This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/7a1274-03ac-494d-ba8e-cfcffa3c0665/1/zT5kktRzFSDB7tvNopZ5UArAg6s.mft File: zT5kktRzFSDB7tvNopZ5UArAg6s.mft (raw, json) Hash identifier: LFSHuRXqs6hzJIKTS7EnVwkLWuk3wld8DsXNRx0rpnA= Subject key identifier: F1:0C:45:A2:C0:82:93:E3:36:C5:10:D9:C4:D4:3E:6D:73:22:D3:23 Authority key identifier: CD:3E:64:92:D4:73:15:20:C1:EE:DB:CD:A2:96:79:50:0A:C0:83:AB Certificate issuer: /CN=cd3e6492d4731520c1eedbcda29679500ac083ab Certificate serial: 019B71B58CD602C3CE60B2B74504338A86F7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zT5kktRzFSDB7tvNopZ5UArAg6s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/7a1274-03ac-494d-ba8e-cfcffa3c0665/1/zT5kktRzFSDB7tvNopZ5UArAg6s.mft Manifest number: 0671 Signing time: Wed 31 Dec 2025 00:01:22 +0000 Manifest this update: Wed 31 Dec 2025 00:01:22 +0000 Manifest next update: Thu 01 Jan 2026 00:01:22 +0000 Files and hashes: 1: COOSirhVHTLVRSIt4NAQH8L8vr4.roa (hash: tu1lQ0uqkhi4vcEmV6leM3hmh+odZkH5lyLz+npAcNE=) 2: zT5kktRzFSDB7tvNopZ5UArAg6s.crl (hash: CkbkULg6KFT26eF2lNvrmQA5Q/qmewskEl01TON+YF0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/7a1274-03ac-494d-ba8e-cfcffa3c0665/1/zT5kktRzFSDB7tvNopZ5UArAg6s.crl rsync://rpki.ripe.net/repository/DEFAULT/69/7a1274-03ac-494d-ba8e-cfcffa3c0665/1/zT5kktRzFSDB7tvNopZ5UArAg6s.mft rsync://rpki.ripe.net/repository/DEFAULT/zT5kktRzFSDB7tvNopZ5UArAg6s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 31 Dec 2025 23:41:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:71:b5:8c:d6:02:c3:ce:60:b2:b7:45:04:33:8a:86:f7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cd3e6492d4731520c1eedbcda29679500ac083ab Validity Not Before: Dec 31 00:01:22 2025 GMT Not After : Jan 1 00:01:22 2026 GMT Subject: CN=f10c45a2c08293e336c510d9c4d43e6d7322d323 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:85:79:d8:43:81:31:7b:4c:37:cd:99:72:29:46: 84:d0:0e:ca:fc:d9:01:59:ae:ba:4e:d9:5d:36:be: b9:42:90:cb:d2:55:24:30:c2:0a:73:5a:ba:8a:a9: 58:eb:45:4a:2e:6e:f3:b8:31:30:c7:8d:0f:eb:f4: 99:89:2d:b1:61:1e:c9:9d:22:e3:6a:62:fc:3d:a9: 38:c2:62:10:49:d3:d1:95:91:6f:ed:46:81:ba:94: 52:bb:8f:b5:0b:28:38:b9:5a:c4:f3:c8:6d:16:2e: ca:e6:f1:f6:84:7c:dc:51:31:db:bb:cb:04:62:06: 8a:02:2f:44:7a:2b:db:d3:e6:53:8f:fb:07:76:a6: 2b:2d:99:82:42:6c:a5:24:44:f7:7e:30:58:aa:55: 31:1d:b7:62:ca:a3:0a:4b:7b:96:f1:14:e9:31:3f: 82:79:05:7b:c4:37:e6:c1:fb:d6:2c:9b:f4:99:a4: ff:3a:be:b2:e7:23:ed:72:19:03:77:c4:df:e0:2d: 56:cb:96:3f:09:2b:a7:5f:11:a7:dc:79:5e:b9:83: fa:8a:c3:d5:84:b6:be:7c:12:58:29:f5:d1:9b:8c: c9:44:3c:e4:b3:1b:b4:0b:22:09:b1:ae:20:e6:90: 7e:eb:b3:6b:de:fb:2e:9f:35:cc:3c:99:29:db:23: b7:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F1:0C:45:A2:C0:82:93:E3:36:C5:10:D9:C4:D4:3E:6D:73:22:D3:23 X509v3 Authority Key Identifier: keyid:CD:3E:64:92:D4:73:15:20:C1:EE:DB:CD:A2:96:79:50:0A:C0:83:AB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zT5kktRzFSDB7tvNopZ5UArAg6s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/7a1274-03ac-494d-ba8e-cfcffa3c0665/1/zT5kktRzFSDB7tvNopZ5UArAg6s.