This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/196b71-587e-4099-bdb2-b954c50fdbb0/1/z2YiS8-4uC3qq6yMTKJQNxuXRhE.mft File: z2YiS8-4uC3qq6yMTKJQNxuXRhE.mft (raw, json) Hash identifier: D61Ac1HWXjISnT/biaynZXbj78mh+lMxCEkI7v+0rBE= Subject key identifier: B0:F8:4C:68:2E:36:3A:C4:A2:88:95:7A:F8:35:D6:EC:90:4F:B6:43 Authority key identifier: CF:66:22:4B:CF:B8:B8:2D:EA:AB:AC:8C:4C:A2:50:37:1B:97:46:11 Certificate issuer: /CN=cf66224bcfb8b82deaabac8c4ca250371b974611 Certificate serial: 019B5A522A413FB9ECA0B043C8299BE82EF8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z2YiS8-4uC3qq6yMTKJQNxuXRhE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/196b71-587e-4099-bdb2-b954c50fdbb0/1/z2YiS8-4uC3qq6yMTKJQNxuXRhE.mft Manifest number: 1798 Signing time: Fri 26 Dec 2025 11:01:32 +0000 Manifest this update: Fri 26 Dec 2025 11:01:32 +0000 Manifest next update: Sat 27 Dec 2025 11:01:32 +0000 Files and hashes: 1: hPBXvKQdaqlVU4nQ-2Te7vaa8Bo.roa (hash: c9xr2QPdOJHBS76dYaN+BTyMMmlA60SbcteFKaCmJMA=) 2: z2YiS8-4uC3qq6yMTKJQNxuXRhE.crl (hash: 459h0u60RzSL70EOExnVnl1nV47U284RHlPEouoJLDk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/196b71-587e-4099-bdb2-b954c50fdbb0/1/z2YiS8-4uC3qq6yMTKJQNxuXRhE.crl rsync://rpki.ripe.net/repository/DEFAULT/44/196b71-587e-4099-bdb2-b954c50fdbb0/1/z2YiS8-4uC3qq6yMTKJQNxuXRhE.mft rsync://rpki.ripe.net/repository/DEFAULT/z2YiS8-4uC3qq6yMTKJQNxuXRhE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:52:2a:41:3f:b9:ec:a0:b0:43:c8:29:9b:e8:2e:f8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cf66224bcfb8b82deaabac8c4ca250371b974611 Validity Not Before: Dec 26 11:01:32 2025 GMT Not After : Dec 27 11:01:32 2025 GMT Subject: CN=b0f84c682e363ac4a288957af835d6ec904fb643 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:c7:f2:89:af:90:f1:89:37:77:77:53:75:8d: 4c:fe:e4:47:dc:65:ac:ed:e3:f2:99:db:d6:7f:56: c0:c8:41:49:c6:d4:08:b1:b5:9a:35:b5:83:15:76: 69:58:8f:c3:15:98:51:28:3f:60:6e:50:a0:bb:d8: 6f:8a:60:7e:f2:d1:2d:42:69:c8:4e:5c:ca:a0:a6: b4:1b:29:ff:f1:42:b7:b8:8a:e0:d9:08:61:34:72: 56:51:4c:ac:6a:5f:da:6d:01:65:c4:90:82:41:08: 63:08:4e:cf:08:0b:24:58:07:9a:53:ab:25:8f:44: 77:c6:37:9d:8b:7d:21:3b:f8:46:03:d4:f0:6c:39: 08:f8:db:c4:63:26:67:06:f5:15:53:49:c4:85:88: 37:5c:5c:29:17:d9:c1:2f:ac:b4:be:d4:53:81:1a: 83:24:a4:24:b7:81:7b:e9:3f:e5:12:b4:ce:10:af: 9f:a5:c1:78:8a:9e:c3:ac:13:2e:c6:6f:94:d9:60: 78:ea:fb:4f:6d:0e:1a:80:d7:e0:6d:03:34:25:2a: b8:3e:81:0a:be:c1:e5:6b:aa:c9:02:58:d5:7d:f9: 9e:f7:cd:8d:bb:fa:ab:d0:31:a7:e8:87:c3:b2:08: 06:b0:ee:97:cc:be:f1:11:2b:df:90:7c:31:b3:95: b1:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B0:F8:4C:68:2E:36:3A:C4:A2:88:95:7A:F8:35:D6:EC:90:4F:B6:43 X509v3 Authority Key Identifier: keyid:CF:66:22:4B:CF:B8:B8:2D:EA:AB:AC:8C:4C:A2:50:37:1B:97:46:11 