This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/01dbbc-2fba-4d97-85f6-641edda06cce/1/zkn8E0twZULK8aHvvgNPcBG0lDY.mft File: zkn8E0twZULK8aHvvgNPcBG0lDY.mft (raw, json) Hash identifier: qTt3LS3an5XXvOBEXe6GckB68ma+ukRl58u+dMJU3Sg= Subject key identifier: 57:CF:CC:B1:E5:AB:04:AB:85:1A:CC:62:83:DD:86:E0:B5:88:51:65 Authority key identifier: CE:49:FC:13:4B:70:65:42:CA:F1:A1:EF:BE:03:4F:70:11:B4:94:36 Certificate issuer: /CN=ce49fc134b706542caf1a1efbe034f7011b49436 Certificate serial: 019AF61C86EE661F4C3D7A5E57F28440FE1C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zkn8E0twZULK8aHvvgNPcBG0lDY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/01dbbc-2fba-4d97-85f6-641edda06cce/1/zkn8E0twZULK8aHvvgNPcBG0lDY.mft Manifest number: 068B Signing time: Sun 07 Dec 2025 00:00:55 +0000 Manifest this update: Sun 07 Dec 2025 00:00:55 +0000 Manifest next update: Mon 08 Dec 2025 00:00:55 +0000 Files and hashes: 1: SGAPHhpCJa9JFOb_Zf20G8kvkhI.roa (hash: 27D8nmxY/4y8rMryghx5LNMAGS+7aTblTkGND6PBRy0=) 2: zkn8E0twZULK8aHvvgNPcBG0lDY.crl (hash: OsvY1FqLtNBXybI2vfyGA6pQNggiDrmRjDgz3nbyC+A=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/89/01dbbc-2fba-4d97-85f6-641edda06cce/1/zkn8E0twZULK8aHvvgNPcBG0lDY.crl rsync://rpki.ripe.net/repository/DEFAULT/89/01dbbc-2fba-4d97-85f6-641edda06cce/1/zkn8E0twZULK8aHvvgNPcBG0lDY.mft rsync://rpki.ripe.net/repository/DEFAULT/zkn8E0twZULK8aHvvgNPcBG0lDY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 21:29:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f6:1c:86:ee:66:1f:4c:3d:7a:5e:57:f2:84:40:fe:1c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ce49fc134b706542caf1a1efbe034f7011b49436 Validity Not Before: Dec 7 00:00:55 2025 GMT Not After : Dec 8 00:00:55 2025 GMT Subject: CN=57cfccb1e5ab04ab851acc6283dd86e0b5885165 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:76:0d:f4:27:be:24:c8:11:67:6f:49:92:fc: bc:e0:82:4b:26:44:23:ce:a9:1d:71:cf:74:c8:56: b9:11:47:2e:96:08:49:e2:54:df:9c:ec:12:97:d7: 6d:e6:2f:bd:08:88:11:7a:9c:4e:82:ba:8c:ee:af: a0:09:05:6d:88:f7:df:2f:f5:65:94:e9:66:6a:8c: ba:32:83:95:dd:9d:7c:58:6e:bf:32:fe:7a:86:c6: 51:f6:b1:ee:65:21:6c:03:e3:93:09:bb:41:40:fb: 96:db:25:06:25:5c:4f:23:fc:6a:35:3b:af:d2:53: 73:fb:f5:af:87:68:f6:a7:19:55:dd:bc:ed:12:24: 20:98:a9:67:ca:67:09:8f:dd:97:91:77:0b:e8:6c: cf:53:51:3f:11:d6:95:71:32:e4:31:4c:8d:80:92: 2f:20:72:82:c8:4e:13:50:01:18:83:96:62:a6:8f: 17:d8:4f:d4:20:a7:8b:d8:af:06:8c:0b:0c:25:6b: fb:be:0e:3a:6c:82:e5:e6:db:21:78:df:1f:cd:78: 05:70:69:94:54:b2:f9:9b:a7:08:8c:2e:2f:4c:da: f4:54:44:cc:a0:97:90:ce:cd:54:2f:79:ab:a8:e0: 42:24:e6:8d:d2:19:44:20:9c:80:d3:ee:91:91:62: 07:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 57:CF:CC:B1:E5:AB:04:AB:85:1A:CC:62:83:DD:86:E0:B5:88:51:65 X509v3 Authority Key Identifier: keyid:CE:49:FC:13:4B:70:65:42:CA:F1:A1:EF:BE:03:4F:70:11:B4:94:36 