This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/afa9af-fe5e-4023-ac0f-76d267a2489d/1/pzfikBac_OajOKZrykXP5jXRVEY.mft File: pzfikBac_OajOKZrykXP5jXRVEY.mft (raw, json) Hash identifier: YBpSXlYgyWNsAJFrnhTAb+SH0Y4FJVaXg+ju1nF3Xzg= Subject key identifier: BC:00:51:3A:96:E5:4D:54:D4:1A:CD:C0:65:09:11:8D:B4:61:81:8C Authority key identifier: A7:37:E2:90:16:9C:FC:E6:A3:38:A6:6B:CA:45:CF:E6:35:D1:54:46 Certificate issuer: /CN=a737e290169cfce6a338a66bca45cfe635d15446 Certificate serial: 019B522A992BCC45F48029C833A2BA6508F1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pzfikBac_OajOKZrykXP5jXRVEY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/afa9af-fe5e-4023-ac0f-76d267a2489d/1/pzfikBac_OajOKZrykXP5jXRVEY.mft Manifest number: 1790 Signing time: Wed 24 Dec 2025 21:01:21 +0000 Manifest this update: Wed 24 Dec 2025 21:01:21 +0000 Manifest next update: Thu 25 Dec 2025 21:01:21 +0000 Files and hashes: 1: pzfikBac_OajOKZrykXP5jXRVEY.crl (hash: vrSh6CLF76DWAA/ImbVRWn0BrBA20s9XLvOU8LqDrLg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/afa9af-fe5e-4023-ac0f-76d267a2489d/1/pzfikBac_OajOKZrykXP5jXRVEY.crl rsync://rpki.ripe.net/repository/DEFAULT/b6/afa9af-fe5e-4023-ac0f-76d267a2489d/1/pzfikBac_OajOKZrykXP5jXRVEY.mft rsync://rpki.ripe.net/repository/DEFAULT/pzfikBac_OajOKZrykXP5jXRVEY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 18:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:52:2a:99:2b:cc:45:f4:80:29:c8:33:a2:ba:65:08:f1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a737e290169cfce6a338a66bca45cfe635d15446 Validity Not Before: Dec 24 21:01:21 2025 GMT Not After : Dec 25 21:01:21 2025 GMT Subject: CN=bc00513a96e54d54d41acdc06509118db461818c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:b2:f9:69:44:c1:9c:7a:34:23:0f:7e:8e:91: 2e:67:41:16:7b:e6:7b:19:56:29:8b:da:e2:17:ca: 97:47:ed:90:c4:08:dc:55:f0:88:3b:cb:d1:83:af: 4f:e0:44:a9:b7:8b:10:1a:09:55:a0:c3:7d:df:b5: 13:b5:e2:13:c1:f4:83:6f:88:32:55:ca:33:b0:2f: df:b6:f7:a7:90:52:b9:91:e3:f7:f6:f0:ab:47:53: 0d:eb:ae:b0:1a:7e:9d:c9:02:cb:af:aa:83:e0:62: 0f:4f:27:74:ce:99:64:6f:11:81:b7:27:72:c1:25: 43:57:87:b2:f1:7d:02:86:d2:d9:81:c7:a4:98:48: bd:5b:d5:ed:16:b0:db:71:6d:28:65:fe:a3:48:60: c3:47:c2:29:9a:04:cc:9c:41:ca:bb:05:7b:e3:c5: 76:d9:2c:1f:7c:4a:48:70:b7:4d:d6:1f:fa:3c:68: 49:35:95:93:16:cf:81:64:e1:bf:62:c0:92:fd:70: 24:4d:8e:89:6c:0f:8b:a4:5c:78:6e:15:63:f3:50: 52:8d:dd:e6:a8:1a:63:e5:c4:81:7f:61:e2:46:e2: 09:fd:17:14:40:c9:bf:f2:a7:8a:25:03:62:d9:27: fd:25:58:34:19:27:47:d4:93:fd:ca:c4:ef:e9:74: 6f:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BC:00:51:3A:96:E5:4D:54:D4:1A:CD:C0:65:09:11:8D:B4:61:81:8C X509v3 Authority Key Identifier: keyid:A7:37:E2:90:16:9C:FC:E6:A3:38:A6:6B:CA:45:CF:E6:35:D1:54:46 