This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/486e7a-188d-44ad-b737-b09e76553852/1/Z9QQ5we1eXGxSlQwnwILrLtNIbE.mft File: Z9QQ5we1eXGxSlQwnwILrLtNIbE.mft (raw, json) Hash identifier: TMojy+FEVXjlwqES5AuKZAeKI31SKaTONR8EULls4UI= Subject key identifier: D8:CC:5A:02:E6:CC:8D:37:48:02:D9:3A:7F:BD:32:03:A7:A0:9E:CD Authority key identifier: 67:D4:10:E7:07:B5:79:71:B1:4A:54:30:9F:02:0B:AC:BB:4D:21:B1 Certificate issuer: /CN=67d410e707b57971b14a54309f020bacbb4d21b1 Certificate serial: 019B34FB2F86C8B9E5E6E3E0931BBE8BEBE2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z9QQ5we1eXGxSlQwnwILrLtNIbE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/486e7a-188d-44ad-b737-b09e76553852/1/Z9QQ5we1eXGxSlQwnwILrLtNIbE.mft Manifest number: 034F Signing time: Fri 19 Dec 2025 05:00:35 +0000 Manifest this update: Fri 19 Dec 2025 05:00:35 +0000 Manifest next update: Sat 20 Dec 2025 05:00:35 +0000 Files and hashes: 1: MGVqJJOFzu2un2swGTuXTTEGsNg.roa (hash: gTMkvTBOmf7oEcLgyb6M80tZ/0OamavqqMR1gZp8YYk=) 2: Z9QQ5we1eXGxSlQwnwILrLtNIbE.crl (hash: DpvlJcWe6w/fx5VEwW71TYDdzr1nVKTBe6iqu8CRFTQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/486e7a-188d-44ad-b737-b09e76553852/1/Z9QQ5we1eXGxSlQwnwILrLtNIbE.crl rsync://rpki.ripe.net/repository/DEFAULT/87/486e7a-188d-44ad-b737-b09e76553852/1/Z9QQ5we1eXGxSlQwnwILrLtNIbE.mft rsync://rpki.ripe.net/repository/DEFAULT/Z9QQ5we1eXGxSlQwnwILrLtNIbE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 05:00:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:34:fb:2f:86:c8:b9:e5:e6:e3:e0:93:1b:be:8b:eb:e2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=67d410e707b57971b14a54309f020bacbb4d21b1 Validity Not Before: Dec 19 05:00:35 2025 GMT Not After : Dec 20 05:00:35 2025 GMT Subject: CN=d8cc5a02e6cc8d374802d93a7fbd3203a7a09ecd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:16:4d:aa:de:54:55:df:74:e3:1f:92:23:17: bb:12:4d:a9:1a:ee:93:4b:56:fa:44:91:ee:42:75: 57:1c:21:df:14:2f:1f:63:a5:c5:22:ce:1f:a3:b9: 2e:df:2a:83:ff:d8:7a:90:f9:54:cb:7c:c3:79:6a: da:22:af:2f:94:d7:bd:35:7d:a9:ac:a4:8b:2f:74: a9:75:56:56:7a:23:f0:f9:b2:ad:b1:2c:07:e8:bc: d2:39:50:d1:8b:30:48:3c:5e:6b:fd:9b:01:08:33: 88:55:bb:9e:92:17:ff:6c:68:c0:1c:74:31:ed:1c: 0a:64:70:f7:85:81:b6:84:a7:f2:0c:79:1b:7f:fd: d9:38:98:83:23:1c:99:57:5a:90:0e:fa:c0:ae:4d: 93:98:1a:90:ab:94:73:c6:a0:db:5e:fc:ab:92:39: 8d:3c:48:17:ce:af:24:2f:b4:50:a4:bf:be:29:d5: 79:5b:05:8d:6d:56:cd:3d:7f:12:cb:82:af:29:ac: d3:c1:b5:57:96:db:59:11:5c:21:b8:40:f7:32:da: 36:23:a4:dd:96:a5:85:f8:ce:a7:98:8b:01:5c:9d: a0:6b:55:4a:09:f9:be:c8:33:d9:d1:31:7f:94:fb: 3f:2c:23:05:64:88:89:b0:56:92:0f:fc:58:70:96: 23:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:CC:5A:02:E6:CC:8D:37:48:02:D9:3A:7F:BD:32:03:A7:A0:9E:CD X509v3 Authority Key Identifier: keyid:67:D4:10:E7:07:B5:79:71:B1:4A:54:30:9F:02:0B:AC:BB:4D:21:B1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z9QQ5we1eXGxSlQwnwILrLtNIbE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/486e7a-188d-44ad-b737-b09e76553852/1/Z9QQ5we1eXGxSlQwnwILrLtNIbE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/87/486e7a-188d-44ad-b737-b09e76553852/1/Z9QQ5we1eXGxSlQwnwILrLtNIbE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 14:a0:4f:cd:31:c8:c9:74:53:87:04:b6:8c:d3:7b:26:e3:73: e6:58:9e:a5:fe:1f:94:a4:b2:b2:63:27:45:1b:14:bd:a9:33: 8f:54:c3:f9:2d:ec:3a:d0:e9:20:c5:15:7b:be:0d:b6:1d:c7: 52:fc:9e:59:41:01:f3:70:2d:ab:76:ed:2e:ab:f1:51:83:14: 41:d9:b5:4a:e1:4e:b0:62:84:fd:cd:08:06:46:84:9d:a7:23: df:b0:dc:45:bc:0f:09:cb:8e:70:2e:fa:19:f5:3e:d5:a1:10: 80:28:c5:01:5a:fb:db:fd:93:e1:da:1f:5c:11:84:d6:01:62: 68:21:45:aa:bf:75:9f:3c:a8:36:a8:ba:ab:54:d7:32:70:3d: 11:5a:02:9f:7a:3e:f6:25:7b:02:e9:e6:76:62:e2:01:a5:66: 63:f5:98:72:35:eb:36:d8:47:dc:fc:28:99:0a:06:1e:c5:e2: 98:4c:10:b4:fe:91:87:13:fb:4a:ef:34:e2:40:0d:b8:5f:62: c0:6d:be:6e:5b:c3:50:79:f8:1f:cf:ed:fd:11:49:ba:78:1d: d7:d8:47:cd:c3:22:d7:f9:86:43:c6:fd:6a:2d:1a:0b:0d:78: ee:e3:95:11:d4:4d:d0:12:26:5c:1e:84:32:f9:14:5a:0a:9b: 59:f7:e4:62 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs0+y+GyLnl5uPgkxu+i+viMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY3ZDQxMGU3MDdiNTc5NzFiMTRhNTQzMDlmMDIwYmFjYmI0 ZDIxYjEwHhcNMjUxMjE5MDUwMDM1WhcNMjUxMjIwMDUwMDM1WjAzMTEwLwYDVQQD EyhkOGNjNWEwMmU2Y2M4ZDM3NDgwMmQ5M2E3ZmJkMzIwM2E3YTA5ZWNkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmRZNqt5UVd904x+SIxe7Ek2pGu6T S1b6RJHuQnVXHCHfFC8fY6XFIs4fo7ku3yqD/9h6kPlUy3zDeWraIq8vlNe9NX2p rKSLL3SpdVZWeiPw+bKtsSwH6LzSOVDRizBIPF5r/ZsBCDOIVbuekhf/bGjAHHQx 7RwKZHD3hYG2hKfyDHkbf/3ZOJiDIxyZV1qQDvrArk2TmBqQq5RzxqDbXvyrkjmN PEgXzq8kL7RQpL++KdV5WwWNbVbNPX8Sy4KvKazTwbVXlttZEVwhuED3Mto2I6Td lqWF+M6nmIsBXJ2ga1VKCfm+yDPZ0TF/lPs/LCMFZIiJsFaSD/xYcJYj+QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNjMWgLmzI03SALZOn+9MgOnoJ7NMB8GA1UdIwQY MBaAFGfUEOcHtXlxsUpUMJ8CC6y7TSGxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWjlRUTV3ZTFlWEd4U2xRd253SUxyTHROSWJFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny80ODZlN2EtMTg4ZC00NGFkLWI3Mzct YjA5ZTc2NTUzODUyLzEvWjlRUTV3ZTFlWEd4U2xRd253SUxyTHROSWJFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Ny80ODZlN2EtMTg4ZC00NGFkLWI3MzctYjA5ZTc2NTUzODUy LzEvWjlRUTV3ZTFlWEd4U2xRd253SUxyTHROSWJFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFKBPzTHI yXRThwS2jNN7JuNz5liepf4flKSysmMnRRsUvakzj1TD+S3sOtDpIMUVe74Nth3H UvyeWUEB83Atq3btLqvxUYMUQdm1SuFOsGKE/c0IBkaEnacj37DcRbwPCcuOcC76 GfU+1aEQgCjFAVr72/2T4dofXBGE1gFiaCFFqr91nzyoNqi6q1TXMnA9EVoCn3o+ 9iV7AunmdmLiAaVmY/WYcjXrNthH3PwomQoGHsXimEwQtP6RhxP7Su804kANuF9i wG2+blvDUHn4H8/t/RFJungd19hHzcMi1/mGQ8b9ai0aCw147uOVEdRN0BImXB6E MvkUWgqbWffkYg== -----END CERTIFICATE-----Generated at Fri Dec 19 13:13:27 2025 by rpki-client