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zkn8E0twZULK8aHvvgNPcBG0lDY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/01dbbc-2fba-4d97-85f6-641edda06cce/1/zkn8E0twZULK8aHvvgNPcBG0lDY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/89/01dbbc-2fba-4d97-85f6-641edda06cce/1/zkn8E0twZULK8aHvvgNPcBG0lDY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 43:fa:79:91:67:79:4f:d2:3b:f8:74:89:3d:cf:50:b2:ba:d0: 55:74:7e:2a:cc:40:22:01:9f:f4:f2:22:40:58:6f:25:a2:4b: 60:fa:c3:3e:7d:b7:07:3e:ed:9d:95:d2:1f:53:2c:06:e3:65: 44:da:88:33:de:73:12:2d:d2:b4:e2:1b:33:fb:07:51:af:bf: d9:d8:67:be:67:9c:12:56:ee:49:ff:fc:73:ea:79:5f:27:cd: 30:7a:cb:e4:3c:88:5d:93:ec:b1:d7:76:af:aa:ae:3b:e5:2f: a8:c8:d7:4e:45:7f:ef:9f:f1:74:5b:d9:31:62:0a:81:92:9d: 7e:35:d4:d3:5c:48:5a:29:4c:1b:26:f6:09:55:c2:9a:d5:9f: 1b:50:5f:90:ec:7c:c1:83:5a:d0:99:11:7f:b4:df:6c:45:08: d5:66:7f:56:5f:20:24:d1:30:3e:d3:07:a3:ff:90:cc:de:e0: 40:0d:45:d9:f1:18:07:f2:72:8e:fd:e9:cd:e2:3d:e6:9b:2c: fd:7f:d4:51:10:6c:35:6c:a0:17:91:3a:c6:95:39:4f:2d:a9: 53:76:2b:3d:09:96:17:3e:fc:2d:41:ab:ac:1f:10:b0:93:bf: 80:9c:0b:5f:cc:73:a4:88:93:f1:c4:00:63:00:71:21:dd:69: ef:52:10:31 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr2HIbuZh9MPXpeV/KEQP4cMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNlNDlmYzEzNGI3MDY1NDJjYWYxYTFlZmJlMDM0ZjcwMTFi NDk0MzYwHhcNMjUxMjA3MDAwMDU1WhcNMjUxMjA4MDAwMDU1WjAzMTEwLwYDVQQD Eyg1N2NmY2NiMWU1YWIwNGFiODUxYWNjNjI4M2RkODZlMGI1ODg1MTY1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApHYN9Ce+JMgRZ29Jkvy84IJLJkQj zqkdcc90yFa5EUculghJ4lTfnOwSl9dt5i+9CIgRepxOgrqM7q+gCQVtiPffL/Vl lOlmaoy6MoOV3Z18WG6/Mv56hsZR9rHuZSFsA+OTCbtBQPuW2yUGJVxPI/xqNTuv 0lNz+/Wvh2j2pxlV3bztEiQgmKlnymcJj92XkXcL6GzPU1E/EdaVcTLkMUyNgJIv IHKCyE4TUAEYg5Zipo8X2E/UIKeL2K8GjAsMJWv7vg46bILl5tsheN8fzXgFcGmU VLL5m6cIjC4vTNr0VETMoJeQzs1UL3mrqOBCJOaN0hlEIJyA0+6RkWIHhQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFfPzLHlqwSrhRrMYoPdhuC1iFFlMB8GA1UdIwQY MBaAFM5J/BNLcGVCyvGh774DT3ARtJQ2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvemtuOEUwdHdaVUxLOGFIdnZnTlBjQkcwbERZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS8wMWRiYmMtMmZiYS00ZDk3LTg1ZjYt NjQxZWRkYTA2Y2NlLzEvemtuOEUwdHdaVUxLOGFIdnZnTlBjQkcwbERZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84OS8wMWRiYmMtMmZiYS00ZDk3LTg1ZjYtNjQxZWRkYTA2Y2Nl LzEvemtuOEUwdHdaVUxLOGFIdnZnTlBjQkcwbERZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ/p5kWd5 T9I7+HSJPc9QsrrQVXR+KsxAIgGf9PIiQFhvJaJLYPrDPn23Bz7tnZXSH1MsBuNl RNqIM95zEi3StOIbM/sHUa+/2dhnvmecElbuSf/8c+p5XyfNMHrL5DyIXZPssdd2 r6quO+UvqMjXTkV/75/xdFvZMWIKgZKdfjXU01xIWilMGyb2CVXCmtWfG1BfkOx8 wYNa0JkRf7TfbEUI1WZ/Vl8gJNEwPtMHo/+QzN7gQA1F2fEYB/Jyjv3pzeI95pss /X/UURBsNWygF5E6xpU5Ty2pU3YrPQmWFz78LUGrrB8QsJO/gJwLX8xzpIiT8cQA YwBxId1p71IQMQ== -----END CERTIFICATE-----Generated at Sun Dec 7 01:55:20 2025 by rpki-client