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pzfikBac_OajOKZrykXP5jXRVEY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/afa9af-fe5e-4023-ac0f-76d267a2489d/1/pzfikBac_OajOKZrykXP5jXRVEY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/afa9af-fe5e-4023-ac0f-76d267a2489d/1/pzfikBac_OajOKZrykXP5jXRVEY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption aa:5b:d7:c7:61:fd:f3:b2:b0:85:26:4e:82:15:5e:18:e9:eb: df:88:03:22:7d:0a:29:41:a2:66:4e:70:d3:81:ba:e4:66:18: 6d:8c:19:4d:eb:62:33:72:bb:d7:ab:27:a6:27:27:71:92:ab: 4a:3b:b8:ac:d7:c9:d3:e2:18:43:c9:da:15:71:1b:13:6c:50: a8:f3:bb:e9:85:b9:c6:44:04:8c:2f:4c:21:2a:9b:89:1f:7c: fc:17:c3:6b:b8:0a:54:18:d8:75:80:86:37:08:1f:02:ac:1d: a6:2f:72:e0:73:db:62:e4:ab:01:3f:f1:68:e3:48:af:b0:fe: 71:9d:b1:05:b0:e6:7e:cb:bf:9b:77:a6:e7:27:35:c4:37:8e: bf:04:40:b0:e5:d5:05:18:5d:e8:5c:1f:c8:29:08:7d:5d:c3: b9:4c:31:d7:d5:1d:e0:88:9a:0e:cc:20:6e:79:03:3e:e4:10: fd:05:c0:d2:1c:a5:95:37:6e:fe:e0:de:8b:28:97:d8:72:a2: 06:4e:6d:1c:99:a8:27:a4:0a:44:65:48:42:e9:9b:2e:4e:5e: e5:06:58:35:7b:8b:a8:ad:cf:f9:50:a8:f9:38:4f:8d:af:2b: 90:d3:38:ef:11:8a:01:f9:3c:04:bf:af:34:4d:44:6b:fb:ab: 0d:da:b8:84 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtSKpkrzEX0gCnIM6K6ZQjxMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE3MzdlMjkwMTY5Y2ZjZTZhMzM4YTY2YmNhNDVjZmU2MzVk MTU0NDYwHhcNMjUxMjI0MjEwMTIxWhcNMjUxMjI1MjEwMTIxWjAzMTEwLwYDVQQD EyhiYzAwNTEzYTk2ZTU0ZDU0ZDQxYWNkYzA2NTA5MTE4ZGI0NjE4MThjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqLL5aUTBnHo0Iw9+jpEuZ0EWe+Z7 GVYpi9riF8qXR+2QxAjcVfCIO8vRg69P4ESpt4sQGglVoMN937UTteITwfSDb4gy VcozsC/ftvenkFK5keP39vCrR1MN666wGn6dyQLLr6qD4GIPTyd0zplkbxGBtydy wSVDV4ey8X0ChtLZgcekmEi9W9XtFrDbcW0oZf6jSGDDR8IpmgTMnEHKuwV748V2 2SwffEpIcLdN1h/6PGhJNZWTFs+BZOG/YsCS/XAkTY6JbA+LpFx4bhVj81BSjd3m qBpj5cSBf2HiRuIJ/RcUQMm/8qeKJQNi2Sf9JVg0GSdH1JP9ysTv6XRvxQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLwAUTqW5U1U1BrNwGUJEY20YYGMMB8GA1UdIwQY MBaAFKc34pAWnPzmozima8pFz+Y10VRGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcHpmaWtCYWNfT2FqT0tacnlrWFA1alhSVkVZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9hZmE5YWYtZmU1ZS00MDIzLWFjMGYt NzZkMjY3YTI0ODlkLzEvcHpmaWtCYWNfT2FqT0tacnlrWFA1alhSVkVZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNi9hZmE5YWYtZmU1ZS00MDIzLWFjMGYtNzZkMjY3YTI0ODlk LzEvcHpmaWtCYWNfT2FqT0tacnlrWFA1alhSVkVZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqlvXx2H9 87KwhSZOghVeGOnr34gDIn0KKUGiZk5w04G65GYYbYwZTetiM3K716snpicncZKr Sju4rNfJ0+IYQ8naFXEbE2xQqPO76YW5xkQEjC9MISqbiR98/BfDa7gKVBjYdYCG NwgfAqwdpi9y4HPbYuSrAT/xaONIr7D+cZ2xBbDmfsu/m3em5yc1xDeOvwRAsOXV BRhd6FwfyCkIfV3DuUwx19Ud4IiaDswgbnkDPuQQ/QXA0hyllTdu/uDeiyiX2HKi Bk5tHJmoJ6QKRGVIQumbLk5e5QZYNXuLqK3P+VCo+ThPja8rkNM47xGKAfk8BL+v NE1Ea/urDdq4hA== -----END CERTIFICATE-----Generated at Thu Dec 25 04:33:00 2025 by rpki-client