This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/4b2fb2-c0ab-4eec-8d01-33d18bf6df55/1/Sz5ZaiTUNlDLYOj8yeRNb4ySnTU.mft File: Sz5ZaiTUNlDLYOj8yeRNb4ySnTU.mft (raw, json) Hash identifier: fLbcWzQaXUAZZEbsy0FzWvjd+PsEFs84zVHtjL6cgnw= Subject key identifier: C4:63:60:ED:FB:0B:B6:23:8A:03:47:3E:2A:FB:BE:FB:E1:7C:8A:D0 Authority key identifier: 4B:3E:59:6A:24:D4:36:50:CB:60:E8:FC:C9:E4:4D:6F:8C:92:9D:35 Certificate issuer: /CN=4b3e596a24d43650cb60e8fcc9e44d6f8c929d35 Certificate serial: 019B67D6A2A7D3322CB250939EABDEE83FE1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Sz5ZaiTUNlDLYOj8yeRNb4ySnTU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/4b2fb2-c0ab-4eec-8d01-33d18bf6df55/1/Sz5ZaiTUNlDLYOj8yeRNb4ySnTU.mft Manifest number: 07C7 Signing time: Mon 29 Dec 2025 02:01:17 +0000 Manifest this update: Mon 29 Dec 2025 02:01:17 +0000 Manifest next update: Tue 30 Dec 2025 02:01:17 +0000 Files and hashes: 1: 69EZo_UvSYLCIwLzPyqCblCyZzI.roa (hash: 2naW8CuEgpZKAi+BoeweFMMKRLa2fsvkiMt8udbwEtM=) 2: Sz5ZaiTUNlDLYOj8yeRNb4ySnTU.crl (hash: R2py7V8qLQIKCODohgb70SonLpUPd9TnrJV7qa2wtYM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/4b2fb2-c0ab-4eec-8d01-33d18bf6df55/1/Sz5ZaiTUNlDLYOj8yeRNb4ySnTU.crl rsync://rpki.ripe.net/repository/DEFAULT/43/4b2fb2-c0ab-4eec-8d01-33d18bf6df55/1/Sz5ZaiTUNlDLYOj8yeRNb4ySnTU.mft rsync://rpki.ripe.net/repository/DEFAULT/Sz5ZaiTUNlDLYOj8yeRNb4ySnTU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 30 Dec 2025 02:01:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:67:d6:a2:a7:d3:32:2c:b2:50:93:9e:ab:de:e8:3f:e1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4b3e596a24d43650cb60e8fcc9e44d6f8c929d35 Validity Not Before: Dec 29 02:01:17 2025 GMT Not After : Dec 30 02:01:17 2025 GMT Subject: CN=c46360edfb0bb6238a03473e2afbbefbe17c8ad0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:f3:be:61:f8:62:a2:8e:76:2e:d5:82:e5:12: 70:75:53:7e:4a:ca:6a:bf:be:b5:c7:ed:4d:90:99: bb:34:a9:d9:88:a2:5f:cb:db:ec:04:42:e3:7a:fb: 28:91:bb:0d:fa:8a:48:07:3c:bf:a6:16:50:9b:7e: 2f:f1:b6:13:3d:7d:ac:36:75:ba:62:d1:61:43:99: c0:9a:64:2a:be:b3:bb:8a:6e:4c:cc:28:25:d2:3d: 21:46:4b:11:9b:06:91:32:0c:a2:bf:9e:4a:4c:d1: e4:59:fd:59:f0:00:47:4a:d1:74:5e:d2:e5:26:a5: a8:11:d9:ca:df:c5:c5:a7:74:2b:30:da:26:0a:f4: 1a:e0:5c:02:76:f5:3e:8b:b2:cf:db:ae:9c:7e:61: c6:be:1a:18:45:fc:36:81:fb:b7:ac:51:4e:11:f5: 33:f0:59:b9:46:17:d2:1f:ef:01:e8:e0:70:f2:73: 5c:9d:cf:0c:14:84:c6:b6:73:1d:e9:70:c2:fa:eb: 06:74:ee:a6:cd:c2:4b:9b:54:70:8e:34:3c:28:38: 75:31:62:de:c9:8d:06:61:82:5b:27:85:d3:74:b1: c3:b4:4b:77:54:c8:ae:32:9d:72:dc:15:f7:cd:9c: 04:1a:67:8b:c5:ff:09:03:95:8b:3e:c8:87:bb:93: 80:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C4:63:60:ED:FB:0B:B6:23:8A:03:47:3E:2A:FB:BE:FB:E1:7C:8A:D0 X509v3 Authority Key Identifier: keyid:4B:3E:59:6A:24:D4:36:50:CB:60:E8:FC:C9:E4:4D:6F:8C:92:9D:35 