This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/8ca655-1e8c-4243-88df-47febb0ac259/1/Z3NwPrTqs2ernekaKsQe4yAUAw8.mft File: Z3NwPrTqs2ernekaKsQe4yAUAw8.mft (raw, json) Hash identifier: XvCkKRzf/hZNXSvbI/lHXvr5W+KwgK/8zvBke3tz2+w= Subject key identifier: 44:6B:1A:67:0C:1E:35:4A:A1:96:8B:72:1D:1E:AD:9E:15:E8:C3:9F Authority key identifier: 67:73:70:3E:B4:EA:B3:67:AB:9D:E9:1A:2A:C4:1E:E3:20:14:03:0F Certificate issuer: /CN=6773703eb4eab367ab9de91a2ac41ee32014030f Certificate serial: 019B0C367FC2664CD30DDCE794A160D1A02E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z3NwPrTqs2ernekaKsQe4yAUAw8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/8ca655-1e8c-4243-88df-47febb0ac259/1/Z3NwPrTqs2ernekaKsQe4yAUAw8.mft Manifest number: 0A37 Signing time: Thu 11 Dec 2025 07:00:56 +0000 Manifest this update: Thu 11 Dec 2025 07:00:56 +0000 Manifest next update: Fri 12 Dec 2025 07:00:56 +0000 Files and hashes: 1: Z3NwPrTqs2ernekaKsQe4yAUAw8.crl (hash: sU2qWkjYYDgmTPG4gHbZP9YF9gPVpXhnfMo6xtDHUoU=) Validation: Failed, unable to get local issuer certificate Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:0c:36:7f:c2:66:4c:d3:0d:dc:e7:94:a1:60:d1:a0:2e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6773703eb4eab367ab9de91a2ac41ee32014030f Validity Not Before: Dec 11 07:00:56 2025 GMT Not After : Dec 12 07:00:56 2025 GMT Subject: CN=446b1a670c1e354aa1968b721d1ead9e15e8c39f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:80:ec:e9:15:06:5d:8e:cd:3b:44:0c:0d:f2: e6:9d:2e:79:a0:e2:66:0b:ff:0e:e0:aa:2e:57:1c: dd:e6:61:8b:32:df:79:db:47:79:8f:e1:54:14:e1: 91:60:32:46:d1:2d:29:73:cc:e4:74:dd:83:3a:5d: 4b:46:13:d5:a5:a1:54:47:dd:08:9d:c0:89:83:5c: 3a:7a:f4:02:94:86:5b:93:68:2e:da:bb:9c:69:c5: ea:5f:68:0f:db:98:29:02:7b:96:f0:25:eb:cf:d5: 9c:25:d3:63:2a:2f:5c:b1:bb:7b:11:c4:98:24:2c: 05:10:a9:16:13:42:17:5d:9d:06:2c:84:7c:74:ca: d6:66:7f:de:2b:6b:98:dd:2f:07:15:27:ac:35:61: af:66:a3:2f:d6:08:5b:ee:93:c2:98:5b:4f:bb:55: 08:a5:15:ca:20:84:0c:d0:86:40:89:31:94:ea:3b: d9:90:c9:7e:6e:cc:74:dc:2d:bc:44:b8:ae:1f:98: 1c:b6:03:d4:8d:85:30:a6:b9:56:de:62:5d:65:fb: b0:b1:29:9e:d6:5a:74:81:9b:fb:67:df:70:4a:62: 83:3a:0e:ae:81:63:70:62:ae:bb:7b:a7:67:33:db: e6:ba:1d:37:b6:74:8f:45:14:5b:ab:b1:b3:a1:5c: 43:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 44:6B:1A:67:0C:1E:35:4A:A1:96:8B:72:1D:1E:AD:9E:15:E8:C3:9F X509v3 Authority Key Identifier: keyid:67:73:70:3E:B4:EA:B3:67:AB:9D:E9:1A:2A:C4:1E:E3:20:14:03:0F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z3NwPrTqs2ernekaKsQe4yAUAw8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/8ca655-1e8c-4243-88df-47febb0ac259/1/Z3NwPrTqs2ernekaKsQe4yAUAw8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/14/8ca655-1e8c-4243-88df-47febb0ac259/1/Z3NwPrTqs2ernekaKsQe4yAUAw8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 