This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/27cbd0-a7b9-45fb-9954-78d1144ad967/1/zl1FYESPeKTc3LeRoH2tIWOgjN8.mft File: zl1FYESPeKTc3LeRoH2tIWOgjN8.mft (raw, json) Hash identifier: onsQiLpU8lWVkk1j0bL1T/Tgb143advNQzktolF5GRw= Subject key identifier: 14:C8:24:9F:22:F6:A8:3E:CF:55:26:61:68:9E:C5:44:A2:25:87:19 Authority key identifier: CE:5D:45:60:44:8F:78:A4:DC:DC:B7:91:A0:7D:AD:21:63:A0:8C:DF Certificate issuer: /CN=ce5d4560448f78a4dcdcb791a07dad2163a08cdf Certificate serial: 019B59757C7F6EF34343455894C10343249E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zl1FYESPeKTc3LeRoH2tIWOgjN8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/27cbd0-a7b9-45fb-9954-78d1144ad967/1/zl1FYESPeKTc3LeRoH2tIWOgjN8.mft Manifest number: 172A Signing time: Fri 26 Dec 2025 07:00:30 +0000 Manifest this update: Fri 26 Dec 2025 07:00:30 +0000 Manifest next update: Sat 27 Dec 2025 07:00:30 +0000 Files and hashes: 1: DnVFEpYRkYdsvx6fTEjYM0mnXYg.roa (hash: Q/XnpIbexx4X2BOItVZgFWxgUIF3KGLUNsRlADlMLPI=) 2: zl1FYESPeKTc3LeRoH2tIWOgjN8.crl (hash: LXWn84L9Zaj3JS1dHph8fanoOhsPbdCwNqRilLZpn7s=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/04/27cbd0-a7b9-45fb-9954-78d1144ad967/1/zl1FYESPeKTc3LeRoH2tIWOgjN8.crl rsync://rpki.ripe.net/repository/DEFAULT/04/27cbd0-a7b9-45fb-9954-78d1144ad967/1/zl1FYESPeKTc3LeRoH2tIWOgjN8.mft rsync://rpki.ripe.net/repository/DEFAULT/zl1FYESPeKTc3LeRoH2tIWOgjN8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:75:7c:7f:6e:f3:43:43:45:58:94:c1:03:43:24:9e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ce5d4560448f78a4dcdcb791a07dad2163a08cdf Validity Not Before: Dec 26 07:00:30 2025 GMT Not After : Dec 27 07:00:30 2025 GMT Subject: CN=14c8249f22f6a83ecf552661689ec544a2258719 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:de:55:93:3d:83:8d:67:d4:78:d1:6f:96:a1: a9:86:c3:14:08:fc:a2:1b:49:70:cb:3e:c9:39:6d: 41:5c:5e:6e:7f:7b:11:27:55:90:f8:b5:bf:80:d1: e1:70:97:58:e6:a0:64:e2:9c:83:0d:a2:0b:b1:22: 69:3b:0c:4a:5b:1a:bc:8e:fc:a9:9a:1d:49:49:97: 07:11:4e:7c:af:83:70:86:46:5d:72:a9:53:5b:9e: 63:39:17:c7:22:5a:34:65:94:d8:b0:98:e2:08:d4: cf:38:f7:09:96:5f:60:90:38:e3:ac:7e:f8:24:2c: b9:41:2e:e3:8a:a0:b0:55:80:ca:16:f4:af:ed:85: 6a:0d:f5:66:fb:91:14:86:b9:6d:b7:d8:2f:0c:0d: f3:bc:50:6a:61:5b:f2:f6:52:75:5c:83:ca:4b:ff: 17:de:1a:72:e3:5e:c1:c4:4c:c7:35:13:19:c9:0f: 86:c6:37:c7:0f:dc:34:74:71:7c:54:d7:c1:1c:7b: e4:c3:05:89:36:05:97:de:46:e7:f6:eb:5c:f7:4e: fc:d8:39:08:b9:c0:68:1e:0a:0e:d6:0a:fd:c6:74: 0a:32:b6:8b:34:8c:d4:b9:15:68:41:2f:4c:1f:9a: 8e:85:c9:57:f6:94:b3:c3:30:cb:8c:7a:84:a4:e0: 3c:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 14:C8:24:9F:22:F6:A8:3E:CF:55:26:61:68:9E:C5:44:A2:25:87:19 X509v3 Authority Key Identifier: