This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/3f33d8-cceb-4506-a2ef-c0ca80a05e2a/1/z7oEPhxLUkR6jjZ7vBMHUZ-l-uA.mft File: z7oEPhxLUkR6jjZ7vBMHUZ-l-uA.mft (raw, json) Hash identifier: LQE1noPrUssOQX5P4KuVjYfNotfdIyqcbkHnKSsf+Ng= Subject key identifier: 7E:75:85:43:16:85:32:2E:D6:4E:76:9A:7D:70:9E:07:E0:48:0C:86 Authority key identifier: CF:BA:04:3E:1C:4B:52:44:7A:8E:36:7B:BC:13:07:51:9F:A5:FA:E0 Certificate issuer: /CN=cfba043e1c4b52447a8e367bbc1307519fa5fae0 Certificate serial: 019B32D707C983034808099F6300675A7589 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z7oEPhxLUkR6jjZ7vBMHUZ-l-uA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/3f33d8-cceb-4506-a2ef-c0ca80a05e2a/1/z7oEPhxLUkR6jjZ7vBMHUZ-l-uA.mft Manifest number: 1258 Signing time: Thu 18 Dec 2025 19:01:51 +0000 Manifest this update: Thu 18 Dec 2025 19:01:51 +0000 Manifest next update: Fri 19 Dec 2025 19:01:51 +0000 Files and hashes: 1: cTuB-ABZUf0AWR__0VF3CDRNo30.roa (hash: YL1vZUc95MXZVuCPTTh8OWx5ow2ebJPHUlFFR9eeynk=) 2: z7oEPhxLUkR6jjZ7vBMHUZ-l-uA.crl (hash: Bijzqf3Q0vyYegiN5Po8/Uye4/gLsYANR6fCMkUcsUk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/3f33d8-cceb-4506-a2ef-c0ca80a05e2a/1/z7oEPhxLUkR6jjZ7vBMHUZ-l-uA.crl rsync://rpki.ripe.net/repository/DEFAULT/20/3f33d8-cceb-4506-a2ef-c0ca80a05e2a/1/z7oEPhxLUkR6jjZ7vBMHUZ-l-uA.mft rsync://rpki.ripe.net/repository/DEFAULT/z7oEPhxLUkR6jjZ7vBMHUZ-l-uA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 19:01:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:32:d7:07:c9:83:03:48:08:09:9f:63:00:67:5a:75:89 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cfba043e1c4b52447a8e367bbc1307519fa5fae0 Validity Not Before: Dec 18 19:01:51 2025 GMT Not After : Dec 19 19:01:51 2025 GMT Subject: CN=7e7585431685322ed64e769a7d709e07e0480c86 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:55:b7:7a:d1:69:35:37:94:70:b4:05:f3:7e: f9:8b:5a:8a:24:52:ff:6f:ad:46:06:75:c3:65:d6: 8e:3f:32:31:7c:01:e0:32:61:8d:aa:a9:bb:36:f4: 83:25:f4:2e:02:de:63:64:38:c6:30:c7:11:30:89: 63:4f:2f:65:73:18:3e:1d:e2:a0:27:b5:ce:5e:0d: e5:fd:10:d2:87:9c:25:17:13:c7:9e:f9:03:81:29: 1d:a8:d4:f2:ce:93:ed:b6:41:3e:80:6e:60:21:92: 10:67:c1:80:da:af:1e:c7:fb:f9:ee:c7:81:d9:ec: 0d:d2:5c:90:bf:c8:3e:30:15:6a:dc:13:62:aa:ee: 8c:12:03:c5:9e:7a:c0:76:ae:3c:95:8c:c3:bb:33: df:08:c4:d3:ac:54:1a:8d:d2:4b:37:ca:e0:24:44: 84:c9:4b:9f:2d:9f:2e:87:b3:18:3f:1a:5f:61:a0: 0a:44:a8:49:d1:b1:a4:6c:ad:38:7f:b8:3f:61:7e: 5f:8f:d2:90:e2:a0:9d:e6:e2:3e:6c:fe:5e:71:df: bd:16:68:c5:c7:22:d2:0e:b9:60:d7:e4:c8:64:c0: 38:e2:79:9c:a4:4c:42:73:45:85:6d:1c:3d:0b:4c: a0:db:a9:de:6b:49:e0:61:0b:ec:26:df:93:d1:09: 25:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7E:75:85:43:16:85:32:2E:D6:4E:76:9A:7D:70:9E:07:E0:48:0C:86 X509v3 Authority Key Identifier: keyid:CF:BA:04:3E:1C:4B:52:44:7A:8E:36:7B:BC:13:07:51:9F:A5:FA:E0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z7oEPhxLUkR6jjZ7vBMHUZ-l-uA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/3f33d8-cceb-4506-a2ef-c0ca80a05e2a/1/z7oEPhxLUkR6jjZ7vBMHUZ-l-uA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/20/3f33d8-cceb-4506-a2ef-c0ca80a05e2a/1/z7oEPhxLUkR6jjZ7vBMHUZ-l-uA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4a:48:47:43:31:0e:ce:f7:04:83:e1:51:57:21:01:0d:d9:34: 78:f9:5a:1e:a7:2a:46:9c:e3:3d:95:e1:28:e9:11:3d:a9:72: ed:2b:8a:e3:29:90:47:36:a7:7b:32:04:b3:87:b4:1b:fb:2e: 02:b7:ea:0c:12:21:af:6b:e2:17:7a:4e:1c:93:17:1b:14:ca: 70:d1:b4:e4:2d:b3:2f:31:6a:68:d3:a8:a3:1a:16:f8:aa:70: 6f:00:9d:0a:79:61:e1:f5:49:67:35:06:c8:92:89:d1:48:ca: 77:93:f5:55:e8:e3:8f:1b:0d:eb:39:31:72:45:c6:95:1b:5c: 96:00:2d:c7:3d:58:c9:69:d4:57:43:9a:ab:ef:f5:4a:56:e5: 6c:3c:98:e4:c1:b1:ec:2d:18:94:5d:0d:18:50:72:8a:55:d1: 88:04:d6:dd:b9:a7:84:1c:88:26:8a:a3:16:81:a9:b8:29:3e: 65:d6:be:d7:ca:2e:aa:46:a5:4a:71:d5:59:a3:a6:d6:e8:78: 02:9d:7e:bc:e9:8e:06:97:38:f0:7a:31:e6:15:4d:a1:4c:4f: 76:f4:52:78:12:6f:d0:0a:49:92:c9:09:4b:72:5c:08:2d:bb: d0:92:c8:06:2c:43:d3:b7:8d:09:8a:85:9a:6a:dc:6f:46:a7: fc:22:7a:56 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsy1wfJgwNICAmfYwBnWnWJMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNmYmEwNDNlMWM0YjUyNDQ3YThlMzY3YmJjMTMwNzUxOWZh NWZhZTAwHhcNMjUxMjE4MTkwMTUxWhcNMjUxMjE5MTkwMTUxWjAzMTEwLwYDVQQD Eyg3ZTc1ODU0MzE2ODUzMjJlZDY0ZTc2OWE3ZDcwOWUwN2UwNDgwYzg2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtFW3etFpNTeUcLQF8375i1qKJFL/ b61GBnXDZdaOPzIxfAHgMmGNqqm7NvSDJfQuAt5jZDjGMMcRMIljTy9lcxg+HeKg J7XOXg3l/RDSh5wlFxPHnvkDgSkdqNTyzpPttkE+gG5gIZIQZ8GA2q8ex/v57seB 2ewN0lyQv8g+MBVq3BNiqu6MEgPFnnrAdq48lYzDuzPfCMTTrFQajdJLN8rgJESE yUufLZ8uh7MYPxpfYaAKRKhJ0bGkbK04f7g/YX5fj9KQ4qCd5uI+bP5ecd+9FmjF xyLSDrlg1+TIZMA44nmcpExCc0WFbRw9C0yg26nea0ngYQvsJt+T0QklKQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFH51hUMWhTIu1k52mn1wngfgSAyGMB8GA1UdIwQY MBaAFM+6BD4cS1JEeo42e7wTB1GfpfrgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvejdvRVBoeExVa1I2ampaN3ZCTUhVWi1sLXVBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8zZjMzZDgtY2NlYi00NTA2LWEyZWYt YzBjYTgwYTA1ZTJhLzEvejdvRVBoeExVa1I2ampaN3ZCTUhVWi1sLXVBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMC8zZjMzZDgtY2NlYi00NTA2LWEyZWYtYzBjYTgwYTA1ZTJh LzEvejdvRVBoeExVa1I2ampaN3ZCTUhVWi1sLXVBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASkhHQzEO zvcEg+FRVyEBDdk0ePlaHqcqRpzjPZXhKOkRPaly7SuK4ymQRzanezIEs4e0G/su ArfqDBIhr2viF3pOHJMXGxTKcNG05C2zLzFqaNOooxoW+KpwbwCdCnlh4fVJZzUG yJKJ0UjKd5P1VejjjxsN6zkxckXGlRtclgAtxz1YyWnUV0Oaq+/1SlblbDyY5MGx 7C0YlF0NGFByilXRiATW3bmnhByIJoqjFoGpuCk+Zda+18ouqkalSnHVWaOm1uh4 Ap1+vOmOBpc48Hox5hVNoUxPdvRSeBJv0ApJkskJS3JcCC270JLIBixD07eNCYqF mmrcb0an/CJ6Vg== -----END CERTIFICATE-----Generated at Fri Dec 19 00:09:33 2025 by rpki-client