This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/844769-cb3e-45cd-9165-687ae6fba3ad/1/czaDy4VtbZ_1jih-ipBdKS3KazQ.mft File: czaDy4VtbZ_1jih-ipBdKS3KazQ.mft (raw, json) Hash identifier: LeLtJ4ypnAVhMaaOY+aP9M28FgoNuZKJTXYuiSDZ5bM= Subject key identifier: F4:9A:B8:58:2B:AC:71:D5:AD:79:93:FF:AE:82:17:4C:ED:02:81:68 Authority key identifier: 73:36:83:CB:85:6D:6D:9F:F5:8E:28:7E:8A:90:5D:29:2D:CA:6B:34 Certificate issuer: /CN=733683cb856d6d9ff58e287e8a905d292dca6b34 Certificate serial: 019B34C5224F6B4898CD316714423A9894A3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/czaDy4VtbZ_1jih-ipBdKS3KazQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/844769-cb3e-45cd-9165-687ae6fba3ad/1/czaDy4VtbZ_1jih-ipBdKS3KazQ.mft Manifest number: 13C9 Signing time: Fri 19 Dec 2025 04:01:33 +0000 Manifest this update: Fri 19 Dec 2025 04:01:33 +0000 Manifest next update: Sat 20 Dec 2025 04:01:33 +0000 Files and hashes: 1: 1VNg1Q5CgydMlZtkT2gUiwyQsB8.roa (hash: hFOtYhVCGxVTmNvasMZGAdD1D7TMmY398V7CPu+M+nU=) 2: czaDy4VtbZ_1jih-ipBdKS3KazQ.crl (hash: RB+kRF/DShOeZXLfUbjRXYvi4eKrVQ25N6gdDaYkhXE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9a/844769-cb3e-45cd-9165-687ae6fba3ad/1/czaDy4VtbZ_1jih-ipBdKS3KazQ.crl rsync://rpki.ripe.net/repository/DEFAULT/9a/844769-cb3e-45cd-9165-687ae6fba3ad/1/czaDy4VtbZ_1jih-ipBdKS3KazQ.mft rsync://rpki.ripe.net/repository/DEFAULT/czaDy4VtbZ_1jih-ipBdKS3KazQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:34:c5:22:4f:6b:48:98:cd:31:67:14:42:3a:98:94:a3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=733683cb856d6d9ff58e287e8a905d292dca6b34 Validity Not Before: Dec 19 04:01:33 2025 GMT Not After : Dec 20 04:01:33 2025 GMT Subject: CN=f49ab8582bac71d5ad7993ffae82174ced028168 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:41:3d:23:17:59:cd:c1:d2:5c:99:7e:c2:73: b7:9d:39:c5:a3:8f:52:a5:68:3e:fb:6c:44:46:78: bf:fd:c7:38:ec:08:18:c2:3e:a0:c5:e4:b4:ca:12: e1:e9:bd:f5:94:da:39:d0:7c:dc:2c:fc:ea:e0:9f: 10:79:a2:14:3d:02:68:77:9e:80:67:9b:10:db:e5: db:13:d8:b4:9b:57:6e:86:8d:ba:d3:14:88:35:1b: 14:f6:fa:77:47:08:65:d9:96:89:39:fa:f8:32:07: 90:98:85:9f:69:86:c6:e6:a3:dc:35:fb:2f:dc:cb: 75:23:f1:c8:0b:b3:6c:4a:e4:cd:52:e6:b4:f6:14: 7f:15:53:1a:7c:09:8e:f9:7d:dd:a1:57:44:af:9c: 0b:1d:dd:84:b2:3d:81:4a:f5:a9:5c:45:28:ee:c0: 21:26:43:35:2c:31:f1:b8:f7:5c:02:83:e5:b2:68: 18:1c:a1:e9:5e:a4:ec:c0:7c:0e:14:ec:8c:d7:23: 8b:7e:95:81:a6:2f:d5:e1:f4:7d:05:2a:6e:f0:a1: 4a:f4:4a:d1:fb:ba:04:da:2a:d4:d1:63:48:40:0e: a3:f5:a5:94:1a:59:e6:b7:60:ba:56:0e:05:7f:37: c9:3e:e9:4e:24:73:99:ae:fb:b6:b2:0d:8d:49:e1: ad:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F4:9A:B8:58:2B:AC:71:D5:AD:79:93:FF:AE:82:17:4C:ED:02:81:68 X509v3 Authority Key Identifier: keyid:73:36:83:CB:85:6D:6D:9F:F5:8E:28:7E:8A:90:5D:29:2D:CA:6B:34 