e:43:87:73:5c:ed:45:59:b8: 3a:a3:01:d4:3d:88:fb:04:ed:f4:f6:d3:f6:67:de: 34:f9:c4:4d:af:95:f7:d2:62:a7:c7:89:e3:90:03: 27:c5:f3:50:5e:6c:44:69:1d:74:53:a4:fd:93:5e: 9f:77:e3:15:b3:2b:f0:2f:58:9e:8f:de:e3:56:b8: 7a:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:C2:F3:CD:26:E8:43:11:11:89:CD:4F:27:D5:65:2E:64:40:59:86 X509v3 Authority Key Identifier: keyid:09:9A:31:65:C4:00:7A:94:01:31:A3:27:CC:77:CC:22:1C:C1:69:D9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CZoxZcQAepQBMaMnzHfMIhzBadk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/f1f0a0-da3c-4d95-a638-506672769d9c/1/CZoxZcQAepQBMaMnzHfMIhzBadk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/f1f0a0-da3c-4d95-a638-506672769d9c/1/CZoxZcQAepQBMaMnzHfMIhzBadk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 77:58:ea:d3:9a:64:08:d0:4f:50:fc:31:2f:3d:8b:77:01:da: 32:57:59:fb:6f:db:12:1e:c3:d4:e5:23:92:86:4a:89:bb:ff: f0:3c:cf:f1:c3:52:55:33:e3:dc:71:77:09:74:22:e2:95:22: aa:58:39:61:3d:bd:3c:3d:09:08:d1:d9:25:f3:2d:c7:05:cd: 2b:b3:22:7d:a3:76:05:b7:5b:a3:da:8b:3a:76:64:86:54:c9: c2:52:fa:d9:e0:1d:6e:00:a8:26:2e:38:1b:25:51:01:11:bf: eb:60:7c:f2:23:ec:c7:9f:85:d8:bf:a0:11:b6:63:13:66:79: 4c:40:e0:c6:b5:f4:f7:32:80:38:a7:22:e3:f4:7c:4d:0d:7f: 74:86:83:9c:da:7c:42:35:f9:eb:27:22:f8:a4:03:3d:de:90: cb:e3:98:d4:89:aa:26:df:a2:3f:86:3a:a2:1e:24:83:e8:e5: 07:e6:f0:ff:91:f5:c7:f3:88:a2:70:6f:11:af:be:14:33:90: aa:e3:43:37:fa:b5:4d:b4:9c:5b:9d:0f:eb:fa:7e:44:d3:30: 57:95:fa:a2:20:b9:7a:b5:24:d1:ec:26:12:94:90:c7:1d:c3: 5d:6c:76:5c:38:0b:f4:97:3d:38:a5:48:7c:55:0a:a4:91:a0: 24:1b:c1:88 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzHTUrv4mR2vB1zl9QRMIkMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA5OWEzMTY1YzQwMDdhOTQwMTMxYTMyN2NjNzdjYzIyMWNj MTY5ZDkwHhcNMjUxMjA2MTAwMjQ4WhcNMjUxMjA3MTAwMjQ4WjAzMTEwLwYDVQQD EyhiYWMyZjNjZDI2ZTg0MzExMTE4OWNkNGYyN2Q1NjUyZTY0NDA1OTg2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqgRgwZPUqcd9mm1eD/GX5yD8252p qLbNhJItkbI33DQErUSWPk+zijlYIASbpPnP4FqOr8IiRTXOgCRUWtSTYv3/pZuO b8iPu+UIRvOLTUYo1x2xtjGvIicmzRwf2OnQpkZxyHLRz7ZcsMRnpLcqqZgRz5kR TRujelmPybgQrM7YYoio4/WygPaxiVEqnJidxmYEkKaMmvC2SMtCID+WlhRaOoXm PYGEp0v0LpRMoousThGTG6KrlBJ+Q4dzXO1FWbg6owHUPYj7BO309tP2Z940+cRN r5X30mKnx4njkAMnxfNQXmxEaR10U6T9k16fd+MVsyvwL1iej97jVrh6XQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLrC880m6EMREYnNTyfVZS5kQFmGMB8GA1UdIwQY MBaAFAmaMWXEAHqUATGjJ8x3zCIcwWnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ1pveFpjUUFlcFFCTWFNbnpIZk1JaHpCYWRrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy9mMWYwYTAtZGEzYy00ZDk1LWE2Mzgt NTA2NjcyNzY5ZDljLzEvQ1pveFpjUUFlcFFCTWFNbnpIZk1JaHpCYWRrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mNy9mMWYwYTAtZGEzYy00ZDk1LWE2MzgtNTA2NjcyNzY5ZDlj LzEvQ1pveFpjUUFlcFFCTWFNbnpIZk1JaHpCYWRrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd1jq05pk CNBPUPwxLz2LdwHaMldZ+2/bEh7D1OUjkoZKibv/8DzP8cNSVTPj3HF3CXQi4pUi qlg5YT29PD0JCNHZJfMtxwXNK7MifaN2Bbdbo9qLOnZkhlTJwlL62eAdbgCoJi44 GyVRARG/62B88iPsx5+F2L+gEbZjE2Z5TEDgxrX09zKAOKci4/R8TQ1/dIaDnNp8 QjX56yci+KQDPd6Qy+OY1ImqJt+iP4Y6oh4kg+jlB+bw/5H1x/OIonBvEa++FDOQ quNDN/q1TbScW50P6/p+RNMwV5X6oiC5erUk0ewmEpSQxx3DXWx2XDgL9Jc9OKVI fFUKpJGgJBvBiA== -----END CERTIFICATE-----Generated at Sat Dec 6 16:08:07 2025 by rpki-client