This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/2f36d4-72e1-4046-b73f-ab9eadb1d797/1/rzkvKN7GuMzrfNcOevcdjNyqmgY.mft File: rzkvKN7GuMzrfNcOevcdjNyqmgY.mft (raw, json) Hash identifier: KlvORC4t5bF3j6OmFn33FxXRO+n7jiFd+iMLVXoLbEw= Subject key identifier: 56:25:5B:25:5B:46:C8:DE:75:7C:F9:B4:1E:6B:BF:64:DF:B0:05:BE Authority key identifier: AF:39:2F:28:DE:C6:B8:CC:EB:7C:D7:0E:7A:F7:1D:8C:DC:AA:9A:06 Certificate issuer: /CN=af392f28dec6b8cceb7cd70e7af71d8cdcaa9a06 Certificate serial: 019B31FAE2C892172786389EC532F1793F48 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rzkvKN7GuMzrfNcOevcdjNyqmgY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/2f36d4-72e1-4046-b73f-ab9eadb1d797/1/rzkvKN7GuMzrfNcOevcdjNyqmgY.mft Manifest number: 1780 Signing time: Thu 18 Dec 2025 15:01:24 +0000 Manifest this update: Thu 18 Dec 2025 15:01:24 +0000 Manifest next update: Fri 19 Dec 2025 15:01:24 +0000 Files and hashes: 1: jlnSpYKnKgIEV_ZJFnqA1zdm8Xc.roa (hash: W+tCfuFHaZiswjzfI3LjlAyiu6GbDCuHiVsPBGynsaw=) 2: rzkvKN7GuMzrfNcOevcdjNyqmgY.crl (hash: 5HE1BSzSJYW9I4TC/zi9C4tdUFpqrVz1dKJTgyW6s1s=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cc/2f36d4-72e1-4046-b73f-ab9eadb1d797/1/rzkvKN7GuMzrfNcOevcdjNyqmgY.crl rsync://rpki.ripe.net/repository/DEFAULT/cc/2f36d4-72e1-4046-b73f-ab9eadb1d797/1/rzkvKN7GuMzrfNcOevcdjNyqmgY.mft rsync://rpki.ripe.net/repository/DEFAULT/rzkvKN7GuMzrfNcOevcdjNyqmgY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 13:00:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:31:fa:e2:c8:92:17:27:86:38:9e:c5:32:f1:79:3f:48 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=af392f28dec6b8cceb7cd70e7af71d8cdcaa9a06 Validity Not Before: Dec 18 15:01:24 2025 GMT Not After : Dec 19 15:01:24 2025 GMT Subject: CN=56255b255b46c8de757cf9b41e6bbf64dfb005be Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:a3:d6:aa:65:b1:ec:0c:fe:c8:a6:92:2d:cb: e2:61:57:1c:cb:33:cc:a7:5c:17:8a:45:e5:3c:e5: 06:74:8b:ea:38:ae:f5:f9:5b:ef:21:18:6c:12:de: cd:34:38:53:e3:a5:db:f8:78:b7:b4:2b:d8:04:49: bc:27:b3:a8:89:9b:33:9a:24:88:89:f4:a5:ba:03: 00:72:fc:2a:88:66:2a:3a:5a:3c:ed:9d:0c:5f:0a: c8:7e:95:0a:76:3e:49:73:aa:82:8f:d5:cf:56:c9: ca:a8:7c:ad:7c:38:c3:e1:08:15:46:7d:d7:3a:0b: f7:f8:32:d4:35:af:99:d3:e5:7d:84:1d:6a:a2:7a: 94:9c:ef:5c:41:89:7b:74:af:1e:ef:0c:a9:a0:c9: 47:0c:dc:3d:d1:a5:52:aa:fc:f5:82:80:ac:56:76: d9:d5:b0:3e:5f:e7:70:3c:42:f9:4b:b2:e8:b3:9f: fd:18:f8:7b:1f:30:47:ed:82:21:78:43:7a:6e:15: 0e:45:3f:2b:6e:eb:19:c9:18:84:a6:c3:9f:e6:e0: cf:5e:23:6e:0f:0e:5a:01:73:48:14:4b:5b:bb:c7: 24:c2:fd:a9:60:27:24:bd:9b:c2:75:59:e6:63:a9: 72:f1:41:c2:af:1f:9d:1c:63:58:b4:8f:01:7e:cd: 82:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 56:25:5B:25:5B:46:C8:DE:75:7C:F9:B4:1E:6B:BF:64:DF:B0:05:BE X509v3 Authority Key Identifier: keyid:AF:39:2F:28:DE:C6:B8:CC:EB:7C:D7:0E:7A:F7:1D:8C:DC:AA:9A:06 