This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/a1a6c2-d7c1-42e8-a38f-fc910c0b19ae/1/Z8JaQfHFIo4Q6pQc5wePQ82Qm2M.mft File: Z8JaQfHFIo4Q6pQc5wePQ82Qm2M.mft (raw, json) Hash identifier: xqqmgK7vb0n2tvuACQ8q+BBZepLpYn/HuvClj0LNixQ= Subject key identifier: 32:04:9C:9B:2B:FB:A8:43:7A:09:CF:27:39:56:6B:76:A2:58:C3:04 Authority key identifier: 67:C2:5A:41:F1:C5:22:8E:10:EA:94:1C:E7:07:8F:43:CD:90:9B:63 Certificate issuer: /CN=67c25a41f1c5228e10ea941ce7078f43cd909b63 Certificate serial: 019B330CC67E2A530F9955EAE14B20BEB869 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z8JaQfHFIo4Q6pQc5wePQ82Qm2M.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/a1a6c2-d7c1-42e8-a38f-fc910c0b19ae/1/Z8JaQfHFIo4Q6pQc5wePQ82Qm2M.mft Manifest number: 1693 Signing time: Thu 18 Dec 2025 20:00:33 +0000 Manifest this update: Thu 18 Dec 2025 20:00:33 +0000 Manifest next update: Fri 19 Dec 2025 20:00:33 +0000 Files and hashes: 1: Z8JaQfHFIo4Q6pQc5wePQ82Qm2M.crl (hash: XxpeJhJ7AxWI4arqs/TsXcrP9lAFrnn/Yk8F8ro2GAE=) 2: lHo6E8O3jVZPWE_3CSGUh-yWmns.roa (hash: EcydcckC44FXLMG0RzB+bDpZsk7fNTw0ZBUYetuTeMA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/a1a6c2-d7c1-42e8-a38f-fc910c0b19ae/1/Z8JaQfHFIo4Q6pQc5wePQ82Qm2M.crl rsync://rpki.ripe.net/repository/DEFAULT/11/a1a6c2-d7c1-42e8-a38f-fc910c0b19ae/1/Z8JaQfHFIo4Q6pQc5wePQ82Qm2M.mft rsync://rpki.ripe.net/repository/DEFAULT/Z8JaQfHFIo4Q6pQc5wePQ82Qm2M.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 13:00:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:33:0c:c6:7e:2a:53:0f:99:55:ea:e1:4b:20:be:b8:69 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=67c25a41f1c5228e10ea941ce7078f43cd909b63 Validity Not Before: Dec 18 20:00:33 2025 GMT Not After : Dec 19 20:00:33 2025 GMT Subject: CN=32049c9b2bfba8437a09cf2739566b76a258c304 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:90:b4:a6:43:51:e4:1b:00:08:cb:fd:69:e2:20: d2:ba:f9:bc:c2:1a:81:98:4f:e2:53:fa:97:b8:71: 60:fe:29:b4:d1:65:1c:c9:e0:b3:e7:19:66:85:2b: 88:d5:63:d2:a1:ac:9d:b2:65:1f:88:9b:f6:51:53: 92:9a:e6:cf:c7:b7:4e:ee:50:eb:03:a6:e0:5b:ca: 1d:38:2f:60:d9:69:37:57:83:67:20:da:3d:ae:80: f7:5c:78:cc:52:94:0f:ee:e7:89:aa:d2:13:2c:85: 56:52:e6:d2:a0:f2:44:28:71:f3:23:93:65:61:de: a3:e7:f2:8c:29:6e:77:72:21:19:6a:b9:7c:27:f6: 72:6d:4f:ba:ae:07:7d:fe:8f:83:9f:1a:63:50:6a: 14:97:af:27:9b:76:65:0f:c8:6d:3e:a7:cd:a3:39: 60:bb:ce:32:55:6c:0b:72:41:b5:e5:9c:57:48:34: c7:91:cf:63:e0:2b:fa:e0:74:05:20:f2:9e:0d:48: ef:a6:e4:bf:69:4d:cf:07:8c:27:1f:41:0c:b3:ad: 03:8e:6d:f6:7a:79:c4:fc:a5:88:97:bb:d1:8f:4f: de:d6:a1:1f:2a:22:eb:5e:8f:66:25:e0:19:52:ce: 17:a6:ee:60:db:39:e4:4d:ea:fd:4e:e1:d6:91:a7: f6:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:04:9C:9B:2B:FB:A8:43:7A:09:CF:27:39:56:6B:76:A2:58:C3:04 X509v3 Authority Key Identifier: keyid:67:C2:5A:41:F1:C5:22:8E:10:EA:94:1C:E7:07:8F:43:CD:90:9B:63 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z8JaQfHFIo4Q6pQc5wePQ82Qm2M.