This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/db5f5e-7b7d-4b28-a9b3-0ac1bbd434d0/1/vzrHIKEXt01NE8Jj95R3kp7btLw.mft File: vzrHIKEXt01NE8Jj95R3kp7btLw.mft (raw, json) Hash identifier: iBb+D2A6f3AW3ucHHS12XZaEDC5lehomC7Jcqj28VEA= Subject key identifier: B7:9A:48:AC:E2:D9:32:4A:40:B4:F7:95:F6:B2:71:EF:8C:ED:16:4D Authority key identifier: BF:3A:C7:20:A1:17:B7:4D:4D:13:C2:63:F7:94:77:92:9E:DB:B4:BC Certificate issuer: /CN=bf3ac720a117b74d4d13c263f79477929edbb4bc Certificate serial: 019B44DCBBB4D1AAEFCF5A7B2F4CC0760810 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vzrHIKEXt01NE8Jj95R3kp7btLw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/db5f5e-7b7d-4b28-a9b3-0ac1bbd434d0/1/vzrHIKEXt01NE8Jj95R3kp7btLw.mft Manifest number: 0576 Signing time: Mon 22 Dec 2025 07:01:15 +0000 Manifest this update: Mon 22 Dec 2025 07:01:15 +0000 Manifest next update: Tue 23 Dec 2025 07:01:15 +0000 Files and hashes: 1: vzrHIKEXt01NE8Jj95R3kp7btLw.crl (hash: zdgpnn8oUkGbKPaFpQbx4ID7jaZjXq/cXsW5Lka/XWA=) 2: y3g1z7Zmigqej1DGQ1gx3ilZaM8.roa (hash: ce+FeJaNssRXQv9hff7wkEZwcN/xUnX9DV6JIGk2oTM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/db5f5e-7b7d-4b28-a9b3-0ac1bbd434d0/1/vzrHIKEXt01NE8Jj95R3kp7btLw.crl rsync://rpki.ripe.net/repository/DEFAULT/17/db5f5e-7b7d-4b28-a9b3-0ac1bbd434d0/1/vzrHIKEXt01NE8Jj95R3kp7btLw.mft rsync://rpki.ripe.net/repository/DEFAULT/vzrHIKEXt01NE8Jj95R3kp7btLw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 07:01:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:44:dc:bb:b4:d1:aa:ef:cf:5a:7b:2f:4c:c0:76:08:10 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=bf3ac720a117b74d4d13c263f79477929edbb4bc Validity Not Before: Dec 22 07:01:15 2025 GMT Not After : Dec 23 07:01:15 2025 GMT Subject: CN=b79a48ace2d9324a40b4f795f6b271ef8ced164d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:77:af:a6:53:d7:83:eb:2a:18:8e:65:5a:ad: 76:e4:cc:df:d5:5c:07:5c:c8:69:c2:6c:96:72:5f: a7:63:59:68:fe:d3:a4:1e:60:6a:94:3c:ea:12:f9: a5:a0:4c:8b:c8:fc:a7:61:95:26:31:6f:a9:57:e1: 5a:bc:bb:22:e8:d0:fd:a8:6d:d3:da:f4:11:c0:32: 6f:31:ed:75:a8:b6:d0:ee:5c:9e:4b:c9:65:9b:a2: 82:6b:88:d9:d4:e6:58:8d:ff:50:82:ca:bc:8a:ac: 16:7b:07:c4:45:1d:fe:cf:ee:90:a3:68:d8:39:2c: d4:86:3c:96:4a:dd:99:cb:8f:45:58:fe:f5:d1:9f: aa:64:cd:01:31:31:45:32:c3:46:f9:69:07:98:4d: 6b:98:20:e1:5a:52:7d:9f:b2:d1:27:a5:0a:1e:f2: f9:61:1a:0d:9a:cd:f5:fd:e0:d1:08:18:40:c8:8e: 55:4a:65:7a:ef:3d:7b:89:b6:d0:ff:7d:a6:a1:01: a1:f4:20:12:9c:16:2f:e2:5f:ca:f2:a2:fd:a8:0e: 61:2e:36:05:a4:ca:08:e4:ad:2a:21:3d:9c:ae:95: 31:0f:98:66:b4:52:99:93:ce:71:57:1e:3e:4d:0f: fa:9a:8a:04:43:3d:9a:94:c2:54:8b:20:14:e2:09: fc:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B7:9A:48:AC:E2:D9:32:4A:40:B4:F7:95:F6:B2:71:EF:8C:ED:16:4D X509v3 Authority Key Identifier: keyid:BF:3A:C7:20:A1:17:B7:4D:4D:13:C2:63:F7:94:77:92:9E:DB:B4:BC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vzrHIKEXt01NE8Jj95R3kp7btLw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db5f5e-7b7d-4b28-a9b3-0ac1bbd434d0/1/vzrHIKEXt01NE8Jj95R3kp7btLw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db5f5e-7b7d-4b28-a9b3-0ac1bbd434d0/1/vzrHIKEXt01NE8Jj95R3kp7btLw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 41:9c:0d:3b:9a:6b:66:37:e0:d4:a7:77:42:59:35:bf:f8:6e: 3b:f8:fb:f0:94:48:e6:c3:10:91:e1:17:b7:bd:97:8f:fe:9e: 56:7f:06:e0:54:1c:d4:00:ae:cb:59:19:f2:a8:6b:3e:c8:15: 5b:ec:e5:00:36:24:5d:78:e4:7d:d4:bd:69:73:d3:3c:0e:b1: 90:5c:92:a7:56:d9:9e:dc:77:d0:37:12:89:65:c2:32:e6:49: b0:9f:9c:8e:96:af:a2:62:b9:26:0f:68:9e:5a:f6:00:e2:28: e3:26:75:34:ba:70:ad:9b:fb:34:ac:b0:c2:fc:6a:46:f3:5d: b5:f8:93:b2:f1:cc:49:1e:a6:e7:7e:38:65:c4:59:4a:72:2b: 47:43:29:9a:16:c7:5e:7d:5b:f0:83:80:8c:3f:79:7f:65:bc: e6:44:6b:87:a6:07:f2:8d:e6:7b:e4:b9:33:43:55:31:a1:28: d9:22:a6:df:ff:f8:2b:fd:2d:7a:08:f0:3a:cc:cd:7c:aa:de: 9c:2d:a1:38:fe:cc:a7:f3:c1:51:e1:5b:90:4b:96:57:99:28: ff:fe:17:f6:d2:9b:5e:2a:c4:3f:79:55:40:5a:cc:c5:72:ab: 61:49:ea:10:bf:0e:92:d3:2a:17:04:b2:9a:38:ce:c8:2a:56: 3f:88:6a:e6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtE3Lu00arvz1p7L0zAdggQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJmM2FjNzIwYTExN2I3NGQ0ZDEzYzI2M2Y3OTQ3NzkyOWVk YmI0YmMwHhcNMjUxMjIyMDcwMTE1WhcNMjUxMjIzMDcwMTE1WjAzMTEwLwYDVQQD EyhiNzlhNDhhY2UyZDkzMjRhNDBiNGY3OTVmNmIyNzFlZjhjZWQxNjRkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlnevplPXg+sqGI5lWq125Mzf1VwH XMhpwmyWcl+nY1lo/tOkHmBqlDzqEvmloEyLyPynYZUmMW+pV+FavLsi6ND9qG3T 2vQRwDJvMe11qLbQ7lyeS8llm6KCa4jZ1OZYjf9Qgsq8iqwWewfERR3+z+6Qo2jY OSzUhjyWSt2Zy49FWP710Z+qZM0BMTFFMsNG+WkHmE1rmCDhWlJ9n7LRJ6UKHvL5 YRoNms31/eDRCBhAyI5VSmV67z17ibbQ/32moQGh9CASnBYv4l/K8qL9qA5hLjYF pMoI5K0qIT2crpUxD5hmtFKZk85xVx4+TQ/6mooEQz2alMJUiyAU4gn8FQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLeaSKzi2TJKQLT3lfayce+M7RZNMB8GA1UdIwQY MBaAFL86xyChF7dNTRPCY/eUd5Ke27S8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdnpySElLRVh0MDFORThKajk1UjNrcDdidEx3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9kYjVmNWUtN2I3ZC00YjI4LWE5YjMt MGFjMWJiZDQzNGQwLzEvdnpySElLRVh0MDFORThKajk1UjNrcDdidEx3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNy9kYjVmNWUtN2I3ZC00YjI4LWE5YjMtMGFjMWJiZDQzNGQw LzEvdnpySElLRVh0MDFORThKajk1UjNrcDdidEx3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQZwNO5pr Zjfg1Kd3Qlk1v/huO/j78JRI5sMQkeEXt72Xj/6eVn8G4FQc1ACuy1kZ8qhrPsgV W+zlADYkXXjkfdS9aXPTPA6xkFySp1bZntx30DcSiWXCMuZJsJ+cjpavomK5Jg9o nlr2AOIo4yZ1NLpwrZv7NKywwvxqRvNdtfiTsvHMSR6m5344ZcRZSnIrR0MpmhbH Xn1b8IOAjD95f2W85kRrh6YH8o3me+S5M0NVMaEo2SKm3//4K/0tegjwOszNfKre nC2hOP7Mp/PBUeFbkEuWV5ko//4X9tKbXirEP3lVQFrMxXKrYUnqEL8OktMqFwSy mjjOyCpWP4hq5g== -----END CERTIFICATE-----Generated at Mon Dec 22 17:07:23 2025 by rpki-client