This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/e8b89c-8268-402b-aa26-ead041774e07/1/Z2WiG1YbqGZc95-_RMMZWd4o8hY.mft File: Z2WiG1YbqGZc95-_RMMZWd4o8hY.mft (raw, json) Hash identifier: 98Jp2pmynNUkI51vw2IqnFdopCthDmKK6U+lQLq0J5I= Subject key identifier: 0D:B0:FB:49:4C:F0:CC:36:BF:AD:A5:69:4C:74:E3:14:D3:CC:25:D9 Authority key identifier: 67:65:A2:1B:56:1B:A8:66:5C:F7:9F:BF:44:C3:19:59:DE:28:F2:16 Certificate issuer: /CN=6765a21b561ba8665cf79fbf44c31959de28f216 Certificate serial: 019B3EA34BF56FCCEB2C3A37224E63F59486 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z2WiG1YbqGZc95-_RMMZWd4o8hY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/e8b89c-8268-402b-aa26-ead041774e07/1/Z2WiG1YbqGZc95-_RMMZWd4o8hY.mft Manifest number: 08D2 Signing time: Sun 21 Dec 2025 02:00:47 +0000 Manifest this update: Sun 21 Dec 2025 02:00:47 +0000 Manifest next update: Mon 22 Dec 2025 02:00:47 +0000 Files and hashes: 1: 0v4Q3A_w9M1p1YcV4-7Pe389fdU.roa (hash: WhKTFW0tZdeh1NFz5izqlimm3sG/vP+EpF9M2Z10RmY=) 2: Z2WiG1YbqGZc95-_RMMZWd4o8hY.crl (hash: J4uklrIVDl9PJF7+8xWWR3xPgTS7Zadzczft/RyEvqs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/e8b89c-8268-402b-aa26-ead041774e07/1/Z2WiG1YbqGZc95-_RMMZWd4o8hY.crl rsync://rpki.ripe.net/repository/DEFAULT/ba/e8b89c-8268-402b-aa26-ead041774e07/1/Z2WiG1YbqGZc95-_RMMZWd4o8hY.mft rsync://rpki.ripe.net/repository/DEFAULT/Z2WiG1YbqGZc95-_RMMZWd4o8hY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 02:00:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3e:a3:4b:f5:6f:cc:eb:2c:3a:37:22:4e:63:f5:94:86 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6765a21b561ba8665cf79fbf44c31959de28f216 Validity Not Before: Dec 21 02:00:47 2025 GMT Not After : Dec 22 02:00:47 2025 GMT Subject: CN=0db0fb494cf0cc36bfada5694c74e314d3cc25d9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:87:cc:13:e5:cf:ac:47:11:86:3e:6d:aa:08:a4: fe:52:c8:bc:9f:42:12:9b:93:2a:cd:fd:b6:bb:48: 5f:87:cd:4f:af:f7:9d:9e:9f:c3:a1:9a:0f:ed:f5: 0f:79:90:f1:9d:04:61:c5:5c:53:18:77:85:41:51: 08:38:2c:d6:96:7b:bc:8e:6a:3d:f4:b2:68:3e:25: cd:a0:b0:b5:ce:2c:28:20:dc:be:cc:e7:a0:02:bb: a5:18:50:2b:c0:04:07:8a:18:2e:80:a5:bb:f2:ff: b5:4e:ba:4a:ea:63:8d:0b:61:a7:00:27:d7:54:43: 2a:7d:43:d6:6f:59:03:b2:46:e8:44:47:e4:e2:64: b9:90:51:d4:da:1f:7f:8b:7d:3b:79:7a:0d:b8:06: 78:0e:d3:b8:79:9d:b4:78:2c:cf:19:cc:e8:4c:cf: d4:3d:b3:a0:c3:2b:71:a7:a4:6e:57:44:73:ed:19: 13:53:41:5f:f8:41:10:cf:7a:f6:58:47:4f:c5:0c: 50:64:ef:a2:65:d2:1a:a0:33:e2:d4:d5:3a:96:30: f2:d9:d8:82:b6:84:8d:5a:a3:6d:86:36:84:64:e8: c9:9a:59:02:2a:29:5e:11:39:a8:b6:58:fb:85:e0: de:78:4f:23:6b:9b:17:a9:9b:6f:cb:80:ff:df:d4: 1a:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0D:B0:FB:49:4C:F0:CC:36:BF:AD:A5:69:4C:74:E3:14:D3:CC:25:D9 X509v3 Authority Key Identifier: keyid:67:65:A2:1B:56:1B:A8:66:5C:F7:9F:BF:44:C3:19:59:DE:28:F2:16 