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/a1a6c2-d7c1-42e8-a38f-fc910c0b19ae/1/Z8JaQfHFIo4Q6pQc5wePQ82Qm2M.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/11/a1a6c2-d7c1-42e8-a38f-fc910c0b19ae/1/Z8JaQfHFIo4Q6pQc5wePQ82Qm2M.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1b:1b:fc:cb:fd:8c:c3:37:e8:b7:4b:0d:31:70:45:e4:9f:9b: 0f:d9:03:31:58:9f:83:d8:ad:84:76:fc:fa:a9:bd:86:92:5a: 91:53:df:6c:68:58:6a:70:77:f5:af:b9:c9:4c:92:02:38:a1: b7:f8:2a:93:62:4e:01:40:0d:59:9c:b1:6b:0c:fd:69:1a:16: 9e:df:c9:91:f9:c2:ae:82:85:c0:1a:28:f8:a8:de:8b:89:29: 51:bd:1d:d5:a2:d1:7f:dc:89:7a:3a:62:f5:66:27:e0:a0:50: 7c:e2:b0:b7:5f:c6:77:01:3e:fa:57:58:95:e4:86:c8:16:2c: 76:a9:4b:56:0e:e1:07:84:4f:da:55:bd:aa:f6:9b:bd:bc:17: 40:30:16:dd:66:55:27:e5:76:cb:10:df:ae:dc:e9:9e:50:a3: 2c:c0:0e:ed:76:79:90:cf:f7:f2:91:2d:97:16:c3:23:ff:5b: d8:1d:23:f7:04:c8:b9:e3:49:aa:8a:02:45:be:38:9b:be:29: 0b:96:a3:e6:13:fa:0f:84:d0:ea:e4:89:54:2d:90:d1:82:8a: 79:f2:33:cb:63:25:32:4b:78:28:93:f3:10:31:01:64:e2:ad: 14:bf:d2:96:f3:0f:2a:b9:6b:4e:a4:e8:73:55:5a:66:61:2a: de:1b:9c:39 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZszDMZ+KlMPmVXq4UsgvrhpMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY3YzI1YTQxZjFjNTIyOGUxMGVhOTQxY2U3MDc4ZjQzY2Q5 MDliNjMwHhcNMjUxMjE4MjAwMDMzWhcNMjUxMjE5MjAwMDMzWjAzMTEwLwYDVQQD EygzMjA0OWM5YjJiZmJhODQzN2EwOWNmMjczOTU2NmI3NmEyNThjMzA0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkLSmQ1HkGwAIy/1p4iDSuvm8whqB mE/iU/qXuHFg/im00WUcyeCz5xlmhSuI1WPSoaydsmUfiJv2UVOSmubPx7dO7lDr A6bgW8odOC9g2Wk3V4NnINo9roD3XHjMUpQP7ueJqtITLIVWUubSoPJEKHHzI5Nl Yd6j5/KMKW53ciEZarl8J/ZybU+6rgd9/o+DnxpjUGoUl68nm3ZlD8htPqfNozlg u84yVWwLckG15ZxXSDTHkc9j4Cv64HQFIPKeDUjvpuS/aU3PB4wnH0EMs60Djm32 ennE/KWIl7vRj0/e1qEfKiLrXo9mJeAZUs4Xpu5g2znkTer9TuHWkaf2kwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDIEnJsr+6hDegnPJzlWa3aiWMMEMB8GA1UdIwQY MBaAFGfCWkHxxSKOEOqUHOcHj0PNkJtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWjhKYVFmSEZJbzRRNnBRYzV3ZVBRODJRbTJNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9hMWE2YzItZDdjMS00MmU4LWEzOGYt ZmM5MTBjMGIxOWFlLzEvWjhKYVFmSEZJbzRRNnBRYzV3ZVBRODJRbTJNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xMS9hMWE2YzItZDdjMS00MmU4LWEzOGYtZmM5MTBjMGIxOWFl LzEvWjhKYVFmSEZJbzRRNnBRYzV3ZVBRODJRbTJNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGxv8y/2M wzfot0sNMXBF5J+bD9kDMVifg9ithHb8+qm9hpJakVPfbGhYanB39a+5yUySAjih t/gqk2JOAUANWZyxawz9aRoWnt/JkfnCroKFwBoo+Kjei4kpUb0d1aLRf9yJejpi 9WYn4KBQfOKwt1/GdwE++ldYleSGyBYsdqlLVg7hB4RP2lW9qvabvbwXQDAW3WZV J+V2yxDfrtzpnlCjLMAO7XZ5kM/38pEtlxbDI/9b2B0j9wTIueNJqooCRb44m74p C5aj5hP6D4TQ6uSJVC2Q0YKKefIzy2MlMkt4KJPzEDEBZOKtFL/SlvMPKrlrTqTo c1VaZmEq3hucOQ== -----END CERTIFICATE-----Generated at Thu Dec 18 23:06:50 2025 by rpki-client