This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/bd75b1-174b-417c-8750-eb8a453bc56e/1/ZgiZEzMp-qW1cWsclfuvkwIfvGE.mft File: ZgiZEzMp-qW1cWsclfuvkwIfvGE.mft (raw, json) Hash identifier: I3lpwfYRwDiYNy+pg7k/bCfL20eG3/erf8Cn7H6IH6c= Subject key identifier: E8:88:2C:97:D9:78:33:E6:9D:AD:9F:0B:9A:A5:20:48:23:03:A9:68 Authority key identifier: 66:08:99:13:33:29:FA:A5:B5:71:6B:1C:95:FB:AF:93:02:1F:BC:61 Certificate issuer: /CN=660899133329faa5b5716b1c95fbaf93021fbc61 Certificate serial: 019B77EDB9C9506F90D1508F7C4EB7515864 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZgiZEzMp-qW1cWsclfuvkwIfvGE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/bd75b1-174b-417c-8750-eb8a453bc56e/1/ZgiZEzMp-qW1cWsclfuvkwIfvGE.mft Manifest number: 0E8B Signing time: Thu 01 Jan 2026 05:00:26 +0000 Manifest this update: Thu 01 Jan 2026 05:00:26 +0000 Manifest next update: Fri 02 Jan 2026 05:00:26 +0000 Files and hashes: 1: RA9kR943QDfswVQ2De2E5cFSYaU.roa (hash: jCT5nXHXTc0Nn3QbV8+Qje22n9CHMzdTyZ/tDlKS5Ck=) 2: ZgiZEzMp-qW1cWsclfuvkwIfvGE.crl (hash: 8qSEGVX3ZqPrruMPAJIyypF9RUSHdSCcEOPR6KJQWnQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/bd75b1-174b-417c-8750-eb8a453bc56e/1/ZgiZEzMp-qW1cWsclfuvkwIfvGE.crl rsync://rpki.ripe.net/repository/DEFAULT/41/bd75b1-174b-417c-8750-eb8a453bc56e/1/ZgiZEzMp-qW1cWsclfuvkwIfvGE.mft rsync://rpki.ripe.net/repository/DEFAULT/ZgiZEzMp-qW1cWsclfuvkwIfvGE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 02 Jan 2026 00:18:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:ed:b9:c9:50:6f:90:d1:50:8f:7c:4e:b7:51:58:64 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=660899133329faa5b5716b1c95fbaf93021fbc61 Validity Not Before: Jan 1 05:00:26 2026 GMT Not After : Jan 2 05:00:26 2026 GMT Subject: CN=e8882c97d97833e69dad9f0b9aa520482303a968 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:2d:b8:77:89:72:57:b8:2f:c2:47:82:85:3f: d8:de:bd:1f:a9:0c:3c:28:a7:1b:99:9e:74:5d:72: b5:0a:45:e8:f1:86:fd:01:b7:a0:0f:5e:c4:01:d2: 23:23:c6:db:64:01:db:69:1b:e1:c3:94:a5:31:09: 22:44:de:04:88:63:17:ab:3d:ca:df:34:2a:ab:50: 5d:c2:d5:68:2b:74:df:72:d6:84:05:b2:7f:59:cb: 29:f3:b5:f8:16:98:b2:d4:cd:b4:70:3e:cd:90:f4: af:64:8b:66:05:b2:dc:4c:e3:75:7c:2e:52:42:e5: 82:d8:15:ae:e4:12:65:77:c8:f5:d3:bf:24:6d:d6: 6d:d5:d1:01:f1:1b:25:98:b3:db:63:37:7c:5d:68: 35:22:b9:8e:4e:1f:15:b9:e7:e4:03:8c:44:e1:21: 76:28:47:8f:52:0c:65:5c:38:39:64:89:25:8a:e7: b0:49:c6:74:0f:a6:04:8f:9d:ee:63:92:e4:46:21: bf:36:34:ff:53:c8:87:3a:8c:ab:27:e1:75:10:2f: 16:b9:e7:28:a3:ad:dd:09:b5:ce:ca:75:b9:20:f9: ed:17:8c:37:92:b1:9c:7e:ab:48:60:1b:7c:64:42: fc:84:e1:24:81:b6:12:8c:7b:e6:fa:2a:5a:25:d7: d4:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E8:88:2C:97:D9:78:33:E6:9D:AD:9F:0B:9A:A5:20:48:23:03:A9:68 X509v3 Authority Key Identifier: keyid:66:08:99:13:33:29:FA:A5:B5:71:6B:1C:95:FB:AF:93:02:1F:BC:61 