This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/4b2fb2-c0ab-4eec-8d01-33d18bf6df55/1/Sz5ZaiTUNlDLYOj8yeRNb4ySnTU.mft File: Sz5ZaiTUNlDLYOj8yeRNb4ySnTU.mft (raw, json) Hash identifier: AeAICK18n4vM/LvPQOqzd/ats/o0K3rtB0LkXxQZQfM= Subject key identifier: D5:BA:01:DF:C6:40:A5:DA:72:20:DA:BD:AF:84:91:AE:2C:56:E9:0F Authority key identifier: 4B:3E:59:6A:24:D4:36:50:CB:60:E8:FC:C9:E4:4D:6F:8C:92:9D:35 Certificate issuer: /CN=4b3e596a24d43650cb60e8fcc9e44d6f8c929d35 Certificate serial: 019B3D5975B16693EDF8B71498E85A6DB222 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Sz5ZaiTUNlDLYOj8yeRNb4ySnTU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/4b2fb2-c0ab-4eec-8d01-33d18bf6df55/1/Sz5ZaiTUNlDLYOj8yeRNb4ySnTU.mft Manifest number: 07B1 Signing time: Sat 20 Dec 2025 20:00:31 +0000 Manifest this update: Sat 20 Dec 2025 20:00:31 +0000 Manifest next update: Sun 21 Dec 2025 20:00:31 +0000 Files and hashes: 1: 69EZo_UvSYLCIwLzPyqCblCyZzI.roa (hash: 2naW8CuEgpZKAi+BoeweFMMKRLa2fsvkiMt8udbwEtM=) 2: Sz5ZaiTUNlDLYOj8yeRNb4ySnTU.crl (hash: XUOgNLMNVf0iOHVKtoSxp3B/WckjXSiYbOiwpZLXU30=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/4b2fb2-c0ab-4eec-8d01-33d18bf6df55/1/Sz5ZaiTUNlDLYOj8yeRNb4ySnTU.crl rsync://rpki.ripe.net/repository/DEFAULT/43/4b2fb2-c0ab-4eec-8d01-33d18bf6df55/1/Sz5ZaiTUNlDLYOj8yeRNb4ySnTU.mft rsync://rpki.ripe.net/repository/DEFAULT/Sz5ZaiTUNlDLYOj8yeRNb4ySnTU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 15:46:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3d:59:75:b1:66:93:ed:f8:b7:14:98:e8:5a:6d:b2:22 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4b3e596a24d43650cb60e8fcc9e44d6f8c929d35 Validity Not Before: Dec 20 20:00:31 2025 GMT Not After : Dec 21 20:00:31 2025 GMT Subject: CN=d5ba01dfc640a5da7220dabdaf8491ae2c56e90f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:6c:b7:b5:54:4c:33:4b:06:b5:e5:4d:aa:a6: d9:fb:b6:68:0b:31:28:e8:c4:d4:c4:b3:e4:59:0a: 3f:e9:59:33:83:61:90:c7:03:9c:80:6b:cd:fa:f0: 83:93:0d:d1:71:de:ca:bf:ed:06:7d:3e:d6:04:1f: 59:e1:08:0d:04:5d:de:ec:b1:ad:26:16:2d:8c:bb: e2:f6:8a:07:e7:65:df:a5:48:62:c3:6e:e7:1f:db: 59:c1:ae:47:3e:bb:39:86:92:42:03:59:d2:b8:b1: af:62:4d:c1:ff:6d:bd:fc:9c:a8:5d:f2:9c:d2:07: 2b:3d:c0:1f:f1:dd:a3:ee:6c:1b:e4:60:74:cd:c6: 16:98:88:57:25:3d:8e:8d:e8:58:41:a6:b6:ed:65: 73:d5:13:0f:d6:95:f0:76:a3:48:a4:9a:a9:63:44: cd:68:71:89:b7:1f:98:a5:3d:39:ea:8a:2a:ab:aa: 73:a4:5b:e6:76:23:f8:e0:f3:b8:b6:8b:de:e0:8b: 92:b9:99:f3:d1:d7:f0:a6:1a:16:dc:16:fb:0f:a2: 91:58:b7:7f:3a:ca:fe:c0:e2:e0:42:86:1b:cf:03: 91:71:05:e3:e1:cd:60:2a:96:c6:ad:d4:c1:84:0f: 91:45:04:f4:d1:c1:c3:90:6f:bd:18:a3:77:86:44: 8f:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D5:BA:01:DF:C6:40:A5:DA:72:20:DA:BD:AF:84:91:AE:2C:56:E9:0F X509v3 Authority Key Identifier: keyid:4B:3E:59:6A:24:D4:36:50:CB:60:E8:FC:C9:E4:4D:6F:8C:92:9D:35 