This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/90172a-969b-46da-8088-791a62d2d8ab/1/mZK1NCb7YU2aWm2D9ABWamYMndI.mft File: mZK1NCb7YU2aWm2D9ABWamYMndI.mft (raw, json) Hash identifier: TjaQjIDo+FajWrIN/gpteqG8b5+1DzHykXVXsyL02hw= Subject key identifier: 38:14:90:10:C9:6E:E0:67:AF:F7:E7:5C:F7:18:BB:73:CA:46:B9:06 Authority key identifier: 99:92:B5:34:26:FB:61:4D:9A:5A:6D:83:F4:00:56:6A:66:0C:9D:D2 Certificate issuer: /CN=9992b53426fb614d9a5a6d83f400566a660c9dd2 Certificate serial: 019B2664A60AAF47F7FA0C4000F2051CC5E5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mZK1NCb7YU2aWm2D9ABWamYMndI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/90172a-969b-46da-8088-791a62d2d8ab/1/mZK1NCb7YU2aWm2D9ABWamYMndI.mft Manifest number: 1350 Signing time: Tue 16 Dec 2025 09:01:28 +0000 Manifest this update: Tue 16 Dec 2025 09:01:28 +0000 Manifest next update: Wed 17 Dec 2025 09:01:28 +0000 Files and hashes: 1: iG2Qj8n6fZw-GirtzGhiiR4VwRI.roa (hash: C/swOHl78EzDeIac5yTERHHT18YviZO0RyNpfkEvBQE=) 2: mZK1NCb7YU2aWm2D9ABWamYMndI.crl (hash: G4AQZI5J8S/qd21XOGpx4wTuraXCJ5dN4/TqRHAfrTg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/90172a-969b-46da-8088-791a62d2d8ab/1/mZK1NCb7YU2aWm2D9ABWamYMndI.crl rsync://rpki.ripe.net/repository/DEFAULT/00/90172a-969b-46da-8088-791a62d2d8ab/1/mZK1NCb7YU2aWm2D9ABWamYMndI.mft rsync://rpki.ripe.net/repository/DEFAULT/mZK1NCb7YU2aWm2D9ABWamYMndI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 17 Dec 2025 09:01:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:26:64:a6:0a:af:47:f7:fa:0c:40:00:f2:05:1c:c5:e5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9992b53426fb614d9a5a6d83f400566a660c9dd2 Validity Not Before: Dec 16 09:01:28 2025 GMT Not After : Dec 17 09:01:28 2025 GMT Subject: CN=38149010c96ee067aff7e75cf718bb73ca46b906 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:54:f1:f4:b5:a8:99:6b:00:9c:e1:0c:d9:dd: 12:ea:70:41:fe:a6:d5:20:9c:94:d0:8b:ed:7e:23: 70:0e:fd:50:fb:b8:8b:b4:0b:b4:9c:15:53:5b:92: 01:1a:31:02:4c:2d:a5:e8:70:c8:f9:83:25:85:bb: 21:14:37:7f:60:e9:51:96:8c:66:3f:f8:de:a0:7e: 98:2c:5e:0a:6c:bc:3e:b9:2e:b0:d6:34:cd:c1:4f: 42:28:e0:7a:cb:a2:e2:0c:93:f4:c7:e2:e9:7e:7d: b6:74:ff:40:ab:7b:a6:47:d1:51:47:80:c3:80:b8: ba:98:d2:4b:7f:16:38:03:09:a4:d7:89:65:88:27: f2:c8:f4:76:3e:37:5b:da:ea:09:63:82:7f:65:96: c5:22:80:15:7a:8a:b1:2e:95:a3:41:9a:39:e2:d7: 9e:b2:40:5b:5b:c3:12:9f:41:4e:6f:87:66:d5:a8: cd:43:9e:a2:2c:ea:5a:45:7a:d1:46:a9:e8:df:cd: 8e:41:9a:cf:ed:7d:ac:e7:87:1a:df:06:7c:b3:a0: b5:64:8c:1d:1e:f1:27:51:fb:5d:cd:e1:ac:fb:11: 03:4f:5b:17:7c:a9:25:b7:6b:53:6d:17:9d:07:9e: 36:bc:67:c2:9a:b5:86:db:c9:8a:29:77:bd:ab:2e: f1:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:14:90:10:C9:6E:E0:67:AF:F7:E7:5C:F7:18:BB:73:CA:46:B9:06 X509v3 Authority Key Identifier: