This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/299caa-8ccd-49c1-9029-8804dad780a1/1/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.mft File: ZM8e6QZTt7gU1rVFlJvZTd4PxqE.mft (raw, json) Hash identifier: XfX8HJCfWQ5oGJL4WzbOsLMHbL1fWH/lRAxsTHobBEg= Subject key identifier: 5A:C4:88:9D:EF:18:C3:E2:A6:80:39:9C:E5:3F:67:EC:7E:B7:81:32 Authority key identifier: 64:CF:1E:E9:06:53:B7:B8:14:D6:B5:45:94:9B:D9:4D:DE:0F:C6:A1 Certificate issuer: /CN=64cf1ee90653b7b814d6b545949bd94dde0fc6a1 Certificate serial: 019B3D23676DEADE60C9EF2D6D635F59BF64 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/299caa-8ccd-49c1-9029-8804dad780a1/1/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.mft Manifest number: 030B Signing time: Sat 20 Dec 2025 19:01:28 +0000 Manifest this update: Sat 20 Dec 2025 19:01:28 +0000 Manifest next update: Sun 21 Dec 2025 19:01:28 +0000 Files and hashes: 1: 6w-yXh1-tMAIvo8oiWeiA5ImsoE.roa (hash: I2XmgPmlr8AeGcV748BNU3DKlg3Epa3bbBrXS+lzrBo=) 2: ZM8e6QZTt7gU1rVFlJvZTd4PxqE.crl (hash: RU217EwAQhofbVMaqWRcePzBy/wtFD1rj8rtP5vn7Is=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/299caa-8ccd-49c1-9029-8804dad780a1/1/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.crl rsync://rpki.ripe.net/repository/DEFAULT/e9/299caa-8ccd-49c1-9029-8804dad780a1/1/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.mft rsync://rpki.ripe.net/repository/DEFAULT/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 19:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3d:23:67:6d:ea:de:60:c9:ef:2d:6d:63:5f:59:bf:64 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=64cf1ee90653b7b814d6b545949bd94dde0fc6a1 Validity Not Before: Dec 20 19:01:28 2025 GMT Not After : Dec 21 19:01:28 2025 GMT Subject: CN=5ac4889def18c3e2a680399ce53f67ec7eb78132 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:b2:a9:4a:23:84:63:2c:4c:67:19:70:28:36: f8:f7:c3:ca:24:19:40:05:29:78:49:86:49:8c:aa: 0f:18:80:0d:4f:c9:ad:43:b3:30:46:50:15:1e:ec: 12:99:2d:42:a8:38:60:03:07:66:ee:49:56:a4:d9: d5:be:88:8e:bc:b0:35:84:95:bf:bb:ca:cb:97:fc: 51:2d:4b:93:da:79:65:70:c9:3c:e6:ec:0a:86:5e: a2:0f:d4:b7:1c:9d:4e:b2:ae:f1:9b:9f:10:08:d9: 24:e2:b6:33:15:99:1f:e9:dd:e4:47:ab:9a:b5:24: ab:44:94:c8:ed:e3:86:57:3d:9f:4e:80:ce:82:f5: 66:11:8f:e5:e0:6b:a5:e1:1a:40:b8:5e:c2:ff:e2: b9:89:b4:d3:96:71:5c:5c:94:e3:32:45:e4:cd:be: 9c:d4:a3:e3:6d:f7:50:bf:51:9a:a3:32:9b:34:26: 81:ce:52:e1:54:4d:de:bd:02:5e:3c:57:70:6d:52: 64:fd:7b:a6:2e:97:d7:de:2e:6a:59:97:7e:c4:44: 82:c2:b3:b9:8d:10:c8:12:09:5f:54:d4:ef:99:84: f3:27:83:38:cf:4d:0d:cc:4f:83:c4:39:0b:c6:20: 81:eb:89:b0:ed:94:d5:01:02:e3:f8:75:7c:4f:f6: 6d:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5A:C4:88:9D:EF:18:C3:E2:A6:80:39:9C:E5:3F:67:EC:7E:B7:81:32 X509v3 Authority Key Identifier: keyid:64:CF:1E:E9:06:53:B7:B8:14:D6:B5:45:94:9B:D9:4D:DE:0F:C6:A1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/299caa-8ccd-49c1-9029-8804dad780a1/1/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/299caa-8ccd-49c1-9029-8804dad780a1/1/ZM8e6QZTt7gU1rVFlJvZTd4PxqE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 59:d7:87:c9:cd:a2:69:5b:c1:14:8b:2c:47:34:3e:4e:72:3d: c7:80:50:07:3b:95:7b:a2:00:1b:03:32:76:4f:31:1a:13:21: 58:f3:8d:d1:c0:b8:5a:9f:35:ed:a3:a8:6a:09:79:3d:f1:98: 34:7f:b1:a5:30:b4:76:b7:fe:aa:ec:07:6e:17:71:c6:b4:a7: ed:f6:d3:db:a9:7b:b4:8b:36:e7:dc:d0:d8:2a:cb:2d:94:4b: 16:35:88:fe:1e:43:06:18:73:54:dc:23:c7:e9:02:d6:a9:c8: 87:91:96:51:51:8a:a5:67:ec:60:91:48:5b:09:6c:16:61:10: 89:c8:7e:6e:92:84:77:31:30:18:6e:ba:9b:87:49:c2:b4:4a: e3:71:86:d5:76:32:34:80:6a:9d:78:d6:a9:8e:5d:4d:d0:ac: 99:91:f0:4e:27:83:20:3a:02:8e:cc:7a:ba:5a:6b:df:b9:ed: 7a:d4:5a:1c:50:2d:de:ec:ec:c5:43:b7:a7:a4:4b:ae:c6:06: 9d:f3:61:92:90:03:3d:00:5a:4a:3b:8d:77:73:ee:7a:79:31: ef:e8:ee:26:db:83:da:29:de:65:35:f2:e7:b2:65:fa:5a:28: 16:e8:c8:0e:89:59:20:6a:26:d2:b0:db:1e:34:f1:a6:56:b9: 78:0e:03:7a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs9I2dt6t5gye8tbWNfWb9kMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY0Y2YxZWU5MDY1M2I3YjgxNGQ2YjU0NTk0OWJkOTRkZGUw ZmM2YTEwHhcNMjUxMjIwMTkwMTI4WhcNMjUxMjIxMTkwMTI4WjAzMTEwLwYDVQQD Eyg1YWM0ODg5ZGVmMThjM2UyYTY4MDM5OWNlNTNmNjdlYzdlYjc4MTMyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArrKpSiOEYyxMZxlwKDb498PKJBlA BSl4SYZJjKoPGIANT8mtQ7MwRlAVHuwSmS1CqDhgAwdm7klWpNnVvoiOvLA1hJW/ u8rLl/xRLUuT2nllcMk85uwKhl6iD9S3HJ1Osq7xm58QCNkk4rYzFZkf6d3kR6ua tSSrRJTI7eOGVz2fToDOgvVmEY/l4Gul4RpAuF7C/+K5ibTTlnFcXJTjMkXkzb6c 1KPjbfdQv1GaozKbNCaBzlLhVE3evQJePFdwbVJk/XumLpfX3i5qWZd+xESCwrO5 jRDIEglfVNTvmYTzJ4M4z00NzE+DxDkLxiCB64mw7ZTVAQLj+HV8T/ZtmQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFrEiJ3vGMPipoA5nOU/Z+x+t4EyMB8GA1UdIwQY MBaAFGTPHukGU7e4FNa1RZSb2U3eD8ahMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWk04ZTZRWlR0N2dVMXJWRmxKdlpUZDRQeHFFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8yOTljYWEtOGNjZC00OWMxLTkwMjkt ODgwNGRhZDc4MGExLzEvWk04ZTZRWlR0N2dVMXJWRmxKdlpUZDRQeHFFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lOS8yOTljYWEtOGNjZC00OWMxLTkwMjktODgwNGRhZDc4MGEx LzEvWk04ZTZRWlR0N2dVMXJWRmxKdlpUZDRQeHFFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWdeHyc2i aVvBFIssRzQ+TnI9x4BQBzuVe6IAGwMydk8xGhMhWPON0cC4Wp817aOoagl5PfGY NH+xpTC0drf+quwHbhdxxrSn7fbT26l7tIs259zQ2CrLLZRLFjWI/h5DBhhzVNwj x+kC1qnIh5GWUVGKpWfsYJFIWwlsFmEQich+bpKEdzEwGG66m4dJwrRK43GG1XYy NIBqnXjWqY5dTdCsmZHwTieDIDoCjsx6ulpr37ntetRaHFAt3uzsxUO3p6RLrsYG nfNhkpADPQBaSjuNd3Puenkx7+juJtuD2ineZTXy57Jl+looFujIDolZIGom0rDb HjTxpla5eA4Deg== -----END CERTIFICATE-----Generated at Sun Dec 21 02:46:29 2025 by rpki-client