This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/68a014-7dba-4430-8dde-01c827d6e0fe/1/cZD11fkqSGNiF3pCs9Xv2iDiIOE.mft File: cZD11fkqSGNiF3pCs9Xv2iDiIOE.mft (raw, json) Hash identifier: qv1SopB5HzISVcEWCpQrNVsxy5rnKGRom85qoXBJx9g= Subject key identifier: 93:CB:8C:1A:BD:06:D5:DC:7E:A0:E1:37:A4:7C:28:C8:CC:E6:70:00 Authority key identifier: 71:90:F5:D5:F9:2A:48:63:62:17:7A:42:B3:D5:EF:DA:20:E2:20:E1 Certificate issuer: /CN=7190f5d5f92a486362177a42b3d5efda20e220e1 Certificate serial: 019B51BD35B47AB7C21A002A6FF42DEB8BEB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cZD11fkqSGNiF3pCs9Xv2iDiIOE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/68a014-7dba-4430-8dde-01c827d6e0fe/1/cZD11fkqSGNiF3pCs9Xv2iDiIOE.mft Manifest number: 1606 Signing time: Wed 24 Dec 2025 19:01:52 +0000 Manifest this update: Wed 24 Dec 2025 19:01:52 +0000 Manifest next update: Thu 25 Dec 2025 19:01:52 +0000 Files and hashes: 1: 0uVokjA0n-IKYM4dLwrHfcYoXtI.roa (hash: h5xCuikP/FGyLSLux1dmHiJam1SLoPwDAncSRikSHHc=) 2: cZD11fkqSGNiF3pCs9Xv2iDiIOE.crl (hash: 1NDFdM7fb9DBILoy4q+JN/A195uNoQxxddu1/NJBiK0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b5/68a014-7dba-4430-8dde-01c827d6e0fe/1/cZD11fkqSGNiF3pCs9Xv2iDiIOE.crl rsync://rpki.ripe.net/repository/DEFAULT/b5/68a014-7dba-4430-8dde-01c827d6e0fe/1/cZD11fkqSGNiF3pCs9Xv2iDiIOE.mft rsync://rpki.ripe.net/repository/DEFAULT/cZD11fkqSGNiF3pCs9Xv2iDiIOE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 18:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:51:bd:35:b4:7a:b7:c2:1a:00:2a:6f:f4:2d:eb:8b:eb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7190f5d5f92a486362177a42b3d5efda20e220e1 Validity Not Before: Dec 24 19:01:52 2025 GMT Not After : Dec 25 19:01:52 2025 GMT Subject: CN=93cb8c1abd06d5dc7ea0e137a47c28c8cce67000 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8f:ce:5a:f7:0d:e6:d1:48:cf:3a:8c:dd:fc:fc: ba:a1:87:da:45:f6:02:18:f3:d6:49:c6:c0:08:86: 30:c3:3e:65:39:06:64:f5:db:8b:f2:1d:b2:04:73: 7f:dd:d5:f9:d3:25:e1:32:54:05:ea:35:fa:06:2f: 5e:2f:ef:8b:eb:a0:c4:81:c3:42:93:d7:4f:90:99: 78:8b:2e:91:47:21:32:77:66:6b:5b:db:dd:96:9e: 8e:d6:87:fd:df:2d:5b:19:28:e2:bb:ec:04:43:7c: a5:18:37:16:f1:50:60:69:0a:cc:b5:b4:d9:5f:cc: d5:e7:54:01:8b:1d:1f:32:c0:be:b0:82:0d:59:a5: 3b:f9:c7:b2:18:f3:c6:25:a1:78:f6:ec:e9:82:9b: 42:24:da:03:28:93:51:9d:7d:f3:4c:12:4c:db:ab: 42:6a:80:45:73:66:f6:f0:3f:60:80:3e:df:9c:4e: e3:eb:c4:2f:8f:62:5a:09:53:a2:e0:78:e4:37:7f: c0:a1:26:51:b4:45:68:16:84:ba:f8:89:db:0a:ec: 84:f3:22:de:66:af:bf:82:4b:fb:87:89:e0:f0:87: 9c:c5:0c:73:29:e2:0d:2e:11:bd:ef:3d:38:ff:30: 1f:ca:13:63:c1:6d:ab:92:b7:5b:ee:94:34:ee:7a: c1:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 93:CB:8C:1A:BD:06:D5:DC:7E:A0:E1:37:A4:7C:28:C8:CC:E6:70:00 X509v3 Authority Key Identifier: