This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/5124d0-2b3f-4dab-857d-2e639fca4640/1/zCdbIX3x3piMohkqg64R3fQjpE8.mft File: zCdbIX3x3piMohkqg64R3fQjpE8.mft (raw, json) Hash identifier: a6wYqbHjmIt1lc6PQqCfuoXHuRRF+qB4WelVtnAmHcY= Subject key identifier: 48:AE:77:E8:68:3C:1B:EF:8E:91:91:9E:1E:6B:A0:CE:DB:82:C7:EA Authority key identifier: CC:27:5B:21:7D:F1:DE:98:8C:A2:19:2A:83:AE:11:DD:F4:23:A4:4F Certificate issuer: /CN=cc275b217df1de988ca2192a83ae11ddf423a44f Certificate serial: 019B47A64791E9D922E27A058D8D7248B299 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zCdbIX3x3piMohkqg64R3fQjpE8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/5124d0-2b3f-4dab-857d-2e639fca4640/1/zCdbIX3x3piMohkqg64R3fQjpE8.mft Manifest number: 0C45 Signing time: Mon 22 Dec 2025 20:00:38 +0000 Manifest this update: Mon 22 Dec 2025 20:00:38 +0000 Manifest next update: Tue 23 Dec 2025 20:00:38 +0000 Files and hashes: 1: Nr1R18FVhyzjXhL2YKl54Kz1CcM.roa (hash: Ka3gajN2kG5bn7od03MC2i4kFc5aTTook8osIu09I1U=) 2: zCdbIX3x3piMohkqg64R3fQjpE8.crl (hash: 3R8M7wVRReQbYA++fuJ0Aqnb0D+mXdjgs2390vN1U2A=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/5124d0-2b3f-4dab-857d-2e639fca4640/1/zCdbIX3x3piMohkqg64R3fQjpE8.crl rsync://rpki.ripe.net/repository/DEFAULT/aa/5124d0-2b3f-4dab-857d-2e639fca4640/1/zCdbIX3x3piMohkqg64R3fQjpE8.mft rsync://rpki.ripe.net/repository/DEFAULT/zCdbIX3x3piMohkqg64R3fQjpE8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 15:30:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:47:a6:47:91:e9:d9:22:e2:7a:05:8d:8d:72:48:b2:99 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cc275b217df1de988ca2192a83ae11ddf423a44f Validity Not Before: Dec 22 20:00:38 2025 GMT Not After : Dec 23 20:00:38 2025 GMT Subject: CN=48ae77e8683c1bef8e91919e1e6ba0cedb82c7ea Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:ad:d3:8e:e7:b4:0a:34:a6:57:fc:ae:a5:fa: 08:81:d8:d0:bf:5d:f3:1e:bf:91:92:83:9a:7f:08: 5b:06:17:92:ee:ff:12:13:26:ab:66:36:02:92:35: 49:62:8f:67:30:37:73:30:a6:9e:3a:e8:c9:d9:38: 90:df:a5:1d:ce:85:25:b4:5b:84:fe:26:1a:d3:5a: 91:84:28:94:54:71:ca:91:4d:01:5b:1f:cc:28:70: bd:71:a4:f9:81:a0:f5:1f:04:b3:85:d9:f4:66:6e: b8:c9:83:fe:68:06:db:52:5c:80:c8:91:2f:68:11: 6b:03:5c:f8:8d:50:7b:09:2b:03:ef:af:66:3a:b9: f7:6b:27:73:6f:f2:40:a6:d6:ca:76:73:07:e8:85: d7:5b:ae:b6:71:2e:aa:59:70:72:77:c6:1d:27:da: 9c:27:86:dc:8f:64:dd:57:6c:9b:09:c0:37:42:8d: 30:d6:e3:bd:66:8c:d8:bd:05:08:1a:b1:e3:e5:00: 1b:ab:4c:d9:12:f0:dc:f1:60:2f:bc:4e:ec:9f:3b: fa:89:01:a9:1a:83:ff:7c:2b:b4:e7:05:20:87:ef: 44:80:4d:6d:1b:00:45:38:43:8d:f7:8c:8a:16:c8: 5e:20:a4:cb:9f:30:cb:47:68:f7:97:7c:2d:00:ca: be:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 48:AE:77:E8:68:3C:1B:EF:8E:91:91:9E:1E:6B:A0:CE:DB:82:C7:EA X509v3 Authority Key Identifier: keyid:CC:27:5B:21:7D:F1:DE:98:8C:A2:19:2A:83:AE:11:DD:F4:23:A4:4F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zCdbIX3x3piMohkqg64R3fQjpE8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/5124d0-2b3f-4dab-857d-2e639fca4640/1/zCdbIX3x3piMohkqg64R3fQjpE8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/5124d0-2b3f-4dab-857d-2e639fca4640/1/zCdbIX3x3piMohkqg64R3fQjpE8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0c:aa:00:8a:28:84:10:16:e8:52:f1:5d:e8:59:a1:5f:ff:8e: 7d:45:f3:ab:35:51:3a:98:e0:c3:e1:6d:cf:bf:4a:91:42:dd: 44:6c:7f:8e:c7:e1:6d:b9:5c:f1:e5:c9:2b:f6:69:db:b9:ec: bb:ad:f0:4f:21:05:0c:8e:ed:a3:96:a9:d0:29:06:b4:94:ed: 36:16:58:c7:41:f9:26:5a:79:f8:46:77:45:99:7b:0b:81:ad: e5:9b:a6:08:3d:20:9e:00:42:2d:23:96:50:69:92:96:e5:b9: f5:c7:c9:e2:b9:dd:4a:2d:20:be:87:82:80:8a:a1:a7:41:4e: b1:33:d2:be:7b:b9:e6:43:5d:ec:6f:1b:73:14:29:fb:70:82: 54:c8:eb:ba:65:65:01:9a:bb:07:eb:0d:db:05:4c:9a:59:ea: 61:a5:29:a3:8d:66:e1:00:bc:6e:79:20:42:2b:2e:4a:bc:ec: 88:26:90:05:8b:e1:a4:c3:09:8e:07:fb:ed:17:55:48:0f:06: f0:3c:ec:e6:79:a8:99:08:48:83:86:ec:2b:05:dc:5b:e0:36: 69:1e:80:38:84:aa:24:4d:c7:26:19:43:ef:2a:34:3c:54:d1: 91:ac:87:76:50:b6:5f:ab:70:24:12:05:f2:c8:c4:8e:8c:86: ff:e7:0e:66 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtHpkeR6dki4noFjY1ySLKZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNjMjc1YjIxN2RmMWRlOTg4Y2EyMTkyYTgzYWUxMWRkZjQy M2E0NGYwHhcNMjUxMjIyMjAwMDM4WhcNMjUxMjIzMjAwMDM4WjAzMTEwLwYDVQQD Eyg0OGFlNzdlODY4M2MxYmVmOGU5MTkxOWUxZTZiYTBjZWRiODJjN2VhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsa3Tjue0CjSmV/yupfoIgdjQv13z Hr+RkoOafwhbBheS7v8SEyarZjYCkjVJYo9nMDdzMKaeOujJ2TiQ36UdzoUltFuE /iYa01qRhCiUVHHKkU0BWx/MKHC9caT5gaD1HwSzhdn0Zm64yYP+aAbbUlyAyJEv aBFrA1z4jVB7CSsD769mOrn3aydzb/JAptbKdnMH6IXXW662cS6qWXByd8YdJ9qc J4bcj2TdV2ybCcA3Qo0w1uO9ZozYvQUIGrHj5QAbq0zZEvDc8WAvvE7snzv6iQGp GoP/fCu05wUgh+9EgE1tGwBFOEON94yKFsheIKTLnzDLR2j3l3wtAMq+dwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEiud+hoPBvvjpGRnh5roM7bgsfqMB8GA1UdIwQY MBaAFMwnWyF98d6YjKIZKoOuEd30I6RPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvekNkYklYM3gzcGlNb2hrcWc2NFIzZlFqcEU4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS81MTI0ZDAtMmIzZi00ZGFiLTg1N2Qt MmU2MzlmY2E0NjQwLzEvekNkYklYM3gzcGlNb2hrcWc2NFIzZlFqcEU4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hYS81MTI0ZDAtMmIzZi00ZGFiLTg1N2QtMmU2MzlmY2E0NjQw LzEvekNkYklYM3gzcGlNb2hrcWc2NFIzZlFqcEU4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADKoAiiiE EBboUvFd6FmhX/+OfUXzqzVROpjgw+Ftz79KkULdRGx/jsfhbblc8eXJK/Zp27ns u63wTyEFDI7to5ap0CkGtJTtNhZYx0H5Jlp5+EZ3RZl7C4Gt5ZumCD0gngBCLSOW UGmSluW59cfJ4rndSi0gvoeCgIqhp0FOsTPSvnu55kNd7G8bcxQp+3CCVMjrumVl AZq7B+sN2wVMmlnqYaUpo41m4QC8bnkgQisuSrzsiCaQBYvhpMMJjgf77RdVSA8G 8Dzs5nmomQhIg4bsKwXcW+A2aR6AOISqJE3HJhlD7yo0PFTRkayHdlC2X6twJBIF 8sjEjoyG/+cOZg== -----END CERTIFICATE-----Generated at Mon Dec 22 22:59:56 2025 by rpki-client