This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/c5f0c3-22e5-4801-90fb-0465072e41a3/1/czHb7QiXzOhcFINxtHzIB4Ll5ys.mft File: czHb7QiXzOhcFINxtHzIB4Ll5ys.mft (raw, json) Hash identifier: Dx/jOHdol57Qh6h1Gp8NNyZlCSmAn6mY7hKBaMKVYQY= Subject key identifier: DA:DC:3C:11:93:BA:6A:84:19:E6:99:FC:3B:75:3A:80:ED:14:90:DD Authority key identifier: 73:31:DB:ED:08:97:CC:E8:5C:14:83:71:B4:7C:C8:07:82:E5:E7:2B Certificate issuer: /CN=7331dbed0897cce85c148371b47cc80782e5e72b Certificate serial: 019B51BC62C7A2B2F3233E516E7D1BB464EE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/czHb7QiXzOhcFINxtHzIB4Ll5ys.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/c5f0c3-22e5-4801-90fb-0465072e41a3/1/czHb7QiXzOhcFINxtHzIB4Ll5ys.mft Manifest number: 0683 Signing time: Wed 24 Dec 2025 19:00:59 +0000 Manifest this update: Wed 24 Dec 2025 19:00:59 +0000 Manifest next update: Thu 25 Dec 2025 19:00:59 +0000 Files and hashes: 1: czHb7QiXzOhcFINxtHzIB4Ll5ys.crl (hash: nRmH7GjhnkdAl1PSEpGMX8bIJPpmcNnXUWjOCh3R0Qw=) 2: x22xk2A-Apb8dLpmSadyKyJCkDo.roa (hash: gu74rPveiHXJ2A/NDXg+xf+4EJriNsSl+5m/7KHQAxg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9a/c5f0c3-22e5-4801-90fb-0465072e41a3/1/czHb7QiXzOhcFINxtHzIB4Ll5ys.crl rsync://rpki.ripe.net/repository/DEFAULT/9a/c5f0c3-22e5-4801-90fb-0465072e41a3/1/czHb7QiXzOhcFINxtHzIB4Ll5ys.mft rsync://rpki.ripe.net/repository/DEFAULT/czHb7QiXzOhcFINxtHzIB4Ll5ys.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 14:30:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:51:bc:62:c7:a2:b2:f3:23:3e:51:6e:7d:1b:b4:64:ee Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7331dbed0897cce85c148371b47cc80782e5e72b Validity Not Before: Dec 24 19:00:59 2025 GMT Not After : Dec 25 19:00:59 2025 GMT Subject: CN=dadc3c1193ba6a8419e699fc3b753a80ed1490dd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:f6:6f:18:7b:d3:09:d9:36:85:88:f8:2c:c8: 45:a1:6c:07:07:56:1c:f1:cc:f8:eb:b0:a7:a5:c7: 2d:67:66:99:86:3b:e4:ae:53:34:37:c4:ac:71:f4: c5:ac:fb:b4:76:db:e9:9f:b4:d5:a0:1a:8b:13:04: 76:ab:1c:dd:77:21:3d:f2:c5:af:61:e0:85:d0:14: 4e:07:96:d5:0f:84:fd:ef:84:f2:b5:00:0b:b3:8d: d8:f0:d4:06:2c:0c:5d:d5:3e:7f:aa:00:0f:cb:86: e9:48:61:13:e3:12:be:7f:86:62:8c:44:99:0d:2e: 5c:2c:8b:52:eb:3c:21:bf:8e:0e:a6:86:56:98:34: 88:95:ca:c4:7e:14:8b:da:4a:59:df:32:56:28:36: 56:d2:57:4f:c1:a4:6b:e0:03:53:ac:2b:ed:10:90: 6b:49:ee:41:a6:ee:31:23:1a:de:21:01:28:b7:6b: f0:28:e7:73:f8:4b:94:1c:9f:bb:9e:18:1e:60:96: b7:4c:94:ed:ee:4d:4d:de:c7:ef:09:4d:1e:78:69: 75:04:64:cf:db:d8:f8:12:58:48:89:55:2d:e5:84: f2:af:b5:10:0b:c1:93:42:fa:6c:e8:96:1a:72:ea: 3f:21:25:7e:8b:fa:cc:d1:ff:a3:2c:48:06:01:e4: 25:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:DC:3C:11:93:BA:6A:84:19:E6:99:FC:3B:75:3A:80:ED:14:90:DD X509v3 Authority Key Identifier: keyid:73:31:DB:ED:08:97:CC:E8:5C:14:83:71:B4:7C:C8:07:82:E5:E7:2B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/czHb7QiXzOhcFINxtHzIB4Ll5ys.