keyid:CE:5D:45:60:44:8F:78:A4:DC:DC:B7:91:A0:7D:AD:21:63:A0:8C:DF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zl1FYESPeKTc3LeRoH2tIWOgjN8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/27cbd0-a7b9-45fb-9954-78d1144ad967/1/zl1FYESPeKTc3LeRoH2tIWOgjN8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/04/27cbd0-a7b9-45fb-9954-78d1144ad967/1/zl1FYESPeKTc3LeRoH2tIWOgjN8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 91:92:3a:0b:99:f4:6e:eb:de:78:59:31:21:87:6a:ce:a0:ca: 21:49:a1:7a:3a:07:21:b9:34:df:68:21:53:58:2a:57:3a:5f: d6:06:ff:5b:7e:ec:1b:76:33:4c:49:c7:fd:ea:55:3d:72:96: 67:de:b6:fa:c2:32:2c:40:6b:2e:5a:c7:67:05:fd:a5:d0:b3: 43:b3:e2:20:c3:da:3e:01:c3:29:5a:fd:f2:d3:ad:ac:15:4d: 84:57:7b:8f:b5:3b:ad:f1:c9:c8:7d:0b:64:a2:86:42:10:ef: a1:d7:1d:18:cf:55:05:2d:71:0d:c1:60:17:69:70:b7:d5:b4: 8f:68:60:b9:73:23:8d:c8:eb:c7:55:1e:b7:9a:99:41:fb:71: 83:ff:2e:c9:ba:5e:16:28:28:3d:12:49:72:81:9c:09:3d:a7: 4e:ae:0c:98:74:e8:d1:68:62:66:e9:bf:4f:21:34:0b:52:ca: 2d:12:21:e5:a0:fc:1f:0d:89:93:c0:cb:e8:d7:ff:c7:ec:7b: 6e:66:ba:ae:33:5e:bf:26:e6:cd:d8:9c:cc:94:c1:ac:3c:31: 3d:88:ef:e7:d9:8a:c2:22:20:2d:96:92:be:bd:80:d9:54:ce: 79:f3:95:22:40:08:a2:37:35:ae:db:e9:09:ba:d3:f0:62:cd: 1e:9e:25:a9 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZdXx/bvNDQ0VYlMEDQySeMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNlNWQ0NTYwNDQ4Zjc4YTRkY2RjYjc5MWEwN2RhZDIxNjNh MDhjZGYwHhcNMjUxMjI2MDcwMDMwWhcNMjUxMjI3MDcwMDMwWjAzMTEwLwYDVQQD EygxNGM4MjQ5ZjIyZjZhODNlY2Y1NTI2NjE2ODllYzU0NGEyMjU4NzE5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5N5Vkz2DjWfUeNFvlqGphsMUCPyi G0lwyz7JOW1BXF5uf3sRJ1WQ+LW/gNHhcJdY5qBk4pyDDaILsSJpOwxKWxq8jvyp mh1JSZcHEU58r4NwhkZdcqlTW55jORfHIlo0ZZTYsJjiCNTPOPcJll9gkDjjrH74 JCy5QS7jiqCwVYDKFvSv7YVqDfVm+5EUhrltt9gvDA3zvFBqYVvy9lJ1XIPKS/8X 3hpy417BxEzHNRMZyQ+GxjfHD9w0dHF8VNfBHHvkwwWJNgWX3kbn9utc90782DkI ucBoHgoO1gr9xnQKMraLNIzUuRVoQS9MH5qOhclX9pSzwzDLjHqEpOA8IwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBTIJJ8i9qg+z1UmYWiexUSiJYcZMB8GA1UdIwQY MBaAFM5dRWBEj3ik3Ny3kaB9rSFjoIzfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvemwxRllFU1BlS1RjM0xlUm9IMnRJV09nak44LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC8yN2NiZDAtYTdiOS00NWZiLTk5NTQt NzhkMTE0NGFkOTY3LzEvemwxRllFU1BlS1RjM0xlUm9IMnRJV09nak44Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wNC8yN2NiZDAtYTdiOS00NWZiLTk5NTQtNzhkMTE0NGFkOTY3 LzEvemwxRllFU1BlS1RjM0xlUm9IMnRJV09nak44LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkZI6C5n0 buveeFkxIYdqzqDKIUmhejoHIbk032ghU1gqVzpf1gb/W37sG3YzTEnH/epVPXKW Z962+sIyLEBrLlrHZwX9pdCzQ7PiIMPaPgHDKVr98tOtrBVNhFd7j7U7rfHJyH0L ZKKGQhDvodcdGM9VBS1xDcFgF2lwt9W0j2hguXMjjcjrx1Uet5qZQftxg/8uybpe FigoPRJJcoGcCT2nTq4MmHTo0WhiZum/TyE0C1LKLRIh5aD8Hw2Jk8DL6Nf/x+x7 bma6rjNevybmzdiczJTBrDwxPYjv59mKwiIgLZaSvr2A2VTOefOVIkAIojc1rtvp CbrT8GLNHp4lqQ== -----END CERTIFICATE-----Generated at Fri Dec 26 16:03:57 2025 by rpki-client