This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/58a3b6-9a80-49c2-8775-3801c6216e6c/1/zAqQDXC9EPfSIhpWSNpUpeP0RxI.mft File: zAqQDXC9EPfSIhpWSNpUpeP0RxI.mft (raw, json) Hash identifier: ITxcFJpzo4/W3QT+aCH6sF2qqPF3mIWzc9I/ZMWiWI0= Subject key identifier: 57:F8:97:B7:01:3D:39:71:E4:46:AA:64:A2:2F:77:44:09:AA:3F:B0 Authority key identifier: CC:0A:90:0D:70:BD:10:F7:D2:22:1A:56:48:DA:54:A5:E3:F4:47:12 Certificate issuer: /CN=cc0a900d70bd10f7d2221a5648da54a5e3f44712 Certificate serial: 019B5A88B6CE54A1AFF7B194E553F7C990FF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zAqQDXC9EPfSIhpWSNpUpeP0RxI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/58a3b6-9a80-49c2-8775-3801c6216e6c/1/zAqQDXC9EPfSIhpWSNpUpeP0RxI.mft Manifest number: 0249 Signing time: Fri 26 Dec 2025 12:01:07 +0000 Manifest this update: Fri 26 Dec 2025 12:01:07 +0000 Manifest next update: Sat 27 Dec 2025 12:01:07 +0000 Files and hashes: 1: zAqQDXC9EPfSIhpWSNpUpeP0RxI.crl (hash: wRw57j4n6p/NVHfDFq/pP8SxMXc7bJnYK+5JHPNeDgU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/58a3b6-9a80-49c2-8775-3801c6216e6c/1/zAqQDXC9EPfSIhpWSNpUpeP0RxI.crl rsync://rpki.ripe.net/repository/DEFAULT/c7/58a3b6-9a80-49c2-8775-3801c6216e6c/1/zAqQDXC9EPfSIhpWSNpUpeP0RxI.mft rsync://rpki.ripe.net/repository/DEFAULT/zAqQDXC9EPfSIhpWSNpUpeP0RxI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:88:b6:ce:54:a1:af:f7:b1:94:e5:53:f7:c9:90:ff Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cc0a900d70bd10f7d2221a5648da54a5e3f44712 Validity Not Before: Dec 26 12:01:07 2025 GMT Not After : Dec 27 12:01:07 2025 GMT Subject: CN=57f897b7013d3971e446aa64a22f774409aa3fb0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:84:ed:a5:79:e6:85:af:43:ef:89:e8:37:38: 39:f6:c2:ae:cf:9a:27:2a:02:0b:72:27:82:77:ee: de:c7:c5:95:61:ff:40:a0:63:24:06:cf:33:02:de: 33:4a:8e:b3:ff:a2:d8:58:1f:98:03:c7:7e:6a:e1: 8f:a4:b5:b1:ff:ad:9a:7e:d2:9e:fc:83:f0:f7:fc: fd:be:78:d1:76:bd:a9:70:4f:8b:cc:56:f5:ef:98: 5d:f2:04:2a:82:b8:d3:7f:6c:c5:40:9f:58:f6:ca: 02:4a:a5:e0:16:e4:a9:25:98:9e:3e:a1:69:8f:57: bf:e2:d3:ca:be:0c:6d:f9:73:ad:45:03:c7:1a:d8: 5a:be:ba:4a:51:b1:41:e5:4a:8f:d7:74:de:68:7b: eb:47:fa:d6:ad:a6:58:7f:39:5f:09:bc:98:8a:cd: 3b:07:7b:67:ba:67:06:f5:f2:6f:df:3e:79:82:43: 00:c1:4f:df:81:eb:0a:93:8b:6a:7e:2e:9a:d0:18: 5f:58:4b:43:87:f7:05:fc:eb:97:8e:30:5c:82:d7: c3:6f:40:74:ca:40:3f:90:4c:dc:cd:60:f7:79:4f: 37:48:17:eb:dd:e3:72:09:40:4d:be:34:0a:52:65: ce:9a:c2:05:d7:dc:5d:56:69:0d:1f:a0:e9:cd:fe: a0:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 57:F8:97:B7:01:3D:39:71:E4:46:AA:64:A2:2F:77:44:09:AA:3F:B0 X509v3 Authority Key Identifier: keyid:CC:0A:90:0D:70:BD:10:F7:D2:22:1A:56:48:DA:54:A5:E3:F4:47:12 