This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/944f2a-f673-42bf-9e3d-edcef7451ef4/1/zUBlln3sCStfyQFS5KlTObodIok.mft File: zUBlln3sCStfyQFS5KlTObodIok.mft (raw, json) Hash identifier: zttsiCh2A4ZDjEARrF0BI3WU6CGLg5EUrGM3Ptt5KyQ= Subject key identifier: 63:5F:15:D2:1D:34:4A:E9:9F:23:F8:B6:5A:FE:C1:31:A6:51:88:15 Authority key identifier: CD:40:65:96:7D:EC:09:2B:5F:C9:01:52:E4:A9:53:39:BA:1D:22:89 Certificate issuer: /CN=cd4065967dec092b5fc90152e4a95339ba1d2289 Certificate serial: 019AF3F723DC279C08F1AC068896D73B9ACC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zUBlln3sCStfyQFS5KlTObodIok.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/944f2a-f673-42bf-9e3d-edcef7451ef4/1/zUBlln3sCStfyQFS5KlTObodIok.mft Manifest number: 0DB8 Signing time: Sat 06 Dec 2025 14:00:51 +0000 Manifest this update: Sat 06 Dec 2025 14:00:51 +0000 Manifest next update: Sun 07 Dec 2025 14:00:51 +0000 Files and hashes: 1: O_Eyba2hWiJ1G1yko5jMVf-Hi74.roa (hash: 6Ep9rh8riGcgqLK1eN8d8mtWbuCz5+WFjzg4sxJvKMw=) 2: zUBlln3sCStfyQFS5KlTObodIok.crl (hash: PONecMCzMr/ZXbwY0oiRuoCqnIcfBOWVDH9bFmQChPk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/944f2a-f673-42bf-9e3d-edcef7451ef4/1/zUBlln3sCStfyQFS5KlTObodIok.crl rsync://rpki.ripe.net/repository/DEFAULT/c5/944f2a-f673-42bf-9e3d-edcef7451ef4/1/zUBlln3sCStfyQFS5KlTObodIok.mft rsync://rpki.ripe.net/repository/DEFAULT/zUBlln3sCStfyQFS5KlTObodIok.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:f7:23:dc:27:9c:08:f1:ac:06:88:96:d7:3b:9a:cc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cd4065967dec092b5fc90152e4a95339ba1d2289 Validity Not Before: Dec 6 14:00:51 2025 GMT Not After : Dec 7 14:00:51 2025 GMT Subject: CN=635f15d21d344ae99f23f8b65afec131a6518815 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:d7:8d:1c:eb:02:11:61:d0:04:e7:74:f4:d1: 79:38:55:db:24:b0:96:10:4e:80:14:f7:b0:ff:a2: 38:d3:ff:4c:6b:0f:2a:fa:4a:ac:1b:91:72:b2:e7: d7:e0:47:54:80:86:8e:c0:e5:00:5b:18:53:3c:02: 6c:11:3a:76:8f:94:11:41:88:a6:dd:25:da:0b:6e: 46:91:bb:4f:f0:89:0c:99:94:ef:8d:d2:dd:a2:0d: 2b:4f:dd:db:4a:60:05:f6:3c:de:06:70:01:70:c0: a0:bf:eb:b9:66:ec:42:a3:ec:34:0c:7f:06:ce:40: 84:bc:3b:23:9f:47:56:f8:f6:1c:10:ae:77:ce:e5: e9:1c:c6:f6:1c:c5:ee:d1:7c:1f:a8:17:ad:6d:b0: bf:bd:c4:62:9b:b2:fd:ab:53:24:16:4d:8b:14:22: b1:ff:04:2e:f3:46:57:ab:60:eb:e2:d7:48:0e:76: 90:7b:46:d1:b0:52:5a:06:7e:68:89:b1:95:ff:b4: 25:0c:75:e5:6d:16:ce:15:82:6a:c7:4e:cb:c2:63: 30:6b:d6:a9:55:ec:b9:89:7f:d1:83:0f:3d:a6:b0: fe:6d:36:e0:6f:7f:42:d8:2b:f7:3f:b4:f0:9e:83: 36:25:d5:f3:11:c2:5f:0d:98:6a:90:4d:3f:32:35: 46:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 63:5F:15:D2:1D:34:4A:E9:9F:23:F8:B6:5A:FE:C1:31:A6:51:88:15 X509v3 Authority Key Identifier: keyid:CD:40:65:96:7D:EC:09:2B:5F:C9:01:52:E4:A9:53:39:BA:1D:22:89 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zUBlln3sCStfyQFS5KlTObodIok.