This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/6b604b-4eed-4393-8e8c-cba0631f293f/1/mzYg1nmOfrGGY5xFSKBpavbjBYk.mft File: mzYg1nmOfrGGY5xFSKBpavbjBYk.mft (raw, json) Hash identifier: kO4y7Nxqg7JTec/5jIU/GWKGwRtR34b4+2NnbAwmLNw= Subject key identifier: 58:A3:D0:36:4C:62:BC:7F:8D:C0:FB:CD:00:9F:44:24:F8:1D:7A:DF Authority key identifier: 9B:36:20:D6:79:8E:7E:B1:86:63:9C:45:48:A0:69:6A:F6:E3:05:89 Certificate issuer: /CN=9b3620d6798e7eb186639c4548a0696af6e30589 Certificate serial: 019B665646932F337D4CFA76ADDAA2FB004F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mzYg1nmOfrGGY5xFSKBpavbjBYk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/6b604b-4eed-4393-8e8c-cba0631f293f/1/mzYg1nmOfrGGY5xFSKBpavbjBYk.mft Manifest number: 0743 Signing time: Sun 28 Dec 2025 19:01:28 +0000 Manifest this update: Sun 28 Dec 2025 19:01:28 +0000 Manifest next update: Mon 29 Dec 2025 19:01:28 +0000 Files and hashes: 1: Q41X_j-X6MEBsrlAhkOF1wVzhbk.roa (hash: YBskpCx6COz+43ChHeDsLz5PAi6tPK0b2nqeQTQNIwI=) 2: mzYg1nmOfrGGY5xFSKBpavbjBYk.crl (hash: SOsmXKzyFabZc1T9PKCicOiFr5oPsmHNy9G4u+IGIs0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/6b604b-4eed-4393-8e8c-cba0631f293f/1/mzYg1nmOfrGGY5xFSKBpavbjBYk.crl rsync://rpki.ripe.net/repository/DEFAULT/0e/6b604b-4eed-4393-8e8c-cba0631f293f/1/mzYg1nmOfrGGY5xFSKBpavbjBYk.mft rsync://rpki.ripe.net/repository/DEFAULT/mzYg1nmOfrGGY5xFSKBpavbjBYk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 29 Dec 2025 19:01:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:66:56:46:93:2f:33:7d:4c:fa:76:ad:da:a2:fb:00:4f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9b3620d6798e7eb186639c4548a0696af6e30589 Validity Not Before: Dec 28 19:01:28 2025 GMT Not After : Dec 29 19:01:28 2025 GMT Subject: CN=58a3d0364c62bc7f8dc0fbcd009f4424f81d7adf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:64:a9:e2:4a:6e:a4:d8:89:0e:a9:5c:6c:9f: 9c:a6:91:91:98:f6:73:18:64:46:bb:30:b7:2c:da: 05:a1:5f:71:1c:17:7e:87:dd:99:0e:83:fe:7c:8b: 88:d5:0e:84:53:13:ab:c6:ff:4a:c4:93:a6:38:4b: d2:fb:e3:4d:88:4a:5f:5b:71:25:ad:06:65:0b:c5: b6:4a:93:d2:d4:eb:13:26:92:1c:3b:b9:dc:b4:6f: 11:f6:6e:bb:72:96:6a:48:d6:33:6f:26:c7:f4:09: a6:e1:71:ea:83:85:a3:0e:c4:9a:cd:42:0a:02:8f: a1:9c:b7:a7:9a:a9:b6:18:55:56:dc:01:7c:51:84: a1:96:1e:73:83:39:75:7f:43:9a:e6:4a:2d:d6:f7: a8:33:9e:7c:35:4a:87:d3:c4:01:48:57:88:5a:3a: da:56:30:bd:c4:a5:62:93:59:db:86:a2:5d:11:07: b9:b1:3b:0a:1f:cc:bc:78:4b:73:79:0d:56:05:05: 27:6c:18:70:44:78:00:34:26:33:74:0d:86:9d:de: 20:27:9b:da:7b:29:96:73:f4:4e:e3:5e:cd:ee:a8: ab:c7:e6:13:3e:b2:af:ed:67:a8:61:63:40:a4:8d: 4e:94:0e:b6:6a:44:87:21:de:54:6b:7a:bf:c8:9e: dc:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 58:A3:D0:36:4C:62:BC:7F:8D:C0:FB:CD:00:9F:44:24:F8:1D:7A:DF X509v3 Authority Key Identifier: keyid:9B:36:20:D6:79:8E:7E:B1:86:63:9C:45:48:A0:69:6A:F6:E3:05:89 