This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/8308ff-fec8-48cb-9485-563c10dec80d/1/ZAD5U62_21K3iBX-z8DozeCXYsM.mft File: ZAD5U62_21K3iBX-z8DozeCXYsM.mft (raw, json) Hash identifier: c1KCyzTOfqsPI9j4DpVs2hIeQmz1Sa+MZli/CXPJASU= Subject key identifier: 20:BA:18:D3:CC:D1:1F:D9:70:70:C2:1E:17:DC:4C:C3:C9:4E:C8:B2 Authority key identifier: 64:00:F9:53:AD:BF:DB:52:B7:88:15:FE:CF:C0:E8:CD:E0:97:62:C3 Certificate issuer: /CN=6400f953adbfdb52b78815fecfc0e8cde09762c3 Certificate serial: 019AF12E7F82F3AFC7BE587CD881A2D6A6D1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZAD5U62_21K3iBX-z8DozeCXYsM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/8308ff-fec8-48cb-9485-563c10dec80d/1/ZAD5U62_21K3iBX-z8DozeCXYsM.mft Manifest number: 1250 Signing time: Sat 06 Dec 2025 01:02:27 +0000 Manifest this update: Sat 06 Dec 2025 01:02:27 +0000 Manifest next update: Sun 07 Dec 2025 01:02:27 +0000 Files and hashes: 1: ZAD5U62_21K3iBX-z8DozeCXYsM.crl (hash: 3ngD6Nl+ACMV3KyN3skyTd1dy0LQWrvB/VgxaRomQLY=) 2: v8jGZZ2sPrkxPTZ3eZtK4NYbA6E.roa (hash: 0l4hT05AEA8nsr6nY5F6IkEiZ/ck5kp606jyOTBkkrA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/8308ff-fec8-48cb-9485-563c10dec80d/1/ZAD5U62_21K3iBX-z8DozeCXYsM.crl rsync://rpki.ripe.net/repository/DEFAULT/e8/8308ff-fec8-48cb-9485-563c10dec80d/1/ZAD5U62_21K3iBX-z8DozeCXYsM.mft rsync://rpki.ripe.net/repository/DEFAULT/ZAD5U62_21K3iBX-z8DozeCXYsM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:02:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2e:7f:82:f3:af:c7:be:58:7c:d8:81:a2:d6:a6:d1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6400f953adbfdb52b78815fecfc0e8cde09762c3 Validity Not Before: Dec 6 01:02:27 2025 GMT Not After : Dec 7 01:02:27 2025 GMT Subject: CN=20ba18d3ccd11fd97070c21e17dc4cc3c94ec8b2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:9e:76:0a:0d:46:62:f5:a2:c9:94:97:df:12: 64:b9:b9:ed:ed:e2:48:da:28:60:ea:12:30:49:19: e0:89:5a:a2:82:a4:1f:49:95:8d:ba:b2:c5:e8:f7: 03:ff:1c:4d:7d:21:de:93:82:53:6c:df:42:7e:ee: ee:63:ad:5d:00:a6:2e:40:73:b8:1e:ca:4f:b9:63: 79:f3:bd:20:25:35:b8:bb:b2:8b:17:8b:4c:ff:4e: 8a:28:c1:16:8e:b0:96:b9:46:7b:9e:06:1d:a0:20: 75:4f:00:ab:47:eb:d0:cc:d3:a6:bc:0d:a5:54:6e: 77:8b:cd:20:3b:83:1a:98:53:ae:d7:33:c3:6e:1e: 77:1b:a4:e4:82:b3:6c:ca:e4:72:bf:2d:31:37:41: 18:e6:3f:f1:c8:3f:ab:74:d5:ab:71:1a:9a:be:25: 4b:54:d0:b5:5c:eb:15:00:3a:b3:f1:62:8e:cb:d5: fc:5c:b1:8f:6b:92:03:8f:6c:29:20:6c:25:f3:5a: 5b:7f:04:f1:65:18:87:12:e6:b3:3e:63:33:0f:d3: 8e:c2:c7:04:bb:4a:3e:5c:a3:50:f7:82:1c:a5:1b: 2b:11:27:90:7f:8b:12:b0:a6:3e:24:9e:31:d0:c2: 2f:bd:e4:e0:bf:8c:06:24:af:b0:99:30:98:a9:43: f8:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:BA:18:D3:CC:D1:1F:D9:70:70:C2:1E:17:DC:4C:C3:C9:4E:C8:B2 X509v3 Authority Key Identifier: keyid:64:00:F9:53:AD:BF:DB:52:B7:88:15:FE:CF:C0:E8:CD:E0:97:62:C3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZAD5U62_21K3iBX-z8DozeCXYsM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/8308ff-fec8-48cb-9485-563c10dec80d/1/ZAD5U62_21K3iBX-z8DozeCXYsM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/8308ff-fec8-48cb-9485-563c10dec80d/1/ZAD5U62_21K3iBX-z8DozeCXYsM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 96:c2:2e:1c:4d:19:5f:2a:c1:d0:57:1b:53:a4:8b:d2:48:d5: 60:c9:82:30:9e:58:08:00:1c:8a:ff:2a:52:e0:ae:70:ab:97: e2:4c:d9:e7:36:57:20:9c:81:68:6e:ae:30:7f:96:f1:8d:1a: 3d:74:46:26:7d:03:f0:53:8c:91:d8:0d:36:e3:d4:3a:5b:7a: 8b:36:f0:47:b3:63:5b:c5:c7:fe:97:20:7c:0d:68:34:32:8f: ac:9f:85:5a:28:d8:24:b3:ff:6c:1a:67:3a:be:cc:48:8d:8e: b4:ba:1b:94:2d:5f:2e:f1:66:1f:64:c9:8e:33:13:68:19:a4: c0:da:86:db:88:d3:e6:87:5e:d9:0c:3a:fd:02:57:3a:ff:88: 20:7f:67:70:17:79:45:aa:0b:b3:55:ad:ea:ee:48:b8:c1:31: e8:a9:5a:90:c6:57:40:77:62:64:21:b8:27:12:6b:d2:97:e2: 19:fa:a3:35:cd:66:37:35:61:9d:f1:d3:be:37:d1:d5:0e:0b: 46:2c:c5:db:8a:96:75:af:42:d9:70:e2:d1:bd:67:f3:04:29: e1:f9:96:27:46:b9:8e:ea:1e:cf:da:0f:a6:72:b2:fe:38:df: e8:17:eb:cc:6c:71:8d:ac:8c:0b:6e:c5:19:c7:e6:10:ac:08: 81:ac:cc:d6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLn+C86/Hvlh82IGi1qbRMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY0MDBmOTUzYWRiZmRiNTJiNzg4MTVmZWNmYzBlOGNkZTA5 NzYyYzMwHhcNMjUxMjA2MDEwMjI3WhcNMjUxMjA3MDEwMjI3WjAzMTEwLwYDVQQD EygyMGJhMThkM2NjZDExZmQ5NzA3MGMyMWUxN2RjNGNjM2M5NGVjOGIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsJ52Cg1GYvWiyZSX3xJkubnt7eJI 2ihg6hIwSRngiVqigqQfSZWNurLF6PcD/xxNfSHek4JTbN9Cfu7uY61dAKYuQHO4 HspPuWN5870gJTW4u7KLF4tM/06KKMEWjrCWuUZ7ngYdoCB1TwCrR+vQzNOmvA2l VG53i80gO4MamFOu1zPDbh53G6TkgrNsyuRyvy0xN0EY5j/xyD+rdNWrcRqaviVL VNC1XOsVADqz8WKOy9X8XLGPa5IDj2wpIGwl81pbfwTxZRiHEuazPmMzD9OOwscE u0o+XKNQ94IcpRsrESeQf4sSsKY+JJ4x0MIvveTgv4wGJK+wmTCYqUP4fwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCC6GNPM0R/ZcHDCHhfcTMPJTsiyMB8GA1UdIwQY MBaAFGQA+VOtv9tSt4gV/s/A6M3gl2LDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWkFENVU2Ml8yMUszaUJYLXo4RG96ZUNYWXNNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC84MzA4ZmYtZmVjOC00OGNiLTk0ODUt NTYzYzEwZGVjODBkLzEvWkFENVU2Ml8yMUszaUJYLXo4RG96ZUNYWXNNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lOC84MzA4ZmYtZmVjOC00OGNiLTk0ODUtNTYzYzEwZGVjODBk LzEvWkFENVU2Ml8yMUszaUJYLXo4RG96ZUNYWXNNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlsIuHE0Z XyrB0FcbU6SL0kjVYMmCMJ5YCAAciv8qUuCucKuX4kzZ5zZXIJyBaG6uMH+W8Y0a PXRGJn0D8FOMkdgNNuPUOlt6izbwR7NjW8XH/pcgfA1oNDKPrJ+FWijYJLP/bBpn Or7MSI2OtLoblC1fLvFmH2TJjjMTaBmkwNqG24jT5ode2Qw6/QJXOv+IIH9ncBd5 RaoLs1Wt6u5IuMEx6KlakMZXQHdiZCG4JxJr0pfiGfqjNc1mNzVhnfHTvjfR1Q4L RizF24qWda9C2XDi0b1n8wQp4fmWJ0a5juoez9oPpnKy/jjf6BfrzGxxjayMC27F GcfmEKwIgazM1g== -----END CERTIFICATE-----Generated at Sat Dec 6 09:15:17 2025 by rpki-client