This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.mft File: zo2SrOCAEcTQrsjyKGVxW9kaASI.mft (raw, json) Hash identifier: g+7BZIfJmqeTkK4/7Rg9L8bdlM1TOKRZi2CEbSdDIAs= Subject key identifier: BB:13:C8:F5:C1:45:CD:35:3B:E7:3F:16:E2:66:1E:9A:DA:DB:42:79 Authority key identifier: CE:8D:92:AC:E0:80:11:C4:D0:AE:C8:F2:28:65:71:5B:D9:1A:01:22 Certificate issuer: /CN=ce8d92ace08011c4d0aec8f22865715bd91a0122 Certificate serial: 019B4EF224160CDC4BD4AAE315DC6680852F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zo2SrOCAEcTQrsjyKGVxW9kaASI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.mft Manifest number: 1792 Signing time: Wed 24 Dec 2025 06:00:50 +0000 Manifest this update: Wed 24 Dec 2025 06:00:50 +0000 Manifest next update: Thu 25 Dec 2025 06:00:50 +0000 Files and hashes: 1: c9T1Kx5A7nWBX74YKnmxrK2YxWk.roa (hash: z4gK4/Y9ltoru7dKh2/m8n1YWOzp0cICAUx0PffNJmo=) 2: zo2SrOCAEcTQrsjyKGVxW9kaASI.crl (hash: bqyGXnHY/ITZSV8Qd6KaC7spRKG4Z3luzagP7IURgzg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.crl rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.mft rsync://rpki.ripe.net/repository/DEFAULT/zo2SrOCAEcTQrsjyKGVxW9kaASI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 06:00:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4e:f2:24:16:0c:dc:4b:d4:aa:e3:15:dc:66:80:85:2f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ce8d92ace08011c4d0aec8f22865715bd91a0122 Validity Not Before: Dec 24 06:00:50 2025 GMT Not After : Dec 25 06:00:50 2025 GMT Subject: CN=bb13c8f5c145cd353be73f16e2661e9adadb4279 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:87:53:e7:b0:6a:60:a0:6b:a9:0d:9a:79:ba: 31:dc:0f:95:91:65:7c:2e:65:a8:28:af:21:fb:7b: 09:ae:59:16:1c:4b:3a:54:41:c7:89:fd:7e:df:0f: 81:52:94:c8:00:c1:18:c2:ef:50:2c:16:7f:85:44: 54:7c:8b:a7:ce:6b:56:b4:35:23:93:fa:a8:26:06: b7:2e:30:e4:fe:c5:92:74:6c:1a:a5:b1:7f:44:5c: 12:fc:65:68:9c:67:48:2a:d5:a1:43:3d:83:c8:82: 6a:b4:bd:12:d7:4f:cb:69:d0:38:2a:a2:af:e1:99: 3a:78:0a:8f:fc:0c:36:ee:d5:dd:4d:ba:5e:a8:d9: c5:b3:1a:37:98:78:81:fa:f9:a4:4b:e5:3a:0e:46: d7:89:ce:f1:ec:a6:58:de:a4:56:12:46:92:66:15: f9:9a:17:8b:a1:ae:b3:db:5f:33:71:56:4e:23:9e: 26:91:cc:94:04:56:d9:00:85:06:dd:d5:39:c3:ac: f2:50:87:6c:b8:c0:2a:fd:ec:15:54:e8:1d:d6:f2: 9d:4c:c1:aa:69:72:d6:e8:74:0e:54:4f:fd:16:07: 13:fc:7e:7b:ed:c6:f8:45:ab:57:bc:86:3e:d1:f4: dd:58:90:2b:4b:0d:92:64:0f:1a:89:c4:05:ef:a9: 75:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BB:13:C8:F5:C1:45:CD:35:3B:E7:3F:16:E2:66:1E:9A:DA:DB:42:79 X509v3 Authority Key Identifier: keyid:CE:8D:92:AC:E0:80:11:C4:D0:AE:C8:F2:28:65:71:5B:D9:1A:01:22 