This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/7d5e1c-9d79-4b39-b560-e997e558d73a/1/z0DiVgZlGgdUhMcJ-nZtgNrVLZw.mft File: z0DiVgZlGgdUhMcJ-nZtgNrVLZw.mft (raw, json) Hash identifier: kTluSx3OVDsky3+sVWX7/Bcaz0eDRVv0v0C8Fsotg6E= Subject key identifier: D4:FB:33:D0:A3:30:40:57:08:BA:0A:5C:8D:A2:D7:37:67:BA:CA:9D Authority key identifier: CF:40:E2:56:06:65:1A:07:54:84:C7:09:FA:76:6D:80:DA:D5:2D:9C Certificate issuer: /CN=cf40e25606651a075484c709fa766d80dad52d9c Certificate serial: 019AF12E7CEEC58471D6D3C90F6AF6EA6C72 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z0DiVgZlGgdUhMcJ-nZtgNrVLZw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/7d5e1c-9d79-4b39-b560-e997e558d73a/1/z0DiVgZlGgdUhMcJ-nZtgNrVLZw.mft Manifest number: 056D Signing time: Sat 06 Dec 2025 01:02:26 +0000 Manifest this update: Sat 06 Dec 2025 01:02:26 +0000 Manifest next update: Sun 07 Dec 2025 01:02:26 +0000 Files and hashes: 1: hGH_yKtqtaewmmke-m1I7cISSH0.roa (hash: T3QXU6gMQq0RcA3qUlvm1jUKiUtDYtXE4Lz78+TSbU8=) 2: z0DiVgZlGgdUhMcJ-nZtgNrVLZw.crl (hash: QBAcX2kXjKiZD+oaNqG2wBgJDtYmf7Jl+V+f+sCc3JM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/7d5e1c-9d79-4b39-b560-e997e558d73a/1/z0DiVgZlGgdUhMcJ-nZtgNrVLZw.crl rsync://rpki.ripe.net/repository/DEFAULT/2c/7d5e1c-9d79-4b39-b560-e997e558d73a/1/z0DiVgZlGgdUhMcJ-nZtgNrVLZw.mft rsync://rpki.ripe.net/repository/DEFAULT/z0DiVgZlGgdUhMcJ-nZtgNrVLZw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:02:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2e:7c:ee:c5:84:71:d6:d3:c9:0f:6a:f6:ea:6c:72 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cf40e25606651a075484c709fa766d80dad52d9c Validity Not Before: Dec 6 01:02:26 2025 GMT Not After : Dec 7 01:02:26 2025 GMT Subject: CN=d4fb33d0a330405708ba0a5c8da2d73767baca9d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:18:ad:7a:4b:6c:ee:33:ad:6b:66:45:6d:9c: 10:df:de:25:c7:22:98:9b:4c:8d:7d:f5:2a:18:77: 3a:03:6d:69:55:df:c6:e9:6f:41:78:5d:ff:b5:61: 36:8a:58:2f:1f:7e:70:4f:73:73:f9:c2:31:fc:9e: 60:0a:6f:b7:2a:e5:af:de:f1:2a:f2:f9:26:e5:d3: 95:b6:ac:d8:b3:93:d7:bb:44:38:5e:df:da:91:3c: 4e:f0:9a:3e:8e:bb:5d:70:ad:6c:e0:86:83:ae:b0: 95:90:d2:6e:e6:af:42:b4:73:23:e1:fe:ee:2a:85: 94:24:a2:5f:cf:29:c8:d5:a1:53:0d:23:98:72:0a: d4:b4:1f:9d:f8:6c:87:09:16:c6:cf:5e:87:01:11: f5:9e:a0:e2:4c:aa:8f:33:41:78:ff:1e:cd:46:46: 96:d2:61:2f:d1:7b:42:a1:17:0c:ea:0b:5b:95:4d: e2:3f:a4:c3:1a:3f:3e:f9:d9:e7:f6:dd:27:33:fd: 6c:d7:8c:5a:b5:23:85:e4:76:e9:52:16:0b:b0:52: 7b:f5:41:3d:d0:c2:f7:94:32:ef:e1:6e:f7:d8:b3: 9a:82:f7:e4:e2:3a:f9:58:d9:37:4c:e0:df:05:90: 5d:59:3d:c0:d2:45:ee:23:f7:51:27:f4:99:54:22: 77:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:FB:33:D0:A3:30:40:57:08:BA:0A:5C:8D:A2:D7:37:67:BA:CA:9D X509v3 Authority Key Identifier: keyid:CF:40:E2:56:06:65:1A:07:54:84:C7:09:FA:76:6D:80:DA:D5:2D:9C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z0DiVgZlGgdUhMcJ-nZtgNrVLZw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/7d5e1c-9d79-4b39-b560-e997e558d73a/1/z0DiVgZlGgdUhMcJ-nZtgNrVLZw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/7d5e1c-9d79-4b39-b560-e997e558d73a/1/z0DiVgZlGgdUhMcJ-nZtgNrVLZw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 64:a2:95:ae:95:95:5e:9a:66:ad:8b:c7:c0:7c:18:b9:b4:ce: 7b:80:9a:18:23:1f:70:c0:2f:41:0d:ee:3f:98:8b:55:91:9d: 23:fe:a5:9f:47:d9:e7:e0:96:d6:43:ad:ff:16:05:86:d2:38: e3:11:d7:8f:5e:56:9e:35:0c:c5:14:82:d4:3a:27:dd:80:b9: 3e:1a:cf:7c:25:e6:f1:aa:9d:e2:8a:89:15:61:6b:47:d0:b2: d0:b8:d5:16:3d:73:c0:1c:c6:27:bc:e1:8c:88:20:63:ed:a0: 37:13:9a:62:ec:bf:41:43:16:9b:19:ec:ca:d5:b0:50:96:68: 38:5e:3e:10:15:0f:9b:9c:a0:c7:86:a4:00:7d:c5:2a:23:e3: 23:cb:ed:59:b2:f3:a2:a1:5c:0e:bb:98:14:cd:80:b2:70:10: 8a:16:9f:db:f5:b3:bb:ff:33:01:ba:0d:eb:11:24:f0:68:84: 54:5b:63:b6:26:3a:1f:eb:11:28:6b:8c:17:87:76:b7:01:0a: c1:16:b3:6d:85:4a:18:ec:f8:a7:a7:1d:43:bc:5f:7c:ff:be: b8:db:e5:d3:15:d1:d2:c5:f3:e2:31:74:73:68:82:c5:e0:60: 8c:e6:0a:ec:cc:cc:97:b7:3c:24:03:a8:84:d0:45:2f:5b:83: 08:d7:48:f9 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLnzuxYRx1tPJD2r26mxyMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNmNDBlMjU2MDY2NTFhMDc1NDg0YzcwOWZhNzY2ZDgwZGFk NTJkOWMwHhcNMjUxMjA2MDEwMjI2WhcNMjUxMjA3MDEwMjI2WjAzMTEwLwYDVQQD EyhkNGZiMzNkMGEzMzA0MDU3MDhiYTBhNWM4ZGEyZDczNzY3YmFjYTlkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsxitekts7jOta2ZFbZwQ394lxyKY m0yNffUqGHc6A21pVd/G6W9BeF3/tWE2ilgvH35wT3Nz+cIx/J5gCm+3KuWv3vEq 8vkm5dOVtqzYs5PXu0Q4Xt/akTxO8Jo+jrtdcK1s4IaDrrCVkNJu5q9CtHMj4f7u KoWUJKJfzynI1aFTDSOYcgrUtB+d+GyHCRbGz16HARH1nqDiTKqPM0F4/x7NRkaW 0mEv0XtCoRcM6gtblU3iP6TDGj8++dnn9t0nM/1s14xatSOF5HbpUhYLsFJ79UE9 0ML3lDLv4W732LOagvfk4jr5WNk3TODfBZBdWT3A0kXuI/dRJ/SZVCJ3AQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNT7M9CjMEBXCLoKXI2i1zdnusqdMB8GA1UdIwQY MBaAFM9A4lYGZRoHVITHCfp2bYDa1S2cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvejBEaVZnWmxHZ2RVaE1jSi1uWnRnTnJWTFp3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy83ZDVlMWMtOWQ3OS00YjM5LWI1NjAt ZTk5N2U1NThkNzNhLzEvejBEaVZnWmxHZ2RVaE1jSi1uWnRnTnJWTFp3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYy83ZDVlMWMtOWQ3OS00YjM5LWI1NjAtZTk5N2U1NThkNzNh LzEvejBEaVZnWmxHZ2RVaE1jSi1uWnRnTnJWTFp3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZKKVrpWV XppmrYvHwHwYubTOe4CaGCMfcMAvQQ3uP5iLVZGdI/6ln0fZ5+CW1kOt/xYFhtI4 4xHXj15WnjUMxRSC1Don3YC5PhrPfCXm8aqd4oqJFWFrR9Cy0LjVFj1zwBzGJ7zh jIggY+2gNxOaYuy/QUMWmxnsytWwUJZoOF4+EBUPm5ygx4akAH3FKiPjI8vtWbLz oqFcDruYFM2AsnAQihaf2/Wzu/8zAboN6xEk8GiEVFtjtiY6H+sRKGuMF4d2twEK wRazbYVKGOz4p6cdQ7xffP++uNvl0xXR0sXz4jF0c2iCxeBgjOYK7MzMl7c8JAOo hNBFL1uDCNdI+Q== -----END CERTIFICATE-----Generated at Sat Dec 6 08:27:22 2025 by rpki-client