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zAqQDXC9EPfSIhpWSNpUpeP0RxI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/58a3b6-9a80-49c2-8775-3801c6216e6c/1/zAqQDXC9EPfSIhpWSNpUpeP0RxI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/58a3b6-9a80-49c2-8775-3801c6216e6c/1/zAqQDXC9EPfSIhpWSNpUpeP0RxI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 27:cb:49:36:8f:42:7c:c2:65:b5:04:32:67:80:b4:9d:ed:98: 7a:d6:cd:a2:77:27:fc:1b:4b:5c:17:37:04:4f:b6:8b:92:c2: ea:35:ff:8c:18:e0:98:70:0a:43:97:40:a3:3e:be:99:83:d2: 6a:5a:da:81:45:53:a6:5c:2d:fa:50:13:5f:a2:5a:34:57:76: 39:49:5c:e0:5a:db:81:40:21:22:1c:32:13:13:5f:91:36:5e: c6:fa:0b:c1:c0:e6:18:4a:0d:1c:e5:12:6b:65:ed:0c:f9:64: 58:9a:09:19:41:f5:2c:0e:07:97:88:65:c5:cb:26:8a:42:89: b6:ca:b2:4c:34:06:02:05:56:5e:0a:e5:6a:eb:2e:54:e0:ca: 3d:90:f4:c0:a5:fe:e5:8a:07:f1:ce:27:7c:fb:99:03:52:c4: ac:15:80:5d:d6:87:4f:5d:e6:71:e8:c8:5e:11:00:17:f6:5a: ab:a3:04:26:f6:87:f9:c8:1a:41:26:ac:ae:f3:1e:e2:8e:f1: 1e:06:06:05:63:9b:c2:a0:ac:ad:8d:44:ca:17:37:01:3a:88: e8:0c:42:62:99:96:e6:cc:9f:68:cd:1b:e5:3a:d9:ad:eb:e0: 26:62:18:87:de:47:93:b6:53:f6:db:2b:8d:60:16:9d:44:a7: 7e:c1:d8:ab -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtaiLbOVKGv97GU5VP3yZD/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNjMGE5MDBkNzBiZDEwZjdkMjIyMWE1NjQ4ZGE1NGE1ZTNm NDQ3MTIwHhcNMjUxMjI2MTIwMTA3WhcNMjUxMjI3MTIwMTA3WjAzMTEwLwYDVQQD Eyg1N2Y4OTdiNzAxM2QzOTcxZTQ0NmFhNjRhMjJmNzc0NDA5YWEzZmIwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA54TtpXnmha9D74noNzg59sKuz5on KgILcieCd+7ex8WVYf9AoGMkBs8zAt4zSo6z/6LYWB+YA8d+auGPpLWx/62aftKe /IPw9/z9vnjRdr2pcE+LzFb175hd8gQqgrjTf2zFQJ9Y9soCSqXgFuSpJZiePqFp j1e/4tPKvgxt+XOtRQPHGthavrpKUbFB5UqP13TeaHvrR/rWraZYfzlfCbyYis07 B3tnumcG9fJv3z55gkMAwU/fgesKk4tqfi6a0BhfWEtDh/cF/OuXjjBcgtfDb0B0 ykA/kEzczWD3eU83SBfr3eNyCUBNvjQKUmXOmsIF19xdVmkNH6Dpzf6gUwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFf4l7cBPTlx5EaqZKIvd0QJqj+wMB8GA1UdIwQY MBaAFMwKkA1wvRD30iIaVkjaVKXj9EcSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvekFxUURYQzlFUGZTSWhwV1NOcFVwZVAwUnhJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy81OGEzYjYtOWE4MC00OWMyLTg3NzUt MzgwMWM2MjE2ZTZjLzEvekFxUURYQzlFUGZTSWhwV1NOcFVwZVAwUnhJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jNy81OGEzYjYtOWE4MC00OWMyLTg3NzUtMzgwMWM2MjE2ZTZj LzEvekFxUURYQzlFUGZTSWhwV1NOcFVwZVAwUnhJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJ8tJNo9C fMJltQQyZ4C0ne2YetbNoncn/BtLXBc3BE+2i5LC6jX/jBjgmHAKQ5dAoz6+mYPS alragUVTplwt+lATX6JaNFd2OUlc4FrbgUAhIhwyExNfkTZexvoLwcDmGEoNHOUS a2XtDPlkWJoJGUH1LA4Hl4hlxcsmikKJtsqyTDQGAgVWXgrlausuVODKPZD0wKX+ 5YoH8c4nfPuZA1LErBWAXdaHT13mcejIXhEAF/Zaq6MEJvaH+cgaQSasrvMe4o7x HgYGBWObwqCsrY1Eyhc3ATqI6AxCYpmW5syfaM0b5TrZrevgJmIYh95Hk7ZT9tsr jWAWnUSnfsHYqw== -----END CERTIFICATE-----Generated at Fri Dec 26 14:18:20 2025 by rpki-client