This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/cef3b5-a848-43d5-873a-0757a6d28224/1/CGZINfiq_mFJcf-oaD-fdL9ND_Q.mft File: CGZINfiq_mFJcf-oaD-fdL9ND_Q.mft (raw, json) Hash identifier: +GhndY+8LI4b660oRCQga6ZF59NEEGVrtCmAYlwig3k= Subject key identifier: 38:B5:66:4B:21:C3:FE:63:06:AB:43:DB:44:F5:A3:B7:EF:63:73:51 Authority key identifier: 08:66:48:35:F8:AA:FE:61:49:71:FF:A8:68:3F:9F:74:BF:4D:0F:F4 Certificate issuer: /CN=08664835f8aafe614971ffa8683f9f74bf4d0ff4 Certificate serial: 019B19F1D5595AF94DB0A55C085FA052D4C7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CGZINfiq_mFJcf-oaD-fdL9ND_Q.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/cef3b5-a848-43d5-873a-0757a6d28224/1/CGZINfiq_mFJcf-oaD-fdL9ND_Q.mft Manifest number: 0FBA Signing time: Sat 13 Dec 2025 23:00:37 +0000 Manifest this update: Sat 13 Dec 2025 23:00:37 +0000 Manifest next update: Sun 14 Dec 2025 23:00:37 +0000 Files and hashes: 1: CGZINfiq_mFJcf-oaD-fdL9ND_Q.crl (hash: jSz/wFD/bmFNdPzV6K+1we75gDgWyRSQdWGinWFiwB4=) 2: xhegVBAKk0XT86_ijfwUPQBwbjE.roa (hash: HzUtvDRCwVOU+h+rA3imDZdqrxNmwf2Nw3JBM6GcfyM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/cef3b5-a848-43d5-873a-0757a6d28224/1/CGZINfiq_mFJcf-oaD-fdL9ND_Q.crl rsync://rpki.ripe.net/repository/DEFAULT/e5/cef3b5-a848-43d5-873a-0757a6d28224/1/CGZINfiq_mFJcf-oaD-fdL9ND_Q.mft rsync://rpki.ripe.net/repository/DEFAULT/CGZINfiq_mFJcf-oaD-fdL9ND_Q.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 14 Dec 2025 17:47:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:19:f1:d5:59:5a:f9:4d:b0:a5:5c:08:5f:a0:52:d4:c7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=08664835f8aafe614971ffa8683f9f74bf4d0ff4 Validity Not Before: Dec 13 23:00:37 2025 GMT Not After : Dec 14 23:00:37 2025 GMT Subject: CN=38b5664b21c3fe6306ab43db44f5a3b7ef637351 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:00:49:1c:d7:5d:ba:94:2c:d2:2a:da:34:7b: 2f:41:f3:1b:26:93:ac:2c:c3:27:77:95:5c:45:28: 9a:e1:6d:5d:08:ea:42:5e:20:ae:0d:d1:27:87:44: 82:58:1e:88:4e:08:6d:32:bf:41:81:39:64:95:03: 3a:92:c2:5d:fe:f4:17:7d:82:e3:41:5b:ed:6b:2b: fe:1e:f6:f2:dd:19:f4:d2:53:63:05:d4:75:b6:29: 72:dd:7a:b1:06:fa:82:6f:77:16:a5:65:2e:c9:58: 8a:33:a1:b1:de:d0:f8:27:36:a3:16:08:71:cd:0f: 86:eb:4f:23:61:ee:b0:9a:f3:2e:1f:f3:f3:a3:e3: cf:53:72:1f:74:00:48:f6:db:c4:a5:f2:af:ec:89: 67:a5:fe:f4:1f:3f:8f:24:67:30:b8:8d:ac:35:54: 94:4e:51:23:dc:d1:38:38:25:34:6f:2b:6d:32:b8: 52:6b:da:53:b9:f1:04:4a:a9:90:94:5f:35:f6:12: 8e:86:80:c7:6d:df:75:c1:d1:dc:9f:08:d2:a8:b5: e7:fb:21:f7:bd:ca:e9:41:78:fd:e7:6e:ad:e5:2d: 3f:dc:4a:a3:af:ae:c4:31:fd:98:98:db:99:89:06: 72:12:11:bc:3d:87:4f:38:77:44:b3:38:44:b8:76: b0:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:B5:66:4B:21:C3:FE:63:06:AB:43:DB:44:F5:A3:B7:EF:63:73:51 X509v3 Authority Key Identifier: keyid:08:66:48:35:F8:AA:FE:61:49:71:FF:A8:68:3F:9F:74:BF:4D:0F:F4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CGZINfiq_mFJcf-oaD-fdL9ND_Q.