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/c5f0c3-22e5-4801-90fb-0465072e41a3/1/czHb7QiXzOhcFINxtHzIB4Ll5ys.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/c5f0c3-22e5-4801-90fb-0465072e41a3/1/czHb7QiXzOhcFINxtHzIB4Ll5ys.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 72:5a:fb:5d:9a:2c:5d:84:51:42:9c:e8:2e:71:50:f2:43:93: 85:c9:d2:68:f4:07:83:31:bd:3e:c9:31:9e:8f:7b:3e:68:f1: 6a:ab:7b:f4:df:95:19:84:ec:fc:29:0e:a1:92:4c:de:a3:84: c7:46:f1:2e:4e:b5:4f:7b:39:89:a1:08:48:6a:2f:d3:8c:15: 16:dc:f6:86:0b:7d:95:5a:5c:32:d7:94:c6:7e:35:97:9a:2b: 7f:46:b0:5f:ee:e0:ab:bc:59:3a:be:b3:5f:a1:04:69:fa:de: dd:8a:5f:3d:d1:3d:97:7e:79:d6:16:e0:f2:f9:07:07:45:c9: 83:bf:ff:9d:f2:a4:45:06:0f:4c:5d:e2:92:65:5a:b7:7e:16: de:e8:f3:23:5a:8a:bb:8f:db:b8:a5:22:01:fb:78:3d:23:86: e0:ac:4a:f7:69:88:bf:8e:a8:cf:20:df:67:a5:fe:37:35:21: 94:9c:19:7b:01:23:a8:28:46:71:d8:f5:28:e2:e3:0d:e0:31: 0e:5d:a1:af:d0:39:cf:02:95:f7:55:bc:3f:cc:d7:46:cf:38: a5:79:d2:49:bc:82:12:12:39:0f:2e:8c:24:49:c4:1f:f8:d2: 98:a3:d9:0c:7f:28:24:df:6e:57:0e:8c:60:f8:45:55:01:63: d3:9d:5a:35 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtRvGLHorLzIz5Rbn0btGTuMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDczMzFkYmVkMDg5N2NjZTg1YzE0ODM3MWI0N2NjODA3ODJl NWU3MmIwHhcNMjUxMjI0MTkwMDU5WhcNMjUxMjI1MTkwMDU5WjAzMTEwLwYDVQQD EyhkYWRjM2MxMTkzYmE2YTg0MTllNjk5ZmMzYjc1M2E4MGVkMTQ5MGRkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyvZvGHvTCdk2hYj4LMhFoWwHB1Yc 8cz467CnpcctZ2aZhjvkrlM0N8SscfTFrPu0dtvpn7TVoBqLEwR2qxzddyE98sWv YeCF0BROB5bVD4T974TytQALs43Y8NQGLAxd1T5/qgAPy4bpSGET4xK+f4ZijESZ DS5cLItS6zwhv44OpoZWmDSIlcrEfhSL2kpZ3zJWKDZW0ldPwaRr4ANTrCvtEJBr Se5Bpu4xIxreIQEot2vwKOdz+EuUHJ+7nhgeYJa3TJTt7k1N3sfvCU0eeGl1BGTP 29j4ElhIiVUt5YTyr7UQC8GTQvps6JYacuo/ISV+i/rM0f+jLEgGAeQlXwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNrcPBGTumqEGeaZ/Dt1OoDtFJDdMB8GA1UdIwQY MBaAFHMx2+0Il8zoXBSDcbR8yAeC5ecrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY3pIYjdRaVh6T2hjRklOeHRIeklCNExsNXlzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9jNWYwYzMtMjJlNS00ODAxLTkwZmIt MDQ2NTA3MmU0MWEzLzEvY3pIYjdRaVh6T2hjRklOeHRIeklCNExsNXlzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85YS9jNWYwYzMtMjJlNS00ODAxLTkwZmItMDQ2NTA3MmU0MWEz LzEvY3pIYjdRaVh6T2hjRklOeHRIeklCNExsNXlzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAclr7XZos XYRRQpzoLnFQ8kOThcnSaPQHgzG9Pskxno97Pmjxaqt79N+VGYTs/CkOoZJM3qOE x0bxLk61T3s5iaEISGov04wVFtz2hgt9lVpcMteUxn41l5orf0awX+7gq7xZOr6z X6EEafre3YpfPdE9l3551hbg8vkHB0XJg7//nfKkRQYPTF3ikmVat34W3ujzI1qK u4/buKUiAft4PSOG4KxK92mIv46ozyDfZ6X+NzUhlJwZewEjqChGcdj1KOLjDeAx Dl2hr9A5zwKV91W8P8zXRs84pXnSSbyCEhI5Dy6MJEnEH/jSmKPZDH8oJN9uVw6M YPhFVQFj051aNQ== -----END CERTIFICATE-----Generated at Wed Dec 24 23:00:06 2025 by rpki-client