This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/b8605a-2136-4389-a405-ea606570946a/1/zmdqMChOFLAsxt2qA053VAbkYaY.mft File: zmdqMChOFLAsxt2qA053VAbkYaY.mft (raw, json) Hash identifier: 7QXBceXI6/gXb3QHodmGYE5KU0uc0USa8elm/GiJ/hI= Subject key identifier: B0:A9:F6:82:C5:55:3A:C2:D8:9D:48:9C:8D:F6:7F:EF:29:DD:67:0C Authority key identifier: CE:67:6A:30:28:4E:14:B0:2C:C6:DD:AA:03:4E:77:54:06:E4:61:A6 Certificate issuer: /CN=ce676a30284e14b02cc6ddaa034e775406e461a6 Certificate serial: 019B3D239305397BD7FF9160D1A85CAEB39E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zmdqMChOFLAsxt2qA053VAbkYaY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/b8605a-2136-4389-a405-ea606570946a/1/zmdqMChOFLAsxt2qA053VAbkYaY.mft Manifest number: 0B21 Signing time: Sat 20 Dec 2025 19:01:40 +0000 Manifest this update: Sat 20 Dec 2025 19:01:40 +0000 Manifest next update: Sun 21 Dec 2025 19:01:40 +0000 Files and hashes: 1: CXaycMVQIz4mD7AGkHky2lc1t_E.roa (hash: XQ8QKr5tV5GANcYht5PHTQQD2/hz4d9yrWShPJMOBBM=) 2: zmdqMChOFLAsxt2qA053VAbkYaY.crl (hash: /P1cpA+FwKsb3+YqTm5my7+V+ASZ9+V0xWaSqCP/85w=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/b8605a-2136-4389-a405-ea606570946a/1/zmdqMChOFLAsxt2qA053VAbkYaY.crl rsync://rpki.ripe.net/repository/DEFAULT/bd/b8605a-2136-4389-a405-ea606570946a/1/zmdqMChOFLAsxt2qA053VAbkYaY.mft rsync://rpki.ripe.net/repository/DEFAULT/zmdqMChOFLAsxt2qA053VAbkYaY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 19:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3d:23:93:05:39:7b:d7:ff:91:60:d1:a8:5c:ae:b3:9e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ce676a30284e14b02cc6ddaa034e775406e461a6 Validity Not Before: Dec 20 19:01:40 2025 GMT Not After : Dec 21 19:01:40 2025 GMT Subject: CN=b0a9f682c5553ac2d89d489c8df67fef29dd670c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:1c:40:b9:f3:c7:5d:90:40:e5:15:6c:5a:aa: 45:05:73:2e:f9:24:6f:b9:71:b9:c7:61:7c:76:03: 4a:85:8c:70:c7:43:b7:fb:ae:4b:b9:eb:b0:59:f3: 6c:1f:cd:18:97:fc:b8:87:4d:fa:85:f7:fb:2c:ce: f5:a8:74:39:30:88:be:2b:02:fe:51:a3:13:c5:bc: 9c:f7:6f:34:3e:7a:97:d2:eb:05:d6:db:6b:4e:cd: 87:ad:f9:1a:01:87:0d:34:68:0b:1a:aa:c6:a8:e4: 1c:fb:be:ab:a1:24:c7:21:1b:26:ce:57:7c:9b:4b: 54:cd:0e:3a:c2:09:e5:e9:15:61:7a:cf:39:b6:a7: f8:50:8f:10:75:2c:71:ff:82:c8:7f:7f:5d:b8:b1: 40:f2:f3:e4:d6:f8:f8:9d:89:dc:be:85:5e:8d:46: af:30:0a:54:aa:34:16:4c:2d:ca:2c:11:6a:00:be: d7:91:60:38:ab:7e:2b:54:cd:dc:62:15:7c:b8:e9: a9:18:19:2c:19:ad:dc:73:c4:68:fe:c6:53:c7:47: b6:12:7d:45:90:5c:75:4f:ba:f0:86:68:1f:13:6b: 54:0c:fc:52:59:76:0a:e4:39:3b:05:75:f0:5a:e6: 4a:3f:07:af:0c:4c:c7:fb:a1:27:29:23:7f:5b:9e: b0:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B0:A9:F6:82:C5:55:3A:C2:D8:9D:48:9C:8D:F6:7F:EF:29:DD:67:0C X509v3 Authority Key Identifier: