This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/aca912-9e8d-4749-95e0-fea0aff359f5/1/ZD4bqRxWmoshptLWf1271sBOQ-o.mft File: ZD4bqRxWmoshptLWf1271sBOQ-o.mft (raw, json) Hash identifier: MQTah6RSmr3aB9EDHEjP9ojWK631vXjHJCoImKWhNa4= Subject key identifier: 44:12:9E:95:8C:0E:4E:D1:6E:77:EC:A6:8A:0F:8F:40:4F:C3:B3:64 Authority key identifier: 64:3E:1B:A9:1C:56:9A:8B:21:A6:D2:D6:7F:5D:BB:D6:C0:4E:43:EA Certificate issuer: /CN=643e1ba91c569a8b21a6d2d67f5dbbd6c04e43ea Certificate serial: 019B0F37B5DC528B8E13E2FE935B9F7FE701 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZD4bqRxWmoshptLWf1271sBOQ-o.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/aca912-9e8d-4749-95e0-fea0aff359f5/1/ZD4bqRxWmoshptLWf1271sBOQ-o.mft Manifest number: 1772 Signing time: Thu 11 Dec 2025 21:01:07 +0000 Manifest this update: Thu 11 Dec 2025 21:01:07 +0000 Manifest next update: Fri 12 Dec 2025 21:01:07 +0000 Files and hashes: 1: 1MBxY-L-G-PezNdSAum2Qznjvvk.roa (hash: WzqdlX3BQAdtrBN0mtz0qnp4BVXNCLlknuqqWLF2nEY=) 2: 64_MTb5KgxHA8ajybrrfkFaqSHo.roa (hash: 3HoEZ5o8a764cMBp72+Je8xSTOL3XWu1W9vfmUxztJY=) 3: NcFH54U_2J6k3O8FG01A4l3YkX4.roa (hash: /kjUMIh5yITP6UOhs7cpgkxUJuo6AlmV12M3gHqX+6U=) 4: QnTqLhMHC9T4AoMjaLap4QpmLDU.roa (hash: 7wNURJNL1VG5jzuYA7SYiM1RdZjO0wnh2b7/W3YMGs8=) 5: ZD4bqRxWmoshptLWf1271sBOQ-o.crl (hash: DC4nQDMQOdJz58ymD8Y9JxmddVGdWXB3qeXYe3Ziumk=) 6: ZKwCytxQwb2lA8HdN2ItTa-nGFE.roa (hash: YVehp3VlkVUX9qY7Jk5F+8RNoRR+lbS+MAT+mCdr+Tw=) 7: ymZdEzMVegQJBBFPgdqPQzW1-gk.roa (hash: RX7+2wwGNp6bGJxI7GKZlbgjxbbHN4LNuKVuwi5foZ4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/83/aca912-9e8d-4749-95e0-fea0aff359f5/1/ZD4bqRxWmoshptLWf1271sBOQ-o.crl rsync://rpki.ripe.net/repository/DEFAULT/83/aca912-9e8d-4749-95e0-fea0aff359f5/1/ZD4bqRxWmoshptLWf1271sBOQ-o.mft rsync://rpki.ripe.net/repository/DEFAULT/ZD4bqRxWmoshptLWf1271sBOQ-o.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 12 Dec 2025 19:27:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:0f:37:b5:dc:52:8b:8e:13:e2:fe:93:5b:9f:7f:e7:01 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=643e1ba91c569a8b21a6d2d67f5dbbd6c04e43ea Validity Not Before: Dec 11 21:01:07 2025 GMT Not After : Dec 12 21:01:07 2025 GMT Subject: CN=44129e958c0e4ed16e77eca68a0f8f404fc3b364 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:c6:f9:2b:21:54:5c:0e:91:9e:bd:ae:ad:a6: e0:65:3d:a1:db:2b:4f:7e:39:d7:a9:28:32:7b:d7: 47:a7:5b:a4:71:e1:10:d1:ca:b0:48:e2:51:0f:77: 41:80:06:04:29:e6:1c:6c:8f:4f:99:d0:6c:60:88: 3f:5b:9d:49:5e:45:35:c4:e2:83:9b:15:ee:1c:d2: 25:41:87:e4:08:94:f3:4d:b9:97:f2:5d:68:e8:ac: db:aa:aa:1b:b6:bf:74:63:8d:c7:d4:e5:26:b9:55: f7:cc:e5:71:63:d1:c8:a6:da:db:69:14:f9:2e:e7: df:25:92:17:5c:3a:36:6e:05:82:db:36:ae:69:73: 62:a9:99:a1:c9:2f:66:f0:dc:4e:9e:47:98:e7:7b: 99:e4:37:89:d6:fb:f0:e3:9f:1e:b6:ad:71:ec:f8: 0a:f7:e7:01:e2:a0:0b:85:f9:05:45:46:93:f0:89: ac:9a:eb:c0:24:bc:bc:26:5f:dd:94:2f:49:7d:d6: 34:b4:28:f3:68:c3:2b:16:38:44:70:64:e7:9e:87: b8:ac:83:4f:28:f3:f9:bc:36:91:dc:76:ab:27:a5: bd:00:a0:4b:f2:dc:7e:c8:4f:e5:d3:24:aa:2b:05: 39:43:47:9d:42:f8:29:ef:6a:a2:e5:49:f2:8c:de: c9:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 44:12:9E:95:8C:0E:4E:D1:6E:77:EC:A6:8A:0F:8F:40:4F:C3:B3:64 X509v3 Authority Key Identifier: keyid:64:3E:1B:A9:1C:56:9A:8B:21:A6:D2:D6:7F:5D:BB:D6:C0:4E:43:EA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZD4bqRxWmoshptLWf1271sBOQ-o.