This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/d7cf94-ac61-4fbf-adf0-57eaf833ab0b/1/CzVgh8IMejJUFv2oA8t289p5R6k.mft File: CzVgh8IMejJUFv2oA8t289p5R6k.mft (raw, json) Hash identifier: i/s251FsYlqfvgEDxaaW2zIv7elpNTwjK7km76YkP7w= Subject key identifier: DA:6C:D6:06:15:0B:6A:BD:0D:CA:FC:38:08:F0:26:50:EC:3E:A2:00 Authority key identifier: 0B:35:60:87:C2:0C:7A:32:54:16:FD:A8:03:CB:76:F3:DA:79:47:A9 Certificate issuer: /CN=0b356087c20c7a325416fda803cb76f3da7947a9 Certificate serial: 019B4393344412BBD6EF7A239E8618958D35 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CzVgh8IMejJUFv2oA8t289p5R6k.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/d7cf94-ac61-4fbf-adf0-57eaf833ab0b/1/CzVgh8IMejJUFv2oA8t289p5R6k.mft Manifest number: 0515 Signing time: Mon 22 Dec 2025 01:01:19 +0000 Manifest this update: Mon 22 Dec 2025 01:01:19 +0000 Manifest next update: Tue 23 Dec 2025 01:01:19 +0000 Files and hashes: 1: CzVgh8IMejJUFv2oA8t289p5R6k.crl (hash: 4eLF/osbiaRIrk+zDwwNBgkMcr37duu8+QrhEE0AUq8=) 2: VWgiKeUlZyr_tkfBtwpTnh3j5es.roa (hash: F+rSoMMmSh1ZRMmb8OY6V8ChtegfB1X8DkMugPNoNpA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/d7cf94-ac61-4fbf-adf0-57eaf833ab0b/1/CzVgh8IMejJUFv2oA8t289p5R6k.crl rsync://rpki.ripe.net/repository/DEFAULT/20/d7cf94-ac61-4fbf-adf0-57eaf833ab0b/1/CzVgh8IMejJUFv2oA8t289p5R6k.mft rsync://rpki.ripe.net/repository/DEFAULT/CzVgh8IMejJUFv2oA8t289p5R6k.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:43:93:34:44:12:bb:d6:ef:7a:23:9e:86:18:95:8d:35 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0b356087c20c7a325416fda803cb76f3da7947a9 Validity Not Before: Dec 22 01:01:19 2025 GMT Not After : Dec 23 01:01:19 2025 GMT Subject: CN=da6cd606150b6abd0dcafc3808f02650ec3ea200 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:85:12:a8:9f:02:a6:f5:f5:84:0c:9a:4e:83: a0:f9:45:8c:db:2d:42:32:76:45:31:a6:a0:c5:98: ea:17:40:11:b9:21:d1:19:4e:f2:21:39:b0:39:4b: 6a:9e:2b:62:95:41:7a:a2:e7:7c:3b:de:97:1f:d6: 37:af:50:9d:5e:16:57:09:a1:5b:9d:8b:f2:5f:6b: 62:c6:e7:31:83:68:47:01:a5:b4:f8:40:26:11:58: 84:94:9f:35:22:b4:b1:90:c1:59:40:61:1f:a5:2a: d6:31:28:bf:27:57:48:55:6e:3a:8b:97:04:b1:cc: 3f:b8:ea:7d:db:16:39:16:36:09:da:cc:66:37:31: 06:48:9b:6a:13:30:7c:9f:29:12:c5:e8:32:60:b2: 82:1f:a5:bb:52:63:65:e7:da:90:9e:fe:0a:87:28: b7:8e:fd:69:89:29:e7:0a:7a:88:fb:21:98:d3:e2: 08:93:dc:87:99:66:5d:81:1c:94:2c:d4:91:40:57: 8e:0e:55:bb:4d:a6:a5:d8:b5:fd:7a:68:0b:a0:0b: 3f:f6:d0:78:5c:af:a0:00:a2:92:de:1f:21:ea:5c: 57:a8:d4:c2:0d:0f:3d:2c:4e:16:29:df:48:b2:38: ca:dd:77:8f:76:2d:bb:f2:22:fb:e2:f0:eb:9d:70: 12:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:6C:D6:06:15:0B:6A:BD:0D:CA:FC:38:08:F0:26:50:EC:3E:A2:00 X509v3 Authority Key Identifier: keyid:0B:35:60:87:C2:0C:7A:32:54:16:FD:A8:03:CB:76:F3:DA:79:47:A9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CzVgh8IMejJUFv2oA8t289p5R6k.