This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/b8605a-2136-4389-a405-ea606570946a/1/zmdqMChOFLAsxt2qA053VAbkYaY.mft File: zmdqMChOFLAsxt2qA053VAbkYaY.mft (raw, json) Hash identifier: h91OI0/wsD2Nt07e2enfXKimQ77uMw+eH2Dx937Floo= Subject key identifier: C2:41:EA:D7:E0:6B:DF:D5:55:7D:66:82:FC:7C:BC:8C:36:96:44:82 Authority key identifier: CE:67:6A:30:28:4E:14:B0:2C:C6:DD:AA:03:4E:77:54:06:E4:61:A6 Certificate issuer: /CN=ce676a30284e14b02cc6ddaa034e775406e461a6 Certificate serial: 019AF5AE93B35021774661489E9E002F60CA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zmdqMChOFLAsxt2qA053VAbkYaY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/b8605a-2136-4389-a405-ea606570946a/1/zmdqMChOFLAsxt2qA053VAbkYaY.mft Manifest number: 0AFC Signing time: Sat 06 Dec 2025 22:00:50 +0000 Manifest this update: Sat 06 Dec 2025 22:00:50 +0000 Manifest next update: Sun 07 Dec 2025 22:00:50 +0000 Files and hashes: 1: CXaycMVQIz4mD7AGkHky2lc1t_E.roa (hash: XQ8QKr5tV5GANcYht5PHTQQD2/hz4d9yrWShPJMOBBM=) 2: zmdqMChOFLAsxt2qA053VAbkYaY.crl (hash: OdTzrtQHIwwO/A9JqkF4dEugTgiz8n4prYc64iruIKA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/b8605a-2136-4389-a405-ea606570946a/1/zmdqMChOFLAsxt2qA053VAbkYaY.crl rsync://rpki.ripe.net/repository/DEFAULT/bd/b8605a-2136-4389-a405-ea606570946a/1/zmdqMChOFLAsxt2qA053VAbkYaY.mft rsync://rpki.ripe.net/repository/DEFAULT/zmdqMChOFLAsxt2qA053VAbkYaY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 21:29:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:ae:93:b3:50:21:77:46:61:48:9e:9e:00:2f:60:ca Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ce676a30284e14b02cc6ddaa034e775406e461a6 Validity Not Before: Dec 6 22:00:50 2025 GMT Not After : Dec 7 22:00:50 2025 GMT Subject: CN=c241ead7e06bdfd5557d6682fc7cbc8c36964482 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:4d:b3:d2:f1:7e:02:90:b7:fb:72:ae:3e:20: cb:07:b2:a3:55:13:9f:5f:96:3f:58:72:ac:e5:7d: 7a:e6:6e:6e:f6:67:55:dd:62:d5:a0:30:e5:7e:62: b5:ef:75:a8:46:f6:34:26:88:fb:0c:da:44:82:6e: e3:fb:9e:52:d1:a9:76:d3:30:d1:65:ce:6b:8e:02: 15:75:6a:19:a5:cd:8e:f8:16:a2:0e:93:d1:7f:b9: 23:c2:bd:aa:77:b7:9b:e4:e6:03:5e:55:79:35:bd: 37:b0:80:58:fa:32:3e:d3:85:a1:82:43:c5:aa:82: 1a:c4:5a:d7:f0:74:98:b2:23:23:f1:31:67:be:87: 4d:ad:90:c5:13:56:ee:61:45:8d:bf:40:ca:0e:8c: a2:49:21:b8:7a:e5:63:a4:d9:5d:cf:90:54:41:5e: 6e:27:22:46:8b:96:6a:8e:59:04:26:d4:b3:ab:7c: be:29:56:f9:64:72:0c:9d:82:5b:ff:c3:e1:88:eb: 98:d9:80:17:a3:71:b4:cc:f0:08:b7:10:43:14:2f: 7b:e3:47:ba:6d:80:c7:64:81:30:bd:9b:71:74:2c: 63:5d:3e:55:fd:97:63:82:2a:21:1e:61:1b:2a:8c: aa:2b:2f:3a:bb:07:91:92:85:f7:c0:70:62:ee:6c: d3:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C2:41:EA:D7:E0:6B:DF:D5:55:7D:66:82:FC:7C:BC:8C:36:96:44:82 X509v3 Authority Key Identifier: keyid:CE:67:6A:30:28:4E:14:B0:2C:C6:DD:AA:03:4E:77:54:06:E4:61:A6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zmdqMChOFLAsxt2qA053VAbkYaY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/b8605a-2136-4389-a405-ea606570946a/1/zmdqMChOFLAsxt2qA053VAbkYaY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/b8605a-2136-4389-a405-ea606570946a/1/zmdqMChOFLAsxt2qA053VAbkYaY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4b:67:c1:b1:50:56:3b:21:2f:e1:1f:1a:aa:04:12:af:00:dc: b5:2f:79:6b:6a:68:33:2b:ce:79:f7:b6:ab:50:37:c9:2b:37: 37:4f:5f:6f:46:ca:0f:93:f8:d0:5a:88:14:3a:a1:e6:8c:d4: c9:db:f0:a2:3d:65:55:db:5c:5b:79:9e:10:bc:2b:a5:01:88: 92:b1:32:7b:73:82:10:7d:39:44:1d:b0:ed:be:0a:91:4f:90: 02:96:62:37:88:e5:6a:79:3b:5d:16:92:fc:5e:ea:9c:c2:1d: 15:bc:c5:30:45:f1:63:29:d9:0e:0e:9a:54:74:81:15:eb:e2: e2:0c:0e:60:43:75:ba:8c:fa:f2:4f:59:2f:68:c6:c8:6e:56: a9:c9:fc:de:c7:b4:dc:fc:92:76:ca:ee:24:e1:82:6f:bd:81: a2:7f:19:58:e3:b9:ed:24:0b:3d:8e:23:43:5c:c6:16:54:3a: af:52:df:70:a6:2f:45:e3:a0:9f:b5:9a:98:a7:a9:9a:bc:18: 69:81:2d:f5:78:32:ac:54:35:79:19:69:c8:4d:f1:9a:3e:0c: af:0f:40:0b:39:59:c8:a5:18:01:90:20:6b:17:84:92:37:8f: a0:c9:44:e5:6b:ec:d6:c5:65:61:3e:07:06:a5:0d:0c:0e:23: be:8d:73:97 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr1rpOzUCF3RmFInp4AL2DKMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNlNjc2YTMwMjg0ZTE0YjAyY2M2ZGRhYTAzNGU3NzU0MDZl NDYxYTYwHhcNMjUxMjA2MjIwMDUwWhcNMjUxMjA3MjIwMDUwWjAzMTEwLwYDVQQD EyhjMjQxZWFkN2UwNmJkZmQ1NTU3ZDY2ODJmYzdjYmM4YzM2OTY0NDgyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs02z0vF+ApC3+3KuPiDLB7KjVROf X5Y/WHKs5X165m5u9mdV3WLVoDDlfmK173WoRvY0Joj7DNpEgm7j+55S0al20zDR Zc5rjgIVdWoZpc2O+BaiDpPRf7kjwr2qd7eb5OYDXlV5Nb03sIBY+jI+04WhgkPF qoIaxFrX8HSYsiMj8TFnvodNrZDFE1buYUWNv0DKDoyiSSG4euVjpNldz5BUQV5u JyJGi5ZqjlkEJtSzq3y+KVb5ZHIMnYJb/8PhiOuY2YAXo3G0zPAItxBDFC9740e6 bYDHZIEwvZtxdCxjXT5V/ZdjgiohHmEbKoyqKy86uweRkoX3wHBi7mzT0QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMJB6tfga9/VVX1mgvx8vIw2lkSCMB8GA1UdIwQY MBaAFM5najAoThSwLMbdqgNOd1QG5GGmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvem1kcU1DaE9GTEFzeHQycUEwNTNWQWJrWWFZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9iODYwNWEtMjEzNi00Mzg5LWE0MDUt ZWE2MDY1NzA5NDZhLzEvem1kcU1DaE9GTEFzeHQycUEwNTNWQWJrWWFZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iZC9iODYwNWEtMjEzNi00Mzg5LWE0MDUtZWE2MDY1NzA5NDZh LzEvem1kcU1DaE9GTEFzeHQycUEwNTNWQWJrWWFZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAS2fBsVBW OyEv4R8aqgQSrwDctS95a2poMyvOefe2q1A3ySs3N09fb0bKD5P40FqIFDqh5ozU ydvwoj1lVdtcW3meELwrpQGIkrEye3OCEH05RB2w7b4KkU+QApZiN4jlank7XRaS /F7qnMIdFbzFMEXxYynZDg6aVHSBFevi4gwOYEN1uoz68k9ZL2jGyG5Wqcn83se0 3PySdsruJOGCb72Bon8ZWOO57SQLPY4jQ1zGFlQ6r1LfcKYvReOgn7WamKepmrwY aYEt9XgyrFQ1eRlpyE3xmj4Mrw9ACzlZyKUYAZAgaxeEkjePoMlE5Wvs1sVlYT4H BqUNDA4jvo1zlw== -----END CERTIFICATE-----Generated at Sun Dec 7 04:16:14 2025 by rpki-client