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rzkvKN7GuMzrfNcOevcdjNyqmgY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/2f36d4-72e1-4046-b73f-ab9eadb1d797/1/rzkvKN7GuMzrfNcOevcdjNyqmgY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/2f36d4-72e1-4046-b73f-ab9eadb1d797/1/rzkvKN7GuMzrfNcOevcdjNyqmgY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption bd:62:6a:27:bf:ae:59:68:3a:fc:20:80:9e:dd:94:ca:1d:a9: 9f:78:fb:39:c6:3f:d1:2a:70:06:bd:2a:bc:62:ed:b1:e2:e7: 1c:69:d6:bc:10:4c:07:9f:ec:cc:83:97:90:e4:39:dc:e4:b5: 81:a0:ea:aa:75:ec:25:b4:18:11:6d:2e:d8:6a:af:fb:30:b6: 8d:5c:c3:02:68:70:42:ca:34:5c:19:85:75:ca:7e:8f:bf:5b: b4:4a:fc:b7:b9:e7:d4:1c:d3:f5:fa:4b:77:5d:76:a4:49:98: e6:d8:aa:80:76:15:73:e3:f7:47:4f:f4:57:bd:e0:a3:da:f5: d1:db:4c:16:2b:b2:57:8f:6a:94:5f:cb:e2:a6:b9:b1:17:65: 99:bd:10:08:85:5d:29:f2:f2:bc:84:31:4b:5d:e5:f2:be:a2: 66:65:d2:2f:1a:9a:7e:f6:68:00:87:80:c8:5a:b1:73:94:33: 4c:65:ed:2c:41:12:4f:f7:32:3a:01:8c:c6:25:31:f1:fc:bf: 74:ee:62:54:62:0c:93:f1:d6:2b:b1:6e:88:33:ed:bd:79:d7: 11:d1:4a:a9:29:14:9e:77:53:09:56:bf:7a:ad:6d:5c:96:3b: 11:a7:a5:46:2d:84:2d:0b:fa:83:c3:a9:6f:7f:64:dc:1e:d6: 68:ab:8d:52 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsx+uLIkhcnhjiexTLxeT9IMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFmMzkyZjI4ZGVjNmI4Y2NlYjdjZDcwZTdhZjcxZDhjZGNh YTlhMDYwHhcNMjUxMjE4MTUwMTI0WhcNMjUxMjE5MTUwMTI0WjAzMTEwLwYDVQQD Eyg1NjI1NWIyNTViNDZjOGRlNzU3Y2Y5YjQxZTZiYmY2NGRmYjAwNWJlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs6PWqmWx7Az+yKaSLcviYVccyzPM p1wXikXlPOUGdIvqOK71+VvvIRhsEt7NNDhT46Xb+Hi3tCvYBEm8J7OoiZszmiSI ifSlugMAcvwqiGYqOlo87Z0MXwrIfpUKdj5Jc6qCj9XPVsnKqHytfDjD4QgVRn3X Ogv3+DLUNa+Z0+V9hB1qonqUnO9cQYl7dK8e7wypoMlHDNw90aVSqvz1goCsVnbZ 1bA+X+dwPEL5S7Los5/9GPh7HzBH7YIheEN6bhUORT8rbusZyRiEpsOf5uDPXiNu Dw5aAXNIFEtbu8ckwv2pYCckvZvCdVnmY6ly8UHCrx+dHGNYtI8Bfs2C8wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFYlWyVbRsjedXz5tB5rv2TfsAW+MB8GA1UdIwQY MBaAFK85LyjexrjM63zXDnr3HYzcqpoGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcnprdktON0d1TXpyZk5jT2V2Y2RqTnlxbWdZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy8yZjM2ZDQtNzJlMS00MDQ2LWI3M2Yt YWI5ZWFkYjFkNzk3LzEvcnprdktON0d1TXpyZk5jT2V2Y2RqTnlxbWdZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jYy8yZjM2ZDQtNzJlMS00MDQ2LWI3M2YtYWI5ZWFkYjFkNzk3 LzEvcnprdktON0d1TXpyZk5jT2V2Y2RqTnlxbWdZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvWJqJ7+u WWg6/CCAnt2Uyh2pn3j7OcY/0SpwBr0qvGLtseLnHGnWvBBMB5/szIOXkOQ53OS1 gaDqqnXsJbQYEW0u2Gqv+zC2jVzDAmhwQso0XBmFdcp+j79btEr8t7nn1BzT9fpL d112pEmY5tiqgHYVc+P3R0/0V73go9r10dtMFiuyV49qlF/L4qa5sRdlmb0QCIVd KfLyvIQxS13l8r6iZmXSLxqafvZoAIeAyFqxc5QzTGXtLEEST/cyOgGMxiUx8fy/ dO5iVGIMk/HWK7FuiDPtvXnXEdFKqSkUnndTCVa/eq1tXJY7EaelRi2ELQv6g8Op b39k3B7WaKuNUg== -----END CERTIFICATE-----Generated at Thu Dec 18 18:37:17 2025 by rpki-client