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/aca912-9e8d-4749-95e0-fea0aff359f5/1/ZD4bqRxWmoshptLWf1271sBOQ-o.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/83/aca912-9e8d-4749-95e0-fea0aff359f5/1/ZD4bqRxWmoshptLWf1271sBOQ-o.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 83:7a:23:98:a4:97:44:00:13:9a:2a:04:1f:ca:b6:1a:20:36: d8:ef:fb:64:34:25:3e:d6:35:58:88:bf:84:84:20:ff:71:b9: 98:7d:7f:78:c8:f6:19:c0:50:14:bd:69:83:8f:27:90:68:e0: 3b:3b:67:66:f0:fb:ab:0b:54:1a:af:c1:89:63:db:d4:16:05: cb:e5:96:ff:b8:6e:5f:0c:fc:bf:01:00:2b:86:51:26:ef:48: 0c:a3:de:bb:7a:84:cc:c5:61:e4:2c:ff:7c:51:f2:cd:a2:8e: f5:33:89:ad:57:5d:0e:16:44:2b:4a:eb:a0:37:5d:c4:20:13: 20:54:0a:54:fa:4b:e5:73:7d:3a:78:42:c0:d5:9c:ab:f7:77: fc:c9:19:75:28:9b:22:d2:3e:d2:0b:71:84:e8:70:6c:f4:2e: b1:bd:c3:8b:fd:74:9f:05:b8:2b:a7:23:24:37:ce:14:9b:8d: 87:76:05:21:6b:ac:0a:89:7e:c1:76:ec:a6:55:7b:5f:a0:f8: 34:65:8e:06:4f:66:cd:54:b3:51:e5:23:ad:27:56:30:b9:17: f2:dd:5a:19:b8:2c:ca:90:ca:38:d1:7a:2a:a1:2c:48:11:24: 91:17:1b:31:f8:d4:c7:39:1b:8d:a4:e2:ef:9b:00:a6:55:5e: cf:e0:cf:33 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsPN7XcUouOE+L+k1uff+cBMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY0M2UxYmE5MWM1NjlhOGIyMWE2ZDJkNjdmNWRiYmQ2YzA0 ZTQzZWEwHhcNMjUxMjExMjEwMTA3WhcNMjUxMjEyMjEwMTA3WjAzMTEwLwYDVQQD Eyg0NDEyOWU5NThjMGU0ZWQxNmU3N2VjYTY4YTBmOGY0MDRmYzNiMzY0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApcb5KyFUXA6Rnr2urabgZT2h2ytP fjnXqSgye9dHp1ukceEQ0cqwSOJRD3dBgAYEKeYcbI9PmdBsYIg/W51JXkU1xOKD mxXuHNIlQYfkCJTzTbmX8l1o6Kzbqqobtr90Y43H1OUmuVX3zOVxY9HIptrbaRT5 LuffJZIXXDo2bgWC2zauaXNiqZmhyS9m8NxOnkeY53uZ5DeJ1vvw458etq1x7PgK 9+cB4qALhfkFRUaT8ImsmuvAJLy8Jl/dlC9JfdY0tCjzaMMrFjhEcGTnnoe4rINP KPP5vDaR3HarJ6W9AKBL8tx+yE/l0ySqKwU5Q0edQvgp72qi5UnyjN7JcwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEQSnpWMDk7RbnfspooPj0BPw7NkMB8GA1UdIwQY MBaAFGQ+G6kcVpqLIabS1n9du9bATkPqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWkQ0YnFSeFdtb3NocHRMV2YxMjcxc0JPUS1vLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My9hY2E5MTItOWU4ZC00NzQ5LTk1ZTAt ZmVhMGFmZjM1OWY1LzEvWkQ0YnFSeFdtb3NocHRMV2YxMjcxc0JPUS1vLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84My9hY2E5MTItOWU4ZC00NzQ5LTk1ZTAtZmVhMGFmZjM1OWY1 LzEvWkQ0YnFSeFdtb3NocHRMV2YxMjcxc0JPUS1vLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAg3ojmKSX RAATmioEH8q2GiA22O/7ZDQlPtY1WIi/hIQg/3G5mH1/eMj2GcBQFL1pg48nkGjg OztnZvD7qwtUGq/BiWPb1BYFy+WW/7huXwz8vwEAK4ZRJu9IDKPeu3qEzMVh5Cz/ fFHyzaKO9TOJrVddDhZEK0rroDddxCATIFQKVPpL5XN9OnhCwNWcq/d3/MkZdSib ItI+0gtxhOhwbPQusb3Di/10nwW4K6cjJDfOFJuNh3YFIWusCol+wXbsplV7X6D4 NGWOBk9mzVSzUeUjrSdWMLkX8t1aGbgsypDKONF6KqEsSBEkkRcbMfjUxzkbjaTi 75sAplVez+DPMw== -----END CERTIFICATE-----Generated at Fri Dec 12 02:39:01 2025 by rpki-client