This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/d3280b-53f7-4394-8559-a461169f1dc2/1/zbptVwT9KQ0OBzN27aaIcXVk0ZY.mft File: zbptVwT9KQ0OBzN27aaIcXVk0ZY.mft (raw, json) Hash identifier: w9UH9Hu2+oSu29ZVsEb8Nu7uyAe9tNUwucwcGO/kxPI= Subject key identifier: 73:C8:18:DF:36:92:3E:24:60:B3:01:71:44:F8:4A:14:14:64:EE:6A Authority key identifier: CD:BA:6D:57:04:FD:29:0D:0E:07:33:76:ED:A6:88:71:75:64:D1:96 Certificate issuer: /CN=cdba6d5704fd290d0e073376eda688717564d196 Certificate serial: 019B49951E5A2C70E0884D6F85E64D268B18 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zbptVwT9KQ0OBzN27aaIcXVk0ZY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/d3280b-53f7-4394-8559-a461169f1dc2/1/zbptVwT9KQ0OBzN27aaIcXVk0ZY.mft Manifest number: 0E35 Signing time: Tue 23 Dec 2025 05:01:07 +0000 Manifest this update: Tue 23 Dec 2025 05:01:07 +0000 Manifest next update: Wed 24 Dec 2025 05:01:07 +0000 Files and hashes: 1: FwAUcIE-PlUBJk-lyofvjIK4_Vk.roa (hash: 7pDJDV3PAprmagYY0WEztJ7b9H5DGoPcWbYIPWhc9l8=) 2: zbptVwT9KQ0OBzN27aaIcXVk0ZY.crl (hash: Knc7rR+Y9ScVfvKt3CJqxrtwXfdH1J3A2R3Mrg0qURw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1d/d3280b-53f7-4394-8559-a461169f1dc2/1/zbptVwT9KQ0OBzN27aaIcXVk0ZY.crl rsync://rpki.ripe.net/repository/DEFAULT/1d/d3280b-53f7-4394-8559-a461169f1dc2/1/zbptVwT9KQ0OBzN27aaIcXVk0ZY.mft rsync://rpki.ripe.net/repository/DEFAULT/zbptVwT9KQ0OBzN27aaIcXVk0ZY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 24 Dec 2025 05:01:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:49:95:1e:5a:2c:70:e0:88:4d:6f:85:e6:4d:26:8b:18 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cdba6d5704fd290d0e073376eda688717564d196 Validity Not Before: Dec 23 05:01:07 2025 GMT Not After : Dec 24 05:01:07 2025 GMT Subject: CN=73c818df36923e2460b3017144f84a141464ee6a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:04:23:fe:0a:dd:81:73:ee:03:9b:40:09:b3: 3c:d1:d4:7f:83:0c:ac:e2:06:f7:3e:82:32:32:8e: d1:e3:33:df:42:ef:6b:1a:ed:52:e8:2c:81:a4:d6: ee:7c:a6:a5:71:4b:2a:30:72:05:14:e9:02:91:75: 86:e6:ff:f3:fc:26:77:1c:50:be:6e:a4:40:f3:e8: 26:be:6e:5a:b4:cf:90:07:ce:60:ca:d1:0e:9f:bf: c7:3e:b5:68:ae:11:81:2d:91:c9:c9:58:f1:0e:44: 62:36:85:03:dc:d0:d5:43:cc:02:67:f8:86:a4:76: f1:46:a2:f8:1d:25:62:20:77:9c:07:cd:2a:6c:18: aa:8f:39:88:cc:88:42:cc:7c:5b:b2:23:5b:50:77: b5:81:a8:60:2c:f1:53:bd:b3:6e:26:eb:05:c4:69: 7d:dc:37:6d:17:e8:ce:14:24:6b:71:42:07:ce:7e: 33:08:74:7d:20:6a:b3:69:e9:0b:c6:19:03:2a:78: a5:2f:b9:ce:80:76:1f:81:b8:c4:11:eb:21:7e:df: da:62:50:1c:c3:27:8e:16:ae:e5:a4:8b:e7:dd:e5: ec:c8:6e:2c:bc:b4:d7:c0:96:2d:8b:ae:44:ae:84: 2d:4a:eb:3b:fc:76:8d:35:69:66:7e:80:35:9e:59: 76:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 73:C8:18:DF:36:92:3E:24:60:B3:01:71:44:F8:4A:14:14:64:EE:6A X509v3 Authority Key Identifier: keyid:CD:BA:6D:57:04:FD:29:0D:0E:07:33:76:ED:A6:88:71:75:64:D1:96 