This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.mft File: zo2SrOCAEcTQrsjyKGVxW9kaASI.mft (raw, json) Hash identifier: nN/8PNw5/alCbGCCKj2Uol6JzNjKVwA1uju71f+rItI= Subject key identifier: 01:33:E9:48:4E:BD:82:9E:F7:DC:27:E0:32:77:CE:C3:5F:DA:CD:8A Authority key identifier: CE:8D:92:AC:E0:80:11:C4:D0:AE:C8:F2:28:65:71:5B:D9:1A:01:22 Certificate issuer: /CN=ce8d92ace08011c4d0aec8f22865715bd91a0122 Certificate serial: 019AF23F7B4D4AA7AFC88AEC3A826227A72A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zo2SrOCAEcTQrsjyKGVxW9kaASI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.mft Manifest number: 1762 Signing time: Sat 06 Dec 2025 06:00:37 +0000 Manifest this update: Sat 06 Dec 2025 06:00:37 +0000 Manifest next update: Sun 07 Dec 2025 06:00:37 +0000 Files and hashes: 1: c9T1Kx5A7nWBX74YKnmxrK2YxWk.roa (hash: z4gK4/Y9ltoru7dKh2/m8n1YWOzp0cICAUx0PffNJmo=) 2: zo2SrOCAEcTQrsjyKGVxW9kaASI.crl (hash: rv8xkp8Z6d88xGpoIVOgLMQqoTzAeN99cFvMm0DQZlc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.crl rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.mft rsync://rpki.ripe.net/repository/DEFAULT/zo2SrOCAEcTQrsjyKGVxW9kaASI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:3f:7b:4d:4a:a7:af:c8:8a:ec:3a:82:62:27:a7:2a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ce8d92ace08011c4d0aec8f22865715bd91a0122 Validity Not Before: Dec 6 06:00:37 2025 GMT Not After : Dec 7 06:00:37 2025 GMT Subject: CN=0133e9484ebd829ef7dc27e03277cec35fdacd8a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:3e:05:a4:bc:9e:25:c9:a6:6d:32:42:e6:c9: 9b:6e:97:7d:b5:75:6d:89:f9:98:94:57:97:1d:34: 13:da:20:49:82:c6:81:98:82:f5:ed:b5:1e:bb:5f: 76:c1:09:ff:d2:2a:8d:93:cc:2f:81:11:3d:da:9a: 73:d8:8c:c5:0d:9b:3a:75:6b:40:0d:62:78:3a:92: dc:e9:f0:78:e7:b2:cc:2e:37:92:e0:a4:36:c7:16: 52:e3:a6:98:c3:07:a5:b1:49:f8:99:fc:6f:bd:77: ef:c1:87:a4:1b:37:bf:26:58:d0:b3:ab:76:bd:9b: 7c:f8:41:63:01:c4:5b:e0:56:da:35:4b:29:f8:33: 2d:ca:75:67:6c:64:49:00:8f:33:dc:3b:62:84:eb: b4:c7:7d:1a:55:f0:47:53:f4:b8:61:29:51:54:26: a1:29:f8:53:ca:d9:de:d1:2c:04:42:9c:79:32:2d: 71:1b:b8:a3:6b:38:ab:75:50:69:d3:08:f6:b8:8a: 48:89:ee:10:c6:cc:61:7e:45:72:63:4c:2e:e6:91: 83:d0:d1:6a:65:77:9b:ec:11:1c:ac:ec:c8:c3:36: 98:90:a6:1a:f7:6d:fa:35:06:60:4e:af:c4:b9:07: a8:36:ca:47:11:69:9b:68:c4:07:94:6d:48:54:21: 0b:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 01:33:E9:48:4E:BD:82:9E:F7:DC:27:E0:32:77:CE:C3:5F:DA:CD:8A X509v3 Authority Key Identifier: keyid:CE:8D:92:AC:E0:80:11:C4:D0:AE:C8:F2:28:65:71:5B:D9:1A:01:22 