This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/d7e660-6912-4380-ab4f-718b9c40fd25/1/zy7ueKAITYMd4aJQAYPhZIlRbM8.mft File: zy7ueKAITYMd4aJQAYPhZIlRbM8.mft (raw, json) Hash identifier: a026e8oFHF9y+hXugLniSfltRGgRKeKJWFo/Oe+7a9g= Subject key identifier: 0E:BC:EB:5B:D4:11:B8:E7:17:50:0E:05:A1:EF:C8:5D:9E:E4:EA:94 Authority key identifier: CF:2E:EE:78:A0:08:4D:83:1D:E1:A2:50:01:83:E1:64:89:51:6C:CF Certificate issuer: /CN=cf2eee78a0084d831de1a2500183e16489516ccf Certificate serial: 019B34C4742D031E620433E0531A9D464BBA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zy7ueKAITYMd4aJQAYPhZIlRbM8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/d7e660-6912-4380-ab4f-718b9c40fd25/1/zy7ueKAITYMd4aJQAYPhZIlRbM8.mft Manifest number: 1088 Signing time: Fri 19 Dec 2025 04:00:48 +0000 Manifest this update: Fri 19 Dec 2025 04:00:48 +0000 Manifest next update: Sat 20 Dec 2025 04:00:48 +0000 Files and hashes: 1: DoG2UFHCOj7zOTIUPjjt5XZyaMI.roa (hash: o5jRgA59QPQWDTQLvIg+41ICmEKRDLb8Qb3vB5Fkcs4=) 2: zy7ueKAITYMd4aJQAYPhZIlRbM8.crl (hash: gOTg6hSwhhw9B2bkZ4JVawvglUyyYk2tMawVO6WqH+A=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/d7e660-6912-4380-ab4f-718b9c40fd25/1/zy7ueKAITYMd4aJQAYPhZIlRbM8.crl rsync://rpki.ripe.net/repository/DEFAULT/19/d7e660-6912-4380-ab4f-718b9c40fd25/1/zy7ueKAITYMd4aJQAYPhZIlRbM8.mft rsync://rpki.ripe.net/repository/DEFAULT/zy7ueKAITYMd4aJQAYPhZIlRbM8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 04:00:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:34:c4:74:2d:03:1e:62:04:33:e0:53:1a:9d:46:4b:ba Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cf2eee78a0084d831de1a2500183e16489516ccf Validity Not Before: Dec 19 04:00:48 2025 GMT Not After : Dec 20 04:00:48 2025 GMT Subject: CN=0ebceb5bd411b8e717500e05a1efc85d9ee4ea94 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:e9:30:64:2f:32:3c:ca:0e:80:bc:ec:d7:84: 3f:80:cb:46:40:1e:de:62:72:40:8f:a9:95:fb:d4: 86:a8:8d:76:88:c7:bc:70:a3:35:6b:f6:1e:3c:f9: 27:64:ff:72:e7:15:b7:49:60:69:e7:a1:66:24:f3: f5:72:ee:21:69:a0:63:8e:89:e4:6a:7a:69:14:77: 44:61:33:83:18:44:d1:f8:82:d8:33:00:8f:f8:f6: 04:8c:84:18:6c:0d:f6:e1:3d:ee:c4:18:39:3a:66: 33:65:ac:d2:67:b4:03:5d:17:1e:94:b7:78:81:f2: 12:3c:3e:cc:b6:ca:0f:7b:c7:b3:ac:94:e5:22:fa: ed:8c:a9:1f:9c:c9:f8:1a:6d:77:53:4f:37:bb:39: 9c:b9:aa:91:46:47:28:37:b6:eb:df:0f:ce:4d:a5: 29:43:c6:65:dc:8f:9e:7c:77:21:c9:78:e6:26:75: 8b:74:69:56:77:0d:03:e9:b3:c4:91:4a:ef:5b:82: 06:6e:0a:b0:85:35:a7:24:87:58:fb:1a:62:c2:f0: 04:8a:8a:3b:91:8f:9f:a8:b8:24:aa:0f:81:45:ed: 9f:77:25:60:59:6e:47:80:1f:f9:ae:7d:cb:8c:dc: 4d:97:3f:6e:0c:30:f0:e6:21:84:56:36:ee:76:47: 01:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0E:BC:EB:5B:D4:11:B8:E7:17:50:0E:05:A1:EF:C8:5D:9E:E4:EA:94 X509v3 Authority Key Identifier: keyid:CF:2E:EE:78:A0:08:4D:83:1D:E1:A2:50:01:83:E1:64:89:51:6C:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zy7ueKAITYMd4aJQAYPhZIlRbM8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/d7e660-6912-4380-ab4f-718b9c40fd25/1/zy7ueKAITYMd4aJQAYPhZIlRbM8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/19/d7e660-6912-4380-ab4f-718b9c40fd25/1/zy7ueKAITYMd4aJQAYPhZIlRbM8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 47:a1:e6:02:7b:a4:e5:17:ab:49:93:5e:4c:8c:78:b2:4e:96: d4:00:07:63:c3:95:aa:b0:4c:c6:df:ed:1b:6f:4a:b4:20:e6: ef:b2:f4:7c:f0:2e:81:52:22:e4:24:2e:4a:b7:6b:6f:70:3e: 51:55:bb:fb:2b:da:9f:01:5c:a7:e4:5b:e2:50:5f:d2:6a:55: 48:94:39:ee:c3:18:fd:9f:a8:c9:5d:6d:0d:70:85:80:30:09: d4:5a:9b:f8:f8:7c:66:18:f6:63:76:d2:bf:26:f1:e1:17:26: 8e:d0:5e:fc:59:93:5c:e3:59:1e:8b:c0:22:7d:ea:15:34:fb: 2a:8b:36:de:cc:0a:ff:8a:77:96:07:dd:1c:2c:43:bb:24:23: 73:ea:db:4d:b0:cd:da:b7:a4:b9:ba:7b:81:7f:ba:1d:22:80: bc:2a:72:41:08:d5:35:b3:6d:0b:49:cf:7d:15:dd:82:c0:89: 02:8d:9e:61:12:c7:ff:79:2e:9d:a6:41:4f:0f:03:4c:ca:56: 70:9d:91:82:1c:ac:ab:cd:b4:a0:08:e6:1b:e2:8a:89:b8:12: bd:62:2b:85:48:76:d5:f2:e1:ef:66:18:70:b6:58:74:fd:3e: c4:2a:0e:a8:87:eb:43:2f:4a:77:5d:0f:51:cf:1f:a7:b3:c5: 4f:5d:cf:23 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs0xHQtAx5iBDPgUxqdRku6MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNmMmVlZTc4YTAwODRkODMxZGUxYTI1MDAxODNlMTY0ODk1 MTZjY2YwHhcNMjUxMjE5MDQwMDQ4WhcNMjUxMjIwMDQwMDQ4WjAzMTEwLwYDVQQD EygwZWJjZWI1YmQ0MTFiOGU3MTc1MDBlMDVhMWVmYzg1ZDllZTRlYTk0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoekwZC8yPMoOgLzs14Q/gMtGQB7e YnJAj6mV+9SGqI12iMe8cKM1a/YePPknZP9y5xW3SWBp56FmJPP1cu4haaBjjonk anppFHdEYTODGETR+ILYMwCP+PYEjIQYbA324T3uxBg5OmYzZazSZ7QDXRcelLd4 gfISPD7MtsoPe8ezrJTlIvrtjKkfnMn4Gm13U083uzmcuaqRRkcoN7br3w/OTaUp Q8Zl3I+efHchyXjmJnWLdGlWdw0D6bPEkUrvW4IGbgqwhTWnJIdY+xpiwvAEioo7 kY+fqLgkqg+BRe2fdyVgWW5HgB/5rn3LjNxNlz9uDDDw5iGEVjbudkcBwwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFA6861vUEbjnF1AOBaHvyF2e5OqUMB8GA1UdIwQY MBaAFM8u7nigCE2DHeGiUAGD4WSJUWzPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvenk3dWVLQUlUWU1kNGFKUUFZUGhaSWxSYk04LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9kN2U2NjAtNjkxMi00MzgwLWFiNGYt NzE4YjljNDBmZDI1LzEvenk3dWVLQUlUWU1kNGFKUUFZUGhaSWxSYk04Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xOS9kN2U2NjAtNjkxMi00MzgwLWFiNGYtNzE4YjljNDBmZDI1 LzEvenk3dWVLQUlUWU1kNGFKUUFZUGhaSWxSYk04LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAR6HmAnuk 5RerSZNeTIx4sk6W1AAHY8OVqrBMxt/tG29KtCDm77L0fPAugVIi5CQuSrdrb3A+ UVW7+yvanwFcp+Rb4lBf0mpVSJQ57sMY/Z+oyV1tDXCFgDAJ1Fqb+Ph8Zhj2Y3bS vybx4RcmjtBe/FmTXONZHovAIn3qFTT7Kos23swK/4p3lgfdHCxDuyQjc+rbTbDN 2rekubp7gX+6HSKAvCpyQQjVNbNtC0nPfRXdgsCJAo2eYRLH/3kunaZBTw8DTMpW cJ2Rghysq820oAjmG+KKibgSvWIrhUh21fLh72YYcLZYdP0+xCoOqIfrQy9Kd10P Uc8fp7PFT13PIw== -----END CERTIFICATE-----Generated at Fri Dec 19 09:17:03 2025 by rpki-client