This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.mft File: z4duDnrrYE0WMdSaAl4XitJ0qBI.mft (raw, json) Hash identifier: n7oE5cwpHnTDxv0iCm1iEYu1aRRUXqzFTkuV//IZI6Y= Subject key identifier: 60:5C:D1:E8:43:6D:56:6E:7C:9B:7F:9F:E5:AB:42:1A:5E:35:90:57 Authority key identifier: CF:87:6E:0E:7A:EB:60:4D:16:31:D4:9A:02:5E:17:8A:D2:74:A8:12 Certificate issuer: /CN=cf876e0e7aeb604d1631d49a025e178ad274a812 Certificate serial: 019B4ADEB7D542423B1C8ACF6CB9CCED46C4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z4duDnrrYE0WMdSaAl4XitJ0qBI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.mft Manifest number: 178C Signing time: Tue 23 Dec 2025 11:01:08 +0000 Manifest this update: Tue 23 Dec 2025 11:01:08 +0000 Manifest next update: Wed 24 Dec 2025 11:01:08 +0000 Files and hashes: 1: z4duDnrrYE0WMdSaAl4XitJ0qBI.crl (hash: F2VVUlYSH1H0tF93NxlBSXFZdcSko9LeOAYHyc7bS60=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.crl rsync://rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.mft rsync://rpki.ripe.net/repository/DEFAULT/z4duDnrrYE0WMdSaAl4XitJ0qBI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 24 Dec 2025 11:01:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4a:de:b7:d5:42:42:3b:1c:8a:cf:6c:b9:cc:ed:46:c4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cf876e0e7aeb604d1631d49a025e178ad274a812 Validity Not Before: Dec 23 11:01:08 2025 GMT Not After : Dec 24 11:01:08 2025 GMT Subject: CN=605cd1e8436d566e7c9b7f9fe5ab421a5e359057 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:78:e3:78:87:5f:5f:b2:99:d9:f7:bf:44:5d: 4b:74:32:4d:9b:b0:17:a6:6d:48:e7:dc:4f:e1:c3: 06:79:6b:fa:cf:d4:d1:77:6a:ee:0d:c3:df:16:c3: 50:bc:44:ad:7a:ba:62:c0:28:01:a1:f1:8f:ca:aa: 89:bf:0c:42:08:53:0b:d8:f6:f4:24:19:3c:be:25: 78:44:ef:f3:35:e1:07:38:0a:3b:1c:fc:db:0f:9e: 60:6c:c3:ff:d7:82:88:4f:d3:a8:aa:f9:34:c1:73: 94:12:91:13:f0:69:32:75:8b:35:e6:22:c1:88:d8: be:31:1b:b3:c4:83:0f:ae:db:a8:e2:6b:e1:f0:8c: 17:f7:e2:c7:a2:b3:30:6a:65:b5:12:ec:48:aa:1f: 00:76:09:01:8d:2f:af:d9:06:20:b9:30:6d:2b:55: 6e:86:e7:8e:eb:f9:a2:41:18:b2:e4:2c:0c:a2:b3: 7f:f4:a7:55:12:00:3b:a2:fd:f8:73:dc:97:a8:15: b9:00:9d:58:15:e3:f4:2a:09:28:35:15:48:91:47: e3:92:43:5d:fb:47:3f:9d:d2:70:a7:6c:ec:cf:59: 65:4c:79:b8:51:bd:71:6c:88:25:05:a1:ae:63:b3: ac:9f:58:43:c4:c1:02:48:2d:8e:59:65:fe:0f:2b: ae:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 60:5C:D1:E8:43:6D:56:6E:7C:9B:7F:9F:E5:AB:42:1A:5E:35:90:57 X509v3 Authority Key Identifier: keyid:CF:87:6E:0E:7A:EB:60:4D:16:31:D4:9A:02:5E:17:8A:D2:74:A8:12 