This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.mft File: z4duDnrrYE0WMdSaAl4XitJ0qBI.mft (raw, json) Hash identifier: CbJrbwLunS6zMb5o8c+O/PwoHufZzMFG5WpfNug0/Kc= Subject key identifier: 69:5B:E4:B4:97:E8:81:0F:16:0D:66:D1:4D:3E:E2:57:77:32:88:4F Authority key identifier: CF:87:6E:0E:7A:EB:60:4D:16:31:D4:9A:02:5E:17:8A:D2:74:A8:12 Certificate issuer: /CN=cf876e0e7aeb604d1631d49a025e178ad274a812 Certificate serial: 019B58633B14A16F6E33C8A8819F907F2694 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z4duDnrrYE0WMdSaAl4XitJ0qBI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.mft Manifest number: 1793 Signing time: Fri 26 Dec 2025 02:00:56 +0000 Manifest this update: Fri 26 Dec 2025 02:00:56 +0000 Manifest next update: Sat 27 Dec 2025 02:00:56 +0000 Files and hashes: 1: z4duDnrrYE0WMdSaAl4XitJ0qBI.crl (hash: cXy27NdwcinUIZm7C60sHJgNlUW8scf7BvwpLRFyz4o=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.crl rsync://rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.mft rsync://rpki.ripe.net/repository/DEFAULT/z4duDnrrYE0WMdSaAl4XitJ0qBI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 02:00:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:58:63:3b:14:a1:6f:6e:33:c8:a8:81:9f:90:7f:26:94 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cf876e0e7aeb604d1631d49a025e178ad274a812 Validity Not Before: Dec 26 02:00:56 2025 GMT Not After : Dec 27 02:00:56 2025 GMT Subject: CN=695be4b497e8810f160d66d14d3ee2577732884f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:7c:d4:7e:aa:27:85:d9:c4:95:45:f8:e9:6e: ac:e7:27:0f:30:e1:9c:73:19:1b:62:0f:90:7d:5c: 7c:61:79:ef:b8:b9:90:c2:2d:8d:d9:54:95:e9:31: 42:8a:5c:21:f5:69:96:74:18:f2:37:ca:82:2c:d6: 91:16:b8:ba:6b:d5:90:17:d0:e4:d9:64:ed:5b:58: b6:27:d1:1b:60:87:81:24:22:b5:e9:98:1b:2e:4a: a9:36:32:c5:ae:96:78:35:f3:23:34:3f:e9:43:b9: 0c:87:43:8e:fe:35:b4:63:2f:c0:5a:c3:59:ba:19: 61:43:3e:95:60:7f:fe:58:d5:0c:20:ee:76:c3:80: b2:88:4b:88:e2:72:2c:54:a2:0b:26:ee:95:41:2d: bc:9a:e1:9b:b9:4f:6a:0b:78:10:12:29:63:94:a9: 64:89:91:c3:23:d4:ad:64:b6:65:49:44:be:4c:0f: 60:42:45:f6:e7:c3:f0:6c:b6:f7:a4:d0:7e:21:06: b1:d5:35:ad:e9:13:7b:3e:b8:e5:a3:ba:4b:2d:9d: 83:2f:ce:4c:3a:fd:e0:a2:72:9d:f2:16:6b:35:78: 68:8b:4f:68:c9:eb:4b:37:f1:d7:43:19:24:b1:14: 75:cc:d4:94:f5:92:5a:53:31:61:78:5d:1b:33:26: d3:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 69:5B:E4:B4:97:E8:81:0F:16:0D:66:D1:4D:3E:E2:57:77:32:88:4F X509v3 Authority Key Identifier: keyid:CF:87:6E:0E:7A:EB:60:4D:16:31:D4:9A:02:5E:17:8A:D2:74:A8:12 