This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/f1f0a0-da3c-4d95-a638-506672769d9c/1/CZoxZcQAepQBMaMnzHfMIhzBadk.mft File: CZoxZcQAepQBMaMnzHfMIhzBadk.mft (raw, json) Hash identifier: t96c4oPLNUb4+i4s8f173iuoMdMUfL2uhMz6kKHUxOk= Subject key identifier: F2:7E:91:F6:24:E0:3F:0B:26:C5:03:7E:2E:FD:33:F9:F2:CD:76:33 Authority key identifier: 09:9A:31:65:C4:00:7A:94:01:31:A3:27:CC:77:CC:22:1C:C1:69:D9 Certificate issuer: /CN=099a3165c4007a940131a327cc77cc221cc169d9 Certificate serial: 019B32D722FA063D3618D03D7625D4530081 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CZoxZcQAepQBMaMnzHfMIhzBadk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/f1f0a0-da3c-4d95-a638-506672769d9c/1/CZoxZcQAepQBMaMnzHfMIhzBadk.mft Manifest number: 177F Signing time: Thu 18 Dec 2025 19:01:58 +0000 Manifest this update: Thu 18 Dec 2025 19:01:58 +0000 Manifest next update: Fri 19 Dec 2025 19:01:58 +0000 Files and hashes: 1: CZoxZcQAepQBMaMnzHfMIhzBadk.crl (hash: opf0xHxvyKlFElRmPeUUow3334qiX6+FaGo2ftqcPug=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/f1f0a0-da3c-4d95-a638-506672769d9c/1/CZoxZcQAepQBMaMnzHfMIhzBadk.crl rsync://rpki.ripe.net/repository/DEFAULT/f7/f1f0a0-da3c-4d95-a638-506672769d9c/1/CZoxZcQAepQBMaMnzHfMIhzBadk.mft rsync://rpki.ripe.net/repository/DEFAULT/CZoxZcQAepQBMaMnzHfMIhzBadk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 19:01:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:32:d7:22:fa:06:3d:36:18:d0:3d:76:25:d4:53:00:81 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=099a3165c4007a940131a327cc77cc221cc169d9 Validity Not Before: Dec 18 19:01:58 2025 GMT Not After : Dec 19 19:01:58 2025 GMT Subject: CN=f27e91f624e03f0b26c5037e2efd33f9f2cd7633 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:f9:40:16:8e:df:2e:48:06:12:db:16:88:77: 8c:b8:13:20:07:af:12:ab:08:23:b4:26:2b:f6:48: 06:41:6b:d6:0f:84:c7:c4:43:a9:9b:0f:e5:f2:73: ea:c0:27:03:a3:c7:a0:10:8c:da:40:3e:0a:60:c1: 16:81:60:12:ba:67:b9:1b:ed:69:2d:56:87:f8:4d: 87:91:2b:3c:58:7d:2f:9b:05:d9:86:83:4d:16:5d: 42:77:06:83:c3:6c:8a:5a:6d:71:0e:86:57:00:ab: 8b:b5:8d:4c:76:e7:c9:6e:9b:aa:65:ba:4a:36:b1: 0e:54:11:2f:dd:b0:a3:7e:70:6e:d1:f3:37:01:6c: d5:44:1b:8b:ce:de:76:01:2a:0b:1f:e8:e3:1f:85: 81:3d:63:d6:86:9e:a9:47:6d:5f:38:70:a6:ac:1c: 45:ba:3a:50:61:ff:16:22:cf:d6:2e:85:99:0c:bb: 77:91:fc:e3:c5:2c:4a:27:17:c2:fc:03:ba:55:4c: 9b:17:e5:7e:90:c9:83:c6:7b:f9:cc:d5:c8:28:9c: bf:8e:87:a5:a7:3f:d4:c3:dd:dc:89:9b:8f:d3:17: 64:c2:75:ab:9d:5d:40:f2:e1:5a:67:b5:f2:41:87: 05:76:e9:0f:86:38:cf:56:f9:a1:eb:f2:64:aa:a2: 9b:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F2:7E:91:F6:24:E0:3F:0B:26:C5:03:7E:2E:FD:33:F9:F2:CD:76:33 X509v3 Authority Key Identifier: keyid:09:9A:31:65:C4:00:7A:94:01:31:A3:27:CC:77:CC:22:1C:C1:69:D9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CZoxZcQAepQBMaMnzHfMIhzBadk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/f1f0a0-da3c-4d95-a638-506672769d9c/1/CZoxZcQAepQBMaMnzHfMIhzBadk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/f1f0a0-da3c-4d95-a638-506672769d9c/1/CZoxZcQAepQBMaMnzHfMIhzBadk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0b:13:91:38:88:be:06:c2:1b:d7:45:32:53:b4:14:7b:66:aa: 88:68:8e:b4:24:e8:2c:b0:ce:70:cf:2f:54:87:53:b6:5d:64: 34:99:cb:74:57:eb:49:65:2a:86:9b:a4:22:3f:a2:4f:e3:50: bd:f4:cf:97:f3:1f:d5:bd:97:21:0f:c7:95:c1:f2:8e:ff:fb: 1b:3f:9a:d9:f5:b0:ca:b4:33:24:fa:c6:64:8e:83:52:a5:37: 28:d7:5f:ec:6a:4e:3e:32:d5:a2:27:27:5a:ef:d7:72:13:32: 8a:29:29:43:6b:f9:d1:45:9d:76:f6:c0:40:ee:4e:51:be:ab: 49:cf:6e:06:1c:3a:63:cc:6f:31:db:af:98:30:bd:ca:df:f7: 61:7e:2f:7a:46:0f:01:e5:87:68:50:37:62:19:01:a9:5e:ca: d3:7d:21:6e:e6:bb:59:fa:75:9c:a0:27:40:74:06:f0:46:4b: d8:22:4a:36:da:d2:84:92:07:69:80:ba:00:31:a0:89:d7:b6: 9b:c7:01:9b:7e:05:29:17:1d:57:ed:71:9a:99:5d:55:5a:ec: c6:a3:dc:e7:4d:b4:ad:14:5b:e8:13:00:b7:3e:4c:1d:bf:77: 57:28:c7:14:4a:27:aa:be:95:6e:13:0f:0e:a2:f8:94:c8:06: 5a:14:f7:5a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsy1yL6Bj02GNA9diXUUwCBMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA5OWEzMTY1YzQwMDdhOTQwMTMxYTMyN2NjNzdjYzIyMWNj MTY5ZDkwHhcNMjUxMjE4MTkwMTU4WhcNMjUxMjE5MTkwMTU4WjAzMTEwLwYDVQQD EyhmMjdlOTFmNjI0ZTAzZjBiMjZjNTAzN2UyZWZkMzNmOWYyY2Q3NjMzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm/lAFo7fLkgGEtsWiHeMuBMgB68S qwgjtCYr9kgGQWvWD4THxEOpmw/l8nPqwCcDo8egEIzaQD4KYMEWgWASume5G+1p LVaH+E2HkSs8WH0vmwXZhoNNFl1CdwaDw2yKWm1xDoZXAKuLtY1MdufJbpuqZbpK NrEOVBEv3bCjfnBu0fM3AWzVRBuLzt52ASoLH+jjH4WBPWPWhp6pR21fOHCmrBxF ujpQYf8WIs/WLoWZDLt3kfzjxSxKJxfC/AO6VUybF+V+kMmDxnv5zNXIKJy/joel pz/Uw93ciZuP0xdkwnWrnV1A8uFaZ7XyQYcFdukPhjjPVvmh6/JkqqKb4wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPJ+kfYk4D8LJsUDfi79M/nyzXYzMB8GA1UdIwQY MBaAFAmaMWXEAHqUATGjJ8x3zCIcwWnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ1pveFpjUUFlcFFCTWFNbnpIZk1JaHpCYWRrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy9mMWYwYTAtZGEzYy00ZDk1LWE2Mzgt NTA2NjcyNzY5ZDljLzEvQ1pveFpjUUFlcFFCTWFNbnpIZk1JaHpCYWRrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mNy9mMWYwYTAtZGEzYy00ZDk1LWE2MzgtNTA2NjcyNzY5ZDlj LzEvQ1pveFpjUUFlcFFCTWFNbnpIZk1JaHpCYWRrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACxOROIi+ BsIb10UyU7QUe2aqiGiOtCToLLDOcM8vVIdTtl1kNJnLdFfrSWUqhpukIj+iT+NQ vfTPl/Mf1b2XIQ/HlcHyjv/7Gz+a2fWwyrQzJPrGZI6DUqU3KNdf7GpOPjLVoicn Wu/XchMyiikpQ2v50UWddvbAQO5OUb6rSc9uBhw6Y8xvMduvmDC9yt/3YX4vekYP AeWHaFA3YhkBqV7K030hbua7Wfp1nKAnQHQG8EZL2CJKNtrShJIHaYC6ADGgide2 m8cBm34FKRcdV+1xmpldVVrsxqPc5020rRRb6BMAtz5MHb93VyjHFEonqr6VbhMP DqL4lMgGWhT3Wg== -----END CERTIFICATE-----Generated at Thu Dec 18 23:34:36 2025 by rpki-client