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sz5ZaiTUNlDLYOj8yeRNb4ySnTU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/4b2fb2-c0ab-4eec-8d01-33d18bf6df55/1/Sz5ZaiTUNlDLYOj8yeRNb4ySnTU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/43/4b2fb2-c0ab-4eec-8d01-33d18bf6df55/1/Sz5ZaiTUNlDLYOj8yeRNb4ySnTU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8d:39:c1:32:1f:57:43:8b:b7:3d:b2:86:be:39:f7:03:01:05: b2:6d:aa:df:1f:5c:0a:95:d7:25:2f:ac:ee:b7:29:61:2b:2e: c8:2c:28:5f:53:ad:7a:46:e2:64:67:6a:9a:fb:1c:6e:8f:a7: fd:18:2c:65:3d:d0:83:0f:11:5e:28:dd:0f:e0:d3:de:7f:36: 49:87:59:81:30:13:a9:28:ad:65:eb:f5:06:90:fe:07:16:1c: c5:30:32:5c:29:d3:cd:cb:ab:cf:a3:a0:0d:b9:de:e4:40:e4: aa:59:be:9f:6b:9d:13:07:8a:79:6c:b0:85:f0:80:ba:f2:c7: 98:62:4d:41:68:6b:5f:c9:ee:be:d6:aa:98:dc:17:1d:51:39: 00:75:2e:62:2c:f2:65:20:ca:a7:01:9a:8b:10:d2:74:e0:c1: 04:f6:77:ee:bb:3e:9e:50:fb:b1:e0:1c:45:5e:a5:e8:a7:2c: b3:91:1e:7a:7c:5c:d5:ec:2f:4d:0c:58:d9:0e:51:b8:67:36: 28:44:6f:a1:c2:c0:e5:02:23:62:51:5a:07:ce:b4:38:7d:b7: 3d:3c:e7:7f:b1:4b:cb:1b:70:5a:92:3c:19:a5:2e:cd:03:28: 5d:d6:dc:97:44:15:b4:d6:01:b9:ed:84:3d:d4:0b:c2:c7:cc: ae:5e:c5:b5 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtn1qKn0zIsslCTnqve6D/hMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRiM2U1OTZhMjRkNDM2NTBjYjYwZThmY2M5ZTQ0ZDZmOGM5 MjlkMzUwHhcNMjUxMjI5MDIwMTE3WhcNMjUxMjMwMDIwMTE3WjAzMTEwLwYDVQQD EyhjNDYzNjBlZGZiMGJiNjIzOGEwMzQ3M2UyYWZiYmVmYmUxN2M4YWQwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyvO+Yfhioo52LtWC5RJwdVN+Sspq v761x+1NkJm7NKnZiKJfy9vsBELjevsokbsN+opIBzy/phZQm34v8bYTPX2sNnW6 YtFhQ5nAmmQqvrO7im5MzCgl0j0hRksRmwaRMgyiv55KTNHkWf1Z8ABHStF0XtLl JqWoEdnK38XFp3QrMNomCvQa4FwCdvU+i7LP266cfmHGvhoYRfw2gfu3rFFOEfUz 8Fm5RhfSH+8B6OBw8nNcnc8MFITGtnMd6XDC+usGdO6mzcJLm1RwjjQ8KDh1MWLe yY0GYYJbJ4XTdLHDtEt3VMiuMp1y3BX3zZwEGmeLxf8JA5WLPsiHu5OAsQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMRjYO37C7YjigNHPir7vvvhfIrQMB8GA1UdIwQY MBaAFEs+WWok1DZQy2Do/MnkTW+Mkp01MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvU3o1WmFpVFVObERMWU9qOHllUk5iNHlTblRVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My80YjJmYjItYzBhYi00ZWVjLThkMDEt MzNkMThiZjZkZjU1LzEvU3o1WmFpVFVObERMWU9qOHllUk5iNHlTblRVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80My80YjJmYjItYzBhYi00ZWVjLThkMDEtMzNkMThiZjZkZjU1 LzEvU3o1WmFpVFVObERMWU9qOHllUk5iNHlTblRVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjTnBMh9X Q4u3PbKGvjn3AwEFsm2q3x9cCpXXJS+s7rcpYSsuyCwoX1OtekbiZGdqmvscbo+n /RgsZT3Qgw8RXijdD+DT3n82SYdZgTATqSitZev1BpD+BxYcxTAyXCnTzcurz6Og Dbne5EDkqlm+n2udEweKeWywhfCAuvLHmGJNQWhrX8nuvtaqmNwXHVE5AHUuYizy ZSDKpwGaixDSdODBBPZ37rs+nlD7seAcRV6l6Kcss5Eeenxc1ewvTQxY2Q5RuGc2 KERvocLA5QIjYlFaB860OH23PTznf7FLyxtwWpI8GaUuzQMoXdbcl0QVtNYBue2E PdQLwsfMrl7FtQ== -----END CERTIFICATE-----Generated at Mon Dec 29 08:31:28 2025 by rpki-client