This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/55c2a0-49df-4d96-988f-4f9d04010710/1/Z1--Sx8AIz7XZ5kAcfBFkMkMiH0.mft File: Z1--Sx8AIz7XZ5kAcfBFkMkMiH0.mft (raw, json) Hash identifier: w1zkmE6ptBg2R97E9610i6k0AEygXq5vDHJmE5sUoSs= Subject key identifier: F2:95:92:EF:79:D1:93:ED:DE:F7:C8:0F:83:AE:0E:C6:93:84:77:82 Authority key identifier: 67:5F:BE:4B:1F:00:23:3E:D7:67:99:00:71:F0:45:90:C9:0C:88:7D Certificate issuer: /CN=675fbe4b1f00233ed767990071f04590c90c887d Certificate serial: 019B3C7E2F690F6075E889ED37964DBFC180 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z1--Sx8AIz7XZ5kAcfBFkMkMiH0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/55c2a0-49df-4d96-988f-4f9d04010710/1/Z1--Sx8AIz7XZ5kAcfBFkMkMiH0.mft Manifest number: 1020 Signing time: Sat 20 Dec 2025 16:01:01 +0000 Manifest this update: Sat 20 Dec 2025 16:01:01 +0000 Manifest next update: Sun 21 Dec 2025 16:01:01 +0000 Files and hashes: 1: Z1--Sx8AIz7XZ5kAcfBFkMkMiH0.crl (hash: WhD1HD80YNTn81xIagkF0/t8iF/EMThuZHC5u/0UGK0=) 2: _BrWLEBfYPYfGOoM_00MeFoB9s8.roa (hash: ONS0Sr1NVQgM4PQUgLtLkyRNai6z7sLm2R6unFgdvYQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/55c2a0-49df-4d96-988f-4f9d04010710/1/Z1--Sx8AIz7XZ5kAcfBFkMkMiH0.crl rsync://rpki.ripe.net/repository/DEFAULT/41/55c2a0-49df-4d96-988f-4f9d04010710/1/Z1--Sx8AIz7XZ5kAcfBFkMkMiH0.mft rsync://rpki.ripe.net/repository/DEFAULT/Z1--Sx8AIz7XZ5kAcfBFkMkMiH0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 10:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3c:7e:2f:69:0f:60:75:e8:89:ed:37:96:4d:bf:c1:80 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=675fbe4b1f00233ed767990071f04590c90c887d Validity Not Before: Dec 20 16:01:01 2025 GMT Not After : Dec 21 16:01:01 2025 GMT Subject: CN=f29592ef79d193eddef7c80f83ae0ec693847782 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:31:4a:3d:fd:98:08:c0:7f:35:47:90:7b:fd: d7:0c:b6:16:ee:a8:9c:ea:eb:83:60:a6:79:5f:49: 43:ed:76:b9:21:b3:11:fb:25:72:23:ec:f7:96:ce: e2:bc:24:d5:ce:c3:6f:a5:cb:73:6f:ab:4f:8d:15: 0b:0e:1e:bd:3f:db:68:c1:7c:26:2e:80:be:20:84: 88:47:0c:87:cc:e8:25:9a:7d:e6:b5:fa:2a:55:8b: 0f:ed:01:ab:31:f8:37:bb:dd:48:ec:61:d0:32:28: b9:86:29:d3:a7:ba:0f:71:36:59:11:60:fe:b8:3f: 20:13:69:a5:cb:45:b6:6b:c1:6e:c1:ef:e8:63:af: 16:1d:1b:1b:f7:43:c3:a9:07:a0:87:dc:88:30:16: a2:cb:b3:a5:76:d1:31:82:2a:24:37:bc:ff:93:76: 88:e9:ff:ee:08:a2:b9:e9:90:f6:7c:40:d2:75:7c: dd:6f:8a:a4:ee:40:60:27:27:73:8e:5c:88:11:83: d8:f0:76:70:31:b6:e2:53:77:d7:03:8d:96:d9:70: 3d:ce:b7:08:17:fc:ce:fa:3d:04:2c:c7:ff:ce:12: 50:cd:21:2f:61:f2:d5:4a:2f:0d:1c:9f:48:df:31: 18:41:04:c1:7a:44:76:7c:4c:bb:c3:6b:09:39:0e: a0:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F2:95:92:EF:79:D1:93:ED:DE:F7:C8:0F:83:AE:0E:C6:93:84:77:82 X509v3 Authority Key Identifier: keyid:67:5F:BE:4B:1F:00:23:3E:D7:67:99:00:71:F0:45:90:C9:0C:88:7D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z1--Sx8AIz7XZ5kAcfBFkMkMiH0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/55c2a0-49df-4d96-988f-4f9d04010710/1/Z1--Sx8AIz7XZ5kAcfBFkMkMiH0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/41/55c2a0-49df-4d96-988f-4f9d04010710/1/Z1--Sx8AIz7XZ5kAcfBFkMkMiH0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4c:6b:ce:1d:ec:99:cc:4e:08:05:9d:16:70:4a:92:62:76:ca: 0b:11:61:27:6c:2f:cc:aa:a2:3b:c4:94:f5:91:67:86:21:af: ca:73:8f:e8:fe:08:c9:67:21:ce:69:52:5c:51:96:ba:ed:00: f2:d7:ca:57:81:ed:3e:bc:e2:86:db:d7:ca:37:7d:b6:89:75: 6e:d9:59:d3:a2:43:8c:57:11:a2:30:34:15:3a:45:d0:42:b8: 7d:9c:c4:2b:63:f5:c1:ca:7e:8a:10:ef:92:ed:f3:99:50:e7: 15:15:0d:dc:1a:dc:86:32:bb:dc:56:03:dd:73:31:0d:1a:07: 7e:38:a1:fd:3a:f1:5e:58:36:bd:86:1e:d0:f5:c8:e8:c7:c0: 4e:76:10:62:7a:34:80:4d:f4:c0:cc:5b:e1:ae:0b:db:85:be: 31:1f:14:46:ce:72:0d:aa:40:04:b7:ad:20:d0:54:7b:97:da: d1:c3:37:20:71:61:9d:77:70:87:12:01:8d:25:5d:59:2e:bc: 6d:12:45:8b:e7:ed:cd:32:15:49:b6:8e:5e:99:ce:53:78:81: a0:3b:fd:a0:5f:7d:08:73:41:ea:81:67:8e:81:38:ac:88:96: fb:a4:ed:a8:4f:fb:51:dd:f3:ee:0b:cf:fd:17:d0:75:f0:8e: 2b:d9:dd:e0 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs8fi9pD2B16IntN5ZNv8GAMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY3NWZiZTRiMWYwMDIzM2VkNzY3OTkwMDcxZjA0NTkwYzkw Yzg4N2QwHhcNMjUxMjIwMTYwMTAxWhcNMjUxMjIxMTYwMTAxWjAzMTEwLwYDVQQD EyhmMjk1OTJlZjc5ZDE5M2VkZGVmN2M4MGY4M2FlMGVjNjkzODQ3NzgyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0zFKPf2YCMB/NUeQe/3XDLYW7qic 6uuDYKZ5X0lD7Xa5IbMR+yVyI+z3ls7ivCTVzsNvpctzb6tPjRULDh69P9towXwm LoC+IISIRwyHzOglmn3mtfoqVYsP7QGrMfg3u91I7GHQMii5hinTp7oPcTZZEWD+ uD8gE2mly0W2a8Fuwe/oY68WHRsb90PDqQegh9yIMBaiy7OldtExgiokN7z/k3aI 6f/uCKK56ZD2fEDSdXzdb4qk7kBgJydzjlyIEYPY8HZwMbbiU3fXA42W2XA9zrcI F/zO+j0ELMf/zhJQzSEvYfLVSi8NHJ9I3zEYQQTBekR2fEy7w2sJOQ6ghwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPKVku950ZPt3vfID4OuDsaThHeCMB8GA1UdIwQY MBaAFGdfvksfACM+12eZAHHwRZDJDIh9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWjEtLVN4OEFJejdYWjVrQWNmQkZrTWtNaUgwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS81NWMyYTAtNDlkZi00ZDk2LTk4OGYt NGY5ZDA0MDEwNzEwLzEvWjEtLVN4OEFJejdYWjVrQWNmQkZrTWtNaUgwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80MS81NWMyYTAtNDlkZi00ZDk2LTk4OGYtNGY5ZDA0MDEwNzEw LzEvWjEtLVN4OEFJejdYWjVrQWNmQkZrTWtNaUgwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATGvOHeyZ zE4IBZ0WcEqSYnbKCxFhJ2wvzKqiO8SU9ZFnhiGvynOP6P4IyWchzmlSXFGWuu0A 8tfKV4HtPrzihtvXyjd9tol1btlZ06JDjFcRojA0FTpF0EK4fZzEK2P1wcp+ihDv ku3zmVDnFRUN3BrchjK73FYD3XMxDRoHfjih/TrxXlg2vYYe0PXI6MfATnYQYno0 gE30wMxb4a4L24W+MR8URs5yDapABLetINBUe5fa0cM3IHFhnXdwhxIBjSVdWS68 bRJFi+ftzTIVSbaOXpnOU3iBoDv9oF99CHNB6oFnjoE4rIiW+6TtqE/7Ud3z7gvP /RfQdfCOK9nd4A== -----END CERTIFICATE-----Generated at Sat Dec 20 19:58:53 2025 by rpki-client