This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/4bba08-be36-47eb-ab2c-6359f92e1d2f/1/zK1o9-irrfRHJiM0OjJWFQciQYk.mft File: zK1o9-irrfRHJiM0OjJWFQciQYk.mft (raw, json) Hash identifier: DaPDCZO8N7OK9IsXSHNuCcz4GMqsiGRU5mjJXE+DyQo= Subject key identifier: 0E:D9:43:FC:9D:38:2B:9D:69:97:51:0E:9A:E1:E4:51:4A:85:62:37 Authority key identifier: CC:AD:68:F7:E8:AB:AD:F4:47:26:23:34:3A:32:56:15:07:22:41:89 Certificate issuer: /CN=ccad68f7e8abadf4472623343a32561507224189 Certificate serial: 019AF12E0E7C5A53B6FAB978540697C1D4DD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zK1o9-irrfRHJiM0OjJWFQciQYk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/4bba08-be36-47eb-ab2c-6359f92e1d2f/1/zK1o9-irrfRHJiM0OjJWFQciQYk.mft Manifest number: 08D1 Signing time: Sat 06 Dec 2025 01:01:58 +0000 Manifest this update: Sat 06 Dec 2025 01:01:58 +0000 Manifest next update: Sun 07 Dec 2025 01:01:58 +0000 Files and hashes: 1: UD4cQq7SyCABLCZHHC1Ou_EeL6M.roa (hash: tfgZKXi2rZuQqy6q4ZM+ZUGFDVqdyYkcUnUVHT5tgpI=) 2: zK1o9-irrfRHJiM0OjJWFQciQYk.crl (hash: w7myPTepXVhfFOUuLY6hbkVHUFL9sSCtVTd4MQBz2xI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/4bba08-be36-47eb-ab2c-6359f92e1d2f/1/zK1o9-irrfRHJiM0OjJWFQciQYk.crl rsync://rpki.ripe.net/repository/DEFAULT/25/4bba08-be36-47eb-ab2c-6359f92e1d2f/1/zK1o9-irrfRHJiM0OjJWFQciQYk.mft rsync://rpki.ripe.net/repository/DEFAULT/zK1o9-irrfRHJiM0OjJWFQciQYk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:01:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2e:0e:7c:5a:53:b6:fa:b9:78:54:06:97:c1:d4:dd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ccad68f7e8abadf4472623343a32561507224189 Validity Not Before: Dec 6 01:01:58 2025 GMT Not After : Dec 7 01:01:58 2025 GMT Subject: CN=0ed943fc9d382b9d6997510e9ae1e4514a856237 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:39:43:4c:b1:22:ee:b4:c2:b0:0d:44:4b:67: ff:6c:87:8a:67:ea:6a:e5:71:3f:bd:70:93:22:d3: 0e:52:f9:5e:a7:cf:b7:56:2a:b7:74:e0:b3:97:c3: 45:01:ec:0b:57:9f:46:e7:1f:f2:e4:05:be:8e:84: 2c:b4:af:62:2b:51:8e:24:2c:b6:43:44:37:12:eb: 0b:c1:df:f0:5e:96:91:6b:5f:62:b2:4a:5e:e3:f3: 6b:40:ba:32:32:ef:ba:8d:09:bd:24:14:74:7d:c7: 46:37:9c:d4:b3:62:bf:27:e3:34:7d:1a:aa:a4:30: 58:df:8b:14:60:a6:36:3a:1c:2c:86:4e:b5:90:3d: 86:c8:67:f9:94:57:2f:97:c3:37:c1:51:7c:1c:a9: 46:b6:6d:56:88:51:53:40:47:84:1f:be:b3:e2:58: 46:bc:f8:15:44:64:eb:63:ee:92:6c:0d:f4:ea:e8: fe:75:b0:11:87:23:98:5c:8f:9c:c8:26:9f:bd:db: 85:c5:5b:9e:91:d6:f2:f8:70:ea:3d:73:22:f9:6f: 2b:1b:50:9f:d9:9c:c9:29:a9:28:53:d6:03:9f:3d: 85:e4:18:25:fc:6e:eb:a8:3b:7f:ab:75:1f:de:4c: e8:c8:53:3a:4a:af:6a:1e:4b:5d:6b:86:b8:30:94: 3a:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0E:D9:43:FC:9D:38:2B:9D:69:97:51:0E:9A:E1:E4:51:4A:85:62:37 X509v3 Authority Key Identifier: keyid:CC:AD:68:F7:E8:AB:AD:F4:47:26:23:34:3A:32:56:15:07:22:41:89 