This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/b76d34-5f07-42d8-a131-a8781add2423/1/zf9bPNry6tG8MwlBG_lJLNmHr7o.mft File: zf9bPNry6tG8MwlBG_lJLNmHr7o.mft (raw, json) Hash identifier: F9u9LBC4oB29lLcO0XQju97WXIlwNxj9NMYMwFAIhsY= Subject key identifier: CA:51:0F:CA:6B:A7:5F:EA:15:2E:48:EE:71:53:7C:59:F4:8D:E3:8A Authority key identifier: CD:FF:5B:3C:DA:F2:EA:D1:BC:33:09:41:1B:F9:49:2C:D9:87:AF:BA Certificate issuer: /CN=cdff5b3cdaf2ead1bc3309411bf9492cd987afba Certificate serial: 019B5ABF532176D9126DB782C29627C649B1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zf9bPNry6tG8MwlBG_lJLNmHr7o.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/b76d34-5f07-42d8-a131-a8781add2423/1/zf9bPNry6tG8MwlBG_lJLNmHr7o.mft Manifest number: 05F2 Signing time: Fri 26 Dec 2025 13:00:46 +0000 Manifest this update: Fri 26 Dec 2025 13:00:46 +0000 Manifest next update: Sat 27 Dec 2025 13:00:46 +0000 Files and hashes: 1: k3TRYEDrQBrO6eEJRbpRNKXsKDY.roa (hash: 4LCjfvPAnVknZ+aHhkSXzNTjWeSMT085uGaEj2C566Q=) 2: zf9bPNry6tG8MwlBG_lJLNmHr7o.crl (hash: SH11OlfB2aOqSQbIoKevBBZtp4DMGVUotf3T1PFJ/WU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/b76d34-5f07-42d8-a131-a8781add2423/1/zf9bPNry6tG8MwlBG_lJLNmHr7o.crl rsync://rpki.ripe.net/repository/DEFAULT/13/b76d34-5f07-42d8-a131-a8781add2423/1/zf9bPNry6tG8MwlBG_lJLNmHr7o.mft rsync://rpki.ripe.net/repository/DEFAULT/zf9bPNry6tG8MwlBG_lJLNmHr7o.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:bf:53:21:76:d9:12:6d:b7:82:c2:96:27:c6:49:b1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cdff5b3cdaf2ead1bc3309411bf9492cd987afba Validity Not Before: Dec 26 13:00:46 2025 GMT Not After : Dec 27 13:00:46 2025 GMT Subject: CN=ca510fca6ba75fea152e48ee71537c59f48de38a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:ec:a4:b2:11:df:ee:d8:19:c0:bd:ee:9b:cd: e1:90:8f:40:bb:97:6e:3b:f2:c2:f9:67:e1:8d:6b: 0f:b9:a9:10:80:a9:4a:96:5f:64:5b:c0:45:c9:91: c5:df:6f:10:7e:70:6c:30:47:2b:0c:31:4b:bd:98: 2c:aa:b6:d0:38:da:7f:a0:d9:30:a9:44:3b:74:43: f6:82:bf:c3:b5:a2:36:af:fc:d0:a6:fd:e7:6a:76: 4c:00:b0:04:a5:c0:5b:9f:a6:5c:17:fd:81:7d:7c: 02:aa:00:e6:17:ae:e6:d3:e8:7e:23:eb:28:30:52: c1:08:19:bf:ee:3d:b5:ab:e8:7b:7c:2a:e3:4c:f0: 3f:28:f4:b5:cf:f1:76:03:5a:3f:af:4f:f4:20:e7: b5:24:70:e4:94:3a:83:c8:48:26:1a:41:ec:e7:87: ed:f6:fa:b7:4a:db:be:36:bf:df:6f:34:ab:c0:47: ed:7f:7b:e0:44:d2:d0:90:a8:b0:12:a2:b0:26:9d: c8:1e:2c:bb:ed:1b:14:98:71:02:be:59:e0:39:6f: f1:67:5e:ec:ea:42:54:e2:ba:b9:6d:e9:41:90:8a: 37:9e:57:36:41:c0:b7:c5:77:61:60:c0:97:bc:2b: 59:d7:f3:49:97:11:41:76:7f:60:38:5b:45:97:e0: d4:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:51:0F:CA:6B:A7:5F:EA:15:2E:48:EE:71:53:7C:59:F4:8D:E3:8A X509v3 Authority Key Identifier: keyid:CD:FF:5B:3C:DA:F2:EA:D1:BC:33:09:41:1B:F9:49:2C:D9:87:AF:BA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zf9bPNry6tG8MwlBG_lJLNmHr7o.