keyid:71:90:F5:D5:F9:2A:48:63:62:17:7A:42:B3:D5:EF:DA:20:E2:20:E1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cZD11fkqSGNiF3pCs9Xv2iDiIOE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/68a014-7dba-4430-8dde-01c827d6e0fe/1/cZD11fkqSGNiF3pCs9Xv2iDiIOE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/68a014-7dba-4430-8dde-01c827d6e0fe/1/cZD11fkqSGNiF3pCs9Xv2iDiIOE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 69:02:67:6b:af:e5:7c:98:ff:15:4c:6f:78:e2:5b:74:3f:a1: 01:e5:66:fb:6b:2f:53:d6:d4:08:f0:5d:91:60:3f:f5:7a:f4: 93:5a:aa:f9:49:7c:09:80:10:78:cb:4f:72:18:d4:b0:43:67: 74:6d:51:85:6f:1e:11:8c:15:b6:b0:a9:81:f6:49:04:e6:29: e3:0b:98:38:b3:64:73:46:e3:8b:38:2e:42:f1:d2:6e:3b:a8: 16:9d:35:a3:b6:d9:8f:24:b5:85:7b:65:6b:3b:7a:f5:4d:00: dc:f5:65:4d:9c:b0:25:83:e1:4f:b1:ff:31:78:39:88:82:0f: f4:c0:c6:3a:7c:35:af:df:0d:b7:2d:f5:05:88:5f:f7:14:af: a2:ba:71:e3:94:20:fa:b0:eb:c3:1f:18:c8:89:6e:83:e1:0c: 9f:65:29:59:dc:91:20:28:8c:97:51:6d:1f:d1:af:f3:c9:87: fb:08:79:0e:ba:16:4b:4a:82:aa:62:ad:dd:c5:93:08:f9:bc: 93:56:85:ff:ed:06:af:52:3b:71:56:b1:1a:d0:06:ad:2a:da: 7b:ec:76:38:c5:8e:13:64:c6:2b:eb:c3:87:72:47:a8:ef:7e: a5:f3:1d:5c:d1:21:d4:af:8b:5b:18:3e:6e:fc:04:c3:7b:19: 7d:c5:14:9e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtRvTW0erfCGgAqb/Qt64vrMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDcxOTBmNWQ1ZjkyYTQ4NjM2MjE3N2E0MmIzZDVlZmRhMjBl MjIwZTEwHhcNMjUxMjI0MTkwMTUyWhcNMjUxMjI1MTkwMTUyWjAzMTEwLwYDVQQD Eyg5M2NiOGMxYWJkMDZkNWRjN2VhMGUxMzdhNDdjMjhjOGNjZTY3MDAwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj85a9w3m0UjPOozd/Py6oYfaRfYC GPPWScbACIYwwz5lOQZk9duL8h2yBHN/3dX50yXhMlQF6jX6Bi9eL++L66DEgcNC k9dPkJl4iy6RRyEyd2ZrW9vdlp6O1of93y1bGSjiu+wEQ3ylGDcW8VBgaQrMtbTZ X8zV51QBix0fMsC+sIINWaU7+ceyGPPGJaF49uzpgptCJNoDKJNRnX3zTBJM26tC aoBFc2b28D9ggD7fnE7j68Qvj2JaCVOi4HjkN3/AoSZRtEVoFoS6+InbCuyE8yLe Zq+/gkv7h4ng8IecxQxzKeINLhG97z04/zAfyhNjwW2rkrdb7pQ07nrBqwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJPLjBq9BtXcfqDhN6R8KMjM5nAAMB8GA1UdIwQY MBaAFHGQ9dX5KkhjYhd6QrPV79og4iDhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY1pEMTFma3FTR05pRjNwQ3M5WHYyaURpSU9FLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS82OGEwMTQtN2RiYS00NDMwLThkZGUt MDFjODI3ZDZlMGZlLzEvY1pEMTFma3FTR05pRjNwQ3M5WHYyaURpSU9FLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNS82OGEwMTQtN2RiYS00NDMwLThkZGUtMDFjODI3ZDZlMGZl LzEvY1pEMTFma3FTR05pRjNwQ3M5WHYyaURpSU9FLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaQJna6/l fJj/FUxveOJbdD+hAeVm+2svU9bUCPBdkWA/9Xr0k1qq+Ul8CYAQeMtPchjUsENn dG1RhW8eEYwVtrCpgfZJBOYp4wuYOLNkc0bjizguQvHSbjuoFp01o7bZjyS1hXtl azt69U0A3PVlTZywJYPhT7H/MXg5iIIP9MDGOnw1r98Nty31BYhf9xSvorpx45Qg +rDrwx8YyIlug+EMn2UpWdyRICiMl1FtH9Gv88mH+wh5DroWS0qCqmKt3cWTCPm8 k1aF/+0Gr1I7cVaxGtAGrSrae+x2OMWOE2TGK+vDh3JHqO9+pfMdXNEh1K+LWxg+ bvwEw3sZfcUUng== -----END CERTIFICATE-----Generated at Thu Dec 25 02:14:12 2025 by rpki-client