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/d7cf94-ac61-4fbf-adf0-57eaf833ab0b/1/CzVgh8IMejJUFv2oA8t289p5R6k.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/20/d7cf94-ac61-4fbf-adf0-57eaf833ab0b/1/CzVgh8IMejJUFv2oA8t289p5R6k.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 50:60:b5:3e:72:1d:c0:2f:51:43:21:3d:95:ad:bf:d2:77:8c: a8:4f:66:1f:19:58:95:ac:04:93:a6:9a:38:c9:03:a8:51:3d: d8:5c:fc:a5:99:b1:2e:d5:f6:4f:5e:ca:94:74:d9:dc:e4:d2: 29:f9:a7:40:62:59:46:55:13:de:ba:db:a9:96:80:d4:ab:9f: 36:fd:7f:10:1e:7a:59:0a:90:0f:47:3e:4a:88:e2:a7:62:d8: 77:87:8e:28:98:e7:5c:fe:51:47:16:d8:d1:a4:47:f3:fd:cc: 4b:78:6a:f2:7d:b1:d2:e4:9b:ac:08:19:e5:27:49:41:ee:3f: 7d:c4:66:00:ad:5a:07:c9:ae:13:7e:8f:ec:b3:cd:0c:82:98: fd:cf:5d:3a:90:49:d1:4e:ce:67:14:0e:34:38:a0:57:54:33: 7e:51:6b:8f:ff:66:32:27:c0:ea:d3:7f:fc:a0:18:f8:71:05: f0:d1:6e:94:72:76:fe:1c:8d:a0:0a:0f:ac:9f:bc:5a:c5:16: cc:97:e9:ec:b4:ad:ae:ed:24:88:08:ef:59:96:6e:cd:1b:36: 3d:6f:e8:65:31:68:1b:96:44:34:fd:7e:52:a0:ec:ac:7f:dd: 50:50:fb:ee:7b:57:c1:2d:6e:ae:55:1a:2f:7f:d8:40:f2:19: 2a:e8:e4:36 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtDkzREErvW73ojnoYYlY01MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBiMzU2MDg3YzIwYzdhMzI1NDE2ZmRhODAzY2I3NmYzZGE3 OTQ3YTkwHhcNMjUxMjIyMDEwMTE5WhcNMjUxMjIzMDEwMTE5WjAzMTEwLwYDVQQD EyhkYTZjZDYwNjE1MGI2YWJkMGRjYWZjMzgwOGYwMjY1MGVjM2VhMjAwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2oUSqJ8CpvX1hAyaToOg+UWM2y1C MnZFMaagxZjqF0ARuSHRGU7yITmwOUtqnitilUF6oud8O96XH9Y3r1CdXhZXCaFb nYvyX2tixucxg2hHAaW0+EAmEViElJ81IrSxkMFZQGEfpSrWMSi/J1dIVW46i5cE scw/uOp92xY5FjYJ2sxmNzEGSJtqEzB8nykSxegyYLKCH6W7UmNl59qQnv4Khyi3 jv1piSnnCnqI+yGY0+IIk9yHmWZdgRyULNSRQFeODlW7Taal2LX9emgLoAs/9tB4 XK+gAKKS3h8h6lxXqNTCDQ89LE4WKd9IsjjK3XePdi278iL74vDrnXASqwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNps1gYVC2q9Dcr8OAjwJlDsPqIAMB8GA1UdIwQY MBaAFAs1YIfCDHoyVBb9qAPLdvPaeUepMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ3pWZ2g4SU1lakpVRnYyb0E4dDI4OXA1UjZrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC9kN2NmOTQtYWM2MS00ZmJmLWFkZjAt NTdlYWY4MzNhYjBiLzEvQ3pWZ2g4SU1lakpVRnYyb0E4dDI4OXA1UjZrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMC9kN2NmOTQtYWM2MS00ZmJmLWFkZjAtNTdlYWY4MzNhYjBi LzEvQ3pWZ2g4SU1lakpVRnYyb0E4dDI4OXA1UjZrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUGC1PnId wC9RQyE9la2/0neMqE9mHxlYlawEk6aaOMkDqFE92Fz8pZmxLtX2T17KlHTZ3OTS KfmnQGJZRlUT3rrbqZaA1KufNv1/EB56WQqQD0c+Sojip2LYd4eOKJjnXP5RRxbY 0aRH8/3MS3hq8n2x0uSbrAgZ5SdJQe4/fcRmAK1aB8muE36P7LPNDIKY/c9dOpBJ 0U7OZxQONDigV1QzflFrj/9mMifA6tN//KAY+HEF8NFulHJ2/hyNoAoPrJ+8WsUW zJfp7LStru0kiAjvWZZuzRs2PW/oZTFoG5ZENP1+UqDsrH/dUFD77ntXwS1urlUa L3/YQPIZKujkNg== -----END CERTIFICATE-----Generated at Mon Dec 22 03:58:56 2025 by rpki-client