This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/01dbbc-2fba-4d97-85f6-641edda06cce/1/zkn8E0twZULK8aHvvgNPcBG0lDY.mft File: zkn8E0twZULK8aHvvgNPcBG0lDY.mft (raw, json) Hash identifier: XNUNlCyRZvJOr26XlxgzjXQbo8uhXy47ILTI4+TPeWU= Subject key identifier: 58:EF:20:59:02:FB:91:5C:F8:1C:A0:AB:A9:5B:2A:D7:26:CA:B3:6D Authority key identifier: CE:49:FC:13:4B:70:65:42:CA:F1:A1:EF:BE:03:4F:70:11:B4:94:36 Certificate issuer: /CN=ce49fc134b706542caf1a1efbe034f7011b49436 Certificate serial: 019B4926B036DF4E9D00C2D66C44364220FC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zkn8E0twZULK8aHvvgNPcBG0lDY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/01dbbc-2fba-4d97-85f6-641edda06cce/1/zkn8E0twZULK8aHvvgNPcBG0lDY.mft Manifest number: 06B6 Signing time: Tue 23 Dec 2025 03:00:30 +0000 Manifest this update: Tue 23 Dec 2025 03:00:30 +0000 Manifest next update: Wed 24 Dec 2025 03:00:30 +0000 Files and hashes: 1: SGAPHhpCJa9JFOb_Zf20G8kvkhI.roa (hash: 27D8nmxY/4y8rMryghx5LNMAGS+7aTblTkGND6PBRy0=) 2: zkn8E0twZULK8aHvvgNPcBG0lDY.crl (hash: nsyX1GcnJWLtGHMU8c//AcgTx9nFMyAAhlnDJK+LPf4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/89/01dbbc-2fba-4d97-85f6-641edda06cce/1/zkn8E0twZULK8aHvvgNPcBG0lDY.crl rsync://rpki.ripe.net/repository/DEFAULT/89/01dbbc-2fba-4d97-85f6-641edda06cce/1/zkn8E0twZULK8aHvvgNPcBG0lDY.mft rsync://rpki.ripe.net/repository/DEFAULT/zkn8E0twZULK8aHvvgNPcBG0lDY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 23:03:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:49:26:b0:36:df:4e:9d:00:c2:d6:6c:44:36:42:20:fc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ce49fc134b706542caf1a1efbe034f7011b49436 Validity Not Before: Dec 23 03:00:30 2025 GMT Not After : Dec 24 03:00:30 2025 GMT Subject: CN=58ef205902fb915cf81ca0aba95b2ad726cab36d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:e4:c5:ce:9a:cc:22:2d:f2:fc:90:63:58:e2: 1d:26:90:55:13:8f:e9:44:53:d7:ee:0f:68:dd:7d: 87:34:dc:a9:8d:a8:c2:47:e6:36:22:be:5b:98:e1: 3c:bc:48:d8:df:56:cb:d2:60:2c:25:d7:4f:96:16: 5a:2e:e1:f5:e8:99:89:e5:5f:b1:b4:fa:0e:26:f4: af:6b:39:a1:ae:61:80:d6:4a:f1:5d:e4:d1:fc:a5: 53:5a:cb:af:95:14:11:ca:4e:f4:da:e9:b4:8f:96: 20:b6:87:48:e6:eb:f5:e9:a7:8d:08:2b:9b:0d:15: 8c:b2:f8:53:98:96:f1:61:e0:6f:cc:61:3c:b9:53: 7b:83:81:7e:c6:bc:3e:34:6d:5c:70:5c:ee:fa:73: 68:ae:7b:bd:35:1d:78:e0:3c:49:33:8c:09:a6:78: 21:7a:f6:5e:da:87:c8:02:2b:14:77:7b:a1:de:10: 3d:b0:22:d4:ee:16:a9:6b:88:fd:ed:a9:d3:97:09: 26:17:ce:a7:3a:ca:d2:3f:52:f9:67:45:d2:32:f2: 34:d6:17:d5:f3:1a:1a:a2:77:66:76:97:3c:59:78: b4:3c:c3:6d:32:f4:68:7a:38:64:6f:64:f5:70:2a: b3:e2:be:7d:7f:2e:96:aa:77:c9:b0:3b:f6:88:42: 35:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 58:EF:20:59:02:FB:91:5C:F8:1C:A0:AB:A9:5B:2A:D7:26:CA:B3:6D X509v3 Authority Key Identifier: keyid:CE:49:FC:13:4B:70:65:42:CA:F1:A1:EF:BE:03:4F:70:11:B4:94:36 