This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/4bba08-be36-47eb-ab2c-6359f92e1d2f/1/zK1o9-irrfRHJiM0OjJWFQciQYk.mft File: zK1o9-irrfRHJiM0OjJWFQciQYk.mft (raw, json) Hash identifier: CF+sO3bQ8ENi0O+jHMbVU3mRRlm0Q6HgmXfq6MgWeo8= Subject key identifier: 63:06:0E:B9:13:1E:AB:BB:8C:6B:BB:98:CF:1D:9B:03:44:90:80:72 Authority key identifier: CC:AD:68:F7:E8:AB:AD:F4:47:26:23:34:3A:32:56:15:07:22:41:89 Certificate issuer: /CN=ccad68f7e8abadf4472623343a32561507224189 Certificate serial: 019B236419ECA56837B400661A0C43E98670 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zK1o9-irrfRHJiM0OjJWFQciQYk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/4bba08-be36-47eb-ab2c-6359f92e1d2f/1/zK1o9-irrfRHJiM0OjJWFQciQYk.mft Manifest number: 08EB Signing time: Mon 15 Dec 2025 19:02:01 +0000 Manifest this update: Mon 15 Dec 2025 19:02:01 +0000 Manifest next update: Tue 16 Dec 2025 19:02:01 +0000 Files and hashes: 1: UD4cQq7SyCABLCZHHC1Ou_EeL6M.roa (hash: tfgZKXi2rZuQqy6q4ZM+ZUGFDVqdyYkcUnUVHT5tgpI=) 2: zK1o9-irrfRHJiM0OjJWFQciQYk.crl (hash: mJTB0HGPbzGnPraKf5mhDaosVT92LwbtL8qsiucWil4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/4bba08-be36-47eb-ab2c-6359f92e1d2f/1/zK1o9-irrfRHJiM0OjJWFQciQYk.crl rsync://rpki.ripe.net/repository/DEFAULT/25/4bba08-be36-47eb-ab2c-6359f92e1d2f/1/zK1o9-irrfRHJiM0OjJWFQciQYk.mft rsync://rpki.ripe.net/repository/DEFAULT/zK1o9-irrfRHJiM0OjJWFQciQYk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 15:30:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:23:64:19:ec:a5:68:37:b4:00:66:1a:0c:43:e9:86:70 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ccad68f7e8abadf4472623343a32561507224189 Validity Not Before: Dec 15 19:02:01 2025 GMT Not After : Dec 16 19:02:01 2025 GMT Subject: CN=63060eb9131eabbb8c6bbb98cf1d9b0344908072 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:89:64:50:21:15:47:7e:55:38:a8:86:41:db:24: 22:1e:11:16:d1:c7:5b:fc:d9:ff:db:fa:85:32:18: 4e:0b:c9:46:f6:1f:eb:bb:3b:9e:54:54:19:8d:93: a6:74:07:c2:75:9f:e1:fa:50:4b:66:13:5d:bd:be: 1f:77:e9:3d:33:35:2d:61:68:03:cc:54:1d:a4:f0: 8b:47:d7:0c:79:7d:0b:9e:44:20:21:6a:5e:ab:91: 0d:d5:66:fe:25:3f:e7:fc:39:cb:2c:be:59:b7:ce: 7e:0a:67:20:ff:91:1f:16:6f:40:80:c9:40:18:9d: 0f:2f:51:71:05:00:62:47:1d:36:1e:2c:05:32:98: 35:12:de:d1:c9:d6:9a:6a:31:b5:59:1b:d3:49:f4: 9d:4a:34:a7:b1:42:5d:87:c0:66:f7:a5:7f:b8:f8: 99:fd:3c:c7:07:6d:41:9c:3d:fd:ea:75:5c:23:de: fb:16:a3:a1:cb:9c:c0:58:16:f3:52:ca:39:d5:03: b9:84:97:7b:1f:06:1e:36:de:19:0a:87:32:12:67: 79:35:cb:3c:18:3d:87:f5:c4:a6:e3:4c:b7:43:72: e2:7b:77:f7:af:c5:32:3d:db:84:14:49:b0:07:24: 0a:23:d8:20:3b:29:41:65:b9:37:d1:86:f1:bb:49: 56:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 63:06:0E:B9:13:1E:AB:BB:8C:6B:BB:98:CF:1D:9B:03:44:90:80:72 X509v3 Authority Key Identifier: keyid:CC:AD:68:F7:E8:AB:AD:F4:47:26:23:34:3A:32:56:15:07:22:41:89 