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/944f2a-f673-42bf-9e3d-edcef7451ef4/1/zUBlln3sCStfyQFS5KlTObodIok.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/944f2a-f673-42bf-9e3d-edcef7451ef4/1/zUBlln3sCStfyQFS5KlTObodIok.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a6:ee:05:31:2a:47:1a:41:7c:f6:40:83:0d:06:f6:a8:94:40: 33:0b:80:85:de:72:f2:3b:d8:43:6a:ab:7a:13:8d:20:27:09: 73:63:eb:87:ce:5d:3e:70:95:ae:62:c7:e8:ad:03:c3:79:31: f2:72:c1:23:f4:d2:45:82:f9:3d:cc:82:50:3c:b0:73:a5:42: 19:aa:78:e0:a2:16:7c:5d:99:55:7d:de:e8:18:72:ab:20:14: 41:2e:ad:fc:e4:6e:33:ee:a7:f8:f4:d2:80:ef:1f:a7:a9:d0: 00:80:44:f0:86:64:06:d9:3b:d7:35:98:c1:de:8e:66:58:eb: 21:15:e2:ce:8f:e7:12:9e:7d:bb:e7:09:5f:1f:ef:35:20:d6: 9c:b9:84:1e:68:e9:6f:12:c1:a9:00:75:21:88:34:c5:d6:2d: 3b:a7:5f:c5:97:d0:32:b3:75:30:01:fc:3c:18:8a:04:6c:73: e8:3e:19:05:50:15:ab:a4:59:4c:5b:28:20:05:b6:1d:6f:d1: c4:ba:68:4b:8d:3b:b3:f5:39:b5:c2:d7:c3:97:c7:56:1a:01: 38:de:5c:64:d8:38:84:43:8e:96:e0:8d:4a:d1:3e:a0:19:65: 9d:6e:6b:d0:bd:60:42:e6:e7:0d:24:f9:fc:f8:83:ab:40:1f: 6e:1d:f8:4f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrz9yPcJ5wI8awGiJbXO5rMMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNkNDA2NTk2N2RlYzA5MmI1ZmM5MDE1MmU0YTk1MzM5YmEx ZDIyODkwHhcNMjUxMjA2MTQwMDUxWhcNMjUxMjA3MTQwMDUxWjAzMTEwLwYDVQQD Eyg2MzVmMTVkMjFkMzQ0YWU5OWYyM2Y4YjY1YWZlYzEzMWE2NTE4ODE1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvteNHOsCEWHQBOd09NF5OFXbJLCW EE6AFPew/6I40/9Maw8q+kqsG5FysufX4EdUgIaOwOUAWxhTPAJsETp2j5QRQYim 3SXaC25GkbtP8IkMmZTvjdLdog0rT93bSmAF9jzeBnABcMCgv+u5ZuxCo+w0DH8G zkCEvDsjn0dW+PYcEK53zuXpHMb2HMXu0XwfqBetbbC/vcRim7L9q1MkFk2LFCKx /wQu80ZXq2Dr4tdIDnaQe0bRsFJaBn5oibGV/7QlDHXlbRbOFYJqx07LwmMwa9ap Vey5iX/Rgw89prD+bTbgb39C2Cv3P7TwnoM2JdXzEcJfDZhqkE0/MjVGXwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGNfFdIdNErpnyP4tlr+wTGmUYgVMB8GA1UdIwQY MBaAFM1AZZZ97AkrX8kBUuSpUzm6HSKJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvelVCbGxuM3NDU3RmeVFGUzVLbFRPYm9kSW9rLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS85NDRmMmEtZjY3My00MmJmLTllM2Qt ZWRjZWY3NDUxZWY0LzEvelVCbGxuM3NDU3RmeVFGUzVLbFRPYm9kSW9rLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jNS85NDRmMmEtZjY3My00MmJmLTllM2QtZWRjZWY3NDUxZWY0 LzEvelVCbGxuM3NDU3RmeVFGUzVLbFRPYm9kSW9rLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApu4FMSpH GkF89kCDDQb2qJRAMwuAhd5y8jvYQ2qrehONICcJc2Prh85dPnCVrmLH6K0Dw3kx 8nLBI/TSRYL5PcyCUDywc6VCGap44KIWfF2ZVX3e6BhyqyAUQS6t/ORuM+6n+PTS gO8fp6nQAIBE8IZkBtk71zWYwd6OZljrIRXizo/nEp59u+cJXx/vNSDWnLmEHmjp bxLBqQB1IYg0xdYtO6dfxZfQMrN1MAH8PBiKBGxz6D4ZBVAVq6RZTFsoIAW2HW/R xLpoS407s/U5tcLXw5fHVhoBON5cZNg4hEOOluCNStE+oBllnW5r0L1gQubnDST5 /PiDq0Afbh34Tw== -----END CERTIFICATE-----Generated at Sat Dec 6 22:56:25 2025 by rpki-client