This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/3f33d8-cceb-4506-a2ef-c0ca80a05e2a/1/z7oEPhxLUkR6jjZ7vBMHUZ-l-uA.mft File: z7oEPhxLUkR6jjZ7vBMHUZ-l-uA.mft (raw, json) Hash identifier: ZuUBSayI0cfiz9GxVz2IWVlgu4zoRB9fYUUaK7xUVtI= Subject key identifier: 1D:1D:E9:4B:B5:EF:FF:48:CE:3D:91:A3:01:58:64:41:F0:94:E1:4E Authority key identifier: CF:BA:04:3E:1C:4B:52:44:7A:8E:36:7B:BC:13:07:51:9F:A5:FA:E0 Certificate issuer: /CN=cfba043e1c4b52447a8e367bbc1307519fa5fae0 Certificate serial: 019B2363306BE303364028433B8DCBC472C6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z7oEPhxLUkR6jjZ7vBMHUZ-l-uA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/3f33d8-cceb-4506-a2ef-c0ca80a05e2a/1/z7oEPhxLUkR6jjZ7vBMHUZ-l-uA.mft Manifest number: 1250 Signing time: Mon 15 Dec 2025 19:01:01 +0000 Manifest this update: Mon 15 Dec 2025 19:01:01 +0000 Manifest next update: Tue 16 Dec 2025 19:01:01 +0000 Files and hashes: 1: cTuB-ABZUf0AWR__0VF3CDRNo30.roa (hash: YL1vZUc95MXZVuCPTTh8OWx5ow2ebJPHUlFFR9eeynk=) 2: z7oEPhxLUkR6jjZ7vBMHUZ-l-uA.crl (hash: 8tiVpIiU4n5hGSRcAtqeljxFQYVrIFIXx6zWkPonfkg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/3f33d8-cceb-4506-a2ef-c0ca80a05e2a/1/z7oEPhxLUkR6jjZ7vBMHUZ-l-uA.crl rsync://rpki.ripe.net/repository/DEFAULT/20/3f33d8-cceb-4506-a2ef-c0ca80a05e2a/1/z7oEPhxLUkR6jjZ7vBMHUZ-l-uA.mft rsync://rpki.ripe.net/repository/DEFAULT/z7oEPhxLUkR6jjZ7vBMHUZ-l-uA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 19:01:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:23:63:30:6b:e3:03:36:40:28:43:3b:8d:cb:c4:72:c6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cfba043e1c4b52447a8e367bbc1307519fa5fae0 Validity Not Before: Dec 15 19:01:01 2025 GMT Not After : Dec 16 19:01:01 2025 GMT Subject: CN=1d1de94bb5efff48ce3d91a301586441f094e14e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:bd:c8:05:2a:95:2f:92:03:2a:94:6d:7b:67: 4f:e5:ee:d3:bd:2c:e6:c5:a5:34:4b:9a:74:bf:b3: a4:df:f0:00:7b:39:c7:35:db:83:a5:95:34:1e:00: dd:8c:c8:b9:73:56:8f:b3:8b:8c:29:2c:a7:b4:ad: 26:91:01:e5:65:5c:ca:ad:49:25:80:26:17:9d:67: 3d:c3:1b:1d:16:79:26:31:56:3e:42:c3:50:9c:5c: 32:9c:9e:25:8d:d8:5c:1a:98:a1:e7:2e:63:5d:d5: ca:c3:7f:86:bb:0c:69:24:f9:cd:63:2f:cd:d2:da: d5:93:2f:cb:b3:20:cb:9e:5a:77:2a:13:17:44:2f: 61:01:7e:21:93:94:1b:c3:3e:c0:65:eb:31:18:bb: 24:81:09:b0:9c:9e:bf:5c:23:1d:76:8f:6e:c1:06: df:6a:86:9d:27:d5:fe:90:0c:b1:ec:03:4e:ad:b1: 96:b5:48:5e:e8:5f:2f:2e:e8:e5:d1:2a:8f:bb:56: 42:65:dd:9c:53:0b:22:43:6f:f2:ae:d6:66:78:42: cc:4d:17:1c:4d:07:bb:96:09:64:d3:50:1d:2e:71: 44:58:18:02:be:a9:97:0d:43:7f:ed:6e:98:b2:70: 2b:1b:da:8d:5a:41:13:c9:c4:93:2b:b3:b5:87:d1: 3c:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1D:1D:E9:4B:B5:EF:FF:48:CE:3D:91:A3:01:58:64:41:F0:94:E1:4E X509v3 Authority Key Identifier: keyid:CF:BA:04:3E:1C:4B:52:44:7A:8E:36:7B:BC:13:07:51:9F:A5:FA:E0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z7oEPhxLUkR6jjZ7vBMHUZ-l-uA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/3f33d8-cceb-4506-a2ef-c0ca80a05e2a/1/z7oEPhxLUkR6jjZ7vBMHUZ-l-uA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/20/3f33d8-cceb-4506-a2ef-c0ca80a05e2a/1/z7oEPhxLUkR6jjZ7vBMHUZ-l-uA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5b:98:cb:5e:3a:18:41:9c:3a:25:b2:6e:b1:dc:08:cd:16:6f: 9a:2f:0a:e9:f8:4e:aa:57:1f:52:61:ed:12:c4:d1:aa:26:c3: 1f:32:ae:b6:85:a3:7d:39:ce:15:ab:dc:0a:ee:8d:7a:d8:69: 9c:d0:14:72:44:41:0f:fd:ac:73:cf:db:46:ba:f3:36:ce:17: 9a:57:5a:20:33:82:0b:f0:f8:8a:00:a0:af:ec:05:da:79:35: b4:e1:49:64:7f:92:5d:6e:e8:91:f7:90:0b:76:f4:bf:7e:cb: 37:74:04:35:cd:c0:7d:cb:b4:09:df:77:17:87:f2:f2:ea:51: 6d:4c:80:23:5f:97:58:57:a9:8f:90:65:e8:0e:f9:93:29:c2: e5:3d:60:77:48:d5:2f:4a:12:2b:92:3b:7d:37:e9:b3:15:17: 50:65:0b:41:f6:fe:50:97:e0:7b:e9:70:8a:7b:20:5b:83:04: 87:a9:60:16:d2:bf:d6:40:c5:84:c2:c9:8b:d1:28:01:48:d9: 79:2a:a1:2f:e1:e5:92:16:48:9b:5d:64:01:a9:8b:bc:57:3d: 06:74:be:05:6a:77:68:79:26:bc:b4:1b:81:eb:b4:b1:2a:3f: 72:1a:7e:6a:c7:7f:06:de:06:2c:ec:ef:11:19:a8:56:ee:34: 59:cb:80:41 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsjYzBr4wM2QChDO43LxHLGMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNmYmEwNDNlMWM0YjUyNDQ3YThlMzY3YmJjMTMwNzUxOWZh NWZhZTAwHhcNMjUxMjE1MTkwMTAxWhcNMjUxMjE2MTkwMTAxWjAzMTEwLwYDVQQD EygxZDFkZTk0YmI1ZWZmZjQ4Y2UzZDkxYTMwMTU4NjQ0MWYwOTRlMTRlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs73IBSqVL5IDKpRte2dP5e7TvSzm xaU0S5p0v7Ok3/AAeznHNduDpZU0HgDdjMi5c1aPs4uMKSyntK0mkQHlZVzKrUkl gCYXnWc9wxsdFnkmMVY+QsNQnFwynJ4ljdhcGpih5y5jXdXKw3+GuwxpJPnNYy/N 0trVky/LsyDLnlp3KhMXRC9hAX4hk5Qbwz7AZesxGLskgQmwnJ6/XCMddo9uwQbf aoadJ9X+kAyx7ANOrbGWtUhe6F8vLujl0SqPu1ZCZd2cUwsiQ2/yrtZmeELMTRcc TQe7lglk01AdLnFEWBgCvqmXDUN/7W6YsnArG9qNWkETycSTK7O1h9E8zwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFB0d6Uu17/9Izj2RowFYZEHwlOFOMB8GA1UdIwQY MBaAFM+6BD4cS1JEeo42e7wTB1GfpfrgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvejdvRVBoeExVa1I2ampaN3ZCTUhVWi1sLXVBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8zZjMzZDgtY2NlYi00NTA2LWEyZWYt YzBjYTgwYTA1ZTJhLzEvejdvRVBoeExVa1I2ampaN3ZCTUhVWi1sLXVBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMC8zZjMzZDgtY2NlYi00NTA2LWEyZWYtYzBjYTgwYTA1ZTJh LzEvejdvRVBoeExVa1I2ampaN3ZCTUhVWi1sLXVBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW5jLXjoY QZw6JbJusdwIzRZvmi8K6fhOqlcfUmHtEsTRqibDHzKutoWjfTnOFavcCu6Nethp nNAUckRBD/2sc8/bRrrzNs4XmldaIDOCC/D4igCgr+wF2nk1tOFJZH+SXW7okfeQ C3b0v37LN3QENc3Afcu0Cd93F4fy8upRbUyAI1+XWFepj5Bl6A75kynC5T1gd0jV L0oSK5I7fTfpsxUXUGULQfb+UJfge+lwinsgW4MEh6lgFtK/1kDFhMLJi9EoAUjZ eSqhL+HlkhZIm11kAamLvFc9BnS+BWp3aHkmvLQbgeu0sSo/chp+asd/Bt4GLOzv ERmoVu40WcuAQQ== -----END CERTIFICATE-----Generated at Tue Dec 16 04:03:36 2025 by rpki-client