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sz5ZaiTUNlDLYOj8yeRNb4ySnTU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/4b2fb2-c0ab-4eec-8d01-33d18bf6df55/1/Sz5ZaiTUNlDLYOj8yeRNb4ySnTU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/43/4b2fb2-c0ab-4eec-8d01-33d18bf6df55/1/Sz5ZaiTUNlDLYOj8yeRNb4ySnTU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8f:66:0d:f9:32:ec:06:dc:ff:39:ea:ea:91:25:7d:1f:8e:58: b7:9e:25:98:dc:31:01:fe:87:d5:98:15:36:6d:29:f7:d8:5e: dd:16:e9:d0:e1:9a:9d:b4:3c:eb:0f:8d:54:36:c6:8e:56:69: a2:b0:4c:c6:bd:04:6f:70:8b:57:c4:a2:58:de:ff:c9:39:d7: fe:1a:4d:08:bd:eb:bd:d0:f9:b5:ce:f5:4b:b8:86:88:ca:ac: 81:6d:a2:59:54:04:e3:d8:b6:66:51:f8:eb:3b:6b:a6:f9:79: 6d:b7:00:2b:37:5f:46:b1:89:e3:61:a6:ee:1a:c2:b1:ad:21: d4:21:29:a2:a2:f0:ae:10:c0:2c:7d:d9:bc:87:5f:cd:83:d2: 26:95:2a:db:e5:a4:d2:10:b5:a3:0a:dc:fa:01:15:f3:50:48: 65:12:5b:87:fd:48:52:10:04:cb:79:43:9e:f1:df:72:e5:88: 52:b4:e2:18:12:92:a7:ab:ef:a5:63:6e:d9:21:a4:a1:01:16: fb:ae:8b:02:51:0f:d6:6e:ea:74:c3:0d:c5:8a:ae:0c:b5:52: 76:b7:92:bb:f7:85:14:d2:ea:3b:2f:9e:d0:d0:9e:e9:8d:37: 8d:d7:25:44:4c:24:22:2c:48:91:c7:bf:73:74:3b:0d:5a:d8: fd:b1:68:67 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs9WXWxZpPt+LcUmOhabbIiMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRiM2U1OTZhMjRkNDM2NTBjYjYwZThmY2M5ZTQ0ZDZmOGM5 MjlkMzUwHhcNMjUxMjIwMjAwMDMxWhcNMjUxMjIxMjAwMDMxWjAzMTEwLwYDVQQD EyhkNWJhMDFkZmM2NDBhNWRhNzIyMGRhYmRhZjg0OTFhZTJjNTZlOTBmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlWy3tVRMM0sGteVNqqbZ+7ZoCzEo 6MTUxLPkWQo/6Vkzg2GQxwOcgGvN+vCDkw3Rcd7Kv+0GfT7WBB9Z4QgNBF3e7LGt JhYtjLvi9ooH52XfpUhiw27nH9tZwa5HPrs5hpJCA1nSuLGvYk3B/229/JyoXfKc 0gcrPcAf8d2j7mwb5GB0zcYWmIhXJT2OjehYQaa27WVz1RMP1pXwdqNIpJqpY0TN aHGJtx+YpT056ooqq6pzpFvmdiP44PO4tove4IuSuZnz0dfwphoW3Bb7D6KRWLd/ Osr+wOLgQoYbzwORcQXj4c1gKpbGrdTBhA+RRQT00cHDkG+9GKN3hkSPlQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNW6Ad/GQKXaciDava+Eka4sVukPMB8GA1UdIwQY MBaAFEs+WWok1DZQy2Do/MnkTW+Mkp01MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvU3o1WmFpVFVObERMWU9qOHllUk5iNHlTblRVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My80YjJmYjItYzBhYi00ZWVjLThkMDEt MzNkMThiZjZkZjU1LzEvU3o1WmFpVFVObERMWU9qOHllUk5iNHlTblRVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80My80YjJmYjItYzBhYi00ZWVjLThkMDEtMzNkMThiZjZkZjU1 LzEvU3o1WmFpVFVObERMWU9qOHllUk5iNHlTblRVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAj2YN+TLs Btz/OerqkSV9H45Yt54lmNwxAf6H1ZgVNm0p99he3Rbp0OGanbQ86w+NVDbGjlZp orBMxr0Eb3CLV8SiWN7/yTnX/hpNCL3rvdD5tc71S7iGiMqsgW2iWVQE49i2ZlH4 6ztrpvl5bbcAKzdfRrGJ42Gm7hrCsa0h1CEpoqLwrhDALH3ZvIdfzYPSJpUq2+Wk 0hC1owrc+gEV81BIZRJbh/1IUhAEy3lDnvHfcuWIUrTiGBKSp6vvpWNu2SGkoQEW +66LAlEP1m7qdMMNxYquDLVSdreSu/eFFNLqOy+e0NCe6Y03jdclREwkIixIkce/ c3Q7DVrY/bFoZw== -----END CERTIFICATE-----Generated at Sat Dec 20 21:32:12 2025 by rpki-client