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z4duDnrrYE0WMdSaAl4XitJ0qBI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 17:fd:17:ec:fa:da:5d:10:ca:a0:5f:04:95:09:9a:66:fb:78: 4b:1f:38:9b:89:c8:b6:7a:f9:df:b2:c8:df:df:13:69:54:8a: 99:3e:82:0a:ce:8e:e4:2a:52:b2:a0:f1:d4:7c:10:ec:e7:d0: a4:f7:3f:db:5f:8e:59:1e:eb:25:95:a6:a0:9a:05:b9:38:76: 0a:ae:71:a3:61:04:20:e3:ac:27:12:bd:a3:08:c7:56:ae:67: f0:8b:ea:c1:24:1a:a7:89:f8:45:a7:d6:46:1a:13:30:5f:09: 69:00:8c:1c:a1:28:84:8e:9c:f2:f6:32:67:bf:0f:3f:07:41: df:0c:42:65:12:27:95:2c:2b:c9:65:98:b9:7a:68:c0:5e:47: da:e3:86:37:4a:71:51:0f:11:11:a1:77:f2:c8:35:80:a5:1f: e8:49:04:85:19:cb:18:7c:a3:48:2b:08:60:82:1a:ae:2f:49: 82:6e:77:f1:cb:e3:13:ee:d7:f1:5b:3b:ea:04:6e:f7:fa:82: cc:13:1f:c0:27:f3:32:88:d7:3b:e6:90:93:ae:b1:64:c3:12: 2b:b3:db:b3:70:19:f6:d3:e4:d4:3e:07:8e:28:f6:b9:ab:9c: 16:2e:80:17:0f:73:94:c3:8d:72:93:cb:82:90:ce:b1:f7:2e: 8c:3f:10:8f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtK3rfVQkI7HIrPbLnM7UbEMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNmODc2ZTBlN2FlYjYwNGQxNjMxZDQ5YTAyNWUxNzhhZDI3 NGE4MTIwHhcNMjUxMjIzMTEwMTA4WhcNMjUxMjI0MTEwMTA4WjAzMTEwLwYDVQQD Eyg2MDVjZDFlODQzNmQ1NjZlN2M5YjdmOWZlNWFiNDIxYTVlMzU5MDU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAonjjeIdfX7KZ2fe/RF1LdDJNm7AX pm1I59xP4cMGeWv6z9TRd2ruDcPfFsNQvESterpiwCgBofGPyqqJvwxCCFML2Pb0 JBk8viV4RO/zNeEHOAo7HPzbD55gbMP/14KIT9Ooqvk0wXOUEpET8GkydYs15iLB iNi+MRuzxIMPrtuo4mvh8IwX9+LHorMwamW1EuxIqh8AdgkBjS+v2QYguTBtK1Vu hueO6/miQRiy5CwMorN/9KdVEgA7ov34c9yXqBW5AJ1YFeP0KgkoNRVIkUfjkkNd +0c/ndJwp2zsz1llTHm4Ub1xbIglBaGuY7Osn1hDxMECSC2OWWX+DyuulwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGBc0ehDbVZufJt/n+WrQhpeNZBXMB8GA1UdIwQY MBaAFM+Hbg5662BNFjHUmgJeF4rSdKgSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvejRkdURucnJZRTBXTWRTYUFsNFhpdEowcUJJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9hNWJjOGEtMDQ5ZC00MzE0LTliMWEt Mjk3NTVhN2M5NGZkLzEvejRkdURucnJZRTBXTWRTYUFsNFhpdEowcUJJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNy9hNWJjOGEtMDQ5ZC00MzE0LTliMWEtMjk3NTVhN2M5NGZk LzEvejRkdURucnJZRTBXTWRTYUFsNFhpdEowcUJJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAF/0X7Pra XRDKoF8ElQmaZvt4Sx84m4nItnr537LI398TaVSKmT6CCs6O5CpSsqDx1HwQ7OfQ pPc/21+OWR7rJZWmoJoFuTh2Cq5xo2EEIOOsJxK9owjHVq5n8IvqwSQap4n4RafW RhoTMF8JaQCMHKEohI6c8vYyZ78PPwdB3wxCZRInlSwryWWYuXpowF5H2uOGN0px UQ8REaF38sg1gKUf6EkEhRnLGHyjSCsIYIIari9Jgm538cvjE+7X8Vs76gRu9/qC zBMfwCfzMojXO+aQk66xZMMSK7Pbs3AZ9tPk1D4Hjij2uaucFi6AFw9zlMONcpPL gpDOsfcujD8Qjw== -----END CERTIFICATE-----Generated at Tue Dec 23 18:33:52 2025 by rpki-client