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/cef3b5-a848-43d5-873a-0757a6d28224/1/CGZINfiq_mFJcf-oaD-fdL9ND_Q.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/cef3b5-a848-43d5-873a-0757a6d28224/1/CGZINfiq_mFJcf-oaD-fdL9ND_Q.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3f:1d:1b:9e:25:46:79:6c:d1:57:94:e1:68:ab:2b:88:80:35: 6a:05:85:6d:53:d1:80:d9:78:ee:d3:ae:4e:13:38:9f:a1:17: 2d:f7:ab:d5:44:be:ac:b8:ed:e4:7d:0b:0b:c8:54:c9:a5:8d: 0a:93:37:82:c4:ad:dd:73:e4:44:f3:77:e1:2f:65:4a:2a:83: a3:f0:66:11:00:5f:78:e1:0a:65:88:34:d4:e9:e9:e4:e7:90: b4:f7:8a:c9:68:c3:fa:fc:02:c9:10:d6:30:2d:80:92:3a:4a: 5d:06:51:ae:c1:70:eb:60:42:dc:41:6d:3d:f0:78:38:77:ea: 40:6d:78:b9:a0:30:ea:d1:a8:ac:28:2b:4c:10:d0:db:ca:88: 71:00:b5:9e:1f:e8:4a:48:4c:f8:89:7a:50:bf:9b:eb:ed:89: d2:89:7b:b8:9c:ea:77:d2:9c:65:66:68:71:7e:70:95:9b:b3: 33:bb:29:90:3f:c6:26:a2:e9:21:21:e9:07:03:f9:b0:0b:41: 6a:6a:05:db:a0:52:9c:db:69:68:d2:9e:0f:26:c2:e0:fb:d6: aa:f9:f5:1e:49:93:f4:a8:e5:b7:0c:7f:08:6a:9e:35:de:e9: 60:3f:0f:1f:ff:dd:ca:54:a5:5e:30:6d:d7:03:25:28:9b:da: 63:5f:5d:7b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsZ8dVZWvlNsKVcCF+gUtTHMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA4NjY0ODM1ZjhhYWZlNjE0OTcxZmZhODY4M2Y5Zjc0YmY0 ZDBmZjQwHhcNMjUxMjEzMjMwMDM3WhcNMjUxMjE0MjMwMDM3WjAzMTEwLwYDVQQD EygzOGI1NjY0YjIxYzNmZTYzMDZhYjQzZGI0NGY1YTNiN2VmNjM3MzUxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzgBJHNddupQs0iraNHsvQfMbJpOs LMMnd5VcRSia4W1dCOpCXiCuDdEnh0SCWB6ITghtMr9BgTlklQM6ksJd/vQXfYLj QVvtayv+Hvby3Rn00lNjBdR1tily3XqxBvqCb3cWpWUuyViKM6Gx3tD4JzajFghx zQ+G608jYe6wmvMuH/Pzo+PPU3IfdABI9tvEpfKv7Ilnpf70Hz+PJGcwuI2sNVSU TlEj3NE4OCU0byttMrhSa9pTufEESqmQlF819hKOhoDHbd91wdHcnwjSqLXn+yH3 vcrpQXj9526t5S0/3Eqjr67EMf2YmNuZiQZyEhG8PYdPOHdEszhEuHawKQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDi1Zkshw/5jBqtD20T1o7fvY3NRMB8GA1UdIwQY MBaAFAhmSDX4qv5hSXH/qGg/n3S/TQ/0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ0daSU5maXFfbUZKY2Ytb2FELWZkTDlORF9RLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9jZWYzYjUtYTg0OC00M2Q1LTg3M2Et MDc1N2E2ZDI4MjI0LzEvQ0daSU5maXFfbUZKY2Ytb2FELWZkTDlORF9RLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lNS9jZWYzYjUtYTg0OC00M2Q1LTg3M2EtMDc1N2E2ZDI4MjI0 LzEvQ0daSU5maXFfbUZKY2Ytb2FELWZkTDlORF9RLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPx0bniVG eWzRV5ThaKsriIA1agWFbVPRgNl47tOuThM4n6EXLfer1US+rLjt5H0LC8hUyaWN CpM3gsSt3XPkRPN34S9lSiqDo/BmEQBfeOEKZYg01Onp5OeQtPeKyWjD+vwCyRDW MC2AkjpKXQZRrsFw62BC3EFtPfB4OHfqQG14uaAw6tGorCgrTBDQ28qIcQC1nh/o SkhM+Il6UL+b6+2J0ol7uJzqd9KcZWZocX5wlZuzM7spkD/GJqLpISHpBwP5sAtB amoF26BSnNtpaNKeDybC4PvWqvn1HkmT9Kjltwx/CGqeNd7pYD8PH//dylSlXjBt 1wMlKJvaY19dew== -----END CERTIFICATE-----Generated at Sun Dec 14 01:53:20 2025 by rpki-client