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zkn8E0twZULK8aHvvgNPcBG0lDY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/01dbbc-2fba-4d97-85f6-641edda06cce/1/zkn8E0twZULK8aHvvgNPcBG0lDY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/89/01dbbc-2fba-4d97-85f6-641edda06cce/1/zkn8E0twZULK8aHvvgNPcBG0lDY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 87:3c:00:8b:c9:67:a3:b5:46:d3:0b:05:ce:12:fc:2b:ab:b1: 87:6e:27:2c:b9:8a:f5:87:b4:ae:bd:26:20:95:87:98:68:fa: c9:fe:5a:1a:a9:8b:e8:cf:5d:d1:a1:f3:21:18:33:3e:18:b8: 63:4b:6d:24:51:30:b6:4e:d9:e4:62:07:29:01:fe:42:77:dd: ae:cd:e2:1a:d6:08:b0:94:70:42:ec:8e:75:0f:95:ec:df:86: 37:4d:8f:68:b4:4b:fa:34:e4:f0:79:fc:ed:79:5b:07:41:d3: 80:f9:24:bb:85:ff:f3:fc:02:fc:ab:a3:e2:42:2a:0f:a5:6e: 5f:d5:8a:1e:6c:aa:7f:7b:d4:a2:d5:81:3c:64:a6:e9:41:94: 59:1f:c4:df:46:ae:ec:48:5d:89:62:86:1c:37:54:b8:05:ad: 3c:7b:1e:30:74:12:41:60:dc:67:b3:af:10:0b:21:4e:4c:45: a7:79:3a:b4:87:cf:4f:43:87:aa:13:64:fc:7c:2f:30:c1:05: 45:06:83:de:ab:09:dc:ed:f5:db:7f:a2:9c:72:53:08:58:b6: 8d:55:09:a2:d8:94:db:2e:ce:24:5e:72:5b:b2:ad:fb:ab:d2: e6:c4:a1:4d:a2:d0:6d:d5:73:ab:e5:05:93:30:55:6b:d4:67: 6b:ce:c1:97 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtJJrA2306dAMLWbEQ2QiD8MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNlNDlmYzEzNGI3MDY1NDJjYWYxYTFlZmJlMDM0ZjcwMTFi NDk0MzYwHhcNMjUxMjIzMDMwMDMwWhcNMjUxMjI0MDMwMDMwWjAzMTEwLwYDVQQD Eyg1OGVmMjA1OTAyZmI5MTVjZjgxY2EwYWJhOTViMmFkNzI2Y2FiMzZkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3OTFzprMIi3y/JBjWOIdJpBVE4/p RFPX7g9o3X2HNNypjajCR+Y2Ir5bmOE8vEjY31bL0mAsJddPlhZaLuH16JmJ5V+x tPoOJvSvazmhrmGA1krxXeTR/KVTWsuvlRQRyk702um0j5YgtodI5uv16aeNCCub DRWMsvhTmJbxYeBvzGE8uVN7g4F+xrw+NG1ccFzu+nNornu9NR144DxJM4wJpngh evZe2ofIAisUd3uh3hA9sCLU7hapa4j97anTlwkmF86nOsrSP1L5Z0XSMvI01hfV 8xoaondmdpc8WXi0PMNtMvRoejhkb2T1cCqz4r59fy6WqnfJsDv2iEI1GwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFjvIFkC+5Fc+Bygq6lbKtcmyrNtMB8GA1UdIwQY MBaAFM5J/BNLcGVCyvGh774DT3ARtJQ2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvemtuOEUwdHdaVUxLOGFIdnZnTlBjQkcwbERZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS8wMWRiYmMtMmZiYS00ZDk3LTg1ZjYt NjQxZWRkYTA2Y2NlLzEvemtuOEUwdHdaVUxLOGFIdnZnTlBjQkcwbERZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84OS8wMWRiYmMtMmZiYS00ZDk3LTg1ZjYtNjQxZWRkYTA2Y2Nl LzEvemtuOEUwdHdaVUxLOGFIdnZnTlBjQkcwbERZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhzwAi8ln o7VG0wsFzhL8K6uxh24nLLmK9Ye0rr0mIJWHmGj6yf5aGqmL6M9d0aHzIRgzPhi4 Y0ttJFEwtk7Z5GIHKQH+Qnfdrs3iGtYIsJRwQuyOdQ+V7N+GN02PaLRL+jTk8Hn8 7XlbB0HTgPkku4X/8/wC/Kuj4kIqD6VuX9WKHmyqf3vUotWBPGSm6UGUWR/E30au 7EhdiWKGHDdUuAWtPHseMHQSQWDcZ7OvEAshTkxFp3k6tIfPT0OHqhNk/HwvMMEF RQaD3qsJ3O3123+inHJTCFi2jVUJotiU2y7OJF5yW7Kt+6vS5sShTaLQbdVzq+UF kzBVa9Rna87Blw== -----END CERTIFICATE-----Generated at Tue Dec 23 06:10:43 2025 by rpki-client