This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/01dbbc-2fba-4d97-85f6-641edda06cce/1/zkn8E0twZULK8aHvvgNPcBG0lDY.mft File: zkn8E0twZULK8aHvvgNPcBG0lDY.mft (raw, json) Hash identifier: /4hWIxYmhhw79CXsbNavzFFTZt/d+XahbRKfHukUsB0= Subject key identifier: CE:14:CF:D8:20:30:47:29:2F:14:38:BD:B5:CD:08:AD:E1:59:26:0C Authority key identifier: CE:49:FC:13:4B:70:65:42:CA:F1:A1:EF:BE:03:4F:70:11:B4:94:36 Certificate issuer: /CN=ce49fc134b706542caf1a1efbe034f7011b49436 Certificate serial: 019B0D48F135BC4E833B8AD522C80BE1F216 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zkn8E0twZULK8aHvvgNPcBG0lDY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/01dbbc-2fba-4d97-85f6-641edda06cce/1/zkn8E0twZULK8aHvvgNPcBG0lDY.mft Manifest number: 0697 Signing time: Thu 11 Dec 2025 12:00:42 +0000 Manifest this update: Thu 11 Dec 2025 12:00:42 +0000 Manifest next update: Fri 12 Dec 2025 12:00:42 +0000 Files and hashes: 1: SGAPHhpCJa9JFOb_Zf20G8kvkhI.roa (hash: 27D8nmxY/4y8rMryghx5LNMAGS+7aTblTkGND6PBRy0=) 2: zkn8E0twZULK8aHvvgNPcBG0lDY.crl (hash: qfQQqFyYmCN3YPZ/ZadUkeNZVnfNI81w69cOKVncAmY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/89/01dbbc-2fba-4d97-85f6-641edda06cce/1/zkn8E0twZULK8aHvvgNPcBG0lDY.crl rsync://rpki.ripe.net/repository/DEFAULT/89/01dbbc-2fba-4d97-85f6-641edda06cce/1/zkn8E0twZULK8aHvvgNPcBG0lDY.mft rsync://rpki.ripe.net/repository/DEFAULT/zkn8E0twZULK8aHvvgNPcBG0lDY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 12 Dec 2025 12:00:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:0d:48:f1:35:bc:4e:83:3b:8a:d5:22:c8:0b:e1:f2:16 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ce49fc134b706542caf1a1efbe034f7011b49436 Validity Not Before: Dec 11 12:00:42 2025 GMT Not After : Dec 12 12:00:42 2025 GMT Subject: CN=ce14cfd8203047292f1438bdb5cd08ade159260c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:6e:4f:12:65:cb:7b:5c:ba:05:5d:ee:f9:7a: 2c:00:48:42:cf:5d:3c:3c:ed:4f:a3:14:20:13:f9: dd:f5:8c:5f:bc:6d:4f:de:3a:4b:f6:71:d5:ac:95: 44:7f:ce:d5:8c:79:08:d1:58:ef:29:d3:ad:1e:57: c5:b0:28:bf:06:52:ec:81:45:62:f0:94:6a:ec:97: b7:1a:51:b5:16:ed:c4:c6:a7:0c:38:3b:1f:f8:61: e0:7d:46:b4:27:19:cb:58:3b:27:e9:04:4a:04:11: 3f:61:92:73:93:67:cd:54:c0:a0:69:05:79:54:f4: 2d:c8:d2:fd:49:a3:78:4a:10:de:bb:6a:6c:bc:3c: 7d:25:de:03:6a:c7:85:0e:8e:d6:79:77:16:82:f1: d2:5c:1c:5f:06:ce:1e:19:9a:07:7c:24:c2:c7:fe: a0:70:f3:0f:aa:22:4b:5a:37:bd:5d:15:88:84:41: 1b:6a:a9:af:95:1c:2e:23:81:3d:30:20:d6:a1:07: d8:f9:39:b2:dc:31:37:90:59:ac:01:a2:b3:02:d9: 86:a7:69:5d:af:c0:74:5a:16:36:02:d6:45:ca:27: 67:d2:cb:cc:4f:de:a9:81:04:51:d6:d2:76:29:75: e3:a0:69:25:bb:c1:a2:a2:0c:ef:4e:12:1b:b2:b1: b7:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:14:CF:D8:20:30:47:29:2F:14:38:BD:B5:CD:08:AD:E1:59:26:0C X509v3 Authority Key Identifier: keyid:CE:49:FC:13:4B:70:65:42:CA:F1:A1:EF:BE:03:4F:70:11:B4:94:36 