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mzYg1nmOfrGGY5xFSKBpavbjBYk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/6b604b-4eed-4393-8e8c-cba0631f293f/1/mzYg1nmOfrGGY5xFSKBpavbjBYk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/6b604b-4eed-4393-8e8c-cba0631f293f/1/mzYg1nmOfrGGY5xFSKBpavbjBYk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 51:82:fb:e8:22:96:9d:f7:66:09:b4:87:9e:bf:57:a0:d4:0c: 20:7d:ec:c1:9d:d9:49:0d:b5:e4:90:c5:b9:56:27:48:e6:f7: df:36:9a:5d:d2:30:05:5c:ef:e4:db:26:b3:e5:eb:71:4a:4f: a3:93:8b:3a:9b:eb:75:06:0c:f7:69:5f:61:c5:1f:bc:fc:f7: e2:64:52:3d:69:07:0a:ab:60:9b:10:b5:76:93:02:db:2b:cd: 9f:d7:32:80:95:14:db:d5:f5:ec:40:c0:87:b7:1a:2b:e4:83: 0b:ce:13:d8:60:c6:10:0b:18:1b:78:7e:13:f8:ad:b4:5d:a6: 44:3a:08:e9:5f:f8:2c:13:cb:38:81:6c:52:10:3c:4c:95:4d: ae:01:68:a3:6d:e2:b9:e9:f7:14:d6:b8:95:e1:bb:78:5d:7f: 27:3a:44:40:5f:7f:09:b5:6b:c1:58:96:45:7d:e5:3b:d7:a2: d3:8f:af:ee:7b:d5:8d:6d:88:d6:47:0e:a4:e9:e2:fa:0f:59: 51:de:c5:82:62:82:04:cc:15:36:5f:9b:93:7d:bc:0f:27:c0: d2:97:7a:31:d1:79:44:2f:0f:42:ce:6e:d7:c1:c5:20:b8:86: 1d:93:d8:d0:4e:8d:47:7e:f3:38:c4:43:7e:8e:81:75:b5:a1: f8:f0:0d:53 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtmVkaTLzN9TPp2rdqi+wBPMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDliMzYyMGQ2Nzk4ZTdlYjE4NjYzOWM0NTQ4YTA2OTZhZjZl MzA1ODkwHhcNMjUxMjI4MTkwMTI4WhcNMjUxMjI5MTkwMTI4WjAzMTEwLwYDVQQD Eyg1OGEzZDAzNjRjNjJiYzdmOGRjMGZiY2QwMDlmNDQyNGY4MWQ3YWRmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyGSp4kpupNiJDqlcbJ+cppGRmPZz GGRGuzC3LNoFoV9xHBd+h92ZDoP+fIuI1Q6EUxOrxv9KxJOmOEvS++NNiEpfW3El rQZlC8W2SpPS1OsTJpIcO7nctG8R9m67cpZqSNYzbybH9Amm4XHqg4WjDsSazUIK Ao+hnLenmqm2GFVW3AF8UYShlh5zgzl1f0Oa5kot1veoM558NUqH08QBSFeIWjra VjC9xKVik1nbhqJdEQe5sTsKH8y8eEtzeQ1WBQUnbBhwRHgANCYzdA2Gnd4gJ5va eymWc/RO417N7qirx+YTPrKv7WeoYWNApI1OlA62akSHId5Ua3q/yJ7clQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFij0DZMYrx/jcD7zQCfRCT4HXrfMB8GA1UdIwQY MBaAFJs2INZ5jn6xhmOcRUigaWr24wWJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbXpZZzFubU9mckdHWTV4RlNLQnBhdmJqQllrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS82YjYwNGItNGVlZC00MzkzLThlOGMt Y2JhMDYzMWYyOTNmLzEvbXpZZzFubU9mckdHWTV4RlNLQnBhdmJqQllrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wZS82YjYwNGItNGVlZC00MzkzLThlOGMtY2JhMDYzMWYyOTNm LzEvbXpZZzFubU9mckdHWTV4RlNLQnBhdmJqQllrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUYL76CKW nfdmCbSHnr9XoNQMIH3swZ3ZSQ215JDFuVYnSOb33zaaXdIwBVzv5Nsms+XrcUpP o5OLOpvrdQYM92lfYcUfvPz34mRSPWkHCqtgmxC1dpMC2yvNn9cygJUU29X17EDA h7caK+SDC84T2GDGEAsYG3h+E/ittF2mRDoI6V/4LBPLOIFsUhA8TJVNrgFoo23i uen3FNa4leG7eF1/JzpEQF9/CbVrwViWRX3lO9ei04+v7nvVjW2I1kcOpOni+g9Z Ud7FgmKCBMwVNl+bk328DyfA0pd6MdF5RC8PQs5u18HFILiGHZPY0E6NR37zOMRD fo6BdbWh+PANUw== -----END CERTIFICATE-----Generated at Sun Dec 28 22:14:08 2025 by rpki-client