This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/983caa-ef05-460f-a20a-4162465b9880/1/ZNf34XQXmhM-MMZg7fqG50pA3ZU.mft File: ZNf34XQXmhM-MMZg7fqG50pA3ZU.mft (raw, json) Hash identifier: VE/+QujXN/BdyFZk/ulZ93awMWhfKdUzmgwfcIqPft0= Subject key identifier: 0B:25:38:64:30:C1:9B:8B:77:D6:E1:D9:B5:2F:DB:66:73:AE:85:29 Authority key identifier: 64:D7:F7:E1:74:17:9A:13:3E:30:C6:60:ED:FA:86:E7:4A:40:DD:95 Certificate issuer: /CN=64d7f7e174179a133e30c660edfa86e74a40dd95 Certificate serial: 019AF464FE3414CDA0344DB5873A9140BFDD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZNf34XQXmhM-MMZg7fqG50pA3ZU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/983caa-ef05-460f-a20a-4162465b9880/1/ZNf34XQXmhM-MMZg7fqG50pA3ZU.mft Manifest number: 175E Signing time: Sat 06 Dec 2025 16:00:50 +0000 Manifest this update: Sat 06 Dec 2025 16:00:50 +0000 Manifest next update: Sun 07 Dec 2025 16:00:50 +0000 Files and hashes: 1: ZNf34XQXmhM-MMZg7fqG50pA3ZU.crl (hash: 6OHBhzZ8y2C1M9B3mpAmITTzLVkMdh7wCWINsgnfEw0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b5/983caa-ef05-460f-a20a-4162465b9880/1/ZNf34XQXmhM-MMZg7fqG50pA3ZU.crl rsync://rpki.ripe.net/repository/DEFAULT/b5/983caa-ef05-460f-a20a-4162465b9880/1/ZNf34XQXmhM-MMZg7fqG50pA3ZU.mft rsync://rpki.ripe.net/repository/DEFAULT/ZNf34XQXmhM-MMZg7fqG50pA3ZU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f4:64:fe:34:14:cd:a0:34:4d:b5:87:3a:91:40:bf:dd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=64d7f7e174179a133e30c660edfa86e74a40dd95 Validity Not Before: Dec 6 16:00:50 2025 GMT Not After : Dec 7 16:00:50 2025 GMT Subject: CN=0b25386430c19b8b77d6e1d9b52fdb6673ae8529 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:63:0e:7d:16:e9:72:3d:dd:08:e9:c1:9d:1a: 5f:87:ee:5c:b3:ba:6d:7b:b4:10:13:b3:28:1b:bf: 41:a5:7f:b4:84:e9:76:bc:b9:66:bd:dd:7c:5b:be: 3b:57:8f:4a:3a:82:a3:77:ec:34:46:0f:2d:ab:db: 2c:d5:73:e3:0b:0d:a4:6c:fc:eb:cd:8f:ea:91:f8: c2:84:4d:3f:13:7d:6b:37:76:78:dd:65:cd:d2:ea: e1:e9:dd:54:62:79:d9:7c:ed:92:b3:fd:e0:e8:2a: 68:ab:76:4d:b0:f2:ff:1f:5e:25:61:9e:70:59:50: 98:d7:18:51:0b:41:85:eb:26:6d:cf:b2:5a:79:3d: 9e:5a:17:f8:11:41:53:c1:85:08:bc:f2:36:98:90: 06:36:e0:29:a4:b1:0a:c7:18:21:12:f7:bd:df:e9: b3:69:50:13:97:97:0d:6a:40:49:08:60:8b:41:d9: 55:29:c5:df:e4:33:66:dd:32:f7:40:c1:57:56:79: c9:c5:93:07:8a:a0:06:d9:a4:9e:32:53:37:f1:20: c3:2e:60:d6:fc:9f:f9:e3:b4:73:f9:1b:3b:7d:f4: b1:d0:97:36:58:db:64:16:c1:69:c3:9f:3c:09:82: af:b9:2b:71:d4:38:7b:70:cd:a1:84:26:c3:b0:66: 8f:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0B:25:38:64:30:C1:9B:8B:77:D6:E1:D9:B5:2F:DB:66:73:AE:85:29 X509v3 Authority Key Identifier: keyid:64:D7:F7:E1:74:17:9A:13:3E:30:C6:60:ED:FA:86:E7:4A:40:DD:95 