This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/486e7a-188d-44ad-b737-b09e76553852/1/Z9QQ5we1eXGxSlQwnwILrLtNIbE.mft File: Z9QQ5we1eXGxSlQwnwILrLtNIbE.mft (raw, json) Hash identifier: mgoFQOf4pIfGMKyqrbAf6F8M7H3JA/BIb1ibChLJAWE= Subject key identifier: C5:94:AC:D4:99:40:35:3E:D3:F2:BB:08:8D:5F:88:E0:6D:29:6C:74 Authority key identifier: 67:D4:10:E7:07:B5:79:71:B1:4A:54:30:9F:02:0B:AC:BB:4D:21:B1 Certificate issuer: /CN=67d410e707b57971b14a54309f020bacbb4d21b1 Certificate serial: 019B2776DF91D88399DB551A65573424004A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z9QQ5we1eXGxSlQwnwILrLtNIbE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/486e7a-188d-44ad-b737-b09e76553852/1/Z9QQ5we1eXGxSlQwnwILrLtNIbE.mft Manifest number: 0348 Signing time: Tue 16 Dec 2025 14:01:00 +0000 Manifest this update: Tue 16 Dec 2025 14:01:00 +0000 Manifest next update: Wed 17 Dec 2025 14:01:00 +0000 Files and hashes: 1: MGVqJJOFzu2un2swGTuXTTEGsNg.roa (hash: gTMkvTBOmf7oEcLgyb6M80tZ/0OamavqqMR1gZp8YYk=) 2: Z9QQ5we1eXGxSlQwnwILrLtNIbE.crl (hash: S/WYJcTcC5WoyGjOBl5znRDjMkKtQ4gQW3jUfsoC0Ps=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/486e7a-188d-44ad-b737-b09e76553852/1/Z9QQ5we1eXGxSlQwnwILrLtNIbE.crl rsync://rpki.ripe.net/repository/DEFAULT/87/486e7a-188d-44ad-b737-b09e76553852/1/Z9QQ5we1eXGxSlQwnwILrLtNIbE.mft rsync://rpki.ripe.net/repository/DEFAULT/Z9QQ5we1eXGxSlQwnwILrLtNIbE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 17 Dec 2025 14:01:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:27:76:df:91:d8:83:99:db:55:1a:65:57:34:24:00:4a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=67d410e707b57971b14a54309f020bacbb4d21b1 Validity Not Before: Dec 16 14:01:00 2025 GMT Not After : Dec 17 14:01:00 2025 GMT Subject: CN=c594acd49940353ed3f2bb088d5f88e06d296c74 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:5d:03:ac:6a:a0:07:7a:48:ed:c1:23:da:65: dc:6c:26:db:91:20:09:46:df:46:ac:d8:c4:a6:10: 9d:9a:7e:b2:1b:f1:b7:30:92:fd:d9:38:5d:d7:7d: a8:e7:46:0a:ff:93:2c:59:4b:3f:31:b3:15:e0:d8: 56:96:2e:7d:70:4b:a7:a5:d9:67:e1:72:c7:c3:f2: ad:0a:37:b1:fb:60:02:ad:23:c9:77:68:1e:23:d3: 16:31:51:4c:92:5f:f2:43:75:8d:b0:bc:55:94:ae: 22:39:2b:e7:ae:50:b1:01:f4:c7:6c:6c:0f:4e:e7: 48:6c:86:94:b6:44:e9:c5:b1:26:33:8c:cb:5f:23: 59:90:f7:d5:8d:51:c3:36:d7:d8:4c:c8:30:41:41: 35:1c:c5:ef:f1:99:47:0a:4c:cf:68:35:f8:7a:91: 5f:04:b0:99:d5:d5:ea:46:e1:71:2e:f1:80:bd:05: be:21:38:22:47:8c:de:86:34:1d:63:96:c9:84:aa: ee:9a:cf:8f:71:08:5f:d2:91:90:05:7e:6c:e5:97: bd:8c:b1:06:8b:40:f4:04:46:b0:b2:50:84:5a:6a: ff:4f:d6:ca:26:98:22:4d:9d:c4:df:be:c5:b5:e8: cd:59:c2:98:5a:a2:2c:a0:0e:c0:b6:0e:dd:65:4d: cd:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:94:AC:D4:99:40:35:3E:D3:F2:BB:08:8D:5F:88:E0:6D:29:6C:74 X509v3 Authority Key Identifier: keyid:67:D4:10:E7:07:B5:79:71:B1:4A:54:30:9F:02:0B:AC:BB:4D:21:B1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z9QQ5we1eXGxSlQwnwILrLtNIbE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/486e7a-188d-44ad-b737-b09e76553852/1/Z9QQ5we1eXGxSlQwnwILrLtNIbE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/87/486e7a-188d-44ad-b737-b09e76553852/1/Z9QQ5we1eXGxSlQwnwILrLtNIbE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1b:f8:4b:06:33:32:98:ff:04:c8:b3:f9:cc:9c:f9:6d:37:b5: 53:42:e8:16:44:b0:f8:34:cf:2b:75:2f:c7:35:48:51:2e:0f: 55:05:78:db:21:44:55:08:0d:bd:0c:82:5a:eb:64:1f:a0:b8: 9c:bb:b6:14:6e:a0:ac:d1:5c:2f:e5:a5:7e:fe:65:40:ef:f2: 0d:fe:ad:bb:4b:74:87:91:bc:3f:05:f0:19:fa:5c:0d:ec:13: 1b:db:b1:42:08:fa:f1:6f:e2:c6:e8:9a:7a:14:0c:08:32:60: 33:cf:38:d2:96:c3:33:6a:9f:26:c7:e3:06:ba:3e:78:9c:bb: 57:94:0a:9f:6f:18:30:e4:7e:bf:12:2b:02:15:c8:d8:d3:81: 00:af:1c:e5:38:09:f5:b8:30:26:1b:5a:2f:c0:af:11:1b:f9: 91:eb:98:43:5c:9d:4b:25:ed:b8:92:6b:5f:90:44:cd:db:7c: 4f:bd:74:3e:d1:51:da:c3:9e:0c:4f:91:2d:23:c8:7c:d1:21: 4e:e1:f2:46:af:ff:95:af:f4:c1:c2:21:d6:c5:75:88:88:72: 1b:1d:6e:ec:62:32:c7:9c:9b:a1:21:35:52:1a:66:98:a3:f0: bb:47:f7:07:69:0b:d4:fc:99:cf:9c:98:53:21:43:4a:22:54: fd:a5:4d:7f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsndt+R2IOZ21UaZVc0JABKMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY3ZDQxMGU3MDdiNTc5NzFiMTRhNTQzMDlmMDIwYmFjYmI0 ZDIxYjEwHhcNMjUxMjE2MTQwMTAwWhcNMjUxMjE3MTQwMTAwWjAzMTEwLwYDVQQD EyhjNTk0YWNkNDk5NDAzNTNlZDNmMmJiMDg4ZDVmODhlMDZkMjk2Yzc0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3l0DrGqgB3pI7cEj2mXcbCbbkSAJ Rt9GrNjEphCdmn6yG/G3MJL92Thd132o50YK/5MsWUs/MbMV4NhWli59cEunpdln 4XLHw/KtCjex+2ACrSPJd2geI9MWMVFMkl/yQ3WNsLxVlK4iOSvnrlCxAfTHbGwP TudIbIaUtkTpxbEmM4zLXyNZkPfVjVHDNtfYTMgwQUE1HMXv8ZlHCkzPaDX4epFf BLCZ1dXqRuFxLvGAvQW+ITgiR4zehjQdY5bJhKrums+PcQhf0pGQBX5s5Ze9jLEG i0D0BEawslCEWmr/T9bKJpgiTZ3E377FtejNWcKYWqIsoA7Atg7dZU3NCwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMWUrNSZQDU+0/K7CI1fiOBtKWx0MB8GA1UdIwQY MBaAFGfUEOcHtXlxsUpUMJ8CC6y7TSGxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWjlRUTV3ZTFlWEd4U2xRd253SUxyTHROSWJFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny80ODZlN2EtMTg4ZC00NGFkLWI3Mzct YjA5ZTc2NTUzODUyLzEvWjlRUTV3ZTFlWEd4U2xRd253SUxyTHROSWJFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Ny80ODZlN2EtMTg4ZC00NGFkLWI3MzctYjA5ZTc2NTUzODUy LzEvWjlRUTV3ZTFlWEd4U2xRd253SUxyTHROSWJFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAG/hLBjMy mP8EyLP5zJz5bTe1U0LoFkSw+DTPK3UvxzVIUS4PVQV42yFEVQgNvQyCWutkH6C4 nLu2FG6grNFcL+Wlfv5lQO/yDf6tu0t0h5G8PwXwGfpcDewTG9uxQgj68W/ixuia ehQMCDJgM8840pbDM2qfJsfjBro+eJy7V5QKn28YMOR+vxIrAhXI2NOBAK8c5TgJ 9bgwJhtaL8CvERv5keuYQ1ydSyXtuJJrX5BEzdt8T710PtFR2sOeDE+RLSPIfNEh TuHyRq//la/0wcIh1sV1iIhyGx1u7GIyx5yboSE1UhpmmKPwu0f3B2kL1PyZz5yY UyFDSiJU/aVNfw== -----END CERTIFICATE-----Generated at Tue Dec 16 19:50:32 2025 by rpki-client