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z2YiS8-4uC3qq6yMTKJQNxuXRhE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/196b71-587e-4099-bdb2-b954c50fdbb0/1/z2YiS8-4uC3qq6yMTKJQNxuXRhE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/44/196b71-587e-4099-bdb2-b954c50fdbb0/1/z2YiS8-4uC3qq6yMTKJQNxuXRhE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 00:04:a2:33:70:55:43:3e:4c:29:03:1c:bf:b2:00:82:54:00: af:18:3b:4b:6a:c2:48:24:6f:ec:7c:92:40:49:5f:eb:d3:79: 33:01:0a:a6:4c:51:71:bf:87:22:d5:ef:ed:ea:e3:52:51:c1: 9e:66:3f:e5:69:d1:cc:4f:f3:cf:f2:30:63:20:18:0e:28:ab: c6:7e:9c:52:de:ed:64:f7:79:d1:49:1a:73:d6:c3:56:8c:5e: 7e:33:2c:6f:b8:1e:64:8c:3e:e9:85:80:4d:4e:92:f6:cb:ae: eb:ce:0d:83:3e:ac:d0:b3:8c:ff:07:b8:0f:44:cd:59:f0:2d: 8a:f7:4e:22:aa:a9:1b:71:b1:b5:15:c9:63:5d:5e:6d:91:49: 19:aa:df:86:63:42:7c:48:c2:60:e6:87:a9:aa:3a:62:49:dd: 61:99:7e:eb:d8:1f:c4:31:71:55:11:bd:0a:93:bb:57:3a:92: ba:c8:cb:15:8d:dc:f2:89:5c:6a:8a:67:17:85:be:bd:b4:36: ce:b8:64:7a:1b:32:ae:21:ae:44:5a:82:de:b3:25:3f:62:24: f5:44:2d:37:b4:95:c2:9c:e7:d3:b3:b5:01:cc:0a:4e:76:a5: 5c:3c:5e:0b:54:8c:59:2a:8d:3a:14:92:8c:08:3a:7b:fc:6a: b7:db:ef:68 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtaUipBP7nsoLBDyCmb6C74MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNmNjYyMjRiY2ZiOGI4MmRlYWFiYWM4YzRjYTI1MDM3MWI5 NzQ2MTEwHhcNMjUxMjI2MTEwMTMyWhcNMjUxMjI3MTEwMTMyWjAzMTEwLwYDVQQD EyhiMGY4NGM2ODJlMzYzYWM0YTI4ODk1N2FmODM1ZDZlYzkwNGZiNjQzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl8fyia+Q8Yk3d3dTdY1M/uRH3GWs 7ePymdvWf1bAyEFJxtQIsbWaNbWDFXZpWI/DFZhRKD9gblCgu9hvimB+8tEtQmnI TlzKoKa0Gyn/8UK3uIrg2QhhNHJWUUysal/abQFlxJCCQQhjCE7PCAskWAeaU6sl j0R3xjedi30hO/hGA9TwbDkI+NvEYyZnBvUVU0nEhYg3XFwpF9nBL6y0vtRTgRqD JKQkt4F76T/lErTOEK+fpcF4ip7DrBMuxm+U2WB46vtPbQ4agNfgbQM0JSq4PoEK vsHla6rJAljVffme982Nu/qr0DGn6IfDsggGsO6XzL7xESvfkHwxs5WxdQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLD4TGguNjrEooiVevg11uyQT7ZDMB8GA1UdIwQY MBaAFM9mIkvPuLgt6qusjEyiUDcbl0YRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvejJZaVM4LTR1QzNxcTZ5TVRLSlFOeHVYUmhFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC8xOTZiNzEtNTg3ZS00MDk5LWJkYjIt Yjk1NGM1MGZkYmIwLzEvejJZaVM4LTR1QzNxcTZ5TVRLSlFOeHVYUmhFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80NC8xOTZiNzEtNTg3ZS00MDk5LWJkYjItYjk1NGM1MGZkYmIw LzEvejJZaVM4LTR1QzNxcTZ5TVRLSlFOeHVYUmhFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAASiM3BV Qz5MKQMcv7IAglQArxg7S2rCSCRv7HySQElf69N5MwEKpkxRcb+HItXv7erjUlHB nmY/5WnRzE/zz/IwYyAYDiirxn6cUt7tZPd50Ukac9bDVoxefjMsb7geZIw+6YWA TU6S9suu684Ngz6s0LOM/we4D0TNWfAtivdOIqqpG3GxtRXJY11ebZFJGarfhmNC fEjCYOaHqao6YkndYZl+69gfxDFxVRG9CpO7VzqSusjLFY3c8olcaopnF4W+vbQ2 zrhkehsyriGuRFqC3rMlP2Ik9UQtN7SVwpzn07O1AcwKTnalXDxeC1SMWSqNOhSS jAg6e/xqt9vvaA== -----END CERTIFICATE-----Generated at Fri Dec 26 16:06:38 2025 by rpki-client