This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/aad626-dace-44d8-818d-387afa0a534f/1/ZAsfh3LG70hOLNLWYmPy75j6OWg.mft File: ZAsfh3LG70hOLNLWYmPy75j6OWg.mft (raw, json) Hash identifier: Qj7wgXB4dGXwgl61m5O94os7g0YS8tcS9sO1EPIqZQ8= Subject key identifier: 54:3D:84:E4:2A:5C:1B:BA:E4:C4:15:3F:C5:67:04:08:53:50:2A:FF Authority key identifier: 64:0B:1F:87:72:C6:EF:48:4E:2C:D2:D6:62:63:F2:EF:98:FA:39:68 Certificate issuer: /CN=640b1f8772c6ef484e2cd2d66263f2ef98fa3968 Certificate serial: 019B476FC223DD224801F09B48F74F72C158 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZAsfh3LG70hOLNLWYmPy75j6OWg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/aad626-dace-44d8-818d-387afa0a534f/1/ZAsfh3LG70hOLNLWYmPy75j6OWg.mft Manifest number: 178E Signing time: Mon 22 Dec 2025 19:01:05 +0000 Manifest this update: Mon 22 Dec 2025 19:01:05 +0000 Manifest next update: Tue 23 Dec 2025 19:01:05 +0000 Files and hashes: 1: 5sIyZUUxUKqIAWVgUkx5eBGU5N0.roa (hash: 3M5MqZOHY6IgU/oY5PEX9Quago5F235Gft3ZQVLU+EE=) 2: ZAsfh3LG70hOLNLWYmPy75j6OWg.crl (hash: 0QCvGO5JnFBzzquRO870nvR++2LYKCl0kCFpu8U7D6o=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/aad626-dace-44d8-818d-387afa0a534f/1/ZAsfh3LG70hOLNLWYmPy75j6OWg.crl rsync://rpki.ripe.net/repository/DEFAULT/d5/aad626-dace-44d8-818d-387afa0a534f/1/ZAsfh3LG70hOLNLWYmPy75j6OWg.mft rsync://rpki.ripe.net/repository/DEFAULT/ZAsfh3LG70hOLNLWYmPy75j6OWg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 15:30:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:47:6f:c2:23:dd:22:48:01:f0:9b:48:f7:4f:72:c1:58 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=640b1f8772c6ef484e2cd2d66263f2ef98fa3968 Validity Not Before: Dec 22 19:01:05 2025 GMT Not After : Dec 23 19:01:05 2025 GMT Subject: CN=543d84e42a5c1bbae4c4153fc567040853502aff Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8a:b2:5e:74:1d:f3:10:89:c6:c9:df:3e:59:89: 45:a9:56:49:1d:12:26:14:26:6d:4e:02:64:db:7c: 8b:dd:64:82:b1:28:1c:ce:c7:2d:3a:5b:ca:29:06: f7:d0:ca:dc:a5:03:d3:0c:65:b2:2e:29:0e:92:b3: 09:71:95:37:ba:28:f0:7e:c9:0f:60:a3:2f:61:40: 0d:8c:ca:ba:f4:ec:2c:1e:77:fe:0a:77:05:30:ea: eb:be:cd:c2:e4:3b:07:57:6d:01:e8:15:10:a4:fa: a2:99:d8:fa:3b:63:fd:da:c7:42:b2:50:ff:41:07: 56:81:16:50:65:e6:7f:5d:78:3b:90:31:94:7d:db: 39:09:b7:74:26:9b:e2:61:31:09:d1:1f:24:0a:22: 15:4b:80:6f:d0:ee:3e:cb:b7:49:19:51:12:b6:43: eb:de:5f:5f:79:30:e9:07:54:61:8c:ff:77:60:3f: 9b:fc:4a:43:8f:c6:b5:b1:1d:66:18:b8:58:0f:16: ac:d4:89:a4:59:66:d6:91:65:b9:c6:99:65:94:43: 7a:70:ab:a8:6e:7e:66:11:9d:2c:4c:8b:35:d7:da: 00:a8:fd:09:64:1f:ae:ae:a3:75:cf:81:3e:25:ec: 16:f9:f1:28:0d:a4:e8:e4:21:bd:fc:5e:08:51:2e: 54:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 54:3D:84:E4:2A:5C:1B:BA:E4:C4:15:3F:C5:67:04:08:53:50:2A:FF X509v3 Authority Key Identifier: keyid:64:0B:1F:87:72:C6:EF:48:4E:2C:D2:D6:62:63:F2:EF:98:FA:39:68 