This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/b8605a-2136-4389-a405-ea606570946a/1/zmdqMChOFLAsxt2qA053VAbkYaY.mft File: zmdqMChOFLAsxt2qA053VAbkYaY.mft (raw, json) Hash identifier: fU5GJv/nue1p5IcEmAS7gwU7EAQCqIJuv/x4ZrY/4jE= Subject key identifier: 26:94:44:DC:DC:6A:E5:D6:07:9E:50:35:C3:B4:2F:97:4B:91:D3:E9 Authority key identifier: CE:67:6A:30:28:4E:14:B0:2C:C6:DD:AA:03:4E:77:54:06:E4:61:A6 Certificate issuer: /CN=ce676a30284e14b02cc6ddaa034e775406e461a6 Certificate serial: 019B48B9AA12A5ABD354F002D0A168261312 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zmdqMChOFLAsxt2qA053VAbkYaY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/b8605a-2136-4389-a405-ea606570946a/1/zmdqMChOFLAsxt2qA053VAbkYaY.mft Manifest number: 0B27 Signing time: Tue 23 Dec 2025 01:01:25 +0000 Manifest this update: Tue 23 Dec 2025 01:01:25 +0000 Manifest next update: Wed 24 Dec 2025 01:01:25 +0000 Files and hashes: 1: CXaycMVQIz4mD7AGkHky2lc1t_E.roa (hash: XQ8QKr5tV5GANcYht5PHTQQD2/hz4d9yrWShPJMOBBM=) 2: zmdqMChOFLAsxt2qA053VAbkYaY.crl (hash: fwC7Tb2U17wyGFYamUDAXoniiFIEVhDqNnyknCfjbMU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/b8605a-2136-4389-a405-ea606570946a/1/zmdqMChOFLAsxt2qA053VAbkYaY.crl rsync://rpki.ripe.net/repository/DEFAULT/bd/b8605a-2136-4389-a405-ea606570946a/1/zmdqMChOFLAsxt2qA053VAbkYaY.mft rsync://rpki.ripe.net/repository/DEFAULT/zmdqMChOFLAsxt2qA053VAbkYaY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 24 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:48:b9:aa:12:a5:ab:d3:54:f0:02:d0:a1:68:26:13:12 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ce676a30284e14b02cc6ddaa034e775406e461a6 Validity Not Before: Dec 23 01:01:25 2025 GMT Not After : Dec 24 01:01:25 2025 GMT Subject: CN=269444dcdc6ae5d6079e5035c3b42f974b91d3e9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:d2:e2:73:8a:88:b1:d9:a8:db:ce:6c:36:40: 26:ee:fd:7f:d6:66:a7:e9:3b:b7:96:7b:19:65:8c: 39:ab:c8:c9:8d:f5:17:2a:16:23:0b:97:e5:21:d0: 1b:ad:9a:e5:3b:4d:65:ae:eb:d2:f0:5f:d9:12:bf: 55:b5:c6:05:87:27:a3:69:a6:80:1d:e2:34:94:60: f0:5f:e0:23:44:a5:f9:06:c9:f3:fe:27:93:da:87: 1e:f9:cf:84:4e:eb:97:8e:6d:46:32:14:be:26:b4: da:a7:5b:49:76:e1:59:a5:62:a0:54:15:7e:6a:13: 63:34:60:4f:e9:70:40:45:9c:2e:3e:5b:5c:d1:9b: d8:e7:81:25:10:13:3a:93:0e:29:02:df:da:44:d3: 40:01:51:35:8a:8a:e0:68:bd:f6:b4:68:60:0d:7e: c7:21:b7:18:c7:ac:6d:fc:ef:02:07:ed:2f:af:0e: b8:c4:f9:52:78:c0:bd:58:c5:81:47:4a:32:5b:3d: 9f:e5:6e:55:e3:0e:06:56:cb:1c:d8:c8:27:f4:25: 95:44:38:9b:9c:85:37:60:72:7d:cc:af:ed:87:93: a5:c7:27:ee:f0:ed:35:96:84:e8:33:c0:95:53:11: 76:43:0b:cb:77:07:67:2e:0a:02:13:1b:84:73:a3: 84:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 26:94:44:DC:DC:6A:E5:D6:07:9E:50:35:C3:B4:2F:97:4B:91:D3:E9 X509v3 Authority Key Identifier: keyid:CE:67:6A:30:28:4E:14:B0:2C:C6:DD:AA:03:4E:77:54:06:E4:61:A6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zmdqMChOFLAsxt2qA053VAbkYaY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/b8605a-2136-4389-a405-ea606570946a/1/zmdqMChOFLAsxt2qA053VAbkYaY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/b8605a-2136-4389-a405-ea606570946a/1/zmdqMChOFLAsxt2qA053VAbkYaY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b7:ae:79:22:c8:3d:e4:ed:f4:85:b7:74:93:7a:5d:5c:b8:19: 8a:1b:eb:c8:5a:86:44:99:fc:89:9c:65:64:5e:90:55:c5:81: 4c:a5:00:18:30:3f:65:9e:a3:fb:17:c1:cc:51:81:2a:c6:a0: 32:ff:a8:8e:d4:a3:26:95:0c:87:d8:1f:21:86:de:a9:8f:79: 8f:a4:b4:1c:07:85:49:e2:3e:86:ff:3c:db:38:21:38:0f:9d: 44:71:79:06:0c:43:b5:a2:58:94:8a:08:74:2b:4e:56:6b:3b: 7c:78:38:a8:19:f9:38:6e:0e:6e:e4:d2:cf:51:c0:d8:03:ce: e2:46:cf:3c:4a:14:2f:11:5f:31:64:75:76:4e:b8:8d:94:c7: 0d:27:fe:41:ea:b3:f9:32:a7:e7:3e:52:c4:09:58:04:59:5b: 2c:89:a9:c2:9d:41:50:b4:67:d2:2e:cb:ac:3e:3f:9e:1f:c9: c9:f8:c8:d1:7a:16:bb:2b:e7:f5:fc:4f:05:59:7b:57:ed:be: fa:47:62:b0:c0:0f:a2:56:ea:c5:43:27:5e:f7:7d:e8:40:20: 3d:c7:23:4a:6b:cf:0b:63:4d:0e:a8:e2:20:3f:cb:15:8f:3c: d7:97:4a:92:b7:10:c5:da:bf:74:f3:5e:98:5d:db:2a:4e:ff: 85:6c:ef:ca -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtIuaoSpavTVPAC0KFoJhMSMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNlNjc2YTMwMjg0ZTE0YjAyY2M2ZGRhYTAzNGU3NzU0MDZl NDYxYTYwHhcNMjUxMjIzMDEwMTI1WhcNMjUxMjI0MDEwMTI1WjAzMTEwLwYDVQQD EygyNjk0NDRkY2RjNmFlNWQ2MDc5ZTUwMzVjM2I0MmY5NzRiOTFkM2U5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxdLic4qIsdmo285sNkAm7v1/1man 6Tu3lnsZZYw5q8jJjfUXKhYjC5flIdAbrZrlO01lruvS8F/ZEr9VtcYFhyejaaaA HeI0lGDwX+AjRKX5Bsnz/ieT2oce+c+ETuuXjm1GMhS+JrTap1tJduFZpWKgVBV+ ahNjNGBP6XBARZwuPltc0ZvY54ElEBM6kw4pAt/aRNNAAVE1iorgaL32tGhgDX7H IbcYx6xt/O8CB+0vrw64xPlSeMC9WMWBR0oyWz2f5W5V4w4GVssc2Mgn9CWVRDib nIU3YHJ9zK/th5Olxyfu8O01loToM8CVUxF2QwvLdwdnLgoCExuEc6OEpQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCaURNzcauXWB55QNcO0L5dLkdPpMB8GA1UdIwQY MBaAFM5najAoThSwLMbdqgNOd1QG5GGmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvem1kcU1DaE9GTEFzeHQycUEwNTNWQWJrWWFZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9iODYwNWEtMjEzNi00Mzg5LWE0MDUt ZWE2MDY1NzA5NDZhLzEvem1kcU1DaE9GTEFzeHQycUEwNTNWQWJrWWFZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iZC9iODYwNWEtMjEzNi00Mzg5LWE0MDUtZWE2MDY1NzA5NDZh LzEvem1kcU1DaE9GTEFzeHQycUEwNTNWQWJrWWFZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAt655Isg9 5O30hbd0k3pdXLgZihvryFqGRJn8iZxlZF6QVcWBTKUAGDA/ZZ6j+xfBzFGBKsag Mv+ojtSjJpUMh9gfIYbeqY95j6S0HAeFSeI+hv882zghOA+dRHF5BgxDtaJYlIoI dCtOVms7fHg4qBn5OG4ObuTSz1HA2APO4kbPPEoULxFfMWR1dk64jZTHDSf+Qeqz +TKn5z5SxAlYBFlbLImpwp1BULRn0i7LrD4/nh/JyfjI0XoWuyvn9fxPBVl7V+2+ +kdisMAPolbqxUMnXvd96EAgPccjSmvPC2NNDqjiID/LFY8815dKkrcQxdq/dPNe mF3bKk7/hWzvyg== -----END CERTIFICATE-----Generated at Tue Dec 23 09:12:06 2025 by rpki-client