This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/299caa-8ccd-49c1-9029-8804dad780a1/1/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.mft File: ZM8e6QZTt7gU1rVFlJvZTd4PxqE.mft (raw, json) Hash identifier: dESW96xPOkv9Y0lmIWT5bKKPnZTitFVZpErA6GBB5Bs= Subject key identifier: F9:B3:EC:42:BE:49:2E:B5:12:7C:2B:D7:F6:49:C3:B9:02:9B:1E:71 Authority key identifier: 64:CF:1E:E9:06:53:B7:B8:14:D6:B5:45:94:9B:D9:4D:DE:0F:C6:A1 Certificate issuer: /CN=64cf1ee90653b7b814d6b545949bd94dde0fc6a1 Certificate serial: 019AF3C05835AAA4B875317B929CF017452C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/299caa-8ccd-49c1-9029-8804dad780a1/1/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.mft Manifest number: 02E5 Signing time: Sat 06 Dec 2025 13:01:00 +0000 Manifest this update: Sat 06 Dec 2025 13:01:00 +0000 Manifest next update: Sun 07 Dec 2025 13:01:00 +0000 Files and hashes: 1: 6w-yXh1-tMAIvo8oiWeiA5ImsoE.roa (hash: I2XmgPmlr8AeGcV748BNU3DKlg3Epa3bbBrXS+lzrBo=) 2: ZM8e6QZTt7gU1rVFlJvZTd4PxqE.crl (hash: +QEbOHIP5EuP6dBRy1d1dF/Mzsx3WSB8md874eOzMfw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/299caa-8ccd-49c1-9029-8804dad780a1/1/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.crl rsync://rpki.ripe.net/repository/DEFAULT/e9/299caa-8ccd-49c1-9029-8804dad780a1/1/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.mft rsync://rpki.ripe.net/repository/DEFAULT/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:01:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:c0:58:35:aa:a4:b8:75:31:7b:92:9c:f0:17:45:2c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=64cf1ee90653b7b814d6b545949bd94dde0fc6a1 Validity Not Before: Dec 6 13:01:00 2025 GMT Not After : Dec 7 13:01:00 2025 GMT Subject: CN=f9b3ec42be492eb5127c2bd7f649c3b9029b1e71 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:51:3e:1b:53:3b:3f:83:fb:f5:d5:3e:93:b1: 74:ba:12:78:2c:4e:aa:ee:b5:96:c5:a9:d8:b6:92: cb:62:ec:94:08:0d:c8:9a:3f:6f:da:ce:81:e5:b4: c8:29:f7:65:cf:40:12:0f:56:0c:0d:6f:7e:c4:26: 33:68:0a:26:a2:66:7b:8b:80:6f:0c:c1:01:d1:b4: 5e:31:ed:ae:ca:23:49:15:29:87:a7:6f:9d:90:b8: 9e:65:03:a9:b9:3f:67:56:e5:e3:46:90:20:93:f4: c0:cd:12:3c:7f:1e:6b:3d:30:00:b9:89:8b:68:e2: 90:26:4f:f6:9d:40:84:4c:13:ea:a4:b5:bc:3d:68: e8:b9:9d:d4:f7:d8:be:fe:46:ec:32:45:19:b2:c1: b8:0b:4d:ac:8d:f9:9a:13:de:93:3b:c4:37:40:ee: f3:80:98:52:f1:3f:24:c2:10:1e:aa:2c:9a:c2:3f: 9a:70:26:1f:3d:00:ec:d2:ab:5d:d0:77:9a:61:ea: 3d:db:f4:20:52:d5:10:14:62:3a:70:2b:32:20:db: e0:be:c8:0f:41:99:ae:6f:a5:ca:f2:06:4f:5f:d8: 3e:20:c1:b1:41:84:3b:1b:6f:3b:c8:c0:82:ba:f9: cd:2c:e7:92:ef:66:23:48:b2:2f:85:55:e2:d0:15: cd:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F9:B3:EC:42:BE:49:2E:B5:12:7C:2B:D7:F6:49:C3:B9:02:9B:1E:71 X509v3 Authority Key Identifier: keyid:64:CF:1E:E9:06:53:B7:B8:14:D6:B5:45:94:9B:D9:4D:DE:0F:C6:A1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/299caa-8ccd-49c1-9029-8804dad780a1/1/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/299caa-8ccd-49c1-9029-8804dad780a1/1/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3c:00:e1:51:ce:cf:3d:18:df:06:b2:4d:cf:86:ac:72:21:9f: 16:d7:ce:14:5a:b5:5f:af:f3:c9:98:4b:e8:c4:df:fa:d9:06: ee:97:a2:58:72:3b:8a:05:f3:78:2c:c1:75:86:ce:2b:6d:bb: ad:82:fa:3a:45:b1:f0:a4:27:10:40:65:a6:12:41:58:41:74: e4:e1:56:58:80:78:c6:ab:dd:45:ce:4b:6c:e9:c6:3b:67:4e: e9:aa:5e:33:bd:23:67:f6:a4:12:11:b6:26:00:14:47:bb:d9: 09:c1:27:ce:9c:46:98:dc:93:f4:9d:c1:17:52:d0:d3:b4:ce: 49:48:14:d3:3c:07:45:7f:07:bf:e3:36:fc:da:ae:96:0b:ca: 0c:c0:2f:03:5f:b9:30:c4:bf:ca:c2:68:be:25:b7:b7:52:eb: 68:1b:9c:cb:c1:a6:87:55:55:10:b9:0c:02:c2:4c:22:56:d0: 51:00:22:7f:b5:42:ab:55:be:60:54:ec:8e:59:19:c4:4a:4f: 69:32:04:46:d8:b8:fa:03:4a:2c:ab:2f:2c:27:e1:d6:f1:c7: 0d:35:1c:43:78:95:96:65:2e:9a:f0:36:18:ed:b6:fd:37:b8: 54:b7:51:bb:47:08:7e:9c:84:7b:09:12:e2:d7:15:17:98:31: 35:eb:c6:16 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzwFg1qqS4dTF7kpzwF0UsMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY0Y2YxZWU5MDY1M2I3YjgxNGQ2YjU0NTk0OWJkOTRkZGUw ZmM2YTEwHhcNMjUxMjA2MTMwMTAwWhcNMjUxMjA3MTMwMTAwWjAzMTEwLwYDVQQD EyhmOWIzZWM0MmJlNDkyZWI1MTI3YzJiZDdmNjQ5YzNiOTAyOWIxZTcxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwVE+G1M7P4P79dU+k7F0uhJ4LE6q 7rWWxanYtpLLYuyUCA3Imj9v2s6B5bTIKfdlz0ASD1YMDW9+xCYzaAomomZ7i4Bv DMEB0bReMe2uyiNJFSmHp2+dkLieZQOpuT9nVuXjRpAgk/TAzRI8fx5rPTAAuYmL aOKQJk/2nUCETBPqpLW8PWjouZ3U99i+/kbsMkUZssG4C02sjfmaE96TO8Q3QO7z gJhS8T8kwhAeqiyawj+acCYfPQDs0qtd0HeaYeo92/QgUtUQFGI6cCsyINvgvsgP QZmub6XK8gZPX9g+IMGxQYQ7G287yMCCuvnNLOeS72YjSLIvhVXi0BXNwwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPmz7EK+SS61Enwr1/ZJw7kCmx5xMB8GA1UdIwQY MBaAFGTPHukGU7e4FNa1RZSb2U3eD8ahMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWk04ZTZRWlR0N2dVMXJWRmxKdlpUZDRQeHFFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8yOTljYWEtOGNjZC00OWMxLTkwMjkt ODgwNGRhZDc4MGExLzEvWk04ZTZRWlR0N2dVMXJWRmxKdlpUZDRQeHFFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lOS8yOTljYWEtOGNjZC00OWMxLTkwMjktODgwNGRhZDc4MGEx LzEvWk04ZTZRWlR0N2dVMXJWRmxKdlpUZDRQeHFFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPADhUc7P PRjfBrJNz4asciGfFtfOFFq1X6/zyZhL6MTf+tkG7peiWHI7igXzeCzBdYbOK227 rYL6OkWx8KQnEEBlphJBWEF05OFWWIB4xqvdRc5LbOnGO2dO6apeM70jZ/akEhG2 JgAUR7vZCcEnzpxGmNyT9J3BF1LQ07TOSUgU0zwHRX8Hv+M2/NqulgvKDMAvA1+5 MMS/ysJoviW3t1LraBucy8Gmh1VVELkMAsJMIlbQUQAif7VCq1W+YFTsjlkZxEpP aTIERti4+gNKLKsvLCfh1vHHDTUcQ3iVlmUumvA2GO22/Te4VLdRu0cIfpyEewkS 4tcVF5gxNevGFg== -----END CERTIFICATE-----Generated at Sat Dec 6 19:17:06 2025 by rpki-client