keyid:99:92:B5:34:26:FB:61:4D:9A:5A:6D:83:F4:00:56:6A:66:0C:9D:D2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mZK1NCb7YU2aWm2D9ABWamYMndI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/90172a-969b-46da-8088-791a62d2d8ab/1/mZK1NCb7YU2aWm2D9ABWamYMndI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/00/90172a-969b-46da-8088-791a62d2d8ab/1/mZK1NCb7YU2aWm2D9ABWamYMndI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2f:2d:b8:17:b6:9d:c7:67:e4:64:72:ca:8b:2b:79:b6:64:76: 88:39:36:1e:68:a0:ce:9d:4b:13:5a:06:34:2d:db:15:e8:f6: 82:8c:52:c9:3d:c1:42:d6:a0:71:e3:d6:72:31:12:26:07:ea: 52:16:97:6a:cb:e5:57:96:ab:ba:f2:70:19:59:a3:8c:9c:59: 3e:7d:9f:4b:26:5d:c3:8d:cb:2e:00:8e:73:36:4f:7a:80:a6: b5:73:57:25:2d:44:1e:55:fd:64:56:c0:b0:f4:b1:2a:ed:a5: 69:f9:54:aa:42:e8:29:35:60:8f:14:4f:fa:96:a1:b7:f7:0d: d5:68:f1:55:ad:8e:0e:79:39:71:de:39:36:64:ea:48:8c:87: 4e:f0:cf:a9:18:7f:2c:6e:1d:5d:9f:28:bd:b1:ef:67:e0:79: 71:3c:f8:79:46:38:8c:3f:12:b7:79:b2:ff:78:ae:89:aa:20: a9:5a:33:6f:17:7c:42:0d:f9:53:72:92:54:3c:65:7b:51:09: eb:3e:40:ab:af:6e:dc:2a:cb:45:fd:c9:ba:34:e4:0e:04:ab: f0:28:2e:fa:e9:bc:e1:b1:80:14:42:21:76:c2:22:16:da:55: 82:d9:6a:d1:bd:a8:0a:3b:5e:f4:0b:17:3d:f8:88:fa:34:d1: 52:e9:e3:0f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsmZKYKr0f3+gxAAPIFHMXlMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk5OTJiNTM0MjZmYjYxNGQ5YTVhNmQ4M2Y0MDA1NjZhNjYw YzlkZDIwHhcNMjUxMjE2MDkwMTI4WhcNMjUxMjE3MDkwMTI4WjAzMTEwLwYDVQQD EygzODE0OTAxMGM5NmVlMDY3YWZmN2U3NWNmNzE4YmI3M2NhNDZiOTA2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA51Tx9LWomWsAnOEM2d0S6nBB/qbV IJyU0IvtfiNwDv1Q+7iLtAu0nBVTW5IBGjECTC2l6HDI+YMlhbshFDd/YOlRloxm P/jeoH6YLF4KbLw+uS6w1jTNwU9CKOB6y6LiDJP0x+Lpfn22dP9Aq3umR9FRR4DD gLi6mNJLfxY4Awmk14lliCfyyPR2Pjdb2uoJY4J/ZZbFIoAVeoqxLpWjQZo54tee skBbW8MSn0FOb4dm1ajNQ56iLOpaRXrRRqno382OQZrP7X2s54ca3wZ8s6C1ZIwd HvEnUftdzeGs+xEDT1sXfKklt2tTbRedB542vGfCmrWG28mKKXe9qy7x1QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDgUkBDJbuBnr/fnXPcYu3PKRrkGMB8GA1UdIwQY MBaAFJmStTQm+2FNmlptg/QAVmpmDJ3SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbVpLMU5DYjdZVTJhV20yRDlBQldhbVlNbmRJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC85MDE3MmEtOTY5Yi00NmRhLTgwODgt NzkxYTYyZDJkOGFiLzEvbVpLMU5DYjdZVTJhV20yRDlBQldhbVlNbmRJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMC85MDE3MmEtOTY5Yi00NmRhLTgwODgtNzkxYTYyZDJkOGFi LzEvbVpLMU5DYjdZVTJhV20yRDlBQldhbVlNbmRJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALy24F7ad x2fkZHLKiyt5tmR2iDk2Hmigzp1LE1oGNC3bFej2goxSyT3BQtagcePWcjESJgfq UhaXasvlV5aruvJwGVmjjJxZPn2fSyZdw43LLgCOczZPeoCmtXNXJS1EHlX9ZFbA sPSxKu2laflUqkLoKTVgjxRP+paht/cN1WjxVa2ODnk5cd45NmTqSIyHTvDPqRh/ LG4dXZ8ovbHvZ+B5cTz4eUY4jD8St3my/3iuiaogqVozbxd8Qg35U3KSVDxle1EJ 6z5Aq69u3CrLRf3JujTkDgSr8Cgu+um84bGAFEIhdsIiFtpVgtlq0b2oCjte9AsX PfiI+jTRUunjDw== -----END CERTIFICATE-----Generated at Tue Dec 16 18:02:50 2025 by rpki-client