This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/53f75e-42b9-4fae-b1be-26e7f3f2b11e/1/Zo1_de9C8L1xqpxmZo4KM9vhY08.mft File: Zo1_de9C8L1xqpxmZo4KM9vhY08.mft (raw, json) Hash identifier: tq3+ULHstMOCRNe8UwzyhMEa/yLRZ1uHspJbxJ4eI2s= Subject key identifier: D8:D4:F3:B7:D5:D1:B9:6F:C2:28:6B:86:B4:96:F5:C6:D0:CC:06:63 Authority key identifier: 66:8D:7F:75:EF:42:F0:BD:71:AA:9C:66:66:8E:0A:33:DB:E1:63:4F Certificate issuer: /CN=668d7f75ef42f0bd71aa9c66668e0a33dbe1634f Certificate serial: 019B2D0BD4BF81418445A78CE6A8D9929FA8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zo1_de9C8L1xqpxmZo4KM9vhY08.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/53f75e-42b9-4fae-b1be-26e7f3f2b11e/1/Zo1_de9C8L1xqpxmZo4KM9vhY08.mft Manifest number: 177F Signing time: Wed 17 Dec 2025 16:01:48 +0000 Manifest this update: Wed 17 Dec 2025 16:01:48 +0000 Manifest next update: Thu 18 Dec 2025 16:01:48 +0000 Files and hashes: 1: ZLef86UZ8-ykPDzWWLmzoQSdgC4.roa (hash: 9D+NhHpbmJi6ZpbrwdmFqtG+bLkEiMEM9kjTpQm+k4M=) 2: Zo1_de9C8L1xqpxmZo4KM9vhY08.crl (hash: zUzNlzdELFMho5LQWmuyVWIVyN+N0mL19Xxv8GgAgMw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8f/53f75e-42b9-4fae-b1be-26e7f3f2b11e/1/Zo1_de9C8L1xqpxmZo4KM9vhY08.crl rsync://rpki.ripe.net/repository/DEFAULT/8f/53f75e-42b9-4fae-b1be-26e7f3f2b11e/1/Zo1_de9C8L1xqpxmZo4KM9vhY08.mft rsync://rpki.ripe.net/repository/DEFAULT/Zo1_de9C8L1xqpxmZo4KM9vhY08.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 18 Dec 2025 10:00:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2d:0b:d4:bf:81:41:84:45:a7:8c:e6:a8:d9:92:9f:a8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=668d7f75ef42f0bd71aa9c66668e0a33dbe1634f Validity Not Before: Dec 17 16:01:48 2025 GMT Not After : Dec 18 16:01:48 2025 GMT Subject: CN=d8d4f3b7d5d1b96fc2286b86b496f5c6d0cc0663 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:2d:6a:ad:49:65:ad:fd:b2:fc:c5:27:ab:0d: 8f:e7:b4:49:aa:7c:ce:df:89:2e:51:47:b6:18:54: 49:9a:4e:be:dc:cf:94:83:b2:95:21:3b:a4:33:5b: 72:26:e1:68:50:5f:93:8c:f5:37:d0:ce:d4:82:60: 70:a3:56:92:18:53:c2:83:bb:28:4f:68:2f:9c:48: 26:ca:f6:68:da:e6:cf:3c:0b:b8:b8:dc:2d:11:b5: 42:85:92:98:78:aa:0a:9d:e7:77:02:20:69:e2:b8: c0:32:d2:0e:9d:46:ed:f3:08:fd:df:d9:00:87:61: 8c:9d:2c:9f:23:31:88:d9:41:0c:31:20:e6:b2:10: 76:af:2f:19:f5:56:27:6a:ab:1d:3c:bb:5b:a4:06: fb:3d:09:d5:4a:8d:dc:c8:81:c5:cb:fd:0f:f3:66: 07:00:bf:4a:8e:97:3f:9d:44:14:85:c5:c6:1f:4c: 95:72:cb:50:64:47:8a:bc:25:85:45:62:b7:e0:51: 6f:92:95:2d:01:ad:98:9b:87:35:ae:fc:ff:97:5d: c8:f0:45:5b:cd:39:5f:11:03:1f:43:de:20:09:06: e0:45:bb:98:6d:85:dd:29:c8:d4:28:a1:b2:6f:0c: 89:f8:be:a3:10:38:7f:03:3f:43:c9:7a:c6:03:41: 82:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:D4:F3:B7:D5:D1:B9:6F:C2:28:6B:86:B4:96:F5:C6:D0:CC:06:63 X509v3 Authority Key Identifier: keyid:66:8D:7F:75:EF:42:F0:BD:71:AA:9C:66:66:8E:0A:33:DB:E1:63:4F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zo1_de9C8L1xqpxmZo4KM9vhY08.