This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/c424d1-27fd-4f47-bb71-73d218a4903e/1/Zw7FMGg5PZDbYB7CleQpCFJeEMI.mft File: Zw7FMGg5PZDbYB7CleQpCFJeEMI.mft (raw, json) Hash identifier: k0iO0ELdCHR8sfL2HsjbjqbsNKvwyaMQVCDWCjZEdBA= Subject key identifier: 0C:66:C8:29:E6:82:64:2D:EF:92:17:86:89:4C:02:6F:A6:3D:4C:F5 Authority key identifier: 67:0E:C5:30:68:39:3D:90:DB:60:1E:C2:95:E4:29:08:52:5E:10:C2 Certificate issuer: /CN=670ec53068393d90db601ec295e42908525e10c2 Certificate serial: 019B3E6D96C6B537DD01F52EEBA43BE6E69B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zw7FMGg5PZDbYB7CleQpCFJeEMI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/c424d1-27fd-4f47-bb71-73d218a4903e/1/Zw7FMGg5PZDbYB7CleQpCFJeEMI.mft Manifest number: 0E73 Signing time: Sun 21 Dec 2025 01:02:07 +0000 Manifest this update: Sun 21 Dec 2025 01:02:07 +0000 Manifest next update: Mon 22 Dec 2025 01:02:07 +0000 Files and hashes: 1: Zw7FMGg5PZDbYB7CleQpCFJeEMI.crl (hash: CMU62GMyWWdK+9QbmhUjdbOuHKk1YztXS6f8mAq7Xfk=) 2: g-_eT5ct7bDp65zymgf5llHzTKc.roa (hash: 6qrqxL/Wtd1D30D40m2/VyQoFXL4FQNDdMtRsZ56brc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/c424d1-27fd-4f47-bb71-73d218a4903e/1/Zw7FMGg5PZDbYB7CleQpCFJeEMI.crl rsync://rpki.ripe.net/repository/DEFAULT/53/c424d1-27fd-4f47-bb71-73d218a4903e/1/Zw7FMGg5PZDbYB7CleQpCFJeEMI.mft rsync://rpki.ripe.net/repository/DEFAULT/Zw7FMGg5PZDbYB7CleQpCFJeEMI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3e:6d:96:c6:b5:37:dd:01:f5:2e:eb:a4:3b:e6:e6:9b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=670ec53068393d90db601ec295e42908525e10c2 Validity Not Before: Dec 21 01:02:07 2025 GMT Not After : Dec 22 01:02:07 2025 GMT Subject: CN=0c66c829e682642def921786894c026fa63d4cf5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:1e:a5:6b:79:6f:40:7f:2b:6d:ac:64:9b:38: 60:be:07:b9:74:dc:c2:23:b2:20:ae:8a:59:15:2c: 2a:85:b2:52:85:85:88:72:57:c5:db:36:7d:be:28: 6e:a7:e4:f1:e2:02:a9:64:c8:e8:d0:21:6a:9a:61: f3:62:4a:0d:0b:49:e0:68:f3:46:dd:bd:9a:8a:b2: 6a:bb:21:02:53:1e:a4:ab:6c:cf:9c:24:81:ae:7a: 2c:4a:b2:b7:ae:fa:d6:4f:69:30:9f:c9:03:a3:0e: 31:b3:31:b8:05:b0:b0:5c:0a:8e:ff:3a:47:c9:ba: 18:ca:21:69:6e:42:7b:1d:b2:ae:09:7d:12:4a:54: 87:5f:11:7a:a7:db:4e:7d:98:f9:bf:93:bf:d6:4a: cc:8a:8e:82:4b:44:03:43:96:c7:05:22:12:b9:83: 40:6f:7a:82:58:09:ef:06:a4:17:0a:49:3b:87:99: e1:ec:3b:db:95:e7:ff:b3:2b:1d:75:08:fc:d0:56: 83:c9:20:c0:7c:8b:0b:22:00:99:ce:16:51:e1:bb: 7a:0f:65:d6:7d:2f:36:9b:a8:07:b5:f5:8a:04:54: 37:76:27:96:ad:8a:ac:87:f3:30:69:51:02:12:87: ae:05:35:bf:7b:58:00:71:db:a2:aa:bf:5b:33:37: e0:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:66:C8:29:E6:82:64:2D:EF:92:17:86:89:4C:02:6F:A6:3D:4C:F5 X509v3 Authority Key Identifier: keyid:67:0E:C5:30:68:39:3D:90:DB:60:1E:C2:95:E4:29:08:52:5E:10:C2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zw7FMGg5PZDbYB7CleQpCFJeEMI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/c424d1-27fd-4f47-bb71-73d218a4903e/1/Zw7FMGg5PZDbYB7CleQpCFJeEMI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/53/c424d1-27fd-4f47-bb71-73d218a4903e/1/Zw7FMGg5PZDbYB7CleQpCFJeEMI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3e:7f:fb:54:b4:08:66:27:cc:91:b1:ea:39:d2:f7:1b:6e:eb: 17:17:ed:5e:88:f4:ed:0f:67:8c:86:bf:cc:55:e8:db:59:74: 9d:79:bf:3e:5b:99:04:4e:21:b9:9c:cb:1c:42:28:13:f4:28: 38:27:5f:fc:53:88:78:d9:be:31:85:65:c9:7d:5c:74:aa:66: 85:28:f0:74:8a:e4:6f:1c:68:13:73:ee:cb:23:6d:88:be:7b: 90:e5:ce:9e:4a:3b:fd:c8:45:cb:05:c2:56:9f:31:47:02:2b: db:2a:b2:fe:c2:4d:7e:ae:55:e2:c4:48:78:37:0f:bf:8c:69: 0c:59:fe:ea:2a:b0:82:83:65:73:bd:48:6a:65:20:f2:47:de: 82:2d:b8:81:85:02:18:12:65:ae:0a:7b:1e:b2:ae:ec:a6:4d: 14:9c:9b:94:81:27:db:a4:bc:a7:97:0b:d4:a8:fb:89:fa:ef: c2:22:6a:d1:96:92:58:b7:ec:b5:20:57:e1:22:74:e6:73:e0: 52:fd:6b:2e:65:65:56:3c:9a:fa:8c:1d:32:b8:bd:80:e7:e6: 1e:b6:e3:ec:0d:e1:de:6e:30:bb:61:f6:0e:c5:33:cd:f9:75: e3:ba:ad:32:60:e3:c2:2e:d0:c5:f4:6e:33:d1:e1:2e:3e:83: 02:b7:ec:da -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs+bZbGtTfdAfUu66Q75uabMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY3MGVjNTMwNjgzOTNkOTBkYjYwMWVjMjk1ZTQyOTA4NTI1 ZTEwYzIwHhcNMjUxMjIxMDEwMjA3WhcNMjUxMjIyMDEwMjA3WjAzMTEwLwYDVQQD EygwYzY2YzgyOWU2ODI2NDJkZWY5MjE3ODY4OTRjMDI2ZmE2M2Q0Y2Y1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4h6la3lvQH8rbaxkmzhgvge5dNzC I7IgropZFSwqhbJShYWIclfF2zZ9vihup+Tx4gKpZMjo0CFqmmHzYkoNC0ngaPNG 3b2airJquyECUx6kq2zPnCSBrnosSrK3rvrWT2kwn8kDow4xszG4BbCwXAqO/zpH yboYyiFpbkJ7HbKuCX0SSlSHXxF6p9tOfZj5v5O/1krMio6CS0QDQ5bHBSISuYNA b3qCWAnvBqQXCkk7h5nh7Dvblef/sysddQj80FaDySDAfIsLIgCZzhZR4bt6D2XW fS82m6gHtfWKBFQ3dieWrYqsh/MwaVECEoeuBTW/e1gAcduiqr9bMzfggwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAxmyCnmgmQt75IXholMAm+mPUz1MB8GA1UdIwQY MBaAFGcOxTBoOT2Q22AewpXkKQhSXhDCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWnc3Rk1HZzVQWkRiWUI3Q2xlUXBDRkplRU1JLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9jNDI0ZDEtMjdmZC00ZjQ3LWJiNzEt NzNkMjE4YTQ5MDNlLzEvWnc3Rk1HZzVQWkRiWUI3Q2xlUXBDRkplRU1JLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81My9jNDI0ZDEtMjdmZC00ZjQ3LWJiNzEtNzNkMjE4YTQ5MDNl LzEvWnc3Rk1HZzVQWkRiWUI3Q2xlUXBDRkplRU1JLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPn/7VLQI ZifMkbHqOdL3G27rFxftXoj07Q9njIa/zFXo21l0nXm/PluZBE4huZzLHEIoE/Qo OCdf/FOIeNm+MYVlyX1cdKpmhSjwdIrkbxxoE3PuyyNtiL57kOXOnko7/chFywXC Vp8xRwIr2yqy/sJNfq5V4sRIeDcPv4xpDFn+6iqwgoNlc71IamUg8kfegi24gYUC GBJlrgp7HrKu7KZNFJyblIEn26S8p5cL1Kj7ifrvwiJq0ZaSWLfstSBX4SJ05nPg Uv1rLmVlVjya+owdMri9gOfmHrbj7A3h3m4wu2H2DsUzzfl147qtMmDjwi7QxfRu M9HhLj6DArfs2g== -----END CERTIFICATE-----Generated at Sun Dec 21 06:07:30 2025 by rpki-client