This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/8d6f1a-d334-418f-b726-6f5d8a74a0e4/1/ZKemzVg4FNOTvuJjW1RVdMx1Ygw.mft File: ZKemzVg4FNOTvuJjW1RVdMx1Ygw.mft (raw, json) Hash identifier: DqPZ/gq4EF1q78WzTDAOXIKcQhobCpJ+h2bN24XOW9U= Subject key identifier: 85:A0:10:BC:D1:56:22:74:34:8E:6E:43:0C:17:44:FF:55:DE:67:97 Authority key identifier: 64:A7:A6:CD:58:38:14:D3:93:BE:E2:63:5B:54:55:74:CC:75:62:0C Certificate issuer: /CN=64a7a6cd583814d393bee2635b545574cc75620c Certificate serial: 019B028EE347E781D4733F71EB94746EABC8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZKemzVg4FNOTvuJjW1RVdMx1Ygw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/8d6f1a-d334-418f-b726-6f5d8a74a0e4/1/ZKemzVg4FNOTvuJjW1RVdMx1Ygw.mft Manifest number: 139C Signing time: Tue 09 Dec 2025 10:01:17 +0000 Manifest this update: Tue 09 Dec 2025 10:01:17 +0000 Manifest next update: Wed 10 Dec 2025 10:01:17 +0000 Files and hashes: 1: ZKemzVg4FNOTvuJjW1RVdMx1Ygw.crl (hash: npDbICBXnIVk8sn0CtoEQjs8OUGf5qlMQ7ZbygYnzS8=) 2: rJRxxRneTTHrBiouHAwe-Vj2hOM.roa (hash: pnxg6ZPXerYJRTKN22NAobx2yMJvSslv4M+/PffiHGo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/8d6f1a-d334-418f-b726-6f5d8a74a0e4/1/ZKemzVg4FNOTvuJjW1RVdMx1Ygw.crl rsync://rpki.ripe.net/repository/DEFAULT/ff/8d6f1a-d334-418f-b726-6f5d8a74a0e4/1/ZKemzVg4FNOTvuJjW1RVdMx1Ygw.mft rsync://rpki.ripe.net/repository/DEFAULT/ZKemzVg4FNOTvuJjW1RVdMx1Ygw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 10 Dec 2025 10:01:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:02:8e:e3:47:e7:81:d4:73:3f:71:eb:94:74:6e:ab:c8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=64a7a6cd583814d393bee2635b545574cc75620c Validity Not Before: Dec 9 10:01:17 2025 GMT Not After : Dec 10 10:01:17 2025 GMT Subject: CN=85a010bcd1562274348e6e430c1744ff55de6797 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:52:4f:b0:45:8e:95:ca:b1:0d:5d:3d:76:a7: 3f:de:fc:5b:2d:3e:c2:57:db:87:56:fc:03:69:b1: 4c:9b:bb:aa:c6:a1:d2:39:e9:40:21:26:ca:60:95: d1:72:a8:f4:ef:b4:4c:c7:62:3c:a8:38:d9:1a:41: d7:c2:79:23:b0:9a:a4:53:b9:43:70:10:c9:87:aa: 45:63:d2:92:e6:68:d9:72:34:be:9d:ff:47:8a:c7: a4:62:e8:c4:6e:1f:b5:36:38:eb:ef:6e:e1:1d:84: 4b:5e:ac:70:f2:ad:8c:d7:b5:92:70:b4:f8:cb:8d: aa:34:6e:b3:3b:d7:0e:02:4e:77:2b:1a:4c:1d:1a: 43:cd:af:9f:1e:3b:1a:1e:87:48:fd:59:a0:db:9c: 2c:9d:16:cc:85:d0:2d:7b:a5:66:3f:4d:5a:09:16: a3:e9:70:b6:a1:65:d4:a4:58:a5:89:a6:c6:8a:a8: 8d:db:be:28:36:f7:4d:6b:f5:5b:f0:54:d4:b7:dd: e4:82:e9:85:61:38:3b:7d:f6:c2:a0:74:d3:00:da: 1b:01:77:76:98:7e:b5:d2:30:d5:6c:c9:9e:c5:b8: f5:e0:82:d4:09:e3:75:5f:75:34:51:1b:28:30:84: f2:88:2e:95:8c:c3:34:13:2f:e5:04:6b:91:20:d0: 63:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:A0:10:BC:D1:56:22:74:34:8E:6E:43:0C:17:44:FF:55:DE:67:97 X509v3 Authority Key Identifier: keyid:64:A7:A6:CD:58:38:14:D3:93:BE:E2:63:5B:54:55:74:CC:75:62:0C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZKemzVg4FNOTvuJjW1RVdMx1Ygw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/8d6f1a-d334-418f-b726-6f5d8a74a0e4/1/ZKemzVg4FNOTvuJjW1RVdMx1Ygw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/8d6f1a-d334-418f-b726-6f5d8a74a0e4/1/ZKemzVg4FNOTvuJjW1RVdMx1Ygw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6d:a3:f4:e3:03:85:f5:d3:a4:40:4f:af:df:18:06:9a:16:16: 61:f4:85:39:fc:d7:83:e7:1a:51:c2:60:d8:c4:e6:93:c7:48: 19:1e:25:b9:86:72:07:be:64:54:55:6f:71:46:b6:2f:9c:bd: 8b:bb:e4:77:02:90:52:62:04:dc:72:ad:cb:ce:5c:7f:8a:65: fa:9a:ab:ad:44:f7:d5:da:33:23:da:b2:e7:9b:88:59:b8:e8: 68:3f:dd:65:55:bc:ed:41:e5:f1:a7:01:a3:06:b5:b6:ec:bd: b7:9f:a9:e4:07:35:43:d7:cb:c0:fd:f9:81:1b:60:17:a8:61: 03:c6:7d:04:40:b0:07:73:f9:69:4d:fa:f9:61:b4:d3:3f:e3: a6:72:84:72:da:4b:9f:8b:76:a8:b5:de:45:e7:b9:6d:13:d1: b8:a4:78:54:22:b4:bb:bb:a4:bb:e0:de:38:a4:69:14:d6:83: 89:c7:f1:cc:e1:32:9d:e3:5f:44:36:c3:e9:8c:55:dd:b4:ed: 51:ab:dd:1e:79:d5:10:63:d5:f8:1a:d0:06:23:19:1e:e9:6d: 2d:ec:91:71:60:86:a5:9f:1c:d8:80:6e:ad:ec:78:a1:80:b7: e9:f5:93:62:e5:32:07:5b:62:4b:69:ae:51:81:bd:05:e9:b6: 63:9f:06:06 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsCjuNH54HUcz9x65R0bqvIMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY0YTdhNmNkNTgzODE0ZDM5M2JlZTI2MzViNTQ1NTc0Y2M3 NTYyMGMwHhcNMjUxMjA5MTAwMTE3WhcNMjUxMjEwMTAwMTE3WjAzMTEwLwYDVQQD Eyg4NWEwMTBiY2QxNTYyMjc0MzQ4ZTZlNDMwYzE3NDRmZjU1ZGU2Nzk3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA01JPsEWOlcqxDV09dqc/3vxbLT7C V9uHVvwDabFMm7uqxqHSOelAISbKYJXRcqj077RMx2I8qDjZGkHXwnkjsJqkU7lD cBDJh6pFY9KS5mjZcjS+nf9HisekYujEbh+1Njjr727hHYRLXqxw8q2M17WScLT4 y42qNG6zO9cOAk53KxpMHRpDza+fHjsaHodI/Vmg25wsnRbMhdAte6VmP01aCRaj 6XC2oWXUpFiliabGiqiN274oNvdNa/Vb8FTUt93kgumFYTg7ffbCoHTTANobAXd2 mH610jDVbMmexbj14ILUCeN1X3U0URsoMITyiC6VjMM0Ey/lBGuRINBjdQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIWgELzRViJ0NI5uQwwXRP9V3meXMB8GA1UdIwQY MBaAFGSnps1YOBTTk77iY1tUVXTMdWIMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWktlbXpWZzRGTk9UdnVKalcxUlZkTXgxWWd3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84ZDZmMWEtZDMzNC00MThmLWI3MjYt NmY1ZDhhNzRhMGU0LzEvWktlbXpWZzRGTk9UdnVKalcxUlZkTXgxWWd3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZi84ZDZmMWEtZDMzNC00MThmLWI3MjYtNmY1ZDhhNzRhMGU0 LzEvWktlbXpWZzRGTk9UdnVKalcxUlZkTXgxWWd3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbaP04wOF 9dOkQE+v3xgGmhYWYfSFOfzXg+caUcJg2MTmk8dIGR4luYZyB75kVFVvcUa2L5y9 i7vkdwKQUmIE3HKty85cf4pl+pqrrUT31dozI9qy55uIWbjoaD/dZVW87UHl8acB owa1tuy9t5+p5Ac1Q9fLwP35gRtgF6hhA8Z9BECwB3P5aU36+WG00z/jpnKEctpL n4t2qLXeRee5bRPRuKR4VCK0u7uku+DeOKRpFNaDicfxzOEyneNfRDbD6YxV3bTt UavdHnnVEGPV+BrQBiMZHultLeyRcWCGpZ8c2IBurex4oYC36fWTYuUyB1tiS2mu UYG9Bem2Y58GBg== -----END CERTIFICATE-----Generated at Tue Dec 9 18:14:53 2025 by rpki-client