This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/b74207-3853-435d-abde-22b7782162ca/1/zZEXAvST1u3htuhyvKzcuFQoK60.mft File: zZEXAvST1u3htuhyvKzcuFQoK60.mft (raw, json) Hash identifier: ubUFw2uBd6dsqxV8vyormBLc8PjYCyaOakhHW0MTybU= Subject key identifier: F0:E9:A5:F0:E6:C0:E8:07:F7:F9:D0:FE:26:C4:16:87:B1:63:5D:87 Authority key identifier: CD:91:17:02:F4:93:D6:ED:E1:B6:E8:72:BC:AC:DC:B8:54:28:2B:AD Certificate issuer: /CN=cd911702f493d6ede1b6e872bcacdcb854282bad Certificate serial: 019AF19B63B6A26486E2EA47A3EA0C1B7329 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zZEXAvST1u3htuhyvKzcuFQoK60.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/b74207-3853-435d-abde-22b7782162ca/1/zZEXAvST1u3htuhyvKzcuFQoK60.mft Manifest number: 0DC6 Signing time: Sat 06 Dec 2025 03:01:23 +0000 Manifest this update: Sat 06 Dec 2025 03:01:23 +0000 Manifest next update: Sun 07 Dec 2025 03:01:23 +0000 Files and hashes: 1: talgukTPD8oL2wxiXAXrxPFSwAY.roa (hash: 42F75IV5IsX3V6ll7VHZlZ+ABWMo+HJa6Q+yWz1dm0U=) 2: zZEXAvST1u3htuhyvKzcuFQoK60.crl (hash: AE0GLtS6cIpvEfkRgwVHxHl/Wyi4wrpnZShYO/gHTdk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/88/b74207-3853-435d-abde-22b7782162ca/1/zZEXAvST1u3htuhyvKzcuFQoK60.crl rsync://rpki.ripe.net/repository/DEFAULT/88/b74207-3853-435d-abde-22b7782162ca/1/zZEXAvST1u3htuhyvKzcuFQoK60.mft rsync://rpki.ripe.net/repository/DEFAULT/zZEXAvST1u3htuhyvKzcuFQoK60.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:9b:63:b6:a2:64:86:e2:ea:47:a3:ea:0c:1b:73:29 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cd911702f493d6ede1b6e872bcacdcb854282bad Validity Not Before: Dec 6 03:01:23 2025 GMT Not After : Dec 7 03:01:23 2025 GMT Subject: CN=f0e9a5f0e6c0e807f7f9d0fe26c41687b1635d87 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:9b:4b:08:79:e0:fc:48:42:a6:17:42:c7:29: 3a:05:c0:12:82:66:be:b1:67:e1:ad:9d:3d:f4:35: 7e:5c:8e:91:80:4d:3e:e2:1a:77:2c:d8:27:c7:ef: f0:6d:b6:e8:ce:f9:6c:bf:4d:50:76:34:74:c1:a9: 43:52:41:4c:35:aa:70:44:50:f4:2b:c0:dc:29:08: 57:ba:e9:03:67:f4:9f:08:bb:fa:c5:0c:b5:6a:00: 7f:84:1a:07:31:ec:8e:6f:dc:4a:f0:68:ef:4d:d8: 75:21:b8:1f:8c:1e:ca:b1:29:2d:0a:04:01:5d:ac: 8a:fa:1a:e4:52:df:76:b3:4d:6d:05:5d:33:2c:9a: 5a:e4:f3:47:a0:3a:aa:97:46:9a:f3:7e:9e:d3:b1: 95:2e:34:43:ae:84:f9:e1:68:10:d7:6f:df:a6:b0: e5:3e:b1:28:45:39:a8:ca:e7:ed:d7:67:7c:93:1c: f3:c9:fa:a9:8f:83:d3:15:7d:0d:39:63:ca:2d:c6: 4f:1d:1c:57:68:85:5a:c7:98:9e:40:1a:c3:bc:13: e5:35:f2:1c:3a:80:08:08:8a:53:fa:a4:44:fc:25: 60:3f:70:9e:91:b1:79:45:5d:12:aa:6d:2d:1b:e0: 8d:f6:ed:70:68:99:33:93:2a:e7:20:e6:4c:bf:05: 0e:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F0:E9:A5:F0:E6:C0:E8:07:F7:F9:D0:FE:26:C4:16:87:B1:63:5D:87 X509v3 Authority Key Identifier: keyid:CD:91:17:02:F4:93:D6:ED:E1:B6:E8:72:BC:AC:DC:B8:54:28:2B:AD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zZEXAvST1u3htuhyvKzcuFQoK60.