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zo2SrOCAEcTQrsjyKGVxW9kaASI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption ae:d4:8c:84:30:c8:f1:10:3b:78:6d:1d:af:f5:a0:05:5c:0d: 46:e8:d8:c0:4a:84:05:b3:d1:43:26:27:be:06:7f:ac:25:ea: 1d:cb:0b:ec:88:4f:58:7f:58:ce:47:88:d3:43:21:12:fe:14: 73:4a:e2:f4:52:a2:19:a0:c5:68:5d:85:f5:fd:b3:d1:7e:d9: ab:bc:0a:93:ad:13:06:71:66:cf:08:6a:e3:a9:6a:1e:e5:b9: 2d:16:1b:28:c9:04:a1:80:bd:72:3d:82:9e:7b:8a:d1:35:47: b7:c3:91:b0:a2:4b:fb:a1:4a:c8:99:94:67:77:61:08:b9:45: 86:a5:00:87:f6:a1:df:ea:8d:3f:b5:d1:8f:2d:42:f5:cc:9f: 1c:66:f2:79:e2:cc:e3:0f:ee:38:c2:78:98:d8:55:22:b4:6f: e4:7c:fa:fd:f6:19:f8:d0:30:44:ea:fa:83:f2:9c:70:b0:e5: a5:8f:0d:f3:3a:e6:2c:cc:4b:02:6c:a1:7c:12:88:c6:fa:3a: 01:66:a8:b1:be:56:2a:5a:49:a4:e0:7e:23:48:23:9a:72:b6: 06:6f:4a:17:6e:be:25:87:f1:9a:e6:88:7d:07:6e:0f:64:f7: 63:65:ea:fa:35:bf:45:90:e8:8f:fa:82:9e:98:b4:47:db:e6: 01:6f:7b:ca -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtO8iQWDNxL1KrjFdxmgIUvMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNlOGQ5MmFjZTA4MDExYzRkMGFlYzhmMjI4NjU3MTViZDkx YTAxMjIwHhcNMjUxMjI0MDYwMDUwWhcNMjUxMjI1MDYwMDUwWjAzMTEwLwYDVQQD EyhiYjEzYzhmNWMxNDVjZDM1M2JlNzNmMTZlMjY2MWU5YWRhZGI0Mjc5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4odT57BqYKBrqQ2aebox3A+VkWV8 LmWoKK8h+3sJrlkWHEs6VEHHif1+3w+BUpTIAMEYwu9QLBZ/hURUfIunzmtWtDUj k/qoJga3LjDk/sWSdGwapbF/RFwS/GVonGdIKtWhQz2DyIJqtL0S10/LadA4KqKv 4Zk6eAqP/Aw27tXdTbpeqNnFsxo3mHiB+vmkS+U6DkbXic7x7KZY3qRWEkaSZhX5 mheLoa6z218zcVZOI54mkcyUBFbZAIUG3dU5w6zyUIdsuMAq/ewVVOgd1vKdTMGq aXLW6HQOVE/9FgcT/H577cb4RatXvIY+0fTdWJArSw2SZA8aicQF76l1HwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLsTyPXBRc01O+c/FuJmHpra20J5MB8GA1UdIwQY MBaAFM6NkqzggBHE0K7I8ihlcVvZGgEiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvem8yU3JPQ0FFY1RRcnNqeUtHVnhXOWthQVNJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS8xNDNkMGItNzc1NS00MjUwLThhOGMt NTQ1NDQ5ZTQ5ZjczLzEvem8yU3JPQ0FFY1RRcnNqeUtHVnhXOWthQVNJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMS8xNDNkMGItNzc1NS00MjUwLThhOGMtNTQ1NDQ5ZTQ5Zjcz LzEvem8yU3JPQ0FFY1RRcnNqeUtHVnhXOWthQVNJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArtSMhDDI 8RA7eG0dr/WgBVwNRujYwEqEBbPRQyYnvgZ/rCXqHcsL7IhPWH9YzkeI00MhEv4U c0ri9FKiGaDFaF2F9f2z0X7Zq7wKk60TBnFmzwhq46lqHuW5LRYbKMkEoYC9cj2C nnuK0TVHt8ORsKJL+6FKyJmUZ3dhCLlFhqUAh/ah3+qNP7XRjy1C9cyfHGbyeeLM 4w/uOMJ4mNhVIrRv5Hz6/fYZ+NAwROr6g/KccLDlpY8N8zrmLMxLAmyhfBKIxvo6 AWaosb5WKlpJpOB+I0gjmnK2Bm9KF26+JYfxmuaIfQduD2T3Y2Xq+jW/RZDoj/qC npi0R9vmAW97yg== -----END CERTIFICATE-----Generated at Wed Dec 24 10:30:54 2025 by rpki-client