This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/88b6cc-2b42-41e2-99a9-4e24b119c147/1/CZ-qshYRGNsbd8GnTszLc-doHDY.mft File: CZ-qshYRGNsbd8GnTszLc-doHDY.mft (raw, json) Hash identifier: UmJI+3BUvwAA9a0qLBEhKaTtFxkBDxUBYpgyBApitGg= Subject key identifier: 1F:BB:47:A3:59:E1:F1:AB:E3:E8:43:DB:78:47:A4:F3:2C:96:BB:45 Authority key identifier: 09:9F:AA:B2:16:11:18:DB:1B:77:C1:A7:4E:CC:CB:73:E7:68:1C:36 Certificate issuer: /CN=099faab2161118db1b77c1a74ecccb73e7681c36 Certificate serial: 019B5A51C6EE3FA10361D68D4E5C96FD19C5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CZ-qshYRGNsbd8GnTszLc-doHDY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/88b6cc-2b42-41e2-99a9-4e24b119c147/1/CZ-qshYRGNsbd8GnTszLc-doHDY.mft Manifest number: 01BA Signing time: Fri 26 Dec 2025 11:01:07 +0000 Manifest this update: Fri 26 Dec 2025 11:01:07 +0000 Manifest next update: Sat 27 Dec 2025 11:01:07 +0000 Files and hashes: 1: CZ-qshYRGNsbd8GnTszLc-doHDY.crl (hash: 9nqEmVvuBuDOMJcSQnywTuFR6XD72btziuN+yMtoPtE=) 2: cOJF3c93EdtdcnQUgbiiqTgw_1M.roa (hash: zobvfeY7LZCgjAH4tIKeBPeHEqZ12dFg210JqNHCaCk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/26/88b6cc-2b42-41e2-99a9-4e24b119c147/1/CZ-qshYRGNsbd8GnTszLc-doHDY.crl rsync://rpki.ripe.net/repository/DEFAULT/26/88b6cc-2b42-41e2-99a9-4e24b119c147/1/CZ-qshYRGNsbd8GnTszLc-doHDY.mft rsync://rpki.ripe.net/repository/DEFAULT/CZ-qshYRGNsbd8GnTszLc-doHDY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:51:c6:ee:3f:a1:03:61:d6:8d:4e:5c:96:fd:19:c5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=099faab2161118db1b77c1a74ecccb73e7681c36 Validity Not Before: Dec 26 11:01:07 2025 GMT Not After : Dec 27 11:01:07 2025 GMT Subject: CN=1fbb47a359e1f1abe3e843db7847a4f32c96bb45 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:ec:9a:8c:91:be:6e:51:79:56:1c:eb:3d:fe: f3:0d:dc:7a:0a:4a:92:bb:ce:da:48:dc:31:1d:ba: 84:5b:cd:49:2a:c0:29:c2:01:e0:3e:3c:24:21:95: 71:63:f4:b7:25:82:d4:63:fb:fd:25:7e:2d:59:fd: 37:d1:35:41:8e:e2:79:02:ec:f7:ec:ca:e8:cf:64: d5:93:2a:38:b7:73:20:ba:9b:40:a8:20:ca:aa:52: e0:80:cb:33:99:14:96:e0:55:1d:31:4d:f8:91:8d: c6:d2:a6:ac:e3:12:5a:8e:d5:c9:3f:7f:7f:8f:c0: f2:43:ea:c6:6b:16:48:fa:ba:63:b2:9a:d5:76:9b: ef:dc:7f:89:37:8d:cf:4e:0a:8f:9c:4d:6c:5e:0a: 34:fb:c9:55:a8:51:2c:b7:9b:e9:ac:bc:d8:72:78: bb:0c:eb:cf:6a:ae:f7:28:23:1c:83:3e:51:1d:db: 96:2d:b0:8e:38:39:4c:a8:82:07:09:5c:33:cb:eb: 00:20:92:67:bb:de:6a:a5:36:4f:4c:81:7a:bd:d1: 7d:d5:b3:c7:03:0b:fa:31:e6:cb:60:da:41:e0:c3: 8b:8e:20:b8:23:09:73:b8:41:47:ee:ff:9b:f4:12: ef:f7:5d:ad:87:c4:ab:f5:18:ec:73:ec:00:16:22: 15:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1F:BB:47:A3:59:E1:F1:AB:E3:E8:43:DB:78:47:A4:F3:2C:96:BB:45 X509v3 Authority Key Identifier: keyid:09:9F:AA:B2:16:11:18:DB:1B:77:C1:A7:4E:CC:CB:73:E7:68:1C:36 