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/69/7a1274-03ac-494d-ba8e-cfcffa3c0665/1/zT5kktRzFSDB7tvNopZ5UArAg6s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 58:83:04:a0:d6:57:55:62:81:52:bf:5c:e9:98:cb:69:38:0d: 66:89:c2:bf:2c:50:22:7c:12:53:40:c8:f9:ed:71:a3:b4:7e: b0:7f:ca:04:86:f0:ad:11:35:4e:84:a7:c7:9c:c6:62:5f:63: d8:bb:bf:96:96:a2:04:1e:49:c6:ec:0a:11:d7:b2:b5:e6:d4: 19:47:2e:cf:28:39:7f:dc:1d:fa:af:7a:e6:79:f1:e8:58:9e: e4:45:96:f7:ba:98:89:32:c4:b7:32:51:a1:61:f9:86:d7:3f: 15:9d:74:d1:34:b9:f0:d4:a6:7f:33:84:13:82:88:41:15:23: cb:b3:57:28:ba:88:ea:33:c5:f7:1f:f5:b6:9e:dc:0e:b0:ba: e3:94:d8:2a:e9:86:66:a0:1c:0d:8f:15:f5:21:c7:0b:9a:1e: c3:45:53:a3:51:86:aa:0c:5b:00:e1:e9:30:93:45:57:3f:43: 12:4d:90:0e:98:f0:84:9a:df:72:f1:9f:50:a1:47:79:ad:6a: ac:1c:33:be:30:af:16:da:e4:6d:97:47:68:99:f5:65:44:d9: 78:0e:d7:c0:9a:08:53:d8:f2:cb:b7:f4:ff:9f:7b:bf:ff:57: 61:c4:01:57:7f:08:65:31:de:57:0e:31:0f:72:5d:eb:36:86: 52:0e:04:67 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtxtYzWAsPOYLK3RQQziob3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNkM2U2NDkyZDQ3MzE1MjBjMWVlZGJjZGEyOTY3OTUwMGFj MDgzYWIwHhcNMjUxMjMxMDAwMTIyWhcNMjYwMTAxMDAwMTIyWjAzMTEwLwYDVQQD EyhmMTBjNDVhMmMwODI5M2UzMzZjNTEwZDljNGQ0M2U2ZDczMjJkMzIzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhXnYQ4Exe0w3zZlyKUaE0A7K/NkB Wa66TtldNr65QpDL0lUkMMIKc1q6iqlY60VKLm7zuDEwx40P6/SZiS2xYR7JnSLj amL8Pak4wmIQSdPRlZFv7UaBupRSu4+1Cyg4uVrE88htFi7K5vH2hHzcUTHbu8sE YgaKAi9Eeivb0+ZTj/sHdqYrLZmCQmylJET3fjBYqlUxHbdiyqMKS3uW8RTpMT+C eQV7xDfmwfvWLJv0maT/Or6y5yPtchkDd8Tf4C1Wy5Y/CSunXxGn3HleuYP6isPV hLa+fBJYKfXRm4zJRDzksxu0CyIJsa4g5pB+67Nr3vsunzXMPJkp2yO3xwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPEMRaLAgpPjNsUQ2cTUPm1zItMjMB8GA1UdIwQY MBaAFM0+ZJLUcxUgwe7bzaKWeVAKwIOrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvelQ1a2t0UnpGU0RCN3R2Tm9wWjVVQXJBZzZzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS83YTEyNzQtMDNhYy00OTRkLWJhOGUt Y2ZjZmZhM2MwNjY1LzEvelQ1a2t0UnpGU0RCN3R2Tm9wWjVVQXJBZzZzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82OS83YTEyNzQtMDNhYy00OTRkLWJhOGUtY2ZjZmZhM2MwNjY1 LzEvelQ1a2t0UnpGU0RCN3R2Tm9wWjVVQXJBZzZzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWIMEoNZX VWKBUr9c6ZjLaTgNZonCvyxQInwSU0DI+e1xo7R+sH/KBIbwrRE1ToSnx5zGYl9j 2Lu/lpaiBB5JxuwKEdeytebUGUcuzyg5f9wd+q965nnx6Fie5EWW97qYiTLEtzJR oWH5htc/FZ100TS58NSmfzOEE4KIQRUjy7NXKLqI6jPF9x/1tp7cDrC645TYKumG ZqAcDY8V9SHHC5oew0VTo1GGqgxbAOHpMJNFVz9DEk2QDpjwhJrfcvGfUKFHea1q rBwzvjCvFtrkbZdHaJn1ZUTZeA7XwJoIU9jyy7f0/597v/9XYcQBV38IZTHeVw4x D3Jd6zaGUg4EZw== -----END CERTIFICATE-----Generated at Wed Dec 31 02:00:23 2025 by rpki-client