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zkn8E0twZULK8aHvvgNPcBG0lDY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/01dbbc-2fba-4d97-85f6-641edda06cce/1/zkn8E0twZULK8aHvvgNPcBG0lDY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/89/01dbbc-2fba-4d97-85f6-641edda06cce/1/zkn8E0twZULK8aHvvgNPcBG0lDY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 02:ca:d8:13:6b:a1:f5:fc:8c:97:b0:26:0a:4a:e2:28:c2:3a: 44:78:9a:b9:4b:f5:09:04:65:c9:65:71:18:13:5e:06:14:16: 5f:3f:3a:51:b4:85:a1:fc:2c:e2:26:e5:e1:45:a3:20:1d:51: d4:4e:96:00:f5:87:14:81:8e:4d:0f:d7:99:c3:1b:ac:ac:ad: 54:a0:e2:2f:f3:98:30:8d:62:b8:9b:3a:f9:ed:2b:ad:d3:b7: 54:c4:82:19:2b:5c:42:12:fa:07:cb:c6:24:f9:68:fb:a1:e8: ef:b5:45:24:ff:bb:a8:71:fa:e0:a8:5d:ac:7f:25:1a:fd:97: cd:a9:95:23:51:56:66:77:a4:b0:7c:8d:91:e7:cf:c8:8d:c4: 21:29:68:11:81:fb:67:54:7c:bc:30:e4:90:aa:64:3d:fb:22: 9a:3b:ba:4c:cb:b2:bf:4b:09:92:0e:7f:c9:4d:5b:50:19:8e: 40:86:8f:2b:2e:89:92:4b:fc:9e:d0:f0:be:ca:25:c0:03:5d: 35:5d:e4:45:cb:e9:01:d2:ab:c4:fe:e5:a7:1b:b4:ac:8c:68: ae:7e:6f:c9:00:35:5e:75:98:ea:7e:fe:26:d2:c1:c8:1b:ef: c8:b9:3b:02:62:91:39:a3:67:31:90:39:14:49:8b:a9:a5:a2: 0f:d1:51:bb -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsNSPE1vE6DO4rVIsgL4fIWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNlNDlmYzEzNGI3MDY1NDJjYWYxYTFlZmJlMDM0ZjcwMTFi NDk0MzYwHhcNMjUxMjExMTIwMDQyWhcNMjUxMjEyMTIwMDQyWjAzMTEwLwYDVQQD EyhjZTE0Y2ZkODIwMzA0NzI5MmYxNDM4YmRiNWNkMDhhZGUxNTkyNjBjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtG5PEmXLe1y6BV3u+XosAEhCz108 PO1PoxQgE/nd9YxfvG1P3jpL9nHVrJVEf87VjHkI0VjvKdOtHlfFsCi/BlLsgUVi 8JRq7Je3GlG1Fu3ExqcMODsf+GHgfUa0JxnLWDsn6QRKBBE/YZJzk2fNVMCgaQV5 VPQtyNL9SaN4ShDeu2psvDx9Jd4DaseFDo7WeXcWgvHSXBxfBs4eGZoHfCTCx/6g cPMPqiJLWje9XRWIhEEbaqmvlRwuI4E9MCDWoQfY+Tmy3DE3kFmsAaKzAtmGp2ld r8B0WhY2AtZFyidn0svMT96pgQRR1tJ2KXXjoGklu8GiogzvThIbsrG3FQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFM4Uz9ggMEcpLxQ4vbXNCK3hWSYMMB8GA1UdIwQY MBaAFM5J/BNLcGVCyvGh774DT3ARtJQ2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvemtuOEUwdHdaVUxLOGFIdnZnTlBjQkcwbERZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS8wMWRiYmMtMmZiYS00ZDk3LTg1ZjYt NjQxZWRkYTA2Y2NlLzEvemtuOEUwdHdaVUxLOGFIdnZnTlBjQkcwbERZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84OS8wMWRiYmMtMmZiYS00ZDk3LTg1ZjYtNjQxZWRkYTA2Y2Nl LzEvemtuOEUwdHdaVUxLOGFIdnZnTlBjQkcwbERZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAsrYE2uh 9fyMl7AmCkriKMI6RHiauUv1CQRlyWVxGBNeBhQWXz86UbSFofws4ibl4UWjIB1R 1E6WAPWHFIGOTQ/XmcMbrKytVKDiL/OYMI1iuJs6+e0rrdO3VMSCGStcQhL6B8vG JPlo+6Ho77VFJP+7qHH64KhdrH8lGv2XzamVI1FWZneksHyNkefPyI3EISloEYH7 Z1R8vDDkkKpkPfsimju6TMuyv0sJkg5/yU1bUBmOQIaPKy6Jkkv8ntDwvsolwANd NV3kRcvpAdKrxP7lpxu0rIxorn5vyQA1XnWY6n7+JtLByBvvyLk7AmKROaNnMZA5 FEmLqaWiD9FRuw== -----END CERTIFICATE-----Generated at Thu Dec 11 15:11:59 2025 by rpki-client