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zK1o9-irrfRHJiM0OjJWFQciQYk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/4bba08-be36-47eb-ab2c-6359f92e1d2f/1/zK1o9-irrfRHJiM0OjJWFQciQYk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/25/4bba08-be36-47eb-ab2c-6359f92e1d2f/1/zK1o9-irrfRHJiM0OjJWFQciQYk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a3:db:e2:b2:63:f8:fc:53:1c:b7:74:1f:47:cc:40:7e:18:95: a8:10:ff:26:c9:fb:41:52:7c:ea:2c:8e:78:61:ac:1a:57:e7: 96:8e:82:e1:89:33:ca:2e:08:ec:82:cb:36:ad:22:0d:00:ab: f2:67:34:8c:2b:ad:75:cf:7b:91:09:c3:da:51:7c:de:dd:48: d5:01:ea:eb:79:38:54:6c:52:20:f3:04:fb:c1:88:72:07:a0: 8b:88:b9:56:ad:50:5c:86:6c:45:fc:04:95:f4:86:2e:53:6c: 43:53:49:29:75:48:92:2b:cc:01:27:9e:a5:b1:46:3b:38:4d: 56:1d:27:73:cb:66:fc:34:22:ba:d0:39:fc:ae:e3:47:b9:be: 8a:33:b4:c9:ff:3c:c0:8c:52:74:18:ef:22:40:a1:a3:1d:8f: f0:b0:e6:a9:a2:45:1d:29:1f:14:d5:a9:e5:de:26:ba:28:9b: 4e:f4:93:6a:a8:de:d7:54:88:ef:ce:9a:cc:ab:d6:83:5a:e1: 3d:34:f5:2c:ba:de:64:82:00:6b:2d:0b:d3:23:cf:8b:74:e8: 51:a1:fc:61:0c:3d:32:d3:ab:a9:74:8c:cd:a5:04:3a:8e:2e: 94:d6:82:5b:78:1d:b0:0a:e3:b5:52:e3:c4:30:93:d9:f2:cf: 93:2e:9c:f2 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsjZBnspWg3tABmGgxD6YZwMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNjYWQ2OGY3ZThhYmFkZjQ0NzI2MjMzNDNhMzI1NjE1MDcy MjQxODkwHhcNMjUxMjE1MTkwMjAxWhcNMjUxMjE2MTkwMjAxWjAzMTEwLwYDVQQD Eyg2MzA2MGViOTEzMWVhYmJiOGM2YmJiOThjZjFkOWIwMzQ0OTA4MDcyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiWRQIRVHflU4qIZB2yQiHhEW0cdb /Nn/2/qFMhhOC8lG9h/ruzueVFQZjZOmdAfCdZ/h+lBLZhNdvb4fd+k9MzUtYWgD zFQdpPCLR9cMeX0LnkQgIWpeq5EN1Wb+JT/n/DnLLL5Zt85+Cmcg/5EfFm9AgMlA GJ0PL1FxBQBiRx02HiwFMpg1Et7RydaaajG1WRvTSfSdSjSnsUJdh8Bm96V/uPiZ /TzHB21BnD396nVcI977FqOhy5zAWBbzUso51QO5hJd7HwYeNt4ZCocyEmd5Ncs8 GD2H9cSm40y3Q3Lie3f3r8UyPduEFEmwByQKI9ggOylBZbk30Ybxu0lWWwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGMGDrkTHqu7jGu7mM8dmwNEkIByMB8GA1UdIwQY MBaAFMytaPfoq630RyYjNDoyVhUHIkGJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveksxbzktaXJyZlJISmlNME9qSldGUWNpUVlrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS80YmJhMDgtYmUzNi00N2ViLWFiMmMt NjM1OWY5MmUxZDJmLzEveksxbzktaXJyZlJISmlNME9qSldGUWNpUVlrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNS80YmJhMDgtYmUzNi00N2ViLWFiMmMtNjM1OWY5MmUxZDJm LzEveksxbzktaXJyZlJISmlNME9qSldGUWNpUVlrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAo9vismP4 /FMct3QfR8xAfhiVqBD/Jsn7QVJ86iyOeGGsGlfnlo6C4Ykzyi4I7ILLNq0iDQCr 8mc0jCutdc97kQnD2lF83t1I1QHq63k4VGxSIPME+8GIcgegi4i5Vq1QXIZsRfwE lfSGLlNsQ1NJKXVIkivMASeepbFGOzhNVh0nc8tm/DQiutA5/K7jR7m+ijO0yf88 wIxSdBjvIkChox2P8LDmqaJFHSkfFNWp5d4muiibTvSTaqje11SI786azKvWg1rh PTT1LLreZIIAay0L0yPPi3ToUaH8YQw9MtOrqXSMzaUEOo4ulNaCW3gdsArjtVLj xDCT2fLPky6c8g== -----END CERTIFICATE-----Generated at Tue Dec 16 00:14:43 2025 by rpki-client