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/b74207-3853-435d-abde-22b7782162ca/1/zZEXAvST1u3htuhyvKzcuFQoK60.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/88/b74207-3853-435d-abde-22b7782162ca/1/zZEXAvST1u3htuhyvKzcuFQoK60.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 88:07:dd:0b:e5:8f:42:c7:8d:a4:0e:19:34:24:3f:7d:9f:e6: f7:33:d8:99:78:85:75:41:a6:91:24:76:90:b4:dc:d6:a6:b1: fc:1e:d4:45:8b:f9:c2:64:06:f2:ca:3e:d2:aa:07:33:19:6b: 5e:0d:2e:e0:f7:bd:cf:dd:d0:b0:95:5d:7d:e5:d0:d2:4b:c8: 30:5d:d4:20:10:53:40:c1:58:86:de:34:db:30:f7:cf:da:5e: 52:0b:7f:75:85:93:45:88:00:5a:a5:22:d6:67:1d:92:86:42: 64:a7:0d:2a:d4:a4:c8:f0:1e:1d:54:ae:37:e0:13:27:65:12: 82:a6:ea:09:7c:fd:fe:c6:f1:c1:1e:f2:d0:83:f6:12:48:78: 9e:e2:f9:d4:8f:dd:5b:a0:c8:0b:46:b4:9f:16:3a:9a:c2:15: 0c:d5:2a:d6:d8:9d:8f:c0:72:13:bf:11:54:6d:b5:24:2e:fd: d1:25:b2:39:ee:01:33:a4:1f:85:01:ae:73:75:b9:b6:1c:72: 86:62:13:5a:46:59:f2:55:65:3a:88:12:e2:6c:b4:9f:66:ac: ce:21:16:03:e0:b9:db:60:3e:6b:df:c7:88:99:80:b1:71:85: 3c:45:c8:c2:9f:08:06:53:99:60:24:5e:03:93:3f:7d:a7:e3: 16:63:54:b7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxm2O2omSG4upHo+oMG3MpMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNkOTExNzAyZjQ5M2Q2ZWRlMWI2ZTg3MmJjYWNkY2I4NTQy ODJiYWQwHhcNMjUxMjA2MDMwMTIzWhcNMjUxMjA3MDMwMTIzWjAzMTEwLwYDVQQD EyhmMGU5YTVmMGU2YzBlODA3ZjdmOWQwZmUyNmM0MTY4N2IxNjM1ZDg3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3ptLCHng/EhCphdCxyk6BcASgma+ sWfhrZ099DV+XI6RgE0+4hp3LNgnx+/wbbbozvlsv01QdjR0walDUkFMNapwRFD0 K8DcKQhXuukDZ/SfCLv6xQy1agB/hBoHMeyOb9xK8GjvTdh1IbgfjB7KsSktCgQB XayK+hrkUt92s01tBV0zLJpa5PNHoDqql0aa836e07GVLjRDroT54WgQ12/fprDl PrEoRTmoyuft12d8kxzzyfqpj4PTFX0NOWPKLcZPHRxXaIVax5ieQBrDvBPlNfIc OoAICIpT+qRE/CVgP3CekbF5RV0Sqm0tG+CN9u1waJkzkyrnIOZMvwUOzwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPDppfDmwOgH9/nQ/ibEFoexY12HMB8GA1UdIwQY MBaAFM2RFwL0k9bt4bbocrys3LhUKCutMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvelpFWEF2U1QxdTNodHVoeXZLemN1RlFvSzYwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9iNzQyMDctMzg1My00MzVkLWFiZGUt MjJiNzc4MjE2MmNhLzEvelpFWEF2U1QxdTNodHVoeXZLemN1RlFvSzYwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84OC9iNzQyMDctMzg1My00MzVkLWFiZGUtMjJiNzc4MjE2MmNh LzEvelpFWEF2U1QxdTNodHVoeXZLemN1RlFvSzYwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiAfdC+WP QseNpA4ZNCQ/fZ/m9zPYmXiFdUGmkSR2kLTc1qax/B7URYv5wmQG8so+0qoHMxlr Xg0u4Pe9z93QsJVdfeXQ0kvIMF3UIBBTQMFYht402zD3z9peUgt/dYWTRYgAWqUi 1mcdkoZCZKcNKtSkyPAeHVSuN+ATJ2USgqbqCXz9/sbxwR7y0IP2Ekh4nuL51I/d W6DIC0a0nxY6msIVDNUq1tidj8ByE78RVG21JC790SWyOe4BM6QfhQGuc3W5thxy hmITWkZZ8lVlOogS4my0n2asziEWA+C522A+a9/HiJmAsXGFPEXIwp8IBlOZYCRe A5M/fafjFmNUtw== -----END CERTIFICATE-----Generated at Sat Dec 6 07:06:21 2025 by rpki-client