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z2WiG1YbqGZc95-_RMMZWd4o8hY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/e8b89c-8268-402b-aa26-ead041774e07/1/Z2WiG1YbqGZc95-_RMMZWd4o8hY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/e8b89c-8268-402b-aa26-ead041774e07/1/Z2WiG1YbqGZc95-_RMMZWd4o8hY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3b:54:06:fe:f7:6f:46:d2:d9:72:14:ec:1b:a3:4e:bd:b0:d6: 07:3d:a7:9f:fe:71:87:af:a8:ac:f5:0b:97:8d:c3:3e:29:7a: af:b7:67:4e:2f:b4:32:ae:62:12:e2:8e:95:1a:ec:68:91:59: ee:63:1a:f8:42:c8:c0:d1:1e:bd:c5:01:f0:0f:23:55:dd:7a: 62:61:04:b5:74:f0:79:3f:d8:f9:4d:7a:08:a7:0f:b8:95:68: 3c:81:cf:05:84:aa:12:27:bf:dc:6b:94:fb:26:72:db:47:c7: eb:15:38:74:dd:6e:8f:72:77:e0:fd:16:50:41:96:81:ff:99: d6:83:c8:96:59:a1:f4:d3:bb:c9:59:44:18:ee:79:60:51:8b: 5a:b2:62:1f:c1:11:a6:13:af:46:03:b4:5f:c6:c8:5a:2c:9c: 34:e5:41:06:eb:54:76:33:3c:c6:b7:21:f5:40:12:90:3b:2d: 3b:de:e5:37:44:b7:5b:b2:a2:01:a7:96:84:5d:cd:0f:30:4e: fb:0c:e4:33:f8:9f:ab:26:b2:0b:53:2f:69:8e:7c:e1:26:bb: b9:1d:2d:48:41:f0:de:b3:92:cf:59:1c:b1:94:1e:d7:ca:68: 7d:b9:6f:73:a3:80:15:2a:20:e4:cf:24:89:22:31:75:25:b5: ac:1e:4e:50 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs+o0v1b8zrLDo3Ik5j9ZSGMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY3NjVhMjFiNTYxYmE4NjY1Y2Y3OWZiZjQ0YzMxOTU5ZGUy OGYyMTYwHhcNMjUxMjIxMDIwMDQ3WhcNMjUxMjIyMDIwMDQ3WjAzMTEwLwYDVQQD EygwZGIwZmI0OTRjZjBjYzM2YmZhZGE1Njk0Yzc0ZTMxNGQzY2MyNWQ5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh8wT5c+sRxGGPm2qCKT+Usi8n0IS m5Mqzf22u0hfh81Pr/ednp/DoZoP7fUPeZDxnQRhxVxTGHeFQVEIOCzWlnu8jmo9 9LJoPiXNoLC1ziwoINy+zOegArulGFArwAQHihgugKW78v+1TrpK6mONC2GnACfX VEMqfUPWb1kDskboREfk4mS5kFHU2h9/i307eXoNuAZ4DtO4eZ20eCzPGczoTM/U PbOgwytxp6RuV0Rz7RkTU0Ff+EEQz3r2WEdPxQxQZO+iZdIaoDPi1NU6ljDy2diC toSNWqNthjaEZOjJmlkCKileETmotlj7heDeeE8ja5sXqZtvy4D/39QakwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFA2w+0lM8Mw2v62laUx04xTTzCXZMB8GA1UdIwQY MBaAFGdlohtWG6hmXPefv0TDGVneKPIWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWjJXaUcxWWJxR1pjOTUtX1JNTVpXZDRvOGhZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9lOGI4OWMtODI2OC00MDJiLWFhMjYt ZWFkMDQxNzc0ZTA3LzEvWjJXaUcxWWJxR1pjOTUtX1JNTVpXZDRvOGhZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYS9lOGI4OWMtODI2OC00MDJiLWFhMjYtZWFkMDQxNzc0ZTA3 LzEvWjJXaUcxWWJxR1pjOTUtX1JNTVpXZDRvOGhZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO1QG/vdv RtLZchTsG6NOvbDWBz2nn/5xh6+orPULl43DPil6r7dnTi+0Mq5iEuKOlRrsaJFZ 7mMa+ELIwNEevcUB8A8jVd16YmEEtXTweT/Y+U16CKcPuJVoPIHPBYSqEie/3GuU +yZy20fH6xU4dN1uj3J34P0WUEGWgf+Z1oPIllmh9NO7yVlEGO55YFGLWrJiH8ER phOvRgO0X8bIWiycNOVBButUdjM8xrch9UASkDstO97lN0S3W7KiAaeWhF3NDzBO +wzkM/ifqyayC1MvaY584Sa7uR0tSEHw3rOSz1kcsZQe18pofblvc6OAFSog5M8k iSIxdSW1rB5OUA== -----END CERTIFICATE-----Generated at Sun Dec 21 12:11:36 2025 by rpki-client