This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/ed3d4a-704f-4aa4-821f-dcd5e9478084/1/ZD2vEi46h6yqb9tiw1olKhmaWNk.mft File: ZD2vEi46h6yqb9tiw1olKhmaWNk.mft (raw, json) Hash identifier: tG0jq0UH+Oe9GuOe+EnwpfozjpnAKbnHnjJGJ+WBjAk= Subject key identifier: 60:91:EA:77:D8:62:69:7C:B4:21:42:B0:90:4C:81:B0:97:FE:10:7C Authority key identifier: 64:3D:AF:12:2E:3A:87:AC:AA:6F:DB:62:C3:5A:25:2A:19:9A:58:D9 Certificate issuer: /CN=643daf122e3a87acaa6fdb62c35a252a199a58d9 Certificate serial: 019B2F9E9A69F00565E080A6BEFA47524AE3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZD2vEi46h6yqb9tiw1olKhmaWNk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/ed3d4a-704f-4aa4-821f-dcd5e9478084/1/ZD2vEi46h6yqb9tiw1olKhmaWNk.mft Manifest number: 0F04 Signing time: Thu 18 Dec 2025 04:01:21 +0000 Manifest this update: Thu 18 Dec 2025 04:01:21 +0000 Manifest next update: Fri 19 Dec 2025 04:01:21 +0000 Files and hashes: 1: 5y54voFpQemaWdhJdL3R6I-ZfdY.roa (hash: 0q0hdM7ItmEN9aXgu0xUxeLxjebZjyz7UrwOiAMpRFI=) 2: ZD2vEi46h6yqb9tiw1olKhmaWNk.crl (hash: HoFiAoe1BeZgXvvTPg0w6AftcmsNQY9A6Nia/ioQHv0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/04/ed3d4a-704f-4aa4-821f-dcd5e9478084/1/ZD2vEi46h6yqb9tiw1olKhmaWNk.crl rsync://rpki.ripe.net/repository/DEFAULT/04/ed3d4a-704f-4aa4-821f-dcd5e9478084/1/ZD2vEi46h6yqb9tiw1olKhmaWNk.mft rsync://rpki.ripe.net/repository/DEFAULT/ZD2vEi46h6yqb9tiw1olKhmaWNk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 04:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2f:9e:9a:69:f0:05:65:e0:80:a6:be:fa:47:52:4a:e3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=643daf122e3a87acaa6fdb62c35a252a199a58d9 Validity Not Before: Dec 18 04:01:21 2025 GMT Not After : Dec 19 04:01:21 2025 GMT Subject: CN=6091ea77d862697cb42142b0904c81b097fe107c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:91:39:17:83:de:03:d1:31:44:c1:45:99:98:6c: 32:3d:cb:f5:da:50:6e:09:32:a5:f6:bc:d2:3b:ef: 87:59:67:23:24:55:b2:4d:3b:f1:3b:ac:55:90:46: c2:5f:85:3e:66:29:39:38:34:ba:fc:15:ff:84:4a: a1:d9:3e:47:49:fb:18:b5:05:59:68:07:6c:27:c3: 5f:c0:0d:66:b7:9d:d1:82:2f:7e:d7:0f:0e:3d:e6: 8c:0f:43:01:10:2f:01:99:9e:4e:62:13:e9:37:07: 39:d8:87:12:3a:9e:ba:c0:25:bc:a6:64:28:89:e3: 6e:b1:f3:72:36:b5:0a:0e:27:09:66:88:b3:28:f4: 9c:b1:41:f2:9c:0b:c5:d6:51:1b:c0:2a:4d:41:e4: 53:f7:d9:ef:26:8e:28:6e:d1:aa:1d:fc:e6:ee:f3: 7f:26:ec:61:a0:56:11:eb:02:c1:e3:86:6b:ce:49: 78:4b:94:0c:77:43:ec:1b:60:a6:25:ba:24:b0:e2: 90:42:61:8c:c1:dd:ea:a6:7a:ca:9e:6b:d8:91:6e: 6e:0e:3e:05:a8:4a:16:ab:9e:d6:dd:c7:65:d0:b7: f2:93:d5:15:98:a3:b0:f2:66:17:70:1e:5a:ed:a5: e1:fc:02:d5:bc:25:bc:45:03:e6:44:68:04:87:6d: 96:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 60:91:EA:77:D8:62:69:7C:B4:21:42:B0:90:4C:81:B0:97:FE:10:7C X509v3 Authority Key Identifier: keyid:64:3D:AF:12:2E:3A:87:AC:AA:6F:DB:62:C3:5A:25:2A:19:9A:58:D9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZD2vEi46h6yqb9tiw1olKhmaWNk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/ed3d4a-704f-4aa4-821f-dcd5e9478084/1/ZD2vEi46h6yqb9tiw1olKhmaWNk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/04/ed3d4a-704f-4aa4-821f-dcd5e9478084/1/ZD2vEi46h6yqb9tiw1olKhmaWNk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 97:5f:56:ee:9b:f8:7b:f4:e6:9c:59:0a:5d:58:d3:0c:b9:3a: ce:b0:fb:33:4d:5e:5c:7b:ea:f3:28:10:10:44:12:60:b4:8b: 59:94:4e:0c:51:7a:ed:0a:a1:ac:1c:7e:2f:2e:61:af:22:23: f7:a0:09:49:c5:be:07:a2:b8:92:e8:02:16:0e:de:79:c7:3e: 4d:18:9a:08:12:8a:8a:ae:54:40:e7:2e:08:8b:b8:51:ee:4a: e5:32:00:71:b5:56:ab:e1:29:e2:b7:b5:74:5f:2d:c8:b2:25: 71:32:94:b6:f7:0b:b4:8f:d0:33:08:e2:50:11:01:1d:b8:67: c8:fc:af:6b:54:ad:a5:87:0c:3c:74:66:31:91:15:7c:04:83: 83:53:c6:a1:f1:87:8a:d9:85:4e:0d:96:24:93:20:d4:5d:83: 28:9d:90:4a:5c:e7:5d:6b:8d:d4:b5:a9:2b:61:61:b0:e8:49: 29:dc:7c:29:6a:22:d3:04:0c:42:3b:26:c5:48:26:fd:74:2e: b8:99:e7:a1:9e:45:e0:01:80:a4:c4:5c:e3:b7:d4:c9:80:c8: 0b:ea:9a:0f:07:b2:0f:05:a0:61:7f:6c:68:1f:ca:25:9e:c6: e6:2c:b8:1e:c2:2a:a2:c6:d0:20:fd:58:f0:27:ba:0a:69:2f: 6b:46:eb:de -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsvnppp8AVl4ICmvvpHUkrjMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY0M2RhZjEyMmUzYTg3YWNhYTZmZGI2MmMzNWEyNTJhMTk5 YTU4ZDkwHhcNMjUxMjE4MDQwMTIxWhcNMjUxMjE5MDQwMTIxWjAzMTEwLwYDVQQD Eyg2MDkxZWE3N2Q4NjI2OTdjYjQyMTQyYjA5MDRjODFiMDk3ZmUxMDdjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkTkXg94D0TFEwUWZmGwyPcv12lBu CTKl9rzSO++HWWcjJFWyTTvxO6xVkEbCX4U+Zik5ODS6/BX/hEqh2T5HSfsYtQVZ aAdsJ8NfwA1mt53Rgi9+1w8OPeaMD0MBEC8BmZ5OYhPpNwc52IcSOp66wCW8pmQo ieNusfNyNrUKDicJZoizKPScsUHynAvF1lEbwCpNQeRT99nvJo4obtGqHfzm7vN/ JuxhoFYR6wLB44Zrzkl4S5QMd0PsG2CmJboksOKQQmGMwd3qpnrKnmvYkW5uDj4F qEoWq57W3cdl0Lfyk9UVmKOw8mYXcB5a7aXh/ALVvCW8RQPmRGgEh22WrQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGCR6nfYYml8tCFCsJBMgbCX/hB8MB8GA1UdIwQY MBaAFGQ9rxIuOoesqm/bYsNaJSoZmljZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWkQydkVpNDZoNnlxYjl0aXcxb2xLaG1hV05rLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC9lZDNkNGEtNzA0Zi00YWE0LTgyMWYt ZGNkNWU5NDc4MDg0LzEvWkQydkVpNDZoNnlxYjl0aXcxb2xLaG1hV05rLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wNC9lZDNkNGEtNzA0Zi00YWE0LTgyMWYtZGNkNWU5NDc4MDg0 LzEvWkQydkVpNDZoNnlxYjl0aXcxb2xLaG1hV05rLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAl19W7pv4 e/TmnFkKXVjTDLk6zrD7M01eXHvq8ygQEEQSYLSLWZRODFF67QqhrBx+Ly5hryIj 96AJScW+B6K4kugCFg7eecc+TRiaCBKKiq5UQOcuCIu4Ue5K5TIAcbVWq+Ep4re1 dF8tyLIlcTKUtvcLtI/QMwjiUBEBHbhnyPyva1StpYcMPHRmMZEVfASDg1PGofGH itmFTg2WJJMg1F2DKJ2QSlznXWuN1LWpK2FhsOhJKdx8KWoi0wQMQjsmxUgm/XQu uJnnoZ5F4AGApMRc47fUyYDIC+qaDweyDwWgYX9saB/KJZ7G5iy4HsIqosbQIP1Y 8Ce6Cmkva0br3g== -----END CERTIFICATE-----Generated at Thu Dec 18 08:04:07 2025 by rpki-client