This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/d8c6b8-d14a-47d9-a054-b9c794e03cba/1/1zZ_wk0AT3HdKu8D-ctPLj-Qhqo.mft File: 1zZ_wk0AT3HdKu8D-ctPLj-Qhqo.mft (raw, json) Hash identifier: rWZUoxQaI1iMX8Y+OgZwmloyckz82MZmR2KaLrackNA= Subject key identifier: FA:80:34:83:C2:A2:FC:49:2C:D1:22:52:D1:D9:E8:A6:55:83:48:1C Authority key identifier: D7:36:7F:C2:4D:00:4F:71:DD:2A:EF:03:F9:CB:4F:2E:3F:90:86:AA Certificate issuer: /CN=d7367fc24d004f71dd2aef03f9cb4f2e3f9086aa Certificate serial: 019B0F37D586BE76EA9547EC1CC78723F20C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1zZ_wk0AT3HdKu8D-ctPLj-Qhqo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/d8c6b8-d14a-47d9-a054-b9c794e03cba/1/1zZ_wk0AT3HdKu8D-ctPLj-Qhqo.mft Manifest number: 1770 Signing time: Thu 11 Dec 2025 21:01:15 +0000 Manifest this update: Thu 11 Dec 2025 21:01:15 +0000 Manifest next update: Fri 12 Dec 2025 21:01:15 +0000 Files and hashes: 1: 1zZ_wk0AT3HdKu8D-ctPLj-Qhqo.crl (hash: 6ll2yHSG+Pjc2Y82BFNgy3QpnWwJCfM1np40u7n9Y2s=) 2: qflKZTF3zhSp7clCgQY6deaVcuQ.roa (hash: YrrT0H2VFpPiuVpFBvUMkkYVOwRQGbWJWicWDvr4Ns0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/d8c6b8-d14a-47d9-a054-b9c794e03cba/1/1zZ_wk0AT3HdKu8D-ctPLj-Qhqo.crl rsync://rpki.ripe.net/repository/DEFAULT/a1/d8c6b8-d14a-47d9-a054-b9c794e03cba/1/1zZ_wk0AT3HdKu8D-ctPLj-Qhqo.mft rsync://rpki.ripe.net/repository/DEFAULT/1zZ_wk0AT3HdKu8D-ctPLj-Qhqo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 12 Dec 2025 14:45:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:0f:37:d5:86:be:76:ea:95:47:ec:1c:c7:87:23:f2:0c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d7367fc24d004f71dd2aef03f9cb4f2e3f9086aa Validity Not Before: Dec 11 21:01:15 2025 GMT Not After : Dec 12 21:01:15 2025 GMT Subject: CN=fa803483c2a2fc492cd12252d1d9e8a65583481c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:a6:a3:30:f4:d8:ba:82:38:3e:e9:0b:d6:51: 71:64:ea:e5:7f:4e:2e:a7:1e:4f:9f:ec:61:44:86: 7c:4e:06:89:bf:e0:90:1c:5a:f7:a0:2f:08:77:c3: f4:c9:d6:a8:36:9d:f3:68:56:ad:99:c7:17:7d:ef: 33:6c:29:40:da:6a:a0:5f:0c:44:0a:77:2b:43:8f: b9:77:46:4c:10:23:d5:93:4a:a6:ad:d4:43:75:8a: 40:61:88:06:79:f0:fc:9d:5e:8d:1a:cf:b5:5a:56: 5a:c2:64:53:44:bc:e5:07:51:b3:33:7e:f6:5a:03: 3b:c6:fe:e9:48:49:c1:a5:c9:dd:8e:3c:69:e1:6e: f2:c6:69:37:ec:86:94:31:89:8d:24:c2:74:64:25: cc:53:60:3f:51:12:fd:20:62:ef:db:38:74:9e:5f: b3:15:8d:70:1c:67:3b:94:24:f1:84:e0:26:dd:34: 4a:be:4a:af:ac:ad:5d:64:11:7b:c9:55:54:52:99: 00:dd:5c:27:4e:fe:ef:58:66:24:d5:c8:ac:00:1a: 88:20:9b:e3:19:74:8c:f5:77:89:01:ad:31:0a:a5: 86:81:1e:d3:3d:81:f9:40:7c:df:0e:66:d7:50:2a: 3b:03:ed:b7:0e:5f:80:a7:56:65:bb:28:d6:02:0c: ac:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FA:80:34:83:C2:A2:FC:49:2C:D1:22:52:D1:D9:E8:A6:55:83:48:1C X509v3 Authority Key Identifier: keyid:D7:36:7F:C2:4D:00:4F:71:DD:2A:EF:03:F9:CB:4F:2E:3F:90:86:AA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1zZ_wk0AT3HdKu8D-ctPLj-Qhqo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/d8c6b8-d14a-47d9-a054-b9c794e03cba/1/1zZ_wk0AT3HdKu8D-ctPLj-Qhqo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/d8c6b8-d14a-47d9-a054-b9c794e03cba/1/1zZ_wk0AT3HdKu8D-ctPLj-Qhqo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 76:72:ce:34:ac:1a:bd:90:f9:dc:78:61:df:84:aa:1f:22:4f: f4:28:a6:6b:00:ac:4e:03:dd:68:c9:41:93:ab:5d:b0:df:c8: bc:ad:78:64:b6:19:7d:f1:2b:d0:07:cf:51:7f:d7:19:17:ee: d1:db:30:51:e1:7a:90:a0:a8:37:f3:fb:c9:84:bd:60:19:4f: e7:fd:92:c6:0a:f9:02:3b:1c:16:c1:83:d1:3c:c4:59:79:70: e7:5b:c7:c8:e4:0a:a7:04:13:3e:94:15:e9:9c:6e:72:a4:53: fd:09:e9:7b:9a:2e:fd:62:0d:4d:f9:b6:71:b4:5c:96:26:aa: 47:f9:99:82:94:99:88:f3:51:68:54:20:4a:f9:f5:73:76:30: 7b:e6:58:ca:e7:eb:bc:ef:31:86:63:51:3d:2c:1c:aa:a8:07: 58:62:6e:4e:35:ca:c9:80:68:d2:14:c4:5f:21:45:0e:6c:07: d3:99:59:93:12:7a:08:78:0a:03:c2:68:65:56:a7:ab:46:bb: 0b:7c:e7:67:4a:85:83:b7:25:dd:7b:0f:1c:00:3f:1a:f3:41: 0d:ca:a7:af:fd:41:4d:b7:7d:a4:6c:7e:6d:6d:23:45:a8:bc: c6:7c:13:57:a1:6f:e4:59:e3:c7:74:c1:07:54:1f:d5:f5:20: 99:82:5b:38 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsPN9WGvnbqlUfsHMeHI/IMMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ3MzY3ZmMyNGQwMDRmNzFkZDJhZWYwM2Y5Y2I0ZjJlM2Y5 MDg2YWEwHhcNMjUxMjExMjEwMTE1WhcNMjUxMjEyMjEwMTE1WjAzMTEwLwYDVQQD EyhmYTgwMzQ4M2MyYTJmYzQ5MmNkMTIyNTJkMWQ5ZThhNjU1ODM0ODFjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv6ajMPTYuoI4PukL1lFxZOrlf04u px5Pn+xhRIZ8TgaJv+CQHFr3oC8Id8P0ydaoNp3zaFatmccXfe8zbClA2mqgXwxE CncrQ4+5d0ZMECPVk0qmrdRDdYpAYYgGefD8nV6NGs+1WlZawmRTRLzlB1GzM372 WgM7xv7pSEnBpcndjjxp4W7yxmk37IaUMYmNJMJ0ZCXMU2A/URL9IGLv2zh0nl+z FY1wHGc7lCTxhOAm3TRKvkqvrK1dZBF7yVVUUpkA3VwnTv7vWGYk1cisABqIIJvj GXSM9XeJAa0xCqWGgR7TPYH5QHzfDmbXUCo7A+23Dl+Ap1ZluyjWAgysSwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPqANIPCovxJLNEiUtHZ6KZVg0gcMB8GA1UdIwQY MBaAFNc2f8JNAE9x3SrvA/nLTy4/kIaqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMXpaX3drMEFUM0hkS3U4RC1jdFBMai1RaHFvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9kOGM2YjgtZDE0YS00N2Q5LWEwNTQt YjljNzk0ZTAzY2JhLzEvMXpaX3drMEFUM0hkS3U4RC1jdFBMai1RaHFvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMS9kOGM2YjgtZDE0YS00N2Q5LWEwNTQtYjljNzk0ZTAzY2Jh LzEvMXpaX3drMEFUM0hkS3U4RC1jdFBMai1RaHFvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdnLONKwa vZD53Hhh34SqHyJP9CimawCsTgPdaMlBk6tdsN/IvK14ZLYZffEr0AfPUX/XGRfu 0dswUeF6kKCoN/P7yYS9YBlP5/2Sxgr5AjscFsGD0TzEWXlw51vHyOQKpwQTPpQV 6ZxucqRT/Qnpe5ou/WINTfm2cbRcliaqR/mZgpSZiPNRaFQgSvn1c3Ywe+ZYyufr vO8xhmNRPSwcqqgHWGJuTjXKyYBo0hTEXyFFDmwH05lZkxJ6CHgKA8JoZVanq0a7 C3znZ0qFg7cl3XsPHAA/GvNBDcqnr/1BTbd9pGx+bW0jRai8xnwTV6Fv5Fnjx3TB B1Qf1fUgmYJbOA== -----END CERTIFICATE-----Generated at Fri Dec 12 00:08:00 2025 by rpki-client