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZAsfh3LG70hOLNLWYmPy75j6OWg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/aad626-dace-44d8-818d-387afa0a534f/1/ZAsfh3LG70hOLNLWYmPy75j6OWg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/aad626-dace-44d8-818d-387afa0a534f/1/ZAsfh3LG70hOLNLWYmPy75j6OWg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 21:28:9e:c2:f8:69:e9:a7:40:a5:fb:36:82:ae:3f:d5:cb:2d: 93:90:3e:90:e3:15:ab:f0:59:00:a8:8d:77:2c:ea:64:71:1f: 4f:30:1c:72:7a:7b:16:5a:ed:90:b7:e8:46:f8:80:d7:6d:1b: db:88:40:60:d5:2c:f6:9f:aa:78:3a:39:72:2f:9e:f0:c1:a4: 4b:e9:e0:de:4d:34:1a:4e:d2:c3:9d:b4:de:39:f2:7f:ad:4a: 66:07:54:58:03:c9:af:0e:12:0e:55:25:3e:2d:07:0c:ba:c7: d9:e0:fa:a6:7d:5b:88:31:55:e6:85:25:40:04:bd:89:8a:f9: ab:06:1a:d2:4f:01:b9:81:17:f7:51:89:17:41:4a:7c:a2:18: 7d:1f:3c:16:b8:ad:f4:bc:22:4d:a9:29:12:0e:a5:58:58:89: c6:58:67:6a:dd:a4:fd:f6:2a:f5:a7:27:6a:c4:61:d2:c3:87: 95:b7:a9:20:26:22:c8:62:cc:1d:00:68:87:36:d3:42:95:75: 70:1f:6a:18:f0:3d:b2:1e:b4:a8:6c:9f:e6:6d:e3:6f:8e:59: 4d:7a:55:82:2c:b7:54:e2:36:36:9a:18:df:a4:7f:36:ab:33: bd:79:80:43:a9:d7:90:6d:17:a6:dc:17:ae:2d:e8:38:9a:f8: 92:ad:9e:5a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtHb8Ij3SJIAfCbSPdPcsFYMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY0MGIxZjg3NzJjNmVmNDg0ZTJjZDJkNjYyNjNmMmVmOThm YTM5NjgwHhcNMjUxMjIyMTkwMTA1WhcNMjUxMjIzMTkwMTA1WjAzMTEwLwYDVQQD Eyg1NDNkODRlNDJhNWMxYmJhZTRjNDE1M2ZjNTY3MDQwODUzNTAyYWZmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAirJedB3zEInGyd8+WYlFqVZJHRIm FCZtTgJk23yL3WSCsSgczsctOlvKKQb30MrcpQPTDGWyLikOkrMJcZU3uijwfskP YKMvYUANjMq69OwsHnf+CncFMOrrvs3C5DsHV20B6BUQpPqimdj6O2P92sdCslD/ QQdWgRZQZeZ/XXg7kDGUfds5Cbd0JpviYTEJ0R8kCiIVS4Bv0O4+y7dJGVEStkPr 3l9feTDpB1RhjP93YD+b/EpDj8a1sR1mGLhYDxas1ImkWWbWkWW5xplllEN6cKuo bn5mEZ0sTIs119oAqP0JZB+urqN1z4E+JewW+fEoDaTo5CG9/F4IUS5UDQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFQ9hOQqXBu65MQVP8VnBAhTUCr/MB8GA1UdIwQY MBaAFGQLH4dyxu9ITizS1mJj8u+Y+jloMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWkFzZmgzTEc3MGhPTE5MV1ltUHk3NWo2T1dnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9hYWQ2MjYtZGFjZS00NGQ4LTgxOGQt Mzg3YWZhMGE1MzRmLzEvWkFzZmgzTEc3MGhPTE5MV1ltUHk3NWo2T1dnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kNS9hYWQ2MjYtZGFjZS00NGQ4LTgxOGQtMzg3YWZhMGE1MzRm LzEvWkFzZmgzTEc3MGhPTE5MV1ltUHk3NWo2T1dnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAISiewvhp 6adApfs2gq4/1cstk5A+kOMVq/BZAKiNdyzqZHEfTzAccnp7FlrtkLfoRviA120b 24hAYNUs9p+qeDo5ci+e8MGkS+ng3k00Gk7Sw5203jnyf61KZgdUWAPJrw4SDlUl Pi0HDLrH2eD6pn1biDFV5oUlQAS9iYr5qwYa0k8BuYEX91GJF0FKfKIYfR88Frit 9LwiTakpEg6lWFiJxlhnat2k/fYq9acnasRh0sOHlbepICYiyGLMHQBohzbTQpV1 cB9qGPA9sh60qGyf5m3jb45ZTXpVgiy3VOI2NpoY36R/NqszvXmAQ6nXkG0XptwX ri3oOJr4kq2eWg== -----END CERTIFICATE-----Generated at Mon Dec 22 22:50:39 2025 by rpki-client