This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/d3280b-53f7-4394-8559-a461169f1dc2/1/zbptVwT9KQ0OBzN27aaIcXVk0ZY.mft File: zbptVwT9KQ0OBzN27aaIcXVk0ZY.mft (raw, json) Hash identifier: 7RS0l9BEYP6dLkpXAZB+80Omr9F0XpPKH/d7EjaPQfI= Subject key identifier: 2C:B1:33:4C:7A:8B:1B:2D:FE:FC:AF:5F:ED:49:8B:7E:DD:43:F0:31 Authority key identifier: CD:BA:6D:57:04:FD:29:0D:0E:07:33:76:ED:A6:88:71:75:64:D1:96 Certificate issuer: /CN=cdba6d5704fd290d0e073376eda688717564d196 Certificate serial: 019AF49C4CC553D95D47480623D34D1E6336 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zbptVwT9KQ0OBzN27aaIcXVk0ZY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/d3280b-53f7-4394-8559-a461169f1dc2/1/zbptVwT9KQ0OBzN27aaIcXVk0ZY.mft Manifest number: 0E09 Signing time: Sat 06 Dec 2025 17:01:15 +0000 Manifest this update: Sat 06 Dec 2025 17:01:15 +0000 Manifest next update: Sun 07 Dec 2025 17:01:15 +0000 Files and hashes: 1: FwAUcIE-PlUBJk-lyofvjIK4_Vk.roa (hash: 7pDJDV3PAprmagYY0WEztJ7b9H5DGoPcWbYIPWhc9l8=) 2: zbptVwT9KQ0OBzN27aaIcXVk0ZY.crl (hash: 4D2PCVHrRXz7fC2S+yb+/ROL1SguWVF50nxpcQ7Wh8c=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1d/d3280b-53f7-4394-8559-a461169f1dc2/1/zbptVwT9KQ0OBzN27aaIcXVk0ZY.crl rsync://rpki.ripe.net/repository/DEFAULT/1d/d3280b-53f7-4394-8559-a461169f1dc2/1/zbptVwT9KQ0OBzN27aaIcXVk0ZY.mft rsync://rpki.ripe.net/repository/DEFAULT/zbptVwT9KQ0OBzN27aaIcXVk0ZY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 17:01:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f4:9c:4c:c5:53:d9:5d:47:48:06:23:d3:4d:1e:63:36 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cdba6d5704fd290d0e073376eda688717564d196 Validity Not Before: Dec 6 17:01:15 2025 GMT Not After : Dec 7 17:01:15 2025 GMT Subject: CN=2cb1334c7a8b1b2dfefcaf5fed498b7edd43f031 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:69:78:59:74:5e:95:5b:f7:a6:f9:88:07:d8: 99:86:b8:b0:00:56:f5:8e:9e:3c:e3:91:30:4e:c5: 6c:07:35:15:5b:9e:64:d8:82:e1:c6:45:ae:cf:ec: 1d:25:0e:3a:62:1e:bc:3a:31:4f:fa:e7:14:4c:17: 33:de:e2:c1:1c:59:f1:7d:e7:6d:27:e1:1a:3b:41: bd:10:3b:8b:fc:9f:e3:a3:dc:2a:52:2d:7c:c2:f0: 82:fe:83:c6:bc:b1:49:86:7d:27:40:da:21:f9:54: b3:0d:f9:47:07:4c:67:8d:63:84:f3:42:21:53:d4: 76:70:91:44:37:60:f7:34:be:15:7b:92:7f:c5:ed: ed:67:83:bb:40:a5:ee:a2:ff:28:fe:f0:a6:c6:a4: 30:7c:32:45:a5:f0:18:d7:9f:eb:e7:1b:6a:51:a7: 58:77:55:93:26:5d:b5:3a:e4:15:38:51:2b:1b:da: b2:d4:f1:7e:62:05:3c:a3:f8:a4:e5:b7:f3:4e:9b: b9:98:34:e3:e6:99:52:26:87:01:c4:5c:90:d2:88: 64:9b:d6:30:f2:af:8d:58:d7:41:31:5a:3e:48:fb: 53:f6:4c:15:66:38:84:ee:c4:51:e0:22:44:08:00: 74:10:62:ed:2d:29:b2:c1:38:32:a4:ac:57:1c:99: 49:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2C:B1:33:4C:7A:8B:1B:2D:FE:FC:AF:5F:ED:49:8B:7E:DD:43:F0:31 X509v3 Authority Key Identifier: keyid:CD:BA:6D:57:04:FD:29:0D:0E:07:33:76:ED:A6:88:71:75:64:D1:96 