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/53f75e-42b9-4fae-b1be-26e7f3f2b11e/1/Zo1_de9C8L1xqpxmZo4KM9vhY08.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/53f75e-42b9-4fae-b1be-26e7f3f2b11e/1/Zo1_de9C8L1xqpxmZo4KM9vhY08.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 36:7b:5a:fe:cc:e6:8f:85:3e:45:81:81:a2:a8:83:2b:c7:aa: a0:13:cd:e4:d7:33:4f:1b:a0:bd:44:d9:f8:6d:d7:50:6c:45: 97:af:e9:47:78:6c:bc:77:72:08:78:eb:f8:6c:5c:f3:ef:d8: 12:88:73:bf:3a:f9:8f:29:5a:6c:69:45:37:06:14:63:ef:8b: ae:f7:4c:4d:4a:07:0a:4f:2f:44:b1:02:3d:79:77:2f:24:d4: 4d:b2:df:59:3b:ee:30:88:93:15:8f:81:83:1b:2d:27:a3:69: a7:a9:c2:e0:1e:24:99:7d:be:00:4c:5f:54:13:86:9a:9c:5a: 70:eb:f1:01:2a:72:53:de:6e:d8:99:d1:9d:cc:d5:2b:e6:d5: b9:8e:69:cc:05:f0:7d:11:de:98:2d:fe:45:f5:5b:10:9c:20: e1:5e:75:d8:73:50:0e:f3:ff:04:ef:78:7d:d3:b9:df:7c:35: a7:66:75:c3:b4:66:cd:4f:af:aa:49:ec:6a:5b:1b:1c:c6:d7: 0e:d5:bd:3f:4c:c7:40:1f:7b:14:f9:8a:a0:3a:74:d2:f7:71: af:e9:a6:df:f3:dd:c7:d8:4a:82:85:38:ee:ad:35:5a:8a:b4: a5:31:d1:28:a4:67:71:a6:d3:22:98:1c:99:70:c8:f2:4a:b3: 09:c8:91:02 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZstC9S/gUGERaeM5qjZkp+oMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY2OGQ3Zjc1ZWY0MmYwYmQ3MWFhOWM2NjY2OGUwYTMzZGJl MTYzNGYwHhcNMjUxMjE3MTYwMTQ4WhcNMjUxMjE4MTYwMTQ4WjAzMTEwLwYDVQQD EyhkOGQ0ZjNiN2Q1ZDFiOTZmYzIyODZiODZiNDk2ZjVjNmQwY2MwNjYzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3y1qrUllrf2y/MUnqw2P57RJqnzO 34kuUUe2GFRJmk6+3M+Ug7KVITukM1tyJuFoUF+TjPU30M7UgmBwo1aSGFPCg7so T2gvnEgmyvZo2ubPPAu4uNwtEbVChZKYeKoKned3AiBp4rjAMtIOnUbt8wj939kA h2GMnSyfIzGI2UEMMSDmshB2ry8Z9VYnaqsdPLtbpAb7PQnVSo3cyIHFy/0P82YH AL9Kjpc/nUQUhcXGH0yVcstQZEeKvCWFRWK34FFvkpUtAa2Ym4c1rvz/l13I8EVb zTlfEQMfQ94gCQbgRbuYbYXdKcjUKKGybwyJ+L6jEDh/Az9DyXrGA0GCNQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNjU87fV0blvwihrhrSW9cbQzAZjMB8GA1UdIwQY MBaAFGaNf3XvQvC9caqcZmaOCjPb4WNPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWm8xX2RlOUM4TDF4cXB4bVpvNEtNOXZoWTA4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi81M2Y3NWUtNDJiOS00ZmFlLWIxYmUt MjZlN2YzZjJiMTFlLzEvWm8xX2RlOUM4TDF4cXB4bVpvNEtNOXZoWTA4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Zi81M2Y3NWUtNDJiOS00ZmFlLWIxYmUtMjZlN2YzZjJiMTFl LzEvWm8xX2RlOUM4TDF4cXB4bVpvNEtNOXZoWTA4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANnta/szm j4U+RYGBoqiDK8eqoBPN5NczTxugvUTZ+G3XUGxFl6/pR3hsvHdyCHjr+Gxc8+/Y Eohzvzr5jylabGlFNwYUY++LrvdMTUoHCk8vRLECPXl3LyTUTbLfWTvuMIiTFY+B gxstJ6Npp6nC4B4kmX2+AExfVBOGmpxacOvxASpyU95u2JnRnczVK+bVuY5pzAXw fRHemC3+RfVbEJwg4V512HNQDvP/BO94fdO533w1p2Z1w7RmzU+vqknsalsbHMbX DtW9P0zHQB97FPmKoDp00vdxr+mm3/Pdx9hKgoU47q01Woq0pTHRKKRncabTIpgc mXDI8kqzCciRAg== -----END CERTIFICATE-----Generated at Wed Dec 17 18:10:08 2025 by rpki-client