keyid:CE:67:6A:30:28:4E:14:B0:2C:C6:DD:AA:03:4E:77:54:06:E4:61:A6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zmdqMChOFLAsxt2qA053VAbkYaY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/b8605a-2136-4389-a405-ea606570946a/1/zmdqMChOFLAsxt2qA053VAbkYaY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/b8605a-2136-4389-a405-ea606570946a/1/zmdqMChOFLAsxt2qA053VAbkYaY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 23:f6:e2:97:16:c0:2c:00:cd:c3:9d:96:5e:b0:e2:d8:2b:9c: 9a:65:92:ca:f5:74:22:f9:1f:f6:b5:73:a5:13:65:8c:67:c0: ec:9a:f7:59:fe:5a:c5:62:6a:d9:72:20:9f:0b:6d:93:ef:99: c8:84:80:00:dd:cc:21:1d:31:dc:d2:44:6e:c8:0a:6c:53:2c: 11:bc:08:bb:20:1e:ea:c7:31:56:20:ed:53:98:23:04:1a:5b: 60:21:c5:2e:42:fc:4e:20:ca:2b:54:9c:46:73:e6:b8:0a:8b: 11:94:ae:1f:75:1f:0e:67:fd:60:1e:56:f2:f9:80:1b:04:70: a1:ed:bb:fb:33:7e:6a:c6:f5:71:90:18:63:e4:2e:8f:55:0c: cc:1a:21:f5:c3:8a:50:6b:e9:bc:4f:ba:17:3d:ca:f6:22:5b: ec:aa:da:6a:5e:89:10:1c:81:b7:55:4f:6d:1a:8c:0b:1a:25: c3:21:3a:31:4b:90:3c:55:30:e3:83:c1:2f:14:04:35:d3:28: d1:84:d8:5e:5d:0f:25:6e:55:6f:bf:93:39:23:80:92:ba:70: eb:ad:60:25:33:98:03:98:cd:8b:0c:d7:bb:85:eb:b9:e8:c8: 70:23:ac:8f:f3:12:6e:68:49:f9:8e:2e:a6:0c:a9:4d:60:e6: 79:49:dd:28 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs9I5MFOXvX/5Fg0ahcrrOeMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNlNjc2YTMwMjg0ZTE0YjAyY2M2ZGRhYTAzNGU3NzU0MDZl NDYxYTYwHhcNMjUxMjIwMTkwMTQwWhcNMjUxMjIxMTkwMTQwWjAzMTEwLwYDVQQD EyhiMGE5ZjY4MmM1NTUzYWMyZDg5ZDQ4OWM4ZGY2N2ZlZjI5ZGQ2NzBjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqBxAufPHXZBA5RVsWqpFBXMu+SRv uXG5x2F8dgNKhYxwx0O3+65LueuwWfNsH80Yl/y4h036hff7LM71qHQ5MIi+KwL+ UaMTxbyc9280PnqX0usF1ttrTs2HrfkaAYcNNGgLGqrGqOQc+76roSTHIRsmzld8 m0tUzQ46wgnl6RVhes85tqf4UI8QdSxx/4LIf39duLFA8vPk1vj4nYncvoVejUav MApUqjQWTC3KLBFqAL7XkWA4q34rVM3cYhV8uOmpGBksGa3cc8Ro/sZTx0e2En1F kFx1T7rwhmgfE2tUDPxSWXYK5Dk7BXXwWuZKPwevDEzH+6EnKSN/W56wFwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLCp9oLFVTrC2J1InI32f+8p3WcMMB8GA1UdIwQY MBaAFM5najAoThSwLMbdqgNOd1QG5GGmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvem1kcU1DaE9GTEFzeHQycUEwNTNWQWJrWWFZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9iODYwNWEtMjEzNi00Mzg5LWE0MDUt ZWE2MDY1NzA5NDZhLzEvem1kcU1DaE9GTEFzeHQycUEwNTNWQWJrWWFZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iZC9iODYwNWEtMjEzNi00Mzg5LWE0MDUtZWE2MDY1NzA5NDZh LzEvem1kcU1DaE9GTEFzeHQycUEwNTNWQWJrWWFZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAI/bilxbA LADNw52WXrDi2CucmmWSyvV0Ivkf9rVzpRNljGfA7Jr3Wf5axWJq2XIgnwttk++Z yISAAN3MIR0x3NJEbsgKbFMsEbwIuyAe6scxViDtU5gjBBpbYCHFLkL8TiDKK1Sc RnPmuAqLEZSuH3UfDmf9YB5W8vmAGwRwoe27+zN+asb1cZAYY+Quj1UMzBoh9cOK UGvpvE+6Fz3K9iJb7Kraal6JEByBt1VPbRqMCxolwyE6MUuQPFUw44PBLxQENdMo 0YTYXl0PJW5Vb7+TOSOAkrpw661gJTOYA5jNiwzXu4XruejIcCOsj/MSbmhJ+Y4u pgypTWDmeUndKA== -----END CERTIFICATE-----Generated at Sun Dec 21 02:20:21 2025 by rpki-client