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/b76d34-5f07-42d8-a131-a8781add2423/1/zf9bPNry6tG8MwlBG_lJLNmHr7o.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/13/b76d34-5f07-42d8-a131-a8781add2423/1/zf9bPNry6tG8MwlBG_lJLNmHr7o.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 61:8d:aa:b2:06:1c:5b:a8:fe:13:34:ab:42:0e:40:b2:44:bb: 8a:c9:38:6d:c8:5a:1e:a9:f4:5b:7a:52:2b:37:bf:d0:54:ca: d1:bb:43:7d:69:14:61:5e:16:2d:43:97:80:a6:52:f4:4a:5a: a6:f7:7a:9a:6d:50:8d:fd:44:e5:e5:40:57:c4:e8:bb:92:ef: 2a:2d:9c:e3:57:82:1c:6d:2f:1c:9c:cf:3f:fc:12:72:2d:bf: b9:53:55:78:fa:7b:96:cb:e1:b5:8c:7d:8c:85:88:b1:2c:e6: 92:ad:7e:89:50:f4:fe:9f:96:1a:2a:c7:15:30:bf:13:e7:bf: ea:49:24:b3:0d:5a:09:ff:77:c2:2c:07:58:e5:3d:f8:02:e8: 73:e0:0d:6e:79:ae:03:12:7e:a1:00:0c:00:08:e4:e5:5b:7e: 56:06:64:05:1b:d8:a1:ee:81:04:5c:6c:cb:b7:27:d0:df:57: 77:c3:7c:19:2f:79:a2:da:66:ce:80:b0:8d:ce:7d:73:62:67: 5d:96:82:9e:2c:74:e0:9f:bf:76:f1:ac:89:0e:16:cc:66:af: f6:15:ad:fd:cc:25:9e:ea:46:1d:4a:01:60:e1:9d:85:46:c8: 03:a5:f4:05:b2:f3:64:8c:4b:f8:bb:8e:85:39:f4:ab:7a:f1: e7:da:93:07 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtav1MhdtkSbbeCwpYnxkmxMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNkZmY1YjNjZGFmMmVhZDFiYzMzMDk0MTFiZjk0OTJjZDk4 N2FmYmEwHhcNMjUxMjI2MTMwMDQ2WhcNMjUxMjI3MTMwMDQ2WjAzMTEwLwYDVQQD EyhjYTUxMGZjYTZiYTc1ZmVhMTUyZTQ4ZWU3MTUzN2M1OWY0OGRlMzhhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoeykshHf7tgZwL3um83hkI9Au5du O/LC+WfhjWsPuakQgKlKll9kW8BFyZHF328QfnBsMEcrDDFLvZgsqrbQONp/oNkw qUQ7dEP2gr/DtaI2r/zQpv3nanZMALAEpcBbn6ZcF/2BfXwCqgDmF67m0+h+I+so MFLBCBm/7j21q+h7fCrjTPA/KPS1z/F2A1o/r0/0IOe1JHDklDqDyEgmGkHs54ft 9vq3Stu+Nr/fbzSrwEftf3vgRNLQkKiwEqKwJp3IHiy77RsUmHECvlngOW/xZ17s 6kJU4rq5belBkIo3nlc2QcC3xXdhYMCXvCtZ1/NJlxFBdn9gOFtFl+DUMwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMpRD8prp1/qFS5I7nFTfFn0jeOKMB8GA1UdIwQY MBaAFM3/Wzza8urRvDMJQRv5SSzZh6+6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvemY5YlBOcnk2dEc4TXdsQkdfbEpMTm1IcjdvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9iNzZkMzQtNWYwNy00MmQ4LWExMzEt YTg3ODFhZGQyNDIzLzEvemY5YlBOcnk2dEc4TXdsQkdfbEpMTm1IcjdvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xMy9iNzZkMzQtNWYwNy00MmQ4LWExMzEtYTg3ODFhZGQyNDIz LzEvemY5YlBOcnk2dEc4TXdsQkdfbEpMTm1IcjdvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYY2qsgYc W6j+EzSrQg5AskS7isk4bchaHqn0W3pSKze/0FTK0btDfWkUYV4WLUOXgKZS9Epa pvd6mm1Qjf1E5eVAV8Tou5LvKi2c41eCHG0vHJzPP/wSci2/uVNVePp7lsvhtYx9 jIWIsSzmkq1+iVD0/p+WGirHFTC/E+e/6kkksw1aCf93wiwHWOU9+ALoc+ANbnmu AxJ+oQAMAAjk5Vt+VgZkBRvYoe6BBFxsy7cn0N9Xd8N8GS95otpmzoCwjc59c2Jn XZaCnix04J+/dvGsiQ4WzGav9hWt/cwlnupGHUoBYOGdhUbIA6X0BbLzZIxL+LuO hTn0q3rx59qTBw== -----END CERTIFICATE-----Generated at Fri Dec 26 16:02:16 2025 by rpki-client