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CZ-qshYRGNsbd8GnTszLc-doHDY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/88b6cc-2b42-41e2-99a9-4e24b119c147/1/CZ-qshYRGNsbd8GnTszLc-doHDY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/26/88b6cc-2b42-41e2-99a9-4e24b119c147/1/CZ-qshYRGNsbd8GnTszLc-doHDY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4d:89:f6:1b:1f:1e:8a:ba:58:59:d3:7f:fd:33:31:51:fa:52: 09:cc:cd:f4:d9:3b:14:98:b3:ad:5c:97:53:6e:93:cd:cb:57: 3e:be:a0:97:76:bc:0b:37:1b:ab:ce:e2:15:14:dc:7e:2e:bf: df:79:0c:aa:1d:ff:f2:ae:be:d0:e6:e0:3a:88:82:0a:e6:28: fe:1c:c2:a9:47:bf:0d:08:b0:1f:ff:19:dd:6f:4f:2b:ad:f9: 27:04:ee:f7:db:b9:32:4e:1b:9b:b1:eb:09:bb:74:fa:34:47: b6:f9:d4:29:5f:24:c4:cc:a6:d3:e8:54:6e:81:ad:f2:fc:1a: 28:9e:2a:7a:d7:65:5a:36:d1:6e:0d:af:55:2f:b3:17:44:60: 88:5c:80:c1:d0:36:c0:a6:3a:d0:4a:f7:c6:6f:7f:14:f1:77: c5:b5:49:f6:cd:d8:42:9b:84:4c:d8:13:0a:3c:e3:8f:36:d3: 10:0a:dc:c0:f3:b2:ca:aa:1c:82:02:9b:4e:e7:ba:4d:b1:f6: 73:b1:2b:d2:d4:fc:48:09:50:f1:45:dd:12:52:3a:88:f0:79: 2d:6e:9f:ba:68:3c:61:d6:cf:3d:96:a0:ae:e5:cc:0f:6c:cd: 92:93:80:2e:85:d5:8d:1e:91:6c:d3:f9:fd:38:e8:ec:84:69: 40:8d:89:4c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtaUcbuP6EDYdaNTlyW/RnFMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA5OWZhYWIyMTYxMTE4ZGIxYjc3YzFhNzRlY2NjYjczZTc2 ODFjMzYwHhcNMjUxMjI2MTEwMTA3WhcNMjUxMjI3MTEwMTA3WjAzMTEwLwYDVQQD EygxZmJiNDdhMzU5ZTFmMWFiZTNlODQzZGI3ODQ3YTRmMzJjOTZiYjQ1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7eyajJG+blF5VhzrPf7zDdx6CkqS u87aSNwxHbqEW81JKsApwgHgPjwkIZVxY/S3JYLUY/v9JX4tWf030TVBjuJ5Auz3 7Mroz2TVkyo4t3MguptAqCDKqlLggMszmRSW4FUdMU34kY3G0qas4xJajtXJP39/ j8DyQ+rGaxZI+rpjsprVdpvv3H+JN43PTgqPnE1sXgo0+8lVqFEst5vprLzYcni7 DOvPaq73KCMcgz5RHduWLbCOODlMqIIHCVwzy+sAIJJnu95qpTZPTIF6vdF91bPH Awv6MebLYNpB4MOLjiC4IwlzuEFH7v+b9BLv912th8Sr9Rjsc+wAFiIVEwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFB+7R6NZ4fGr4+hD23hHpPMslrtFMB8GA1UdIwQY MBaAFAmfqrIWERjbG3fBp07My3PnaBw2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ1otcXNoWVJHTnNiZDhHblRzekxjLWRvSERZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi84OGI2Y2MtMmI0Mi00MWUyLTk5YTkt NGUyNGIxMTljMTQ3LzEvQ1otcXNoWVJHTnNiZDhHblRzekxjLWRvSERZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNi84OGI2Y2MtMmI0Mi00MWUyLTk5YTktNGUyNGIxMTljMTQ3 LzEvQ1otcXNoWVJHTnNiZDhHblRzekxjLWRvSERZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATYn2Gx8e irpYWdN//TMxUfpSCczN9Nk7FJizrVyXU26TzctXPr6gl3a8Czcbq87iFRTcfi6/ 33kMqh3/8q6+0ObgOoiCCuYo/hzCqUe/DQiwH/8Z3W9PK635JwTu99u5Mk4bm7Hr Cbt0+jRHtvnUKV8kxMym0+hUboGt8vwaKJ4qetdlWjbRbg2vVS+zF0RgiFyAwdA2 wKY60Er3xm9/FPF3xbVJ9s3YQpuETNgTCjzjjzbTEArcwPOyyqocggKbTue6TbH2 c7Er0tT8SAlQ8UXdElI6iPB5LW6fumg8YdbPPZagruXMD2zNkpOALoXVjR6RbNP5 /Tjo7IRpQI2JTA== -----END CERTIFICATE-----Generated at Fri Dec 26 16:06:19 2025 by rpki-client