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/czaDy4VtbZ_1jih-ipBdKS3KazQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/844769-cb3e-45cd-9165-687ae6fba3ad/1/czaDy4VtbZ_1jih-ipBdKS3KazQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/844769-cb3e-45cd-9165-687ae6fba3ad/1/czaDy4VtbZ_1jih-ipBdKS3KazQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2f:36:e2:e4:2f:9d:94:2a:3c:3a:cb:ab:0a:e7:f7:7d:12:53: 8d:da:86:47:d4:2b:5c:24:b4:7e:0d:ab:4e:c1:96:1e:d8:c9: 59:b1:17:22:15:8a:27:80:06:d8:d6:1b:0f:e5:ec:bc:8c:95: 79:a8:79:80:cc:93:5e:81:a0:77:2b:18:2a:9a:77:25:bc:fd: b1:1f:29:64:06:0c:46:f8:e4:4e:b5:c1:ba:85:80:fa:42:fd: 8c:3b:a5:aa:a0:c1:a2:22:17:33:ac:e5:ab:60:8a:7b:c5:80: bd:7c:4a:b5:79:b8:c9:9b:79:2f:9b:7c:49:e3:fc:28:4d:5e: 61:62:6d:26:86:2c:0d:61:4b:09:a2:72:7a:22:0d:85:29:e5: 9a:ca:27:64:07:31:28:06:81:79:2e:50:55:52:42:5c:ed:67: fa:9b:44:9c:a5:1c:d1:f2:22:2d:1b:70:99:8f:47:80:37:db: c1:b3:2c:76:55:be:60:f8:d8:7e:43:4b:9f:e7:7f:1c:86:2d: 34:27:f2:97:76:9c:e0:f7:ec:3b:db:35:a1:70:93:8a:2d:7f: 79:bc:b7:c7:83:ba:52:81:c9:5c:86:45:4b:55:7e:a6:0f:9f: fe:49:52:24:5e:f2:90:fd:2d:b1:cb:e1:6e:22:98:d6:05:23: eb:99:2c:60 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs0xSJPa0iYzTFnFEI6mJSjMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDczMzY4M2NiODU2ZDZkOWZmNThlMjg3ZThhOTA1ZDI5MmRj YTZiMzQwHhcNMjUxMjE5MDQwMTMzWhcNMjUxMjIwMDQwMTMzWjAzMTEwLwYDVQQD EyhmNDlhYjg1ODJiYWM3MWQ1YWQ3OTkzZmZhZTgyMTc0Y2VkMDI4MTY4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAokE9IxdZzcHSXJl+wnO3nTnFo49S pWg++2xERni//cc47AgYwj6gxeS0yhLh6b31lNo50HzcLPzq4J8QeaIUPQJod56A Z5sQ2+XbE9i0m1duho260xSINRsU9vp3Rwhl2ZaJOfr4MgeQmIWfaYbG5qPcNfsv 3Mt1I/HIC7NsSuTNUua09hR/FVMafAmO+X3doVdEr5wLHd2Esj2BSvWpXEUo7sAh JkM1LDHxuPdcAoPlsmgYHKHpXqTswHwOFOyM1yOLfpWBpi/V4fR9BSpu8KFK9ErR +7oE2irU0WNIQA6j9aWUGlnmt2C6Vg4FfzfJPulOJHOZrvu2sg2NSeGt5QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPSauFgrrHHVrXmT/66CF0ztAoFoMB8GA1UdIwQY MBaAFHM2g8uFbW2f9Y4ofoqQXSktyms0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY3phRHk0VnRiWl8xamloLWlwQmRLUzNLYXpRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS84NDQ3NjktY2IzZS00NWNkLTkxNjUt Njg3YWU2ZmJhM2FkLzEvY3phRHk0VnRiWl8xamloLWlwQmRLUzNLYXpRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85YS84NDQ3NjktY2IzZS00NWNkLTkxNjUtNjg3YWU2ZmJhM2Fk LzEvY3phRHk0VnRiWl8xamloLWlwQmRLUzNLYXpRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALzbi5C+d lCo8OsurCuf3fRJTjdqGR9QrXCS0fg2rTsGWHtjJWbEXIhWKJ4AG2NYbD+XsvIyV eah5gMyTXoGgdysYKpp3Jbz9sR8pZAYMRvjkTrXBuoWA+kL9jDulqqDBoiIXM6zl q2CKe8WAvXxKtXm4yZt5L5t8SeP8KE1eYWJtJoYsDWFLCaJyeiINhSnlmsonZAcx KAaBeS5QVVJCXO1n+ptEnKUc0fIiLRtwmY9HgDfbwbMsdlW+YPjYfkNLn+d/HIYt NCfyl3ac4PfsO9s1oXCTii1/eby3x4O6UoHJXIZFS1V+pg+f/klSJF7ykP0tscvh biKY1gUj65ksYA== -----END CERTIFICATE-----Generated at Fri Dec 19 06:28:05 2025 by rpki-client