This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/e49bc5-68c5-4ce2-a9b9-03c6feaf1d9f/1/ZO-Yrb9C1brNJMrbCt8JLEV22vM.mft File: ZO-Yrb9C1brNJMrbCt8JLEV22vM.mft (raw, json) Hash identifier: ufPkYYpO4EC2cDuMZznmfKVflgz+c88KiQg0/SGEAnY= Subject key identifier: 8A:1F:3B:A0:0A:9B:3A:E9:AE:8E:1A:EE:91:21:65:04:FD:F3:4B:96 Authority key identifier: 64:EF:98:AD:BF:42:D5:BA:CD:24:CA:DB:0A:DF:09:2C:45:76:DA:F3 Certificate issuer: /CN=64ef98adbf42d5bacd24cadb0adf092c4576daf3 Certificate serial: 019AF54090E1E8986AFA8A49F800828D35CA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZO-Yrb9C1brNJMrbCt8JLEV22vM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/e49bc5-68c5-4ce2-a9b9-03c6feaf1d9f/1/ZO-Yrb9C1brNJMrbCt8JLEV22vM.mft Manifest number: 176A Signing time: Sat 06 Dec 2025 20:00:40 +0000 Manifest this update: Sat 06 Dec 2025 20:00:40 +0000 Manifest next update: Sun 07 Dec 2025 20:00:40 +0000 Files and hashes: 1: O6yhVl-p8zPN_CcTQWHTkGKQoq0.roa (hash: HphO2Xf8amyd/7vc+hBrhD7m5RPblIsLscX8rs+h9y4=) 2: ZO-Yrb9C1brNJMrbCt8JLEV22vM.crl (hash: OW8Jq7q77+1lUypKEkFYCLOgy9JulH8U6lxTIBv3Buk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b7/e49bc5-68c5-4ce2-a9b9-03c6feaf1d9f/1/ZO-Yrb9C1brNJMrbCt8JLEV22vM.crl rsync://rpki.ripe.net/repository/DEFAULT/b7/e49bc5-68c5-4ce2-a9b9-03c6feaf1d9f/1/ZO-Yrb9C1brNJMrbCt8JLEV22vM.mft rsync://rpki.ripe.net/repository/DEFAULT/ZO-Yrb9C1brNJMrbCt8JLEV22vM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 20:00:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:40:90:e1:e8:98:6a:fa:8a:49:f8:00:82:8d:35:ca Signature Algorithm: sha256WithRSAEncryption Issuer: CN=64ef98adbf42d5bacd24cadb0adf092c4576daf3 Validity Not Before: Dec 6 20:00:40 2025 GMT Not After : Dec 7 20:00:40 2025 GMT Subject: CN=8a1f3ba00a9b3ae9ae8e1aee91216504fdf34b96 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:16:44:3c:30:de:a5:50:08:e0:73:ad:12:4b: 4b:a9:ae:ed:ac:69:9c:7b:04:58:61:73:4b:47:96: 72:76:5c:59:bb:60:f7:24:d4:ce:ff:82:d6:a4:33: 94:36:72:bc:7b:dc:94:73:8a:1e:7a:6b:90:ed:c3: e8:6d:ac:92:ba:53:79:4e:98:21:d6:ee:f3:ea:b6: 64:5f:b9:93:f1:21:2c:0c:22:62:d0:a4:73:a6:52: 34:c8:75:7a:42:08:ea:dd:8c:aa:ef:cc:e2:9b:03: 08:45:dd:91:00:15:17:15:be:37:4f:aa:06:95:4b: 47:ce:97:1f:33:3e:79:25:e0:83:2b:61:6d:a5:4d: 0a:4c:99:bc:78:f6:44:1b:09:11:2e:fb:fb:e5:be: d2:2d:c3:13:73:8e:87:66:51:57:40:a4:2f:d2:0e: c5:a9:42:27:42:79:9d:f0:a6:16:a6:53:f2:93:ad: b5:03:5a:da:20:e1:cb:b9:57:bd:af:80:5c:77:e3: 9a:5d:db:6a:e1:57:95:bf:96:fe:4b:db:2a:0d:96: 76:21:92:79:81:ec:85:76:37:5a:18:f8:d4:a8:be: 70:22:77:58:62:ad:b2:25:18:fc:10:52:e3:8b:58: b4:aa:5d:0c:52:e1:00:37:48:f1:e7:d8:2a:3a:9c: 21:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:1F:3B:A0:0A:9B:3A:E9:AE:8E:1A:EE:91:21:65:04:FD:F3:4B:96 X509v3 Authority Key Identifier: keyid:64:EF:98:AD:BF:42:D5:BA:CD:24:CA:DB:0A:DF:09:2C:45:76:DA:F3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZO-Yrb9C1brNJMrbCt8JLEV22vM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/e49bc5-68c5-4ce2-a9b9-03c6feaf1d9f/1/ZO-Yrb9C1brNJMrbCt8JLEV22vM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/e49bc5-68c5-4ce2-a9b9-03c6feaf1d9f/1/ZO-Yrb9C1brNJMrbCt8JLEV22vM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8d:d0:28:09:a0:f5:42:1e:ed:98:7b:96:09:8d:b9:d9:af:b5: 34:01:62:3f:2a:99:ca:e5:27:51:86:4c:a7:68:da:b5:08:ed: c5:12:51:5a:17:40:35:79:81:09:7b:25:7d:0d:2b:38:d7:84: 29:1b:5d:33:5b:d9:5f:62:57:db:a8:1e:e6:de:4e:58:f7:a4: b0:13:34:90:95:af:1e:11:f8:6c:ce:83:4b:39:1b:bd:d5:ab: 39:3d:e5:ae:cd:36:a9:e1:be:69:e8:97:b7:1f:34:c3:e7:89: 27:83:e7:04:4e:3a:b3:22:03:40:9e:a9:10:c7:34:41:60:36: 1c:f9:31:d4:73:6b:45:c2:1d:6d:16:18:8f:4c:2c:7b:ca:e5: a2:0e:6d:ab:0f:94:d6:c8:7a:9f:0e:b6:72:5b:39:43:23:62: 19:f8:17:27:cf:31:54:fa:89:2c:84:80:96:7a:49:74:c0:57: 66:2b:90:30:9d:0e:ef:30:70:af:93:fe:eb:c0:29:a0:e4:40: 80:10:bf:2f:72:b4:29:6f:13:46:dd:61:59:fd:b8:71:ff:1e: fd:63:5c:a5:27:c4:75:b8:65:54:32:f9:d7:df:02:7a:de:6e: c7:0e:8c:28:1d:fa:01:eb:2d:3b:09:97:5f:c0:92:d2:30:5c: b7:e0:8e:45 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr1QJDh6Jhq+opJ+ACCjTXKMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY0ZWY5OGFkYmY0MmQ1YmFjZDI0Y2FkYjBhZGYwOTJjNDU3 NmRhZjMwHhcNMjUxMjA2MjAwMDQwWhcNMjUxMjA3MjAwMDQwWjAzMTEwLwYDVQQD Eyg4YTFmM2JhMDBhOWIzYWU5YWU4ZTFhZWU5MTIxNjUwNGZkZjM0Yjk2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnRZEPDDepVAI4HOtEktLqa7trGmc ewRYYXNLR5ZydlxZu2D3JNTO/4LWpDOUNnK8e9yUc4oeemuQ7cPobaySulN5Tpgh 1u7z6rZkX7mT8SEsDCJi0KRzplI0yHV6Qgjq3Yyq78zimwMIRd2RABUXFb43T6oG lUtHzpcfMz55JeCDK2FtpU0KTJm8ePZEGwkRLvv75b7SLcMTc46HZlFXQKQv0g7F qUInQnmd8KYWplPyk621A1raIOHLuVe9r4Bcd+OaXdtq4VeVv5b+S9sqDZZ2IZJ5 geyFdjdaGPjUqL5wIndYYq2yJRj8EFLji1i0ql0MUuEAN0jx59gqOpwhgwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIofO6AKmzrpro4a7pEhZQT980uWMB8GA1UdIwQY MBaAFGTvmK2/QtW6zSTK2wrfCSxFdtrzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWk8tWXJiOUMxYnJOSk1yYkN0OEpMRVYyMnZNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9lNDliYzUtNjhjNS00Y2UyLWE5Yjkt MDNjNmZlYWYxZDlmLzEvWk8tWXJiOUMxYnJOSk1yYkN0OEpMRVYyMnZNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNy9lNDliYzUtNjhjNS00Y2UyLWE5YjktMDNjNmZlYWYxZDlm LzEvWk8tWXJiOUMxYnJOSk1yYkN0OEpMRVYyMnZNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjdAoCaD1 Qh7tmHuWCY252a+1NAFiPyqZyuUnUYZMp2jatQjtxRJRWhdANXmBCXslfQ0rONeE KRtdM1vZX2JX26ge5t5OWPeksBM0kJWvHhH4bM6DSzkbvdWrOT3lrs02qeG+aeiX tx80w+eJJ4PnBE46syIDQJ6pEMc0QWA2HPkx1HNrRcIdbRYYj0wse8rlog5tqw+U 1sh6nw62cls5QyNiGfgXJ88xVPqJLISAlnpJdMBXZiuQMJ0O7zBwr5P+68ApoORA gBC/L3K0KW8TRt1hWf24cf8e/WNcpSfEdbhlVDL5198Cet5uxw6MKB36AestOwmX X8CS0jBct+CORQ== -----END CERTIFICATE-----Generated at Sun Dec 7 01:19:44 2025 by rpki-client