This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/5124d0-2b3f-4dab-857d-2e639fca4640/1/zCdbIX3x3piMohkqg64R3fQjpE8.mft File: zCdbIX3x3piMohkqg64R3fQjpE8.mft (raw, json) Hash identifier: 6CxRz+tCZ3FeuvbynS5uDwbyVfsC2lsm4jxAbvX8PT0= Subject key identifier: F2:CF:89:03:A9:16:A3:0B:69:F7:46:EF:FB:11:54:B9:8C:8E:7D:DB Authority key identifier: CC:27:5B:21:7D:F1:DE:98:8C:A2:19:2A:83:AE:11:DD:F4:23:A4:4F Certificate issuer: /CN=cc275b217df1de988ca2192a83ae11ddf423a44f Certificate serial: 019AF0BF7502E8DD2323A6AFD163A0832F71 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zCdbIX3x3piMohkqg64R3fQjpE8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/5124d0-2b3f-4dab-857d-2e639fca4640/1/zCdbIX3x3piMohkqg64R3fQjpE8.mft Manifest number: 0C18 Signing time: Fri 05 Dec 2025 23:01:10 +0000 Manifest this update: Fri 05 Dec 2025 23:01:10 +0000 Manifest next update: Sat 06 Dec 2025 23:01:10 +0000 Files and hashes: 1: Nr1R18FVhyzjXhL2YKl54Kz1CcM.roa (hash: Ka3gajN2kG5bn7od03MC2i4kFc5aTTook8osIu09I1U=) 2: zCdbIX3x3piMohkqg64R3fQjpE8.crl (hash: MdkDaa6cvt7UmKTjfQa3xgFrhumy+UdI7vBqgveh0xY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/5124d0-2b3f-4dab-857d-2e639fca4640/1/zCdbIX3x3piMohkqg64R3fQjpE8.crl rsync://rpki.ripe.net/repository/DEFAULT/aa/5124d0-2b3f-4dab-857d-2e639fca4640/1/zCdbIX3x3piMohkqg64R3fQjpE8.mft rsync://rpki.ripe.net/repository/DEFAULT/zCdbIX3x3piMohkqg64R3fQjpE8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 23:01:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f0:bf:75:02:e8:dd:23:23:a6:af:d1:63:a0:83:2f:71 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cc275b217df1de988ca2192a83ae11ddf423a44f Validity Not Before: Dec 5 23:01:10 2025 GMT Not After : Dec 6 23:01:10 2025 GMT Subject: CN=f2cf8903a916a30b69f746effb1154b98c8e7ddb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:2e:0c:a7:a4:77:e0:77:2f:c5:57:03:38:07: df:9f:9b:23:f9:ad:9c:1d:12:e2:a8:b2:ed:07:b5: eb:7d:9f:22:82:bd:5e:29:ef:f5:8e:a9:dd:14:3b: d7:06:ec:4d:14:37:66:7a:54:41:fb:44:91:85:9d: 02:1e:61:4a:40:81:db:a2:93:22:35:b1:12:a0:cf: cf:a3:99:8e:fd:aa:05:85:68:08:17:7d:ee:95:98: 88:98:ff:8c:23:53:5d:11:89:26:2e:72:70:9b:77: d3:b4:df:fd:42:8f:4b:0e:cc:6a:d0:ba:b0:48:e1: 7f:6c:e5:5b:28:34:7b:27:b3:ad:bf:f2:0c:0f:47: f5:f4:88:b1:4b:3d:20:1d:28:30:13:4a:e0:a4:f0: 61:ef:76:55:c8:5b:26:ee:f7:fc:7d:51:02:3d:53: 44:b7:bc:56:f4:7b:da:81:23:de:d0:d2:84:42:c5: 66:a3:38:fb:91:d0:b5:f5:87:1a:aa:a0:27:bf:8c: ab:2d:69:57:ff:ca:62:8d:01:18:26:e0:eb:da:26: b9:af:23:17:1a:51:17:9d:f6:a3:e4:e7:fd:36:25: 9b:45:e8:da:c1:98:54:66:02:2f:10:52:48:0c:2e: 4d:76:fb:cd:e5:f8:1e:8e:05:d3:8b:18:ba:d9:46: 6e:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F2:CF:89:03:A9:16:A3:0B:69:F7:46:EF:FB:11:54:B9:8C:8E:7D:DB X509v3 Authority Key Identifier: keyid:CC:27:5B:21:7D:F1:DE:98:8C:A2:19:2A:83:AE:11:DD:F4:23:A4:4F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zCdbIX3x3piMohkqg64R3fQjpE8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/5124d0-2b3f-4dab-857d-2e639fca4640/1/zCdbIX3x3piMohkqg64R3fQjpE8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/5124d0-2b3f-4dab-857d-2e639fca4640/1/zCdbIX3x3piMohkqg64R3fQjpE8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 65:db:bc:4c:57:99:2c:f6:a9:d2:e7:ce:db:32:c8:06:9b:14: 3d:a5:87:ed:e0:20:19:79:e4:99:e3:e2:2f:fd:ae:28:f9:65: ec:30:5d:33:46:0e:74:9b:31:f3:ef:a7:3a:b7:2f:1c:5a:6e: 93:e2:49:2d:60:9c:ce:57:7a:8b:b4:f9:d3:a1:17:47:47:fe: 7b:fb:b7:78:1c:c5:f5:0d:37:fe:54:55:2c:47:26:2d:98:ab: bc:ac:bd:86:4f:5b:3a:1e:41:f2:33:83:36:81:39:d5:eb:f9: 2f:27:cd:32:fb:17:df:79:7a:d3:ac:49:44:bd:49:82:06:7e: 18:f1:61:96:12:30:1d:38:f8:f3:5e:43:35:a2:f1:5d:57:b3: d4:3a:d9:4e:b6:15:35:a3:11:a9:8e:2b:81:2b:9f:de:a7:47: 98:44:ec:5a:4e:05:ca:e8:69:72:9e:07:ad:7d:0e:00:26:bf: 68:72:81:c8:6c:bd:2f:52:ac:5d:4a:16:52:22:da:91:4b:d3: 7a:79:59:5f:59:12:09:78:0d:fb:f9:66:41:47:22:62:8d:21: 27:21:ef:df:fd:13:a4:b6:44:d7:41:d9:87:f6:eb:87:2c:61: f0:23:23:67:f7:2f:31:e2:03:69:8f:8e:f4:da:bf:25:b5:ce: 6b:8f:f1:b5 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrwv3UC6N0jI6av0WOggy9xMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNjMjc1YjIxN2RmMWRlOTg4Y2EyMTkyYTgzYWUxMWRkZjQy M2E0NGYwHhcNMjUxMjA1MjMwMTEwWhcNMjUxMjA2MjMwMTEwWjAzMTEwLwYDVQQD EyhmMmNmODkwM2E5MTZhMzBiNjlmNzQ2ZWZmYjExNTRiOThjOGU3ZGRiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvC4Mp6R34HcvxVcDOAffn5sj+a2c HRLiqLLtB7XrfZ8igr1eKe/1jqndFDvXBuxNFDdmelRB+0SRhZ0CHmFKQIHbopMi NbESoM/Po5mO/aoFhWgIF33ulZiImP+MI1NdEYkmLnJwm3fTtN/9Qo9LDsxq0Lqw SOF/bOVbKDR7J7Otv/IMD0f19IixSz0gHSgwE0rgpPBh73ZVyFsm7vf8fVECPVNE t7xW9HvagSPe0NKEQsVmozj7kdC19YcaqqAnv4yrLWlX/8pijQEYJuDr2ia5ryMX GlEXnfaj5Of9NiWbRejawZhUZgIvEFJIDC5NdvvN5fgejgXTixi62UZuFQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPLPiQOpFqMLafdG7/sRVLmMjn3bMB8GA1UdIwQY MBaAFMwnWyF98d6YjKIZKoOuEd30I6RPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvekNkYklYM3gzcGlNb2hrcWc2NFIzZlFqcEU4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS81MTI0ZDAtMmIzZi00ZGFiLTg1N2Qt MmU2MzlmY2E0NjQwLzEvekNkYklYM3gzcGlNb2hrcWc2NFIzZlFqcEU4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hYS81MTI0ZDAtMmIzZi00ZGFiLTg1N2QtMmU2MzlmY2E0NjQw LzEvekNkYklYM3gzcGlNb2hrcWc2NFIzZlFqcEU4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZdu8TFeZ LPap0ufO2zLIBpsUPaWH7eAgGXnkmePiL/2uKPll7DBdM0YOdJsx8++nOrcvHFpu k+JJLWCczld6i7T506EXR0f+e/u3eBzF9Q03/lRVLEcmLZirvKy9hk9bOh5B8jOD NoE51ev5LyfNMvsX33l606xJRL1JggZ+GPFhlhIwHTj4815DNaLxXVez1DrZTrYV NaMRqY4rgSuf3qdHmETsWk4Fyuhpcp4HrX0OACa/aHKByGy9L1KsXUoWUiLakUvT enlZX1kSCXgN+/lmQUciYo0hJyHv3/0TpLZE10HZh/brhyxh8CMjZ/cvMeIDaY+O 9Nq/JbXOa4/xtQ== -----END CERTIFICATE-----Generated at Sat Dec 6 09:23:32 2025 by rpki-client