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZNf34XQXmhM-MMZg7fqG50pA3ZU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/983caa-ef05-460f-a20a-4162465b9880/1/ZNf34XQXmhM-MMZg7fqG50pA3ZU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/983caa-ef05-460f-a20a-4162465b9880/1/ZNf34XQXmhM-MMZg7fqG50pA3ZU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 77:de:71:16:6c:43:c0:41:11:bb:3f:80:7b:db:ad:05:ea:9d: b9:29:1a:9c:36:a1:2f:12:96:f9:fa:ef:5e:65:30:ea:f6:21: fd:1e:64:df:e8:e7:cc:8b:38:e4:0a:5a:ef:cf:b3:9c:0b:4d: 46:ae:e0:9d:3c:2b:d6:67:2b:cb:68:b9:57:de:b0:45:fa:39: 88:7d:e3:d1:b9:f1:d0:08:64:e1:04:20:97:07:b8:85:96:8a: 45:ac:e7:46:52:be:90:b0:f0:3b:e8:3d:5e:60:76:71:e3:30: 43:59:b5:51:4d:45:5f:73:33:aa:39:f0:fb:90:de:5f:23:26: df:c9:9b:fa:a7:8e:f3:92:d0:af:ac:46:eb:66:df:c2:04:42: 40:58:44:9d:ba:c8:7b:8e:4b:55:ac:1f:5c:c5:42:05:f9:c3: f3:e3:bb:2a:bc:e1:64:b2:21:67:52:52:f4:a9:01:20:41:45: 0c:2f:70:8c:8e:9d:78:55:35:ef:dc:d2:71:e6:87:fc:e7:3f: ae:77:8b:95:2e:c2:21:b9:14:6c:10:2a:20:61:6d:3e:86:ab: 03:c4:df:a8:24:f2:b2:4a:0e:3e:f3:b3:9f:53:8d:a8:92:3e: 7f:8b:42:a3:1a:9b:d6:1d:27:f9:3e:b2:49:79:94:63:d9:9e: c9:4c:d2:93 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr0ZP40FM2gNE21hzqRQL/dMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY0ZDdmN2UxNzQxNzlhMTMzZTMwYzY2MGVkZmE4NmU3NGE0 MGRkOTUwHhcNMjUxMjA2MTYwMDUwWhcNMjUxMjA3MTYwMDUwWjAzMTEwLwYDVQQD EygwYjI1Mzg2NDMwYzE5YjhiNzdkNmUxZDliNTJmZGI2NjczYWU4NTI5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlmMOfRbpcj3dCOnBnRpfh+5cs7pt e7QQE7MoG79BpX+0hOl2vLlmvd18W747V49KOoKjd+w0Rg8tq9ss1XPjCw2kbPzr zY/qkfjChE0/E31rN3Z43WXN0urh6d1UYnnZfO2Ss/3g6Cpoq3ZNsPL/H14lYZ5w WVCY1xhRC0GF6yZtz7JaeT2eWhf4EUFTwYUIvPI2mJAGNuAppLEKxxghEve93+mz aVATl5cNakBJCGCLQdlVKcXf5DNm3TL3QMFXVnnJxZMHiqAG2aSeMlM38SDDLmDW /J/547Rz+Rs7ffSx0Jc2WNtkFsFpw588CYKvuStx1Dh7cM2hhCbDsGaPKQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAslOGQwwZuLd9bh2bUv22ZzroUpMB8GA1UdIwQY MBaAFGTX9+F0F5oTPjDGYO36hudKQN2VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWk5mMzRYUVhtaE0tTU1aZzdmcUc1MHBBM1pVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS85ODNjYWEtZWYwNS00NjBmLWEyMGEt NDE2MjQ2NWI5ODgwLzEvWk5mMzRYUVhtaE0tTU1aZzdmcUc1MHBBM1pVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNS85ODNjYWEtZWYwNS00NjBmLWEyMGEtNDE2MjQ2NWI5ODgw LzEvWk5mMzRYUVhtaE0tTU1aZzdmcUc1MHBBM1pVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd95xFmxD wEERuz+Ae9utBeqduSkanDahLxKW+frvXmUw6vYh/R5k3+jnzIs45Apa78+znAtN Rq7gnTwr1mcry2i5V96wRfo5iH3j0bnx0Ahk4QQglwe4hZaKRaznRlK+kLDwO+g9 XmB2ceMwQ1m1UU1FX3Mzqjnw+5DeXyMm38mb+qeO85LQr6xG62bfwgRCQFhEnbrI e45LVawfXMVCBfnD8+O7KrzhZLIhZ1JS9KkBIEFFDC9wjI6deFU179zSceaH/Oc/ rneLlS7CIbkUbBAqIGFtPoarA8TfqCTyskoOPvOzn1ONqJI+f4tCoxqb1h0n+T6y SXmUY9meyUzSkw== -----END CERTIFICATE-----Generated at Sat Dec 6 22:29:10 2025 by rpki-client