53:08:63:74:a7:dc:14:d0:b5:40:12:7d:e0:6b:6e:41:ee:b6: fa:20:04:42:0e:2f:a4:2d:2b:5f:55:3a:ba:74:02:c5:6f:74: f9:2f:89:0c:71:6f:05:ed:d9:a8:b8:1c:13:d4:82:1c:0f:13: 7b:4e:11:1a:32:ff:4f:d0:e8:0f:63:62:7b:13:13:87:89:63: 1f:6c:5f:9b:28:48:75:be:57:da:3f:a3:5c:ca:d6:0c:20:46: 4a:36:37:7e:ea:0f:fb:5e:06:36:a7:2f:b0:96:51:f9:e2:b2: ed:e2:e8:86:2f:7c:62:83:be:5d:5e:f8:7f:8e:a1:cf:cd:11: 50:70:e8:dc:c3:67:00:e9:de:9e:a5:76:fd:b2:99:c1:a3:1d: 6c:c2:91:bc:33:1f:76:71:c5:8c:86:16:1d:37:7e:7d:57:f8: b5:8d:c3:36:e5:df:19:24:40:ed:35:cd:38:2f:ef:89:f0:11: c1:69:63:8f:3d:49:cd:af:4a:4b:7c:33:e3:e2:a6:98:c3:9a: 47:ed:d9:ab:7f:6c:53:48:87:62:b2:9f:9e:9e:86:dd:bd:51: 53:6f:fd:cf:5c:38:db:2c:9b:ed:e8:7f:90:95:c4:09:ab:22: d5:1b:67:4a:e3:e1:74:21:f9:d5:87:c7:07:ed:b4:1b:31:32: 29:29:17:04 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsMNn/CZkzTDdznlKFg0aAuMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY3NzM3MDNlYjRlYWIzNjdhYjlkZTkxYTJhYzQxZWUzMjAx NDAzMGYwHhcNMjUxMjExMDcwMDU2WhcNMjUxMjEyMDcwMDU2WjAzMTEwLwYDVQQD Eyg0NDZiMWE2NzBjMWUzNTRhYTE5NjhiNzIxZDFlYWQ5ZTE1ZThjMzlmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsoDs6RUGXY7NO0QMDfLmnS55oOJm C/8O4KouVxzd5mGLMt9520d5j+FUFOGRYDJG0S0pc8zkdN2DOl1LRhPVpaFUR90I ncCJg1w6evQClIZbk2gu2rucacXqX2gP25gpAnuW8CXrz9WcJdNjKi9csbt7EcSY JCwFEKkWE0IXXZ0GLIR8dMrWZn/eK2uY3S8HFSesNWGvZqMv1ghb7pPCmFtPu1UI pRXKIIQM0IZAiTGU6jvZkMl+bsx03C28RLiuH5gctgPUjYUwprlW3mJdZfuwsSme 1lp0gZv7Z99wSmKDOg6ugWNwYq67e6dnM9vmuh03tnSPRRRbq7GzoVxD/wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFERrGmcMHjVKoZaLch0erZ4V6MOfMB8GA1UdIwQY MBaAFGdzcD606rNnq53pGirEHuMgFAMPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWjNOd1ByVHFzMmVybmVrYUtzUWU0eUFVQXc4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC84Y2E2NTUtMWU4Yy00MjQzLTg4ZGYt NDdmZWJiMGFjMjU5LzEvWjNOd1ByVHFzMmVybmVrYUtzUWU0eUFVQXc4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNC84Y2E2NTUtMWU4Yy00MjQzLTg4ZGYtNDdmZWJiMGFjMjU5 LzEvWjNOd1ByVHFzMmVybmVrYUtzUWU0eUFVQXc4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUwhjdKfc FNC1QBJ94GtuQe62+iAEQg4vpC0rX1U6unQCxW90+S+JDHFvBe3ZqLgcE9SCHA8T e04RGjL/T9DoD2NiexMTh4ljH2xfmyhIdb5X2j+jXMrWDCBGSjY3fuoP+14GNqcv sJZR+eKy7eLohi98YoO+XV74f46hz80RUHDo3MNnAOnenqV2/bKZwaMdbMKRvDMf dnHFjIYWHTd+fVf4tY3DNuXfGSRA7TXNOC/vifARwWljjz1Jza9KS3wz4+KmmMOa R+3Zq39sU0iHYrKfnp6G3b1RU2/9z1w42yyb7eh/kJXECasi1RtnSuPhdCH51YfH B+20GzEyKSkXBA== -----END CERTIFICATE-----Generated at Mon Dec 15 19:49:31 2025 by rpki-client