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zbptVwT9KQ0OBzN27aaIcXVk0ZY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/d3280b-53f7-4394-8559-a461169f1dc2/1/zbptVwT9KQ0OBzN27aaIcXVk0ZY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/d3280b-53f7-4394-8559-a461169f1dc2/1/zbptVwT9KQ0OBzN27aaIcXVk0ZY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a0:fc:b0:31:a5:e8:c9:ba:7c:0d:f0:b8:e1:5d:85:52:8c:08: 71:2c:60:ae:0b:c9:cb:bc:f7:9a:f7:9a:73:f8:ee:56:3d:3a: 6f:df:c1:84:58:dc:45:9d:50:68:8c:b6:34:d7:a4:37:43:4c: 5d:9b:bf:63:42:89:55:5b:30:23:25:a2:e0:30:85:f6:99:91: 6f:26:a7:39:bc:72:b4:47:18:26:01:e6:ec:e3:24:c4:7c:6c: f7:e9:7b:d8:79:a8:22:c9:1a:14:34:6e:d9:e3:2b:0b:08:30: fe:a5:68:04:ef:78:21:29:9f:45:bd:db:14:04:6f:2e:f2:45: 17:db:ce:63:1b:44:d4:ae:d2:7b:fa:d9:24:dc:6f:df:88:43: a3:2a:25:17:44:b7:c1:e2:08:4d:61:07:6f:fa:5d:b4:5d:4b: ce:44:22:0d:63:9d:75:c2:95:ed:30:27:57:4c:eb:c7:a4:8b: 88:1a:2b:ee:cf:f6:b4:d9:07:81:40:3e:0b:8e:10:53:28:be: e1:e0:aa:4f:71:64:0a:57:38:df:59:62:41:d9:a4:38:c9:d1: c1:58:33:cb:a5:4b:14:77:1a:2b:1a:be:a0:e3:a3:62:fe:42: f7:e0:36:50:e9:42:8f:85:0b:ee:e7:cb:05:9a:aa:b9:10:1f: 56:5d:f6:4b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtJlR5aLHDgiE1vheZNJosYMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNkYmE2ZDU3MDRmZDI5MGQwZTA3MzM3NmVkYTY4ODcxNzU2 NGQxOTYwHhcNMjUxMjIzMDUwMTA3WhcNMjUxMjI0MDUwMTA3WjAzMTEwLwYDVQQD Eyg3M2M4MThkZjM2OTIzZTI0NjBiMzAxNzE0NGY4NGExNDE0NjRlZTZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApgQj/grdgXPuA5tACbM80dR/gwys 4gb3PoIyMo7R4zPfQu9rGu1S6CyBpNbufKalcUsqMHIFFOkCkXWG5v/z/CZ3HFC+ bqRA8+gmvm5atM+QB85gytEOn7/HPrVorhGBLZHJyVjxDkRiNoUD3NDVQ8wCZ/iG pHbxRqL4HSViIHecB80qbBiqjzmIzIhCzHxbsiNbUHe1gahgLPFTvbNuJusFxGl9 3DdtF+jOFCRrcUIHzn4zCHR9IGqzaekLxhkDKnilL7nOgHYfgbjEEeshft/aYlAc wyeOFq7lpIvn3eXsyG4svLTXwJYti65EroQtSus7/HaNNWlmfoA1nll2swIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHPIGN82kj4kYLMBcUT4ShQUZO5qMB8GA1UdIwQY MBaAFM26bVcE/SkNDgczdu2miHF1ZNGWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvemJwdFZ3VDlLUTBPQnpOMjdhYUljWFZrMFpZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC9kMzI4MGItNTNmNy00Mzk0LTg1NTkt YTQ2MTE2OWYxZGMyLzEvemJwdFZ3VDlLUTBPQnpOMjdhYUljWFZrMFpZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xZC9kMzI4MGItNTNmNy00Mzk0LTg1NTktYTQ2MTE2OWYxZGMy LzEvemJwdFZ3VDlLUTBPQnpOMjdhYUljWFZrMFpZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoPywMaXo ybp8DfC44V2FUowIcSxgrgvJy7z3mveac/juVj06b9/BhFjcRZ1QaIy2NNekN0NM XZu/Y0KJVVswIyWi4DCF9pmRbyanObxytEcYJgHm7OMkxHxs9+l72HmoIskaFDRu 2eMrCwgw/qVoBO94ISmfRb3bFARvLvJFF9vOYxtE1K7Se/rZJNxv34hDoyolF0S3 weIITWEHb/pdtF1LzkQiDWOddcKV7TAnV0zrx6SLiBor7s/2tNkHgUA+C44QUyi+ 4eCqT3FkClc431liQdmkOMnRwVgzy6VLFHcaKxq+oOOjYv5C9+A2UOlCj4UL7ufL BZqquRAfVl32Sw== -----END CERTIFICATE-----Generated at Tue Dec 23 11:20:17 2025 by rpki-client