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z4duDnrrYE0WMdSaAl4XitJ0qBI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/27/a5bc8a-049d-4314-9b1a-29755a7c94fd/1/z4duDnrrYE0WMdSaAl4XitJ0qBI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 91:0e:f9:18:c2:30:70:0c:54:72:da:6f:ae:0d:3c:6e:72:e2: e7:6a:97:86:14:f3:26:04:d7:07:26:b1:68:3b:a6:60:e8:d5: 78:1a:99:84:e0:b2:cd:ce:0c:c0:67:2f:9f:62:ca:58:4f:7e: 49:f5:81:a4:2e:93:54:e0:7b:1b:70:d9:74:ce:14:c8:0d:bf: 6d:b7:87:de:41:3b:ac:45:e7:90:8c:ec:1f:1d:7e:1d:48:53: 23:48:f0:fa:13:db:0f:dd:ef:49:74:b6:e2:90:b8:30:1b:11: 8b:d2:f3:98:31:08:97:0b:fe:94:d3:d5:1d:60:94:e8:b6:35: 09:6f:1a:b1:62:89:c5:80:dc:97:f1:cd:db:71:ce:76:a2:91: 4b:b8:bf:46:96:d2:ad:c5:b5:6a:a4:b1:33:a8:84:8f:76:24: 2e:7f:10:2a:89:d0:05:42:20:06:5a:12:b7:32:6d:be:d8:1c: aa:4c:80:3a:91:10:fa:53:61:98:a8:3f:52:e8:94:45:54:0c: fa:e0:eb:50:5b:11:1e:60:76:8e:2e:cd:e4:c0:0b:16:6f:bc: fe:77:dd:26:15:5c:37:c1:2e:88:45:5d:c1:17:0d:c5:cf:0f: f0:9e:13:4b:66:27:a8:6b:4c:09:97:fc:15:3d:b5:e6:6b:e1: c9:a4:e3:11 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtYYzsUoW9uM8iogZ+QfyaUMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNmODc2ZTBlN2FlYjYwNGQxNjMxZDQ5YTAyNWUxNzhhZDI3 NGE4MTIwHhcNMjUxMjI2MDIwMDU2WhcNMjUxMjI3MDIwMDU2WjAzMTEwLwYDVQQD Eyg2OTViZTRiNDk3ZTg4MTBmMTYwZDY2ZDE0ZDNlZTI1Nzc3MzI4ODRmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw3zUfqonhdnElUX46W6s5ycPMOGc cxkbYg+QfVx8YXnvuLmQwi2N2VSV6TFCilwh9WmWdBjyN8qCLNaRFri6a9WQF9Dk 2WTtW1i2J9EbYIeBJCK16ZgbLkqpNjLFrpZ4NfMjND/pQ7kMh0OO/jW0Yy/AWsNZ uhlhQz6VYH/+WNUMIO52w4CyiEuI4nIsVKILJu6VQS28muGbuU9qC3gQEiljlKlk iZHDI9StZLZlSUS+TA9gQkX258PwbLb3pNB+IQax1TWt6RN7Prjlo7pLLZ2DL85M Ov3gonKd8hZrNXhoi09oyetLN/HXQxkksRR1zNSU9ZJaUzFheF0bMybTzQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGlb5LSX6IEPFg1m0U0+4ld3MohPMB8GA1UdIwQY MBaAFM+Hbg5662BNFjHUmgJeF4rSdKgSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvejRkdURucnJZRTBXTWRTYUFsNFhpdEowcUJJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9hNWJjOGEtMDQ5ZC00MzE0LTliMWEt Mjk3NTVhN2M5NGZkLzEvejRkdURucnJZRTBXTWRTYUFsNFhpdEowcUJJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNy9hNWJjOGEtMDQ5ZC00MzE0LTliMWEtMjk3NTVhN2M5NGZk LzEvejRkdURucnJZRTBXTWRTYUFsNFhpdEowcUJJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkQ75GMIw cAxUctpvrg08bnLi52qXhhTzJgTXByaxaDumYOjVeBqZhOCyzc4MwGcvn2LKWE9+ SfWBpC6TVOB7G3DZdM4UyA2/bbeH3kE7rEXnkIzsHx1+HUhTI0jw+hPbD93vSXS2 4pC4MBsRi9LzmDEIlwv+lNPVHWCU6LY1CW8asWKJxYDcl/HN23HOdqKRS7i/RpbS rcW1aqSxM6iEj3YkLn8QKonQBUIgBloStzJtvtgcqkyAOpEQ+lNhmKg/UuiURVQM +uDrUFsRHmB2ji7N5MALFm+8/nfdJhVcN8EuiEVdwRcNxc8P8J4TS2YnqGtMCZf8 FT215mvhyaTjEQ== -----END CERTIFICATE-----Generated at Fri Dec 26 09:36:29 2025 by rpki-client