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zo2SrOCAEcTQrsjyKGVxW9kaASI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a0:10:d1:86:bd:69:c3:01:b1:57:37:cb:23:55:ff:73:88:aa: 7b:e4:be:ae:28:7c:21:94:bf:fb:3b:38:54:60:d1:05:87:59: cc:86:67:00:1b:7d:96:91:d4:98:8b:84:98:bf:a9:8a:2d:82: bc:66:b3:9b:e8:bc:33:da:3f:1c:6a:ff:c7:af:5c:80:8c:f3: 7c:68:6b:c9:16:2d:a6:fa:71:41:b6:5e:69:a6:2f:84:25:f0: e7:b5:cb:75:58:fc:53:c9:28:bd:ce:d5:fa:bb:dc:e2:d0:ad: 1e:34:8b:b3:24:b9:b8:9f:08:27:07:b3:38:61:86:d0:7b:f9: a2:53:54:27:a9:1a:65:f1:fb:97:25:06:22:a5:47:41:4f:6e: b6:e7:59:60:26:d2:c8:ed:ce:ef:48:e9:e8:a2:d9:cc:f5:41: c1:43:3a:c7:01:aa:d7:e7:7e:3b:64:fa:91:73:59:ee:e3:e7: bf:84:bc:b4:4e:67:d0:31:a4:6e:45:63:8c:f9:13:a6:5b:8d: 47:09:16:1d:13:9e:f9:c9:07:4b:d3:68:1f:47:e5:69:20:b5: a3:5f:3e:db:ae:c1:81:51:1a:ce:78:5f:13:9b:0e:16:5b:59: 5a:09:0a:27:2f:01:20:1b:b5:9d:e5:3f:87:4e:f5:dd:37:14: 08:4d:11:b5 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryP3tNSqevyIrsOoJiJ6cqMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNlOGQ5MmFjZTA4MDExYzRkMGFlYzhmMjI4NjU3MTViZDkx YTAxMjIwHhcNMjUxMjA2MDYwMDM3WhcNMjUxMjA3MDYwMDM3WjAzMTEwLwYDVQQD EygwMTMzZTk0ODRlYmQ4MjllZjdkYzI3ZTAzMjc3Y2VjMzVmZGFjZDhhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4T4FpLyeJcmmbTJC5smbbpd9tXVt ifmYlFeXHTQT2iBJgsaBmIL17bUeu192wQn/0iqNk8wvgRE92ppz2IzFDZs6dWtA DWJ4OpLc6fB457LMLjeS4KQ2xxZS46aYwwelsUn4mfxvvXfvwYekGze/JljQs6t2 vZt8+EFjAcRb4FbaNUsp+DMtynVnbGRJAI8z3DtihOu0x30aVfBHU/S4YSlRVCah KfhTytne0SwEQpx5Mi1xG7ijazirdVBp0wj2uIpIie4QxsxhfkVyY0wu5pGD0NFq ZXeb7BEcrOzIwzaYkKYa9236NQZgTq/EuQeoNspHEWmbaMQHlG1IVCELNwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAEz6UhOvYKe99wn4DJ3zsNf2s2KMB8GA1UdIwQY MBaAFM6NkqzggBHE0K7I8ihlcVvZGgEiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvem8yU3JPQ0FFY1RRcnNqeUtHVnhXOWthQVNJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS8xNDNkMGItNzc1NS00MjUwLThhOGMt NTQ1NDQ5ZTQ5ZjczLzEvem8yU3JPQ0FFY1RRcnNqeUtHVnhXOWthQVNJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMS8xNDNkMGItNzc1NS00MjUwLThhOGMtNTQ1NDQ5ZTQ5Zjcz LzEvem8yU3JPQ0FFY1RRcnNqeUtHVnhXOWthQVNJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoBDRhr1p wwGxVzfLI1X/c4iqe+S+rih8IZS/+zs4VGDRBYdZzIZnABt9lpHUmIuEmL+pii2C vGazm+i8M9o/HGr/x69cgIzzfGhryRYtpvpxQbZeaaYvhCXw57XLdVj8U8kovc7V +rvc4tCtHjSLsyS5uJ8IJwezOGGG0Hv5olNUJ6kaZfH7lyUGIqVHQU9utudZYCbS yO3O70jp6KLZzPVBwUM6xwGq1+d+O2T6kXNZ7uPnv4S8tE5n0DGkbkVjjPkTpluN RwkWHROe+ckHS9NoH0flaSC1o18+267BgVEaznhfE5sOFltZWgkKJy8BIBu1neU/ h0713TcUCE0RtQ== -----END CERTIFICATE-----Generated at Sat Dec 6 07:22:06 2025 by rpki-client