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZgiZEzMp-qW1cWsclfuvkwIfvGE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/bd75b1-174b-417c-8750-eb8a453bc56e/1/ZgiZEzMp-qW1cWsclfuvkwIfvGE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/41/bd75b1-174b-417c-8750-eb8a453bc56e/1/ZgiZEzMp-qW1cWsclfuvkwIfvGE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 91:86:f8:0d:f7:3d:e2:18:06:53:35:ba:2c:95:9b:d8:5f:c0: 53:99:9e:ee:54:bf:05:24:ea:29:d4:2d:de:46:d8:7f:85:6c: c7:9c:35:d4:fc:83:ac:0d:af:95:77:64:4b:bb:12:f9:8e:f4: 6a:87:74:df:97:a5:64:71:89:af:bd:18:27:ae:35:49:f9:e0: 41:fd:f6:15:53:8a:a0:3f:f7:ca:99:f7:ed:c4:2f:c7:e1:11: 9f:42:55:d1:3f:23:c9:87:20:dd:53:60:a4:39:b9:85:47:39: 38:a8:8a:ae:85:4b:9a:2f:53:b8:24:99:35:62:ec:b4:68:9e: 58:e6:27:10:5a:57:d3:03:34:3f:6e:ff:d0:02:f1:c4:9f:5d: 83:cd:9a:b3:ca:bd:4a:e8:75:f6:9e:ea:21:4c:de:fc:58:d9: 48:c2:f4:e0:cf:95:36:9c:dc:e2:2e:81:80:2a:80:99:b8:32: b1:90:16:8b:81:cf:83:8d:49:b3:95:9f:0e:c2:c1:d6:a7:cd: 82:f7:dd:9b:27:2e:28:06:7d:1c:d9:34:c4:88:79:90:48:e0: bc:32:5f:0a:d2:7e:2f:66:65:5e:90:30:c3:11:f5:2e:94:dc: f6:99:65:cb:a4:53:05:e8:df:01:8c:79:df:0a:76:de:4a:60: d4:44:38:2a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZt37bnJUG+Q0VCPfE63UVhkMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY2MDg5OTEzMzMyOWZhYTViNTcxNmIxYzk1ZmJhZjkzMDIx ZmJjNjEwHhcNMjYwMTAxMDUwMDI2WhcNMjYwMTAyMDUwMDI2WjAzMTEwLwYDVQQD EyhlODg4MmM5N2Q5NzgzM2U2OWRhZDlmMGI5YWE1MjA0ODIzMDNhOTY4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuS24d4lyV7gvwkeChT/Y3r0fqQw8 KKcbmZ50XXK1CkXo8Yb9AbegD17EAdIjI8bbZAHbaRvhw5SlMQkiRN4EiGMXqz3K 3zQqq1BdwtVoK3TfctaEBbJ/Wcsp87X4Fpiy1M20cD7NkPSvZItmBbLcTON1fC5S QuWC2BWu5BJld8j1078kbdZt1dEB8RslmLPbYzd8XWg1IrmOTh8VuefkA4xE4SF2 KEePUgxlXDg5ZIkliuewScZ0D6YEj53uY5LkRiG/NjT/U8iHOoyrJ+F1EC8Wueco o63dCbXOynW5IPntF4w3krGcfqtIYBt8ZEL8hOEkgbYSjHvm+ipaJdfUbwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOiILJfZeDPmna2fC5qlIEgjA6loMB8GA1UdIwQY MBaAFGYImRMzKfqltXFrHJX7r5MCH7xhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWmdpWkV6TXAtcVcxY1dzY2xmdXZrd0lmdkdFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS9iZDc1YjEtMTc0Yi00MTdjLTg3NTAt ZWI4YTQ1M2JjNTZlLzEvWmdpWkV6TXAtcVcxY1dzY2xmdXZrd0lmdkdFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80MS9iZDc1YjEtMTc0Yi00MTdjLTg3NTAtZWI4YTQ1M2JjNTZl LzEvWmdpWkV6TXAtcVcxY1dzY2xmdXZrd0lmdkdFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkYb4Dfc9 4hgGUzW6LJWb2F/AU5me7lS/BSTqKdQt3kbYf4Vsx5w11PyDrA2vlXdkS7sS+Y70 aod035elZHGJr70YJ641SfngQf32FVOKoD/3ypn37cQvx+ERn0JV0T8jyYcg3VNg pDm5hUc5OKiKroVLmi9TuCSZNWLstGieWOYnEFpX0wM0P27/0ALxxJ9dg82as8q9 Suh19p7qIUze/FjZSML04M+VNpzc4i6BgCqAmbgysZAWi4HPg41Js5WfDsLB1qfN gvfdmycuKAZ9HNk0xIh5kEjgvDJfCtJ+L2ZlXpAwwxH1LpTc9plly6RTBejfAYx5 3wp23kpg1EQ4Kg== -----END CERTIFICATE-----Generated at Thu Jan 1 08:45:55 2026 by rpki-client