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zbptVwT9KQ0OBzN27aaIcXVk0ZY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/d3280b-53f7-4394-8559-a461169f1dc2/1/zbptVwT9KQ0OBzN27aaIcXVk0ZY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/d3280b-53f7-4394-8559-a461169f1dc2/1/zbptVwT9KQ0OBzN27aaIcXVk0ZY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a3:a2:b0:a9:e9:56:bb:00:d0:2f:07:ea:15:fc:ec:3e:4e:b6: 68:61:66:d7:3c:71:06:3f:b2:c2:81:52:23:ca:cc:58:7d:02: e8:65:f3:43:c2:ca:db:f6:75:5e:c3:fe:15:59:70:23:eb:a4: 0c:c1:f4:58:cc:50:29:8e:f7:99:a5:a0:23:5f:fc:90:a9:41: 54:85:ea:4a:c0:a0:1b:9e:63:33:f9:e2:8d:c2:9c:6a:59:e5: 6b:33:f3:88:51:67:78:87:4a:b8:2d:1b:71:83:63:4d:7a:1c: d9:9b:82:22:f0:8a:1e:9f:31:23:62:d6:61:a9:01:7c:9a:d6: c7:08:b2:ca:a0:54:b2:c9:34:e5:25:08:35:cd:36:7f:a4:9f: 50:a6:e7:20:39:4b:3d:a6:b0:32:12:a7:d6:e1:1d:bd:ee:41: d5:09:dd:92:82:c5:94:43:8f:e7:d0:ff:5f:10:38:52:fd:59: 15:08:6f:99:8e:d9:52:bb:5f:d6:ad:17:50:06:9b:b7:2d:84: 22:f2:67:17:14:a8:2b:8e:8a:6b:23:54:20:8f:c1:5f:76:db: ba:76:81:60:3b:93:73:e2:41:8d:51:16:21:78:a8:aa:87:d1: 7c:29:76:e4:c8:0f:db:5a:37:4f:fb:17:4d:2f:70:53:fc:23: f3:63:bb:18 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr0nEzFU9ldR0gGI9NNHmM2MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNkYmE2ZDU3MDRmZDI5MGQwZTA3MzM3NmVkYTY4ODcxNzU2 NGQxOTYwHhcNMjUxMjA2MTcwMTE1WhcNMjUxMjA3MTcwMTE1WjAzMTEwLwYDVQQD EygyY2IxMzM0YzdhOGIxYjJkZmVmY2FmNWZlZDQ5OGI3ZWRkNDNmMDMxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Wl4WXRelVv3pvmIB9iZhriwAFb1 jp4845EwTsVsBzUVW55k2ILhxkWuz+wdJQ46Yh68OjFP+ucUTBcz3uLBHFnxfedt J+EaO0G9EDuL/J/jo9wqUi18wvCC/oPGvLFJhn0nQNoh+VSzDflHB0xnjWOE80Ih U9R2cJFEN2D3NL4Ve5J/xe3tZ4O7QKXuov8o/vCmxqQwfDJFpfAY15/r5xtqUadY d1WTJl21OuQVOFErG9qy1PF+YgU8o/ik5bfzTpu5mDTj5plSJocBxFyQ0ohkm9Yw 8q+NWNdBMVo+SPtT9kwVZjiE7sRR4CJECAB0EGLtLSmywTgypKxXHJlJSQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCyxM0x6ixst/vyvX+1Ji37dQ/AxMB8GA1UdIwQY MBaAFM26bVcE/SkNDgczdu2miHF1ZNGWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvemJwdFZ3VDlLUTBPQnpOMjdhYUljWFZrMFpZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC9kMzI4MGItNTNmNy00Mzk0LTg1NTkt YTQ2MTE2OWYxZGMyLzEvemJwdFZ3VDlLUTBPQnpOMjdhYUljWFZrMFpZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xZC9kMzI4MGItNTNmNy00Mzk0LTg1NTktYTQ2MTE2OWYxZGMy LzEvemJwdFZ3VDlLUTBPQnpOMjdhYUljWFZrMFpZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAo6KwqelW uwDQLwfqFfzsPk62aGFm1zxxBj+ywoFSI8rMWH0C6GXzQ8LK2/Z1XsP+FVlwI+uk DMH0WMxQKY73maWgI1/8kKlBVIXqSsCgG55jM/nijcKcalnlazPziFFneIdKuC0b cYNjTXoc2ZuCIvCKHp8xI2LWYakBfJrWxwiyyqBUssk05SUINc02f6SfUKbnIDlL PaawMhKn1uEdve5B1QndkoLFlEOP59D/XxA4Uv1ZFQhvmY7ZUrtf1q0XUAabty2E IvJnFxSoK46KayNUII/BX3bbunaBYDuTc+JBjVEWIXioqofRfCl25MgP21o3T/sX TS9wU/wj82O7GA== -----END CERTIFICATE-----Generated at Sun Dec 7 03:16:15 2025 by rpki-client