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zK1o9-irrfRHJiM0OjJWFQciQYk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/4bba08-be36-47eb-ab2c-6359f92e1d2f/1/zK1o9-irrfRHJiM0OjJWFQciQYk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/25/4bba08-be36-47eb-ab2c-6359f92e1d2f/1/zK1o9-irrfRHJiM0OjJWFQciQYk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 45:a4:b3:aa:6c:28:ed:91:62:d3:27:76:8e:6b:f3:60:3e:09: 7f:93:fe:e6:3a:cc:67:27:fd:7a:0c:b9:ab:95:df:98:de:e6: f3:e2:06:5a:9f:24:db:12:71:01:3f:25:ff:e4:9f:5b:08:ea: 0e:c2:83:fd:ff:b2:e5:67:a5:5d:88:c5:fe:72:b8:59:7e:d8: 31:99:76:3a:19:9f:82:dc:f5:95:41:99:6d:72:44:00:a5:f4: 9c:84:33:77:3b:9e:50:76:29:3f:90:42:26:4b:19:33:bc:1b: 36:93:5d:64:d0:35:55:0f:1e:c2:96:3a:2b:2b:6f:9c:2e:d8: 90:3a:95:6c:7c:49:0b:9b:6b:cc:23:e3:6a:b6:3c:2c:2b:f4: 3f:cb:16:17:ff:a2:16:21:74:b2:72:4b:91:ac:30:b8:4a:d6: 0d:e1:59:d2:75:bf:e9:e1:e8:28:2f:f5:23:81:1e:d4:1c:f9: d2:01:35:16:f2:f2:7d:8a:ba:18:85:48:26:1c:86:55:4a:b2: 0e:cb:36:fc:43:ed:98:a6:42:54:0e:92:ba:7b:9b:04:6b:1d: 6d:f4:89:fd:8d:54:d0:73:b1:43:f8:6a:bc:1d:e8:4e:3f:19: 16:f1:97:39:7d:71:0f:16:b0:1c:70:2f:49:2a:d3:73:e6:dc: ce:95:29:ed -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLg58WlO2+rl4VAaXwdTdMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNjYWQ2OGY3ZThhYmFkZjQ0NzI2MjMzNDNhMzI1NjE1MDcy MjQxODkwHhcNMjUxMjA2MDEwMTU4WhcNMjUxMjA3MDEwMTU4WjAzMTEwLwYDVQQD EygwZWQ5NDNmYzlkMzgyYjlkNjk5NzUxMGU5YWUxZTQ1MTRhODU2MjM3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0zlDTLEi7rTCsA1ES2f/bIeKZ+pq 5XE/vXCTItMOUvlep8+3Viq3dOCzl8NFAewLV59G5x/y5AW+joQstK9iK1GOJCy2 Q0Q3EusLwd/wXpaRa19iskpe4/NrQLoyMu+6jQm9JBR0fcdGN5zUs2K/J+M0fRqq pDBY34sUYKY2Ohwshk61kD2GyGf5lFcvl8M3wVF8HKlGtm1WiFFTQEeEH76z4lhG vPgVRGTrY+6SbA306uj+dbARhyOYXI+cyCafvduFxVuekdby+HDqPXMi+W8rG1Cf 2ZzJKakoU9YDnz2F5Bgl/G7rqDt/q3Uf3kzoyFM6Sq9qHktda4a4MJQ6ywIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFA7ZQ/ydOCudaZdRDprh5FFKhWI3MB8GA1UdIwQY MBaAFMytaPfoq630RyYjNDoyVhUHIkGJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveksxbzktaXJyZlJISmlNME9qSldGUWNpUVlrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS80YmJhMDgtYmUzNi00N2ViLWFiMmMt NjM1OWY5MmUxZDJmLzEveksxbzktaXJyZlJISmlNME9qSldGUWNpUVlrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNS80YmJhMDgtYmUzNi00N2ViLWFiMmMtNjM1OWY5MmUxZDJm LzEveksxbzktaXJyZlJISmlNME9qSldGUWNpUVlrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARaSzqmwo 7ZFi0yd2jmvzYD4Jf5P+5jrMZyf9egy5q5XfmN7m8+IGWp8k2xJxAT8l/+SfWwjq DsKD/f+y5WelXYjF/nK4WX7YMZl2Ohmfgtz1lUGZbXJEAKX0nIQzdzueUHYpP5BC JksZM7wbNpNdZNA1VQ8ewpY6KytvnC7YkDqVbHxJC5trzCPjarY8LCv0P8sWF/+i FiF0snJLkawwuErWDeFZ0nW/6eHoKC/1I4Ee1Bz50gE1FvLyfYq6GIVIJhyGVUqy Dss2/EPtmKZCVA6SunubBGsdbfSJ/Y1U0HOxQ/hqvB3oTj8ZFvGXOX1xDxawHHAv SSrTc+bczpUp7Q== -----END CERTIFICATE-----Generated at Sat Dec 6 07:21:17 2025 by rpki-client