This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/aad626-dace-44d8-818d-387afa0a534f/1/ZAsfh3LG70hOLNLWYmPy75j6OWg.mft File: ZAsfh3LG70hOLNLWYmPy75j6OWg.mft (raw, json) Hash identifier: aevVyVtLJJ9po8XIFNVmQAGuaZnfIWlOFcY/2z4YJDQ= Subject key identifier: 3D:4B:8E:1A:6F:83:EC:F2:0C:FF:43:90:55:70:96:89:AF:6D:93:A1 Authority key identifier: 64:0B:1F:87:72:C6:EF:48:4E:2C:D2:D6:62:63:F2:EF:98:FA:39:68 Certificate issuer: /CN=640b1f8772c6ef484e2cd2d66263f2ef98fa3968 Certificate serial: 019B3DC7DB040315C7BEC7B4ACE61538F3AD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZAsfh3LG70hOLNLWYmPy75j6OWg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/aad626-dace-44d8-818d-387afa0a534f/1/ZAsfh3LG70hOLNLWYmPy75j6OWg.mft Manifest number: 1789 Signing time: Sat 20 Dec 2025 22:01:06 +0000 Manifest this update: Sat 20 Dec 2025 22:01:06 +0000 Manifest next update: Sun 21 Dec 2025 22:01:06 +0000 Files and hashes: 1: 5sIyZUUxUKqIAWVgUkx5eBGU5N0.roa (hash: 3M5MqZOHY6IgU/oY5PEX9Quago5F235Gft3ZQVLU+EE=) 2: ZAsfh3LG70hOLNLWYmPy75j6OWg.crl (hash: iHwWeFnmi2VZSQIh1vwoFjJlAfVHTqN4NN/as4w4sM4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/aad626-dace-44d8-818d-387afa0a534f/1/ZAsfh3LG70hOLNLWYmPy75j6OWg.crl rsync://rpki.ripe.net/repository/DEFAULT/d5/aad626-dace-44d8-818d-387afa0a534f/1/ZAsfh3LG70hOLNLWYmPy75j6OWg.mft rsync://rpki.ripe.net/repository/DEFAULT/ZAsfh3LG70hOLNLWYmPy75j6OWg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 15:46:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3d:c7:db:04:03:15:c7:be:c7:b4:ac:e6:15:38:f3:ad Signature Algorithm: sha256WithRSAEncryption Issuer: CN=640b1f8772c6ef484e2cd2d66263f2ef98fa3968 Validity Not Before: Dec 20 22:01:06 2025 GMT Not After : Dec 21 22:01:06 2025 GMT Subject: CN=3d4b8e1a6f83ecf20cff439055709689af6d93a1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:00:a7:88:f5:43:b5:82:ae:97:af:a3:c4:b8: 92:f1:b0:ed:29:20:a3:e0:b5:71:16:2f:b4:61:4e: 4f:9b:68:45:8b:f8:13:5f:b0:e7:e7:93:de:c0:5b: 91:9c:a1:11:42:bf:40:f0:e8:87:46:f8:30:23:01: 1a:da:f3:1c:82:68:1f:56:af:18:70:ef:9f:e2:92: 7c:33:eb:f6:7a:69:b7:39:59:de:49:34:81:38:61: 5b:7a:3e:4a:3a:9f:2f:4d:52:ca:32:60:35:3d:34: 34:df:06:4a:8d:ea:14:50:f6:b0:1c:4c:df:6c:6d: cb:e9:00:51:e2:93:0c:a2:90:0d:4d:66:d1:c9:16: fb:a0:ad:a3:a3:f0:45:3d:53:9f:31:23:f6:e1:c8: 47:ec:7d:de:58:37:6c:25:e1:0a:bb:db:6e:67:90: 3e:71:ba:9d:2e:e6:58:ef:2c:25:90:82:04:19:17: be:53:bb:db:4b:e9:9c:84:d2:34:98:e5:58:5e:30: cb:24:fd:7d:97:bd:20:61:18:a8:ee:ca:66:81:c9: 5c:fc:ad:1d:a4:df:6d:42:3a:a8:59:01:c8:27:2b: 9c:52:03:31:d2:2f:96:f3:5f:83:b9:7e:1d:40:d3: 5a:c6:38:28:52:71:89:6d:49:7e:97:7c:f3:e4:d8: a5:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3D:4B:8E:1A:6F:83:EC:F2:0C:FF:43:90:55:70:96:89:AF:6D:93:A1 X509v3 Authority Key Identifier: keyid:64:0B:1F:87:72:C6:EF:48:4E:2C:D2:D6:62:63:F2:EF:98:FA:39:68 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZAsfh3LG70hOLNLWYmPy75j6OWg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/aad626-dace-44d8-818d-387afa0a534f/1/ZAsfh3LG70hOLNLWYmPy75j6OWg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/aad626-dace-44d8-818d-387afa0a534f/1/ZAsfh3LG70hOLNLWYmPy75j6OWg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 67:80:52:4d:e1:84:4b:71:db:5f:05:6a:3e:6d:78:e3:c4:77: 76:58:a9:96:f8:18:34:8b:88:b4:cd:1f:70:6a:b9:7e:9b:19: f9:ac:88:6c:74:86:7c:d2:47:a9:e1:b0:55:fc:5f:41:b3:89: 6d:6c:1c:15:a3:46:d4:84:c5:c9:08:8a:c2:dc:e2:11:3b:e3: 32:7e:75:f7:f9:a8:fe:a3:74:ac:87:35:e9:e3:e4:a8:04:91: b5:58:3e:d0:d2:44:b7:f8:86:09:81:95:3d:ca:4e:02:1b:4e: ed:4e:a0:ca:d2:a9:49:9b:f2:08:13:2e:7f:61:79:80:ff:eb: 27:93:2f:03:32:12:c8:70:39:c0:96:56:e7:d0:5a:b3:39:fb: a3:b1:9c:16:00:4a:d3:c8:74:96:3b:f5:ea:30:06:5b:e3:5e: a3:e3:d1:08:cd:1e:9e:bc:d6:84:2c:c6:1e:3c:9f:df:bd:8a: b5:27:f5:41:d1:24:3d:c8:ae:46:1a:75:ce:a2:d3:63:72:d0: 75:19:6c:e8:5d:fd:a8:ea:f6:a5:4e:ca:24:8e:80:ac:42:60: 8d:47:d2:ba:b3:28:6a:8b:24:c5:59:68:ee:12:90:b5:c0:c6: d1:2a:7d:bd:ac:8b:d7:44:d4:6a:2e:66:43:0a:f4:0c:2e:be: 19:11:4d:02 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs9x9sEAxXHvse0rOYVOPOtMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY0MGIxZjg3NzJjNmVmNDg0ZTJjZDJkNjYyNjNmMmVmOThm YTM5NjgwHhcNMjUxMjIwMjIwMTA2WhcNMjUxMjIxMjIwMTA2WjAzMTEwLwYDVQQD EygzZDRiOGUxYTZmODNlY2YyMGNmZjQzOTA1NTcwOTY4OWFmNmQ5M2ExMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmACniPVDtYKul6+jxLiS8bDtKSCj 4LVxFi+0YU5Pm2hFi/gTX7Dn55PewFuRnKERQr9A8OiHRvgwIwEa2vMcgmgfVq8Y cO+f4pJ8M+v2emm3OVneSTSBOGFbej5KOp8vTVLKMmA1PTQ03wZKjeoUUPawHEzf bG3L6QBR4pMMopANTWbRyRb7oK2jo/BFPVOfMSP24chH7H3eWDdsJeEKu9tuZ5A+ cbqdLuZY7ywlkIIEGRe+U7vbS+mchNI0mOVYXjDLJP19l70gYRio7spmgclc/K0d pN9tQjqoWQHIJyucUgMx0i+W81+DuX4dQNNaxjgoUnGJbUl+l3zz5NilzwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFD1Ljhpvg+zyDP9DkFVwlomvbZOhMB8GA1UdIwQY MBaAFGQLH4dyxu9ITizS1mJj8u+Y+jloMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWkFzZmgzTEc3MGhPTE5MV1ltUHk3NWo2T1dnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9hYWQ2MjYtZGFjZS00NGQ4LTgxOGQt Mzg3YWZhMGE1MzRmLzEvWkFzZmgzTEc3MGhPTE5MV1ltUHk3NWo2T1dnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kNS9hYWQ2MjYtZGFjZS00NGQ4LTgxOGQtMzg3YWZhMGE1MzRm LzEvWkFzZmgzTEc3MGhPTE5MV1ltUHk3NWo2T1dnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ4BSTeGE S3HbXwVqPm1448R3dliplvgYNIuItM0fcGq5fpsZ+ayIbHSGfNJHqeGwVfxfQbOJ bWwcFaNG1ITFyQiKwtziETvjMn519/mo/qN0rIc16ePkqASRtVg+0NJEt/iGCYGV PcpOAhtO7U6gytKpSZvyCBMuf2F5gP/rJ5MvAzISyHA5wJZW59Baszn7o7GcFgBK 08h0ljv16jAGW+Neo+PRCM0enrzWhCzGHjyf372KtSf1QdEkPciuRhp1zqLTY3LQ dRls6F39qOr2pU7KJI6ArEJgjUfSurMoaoskxVlo7hKQtcDG0Sp9vayL10TUai5m Qwr0DC6+GRFNAg== -----END CERTIFICATE-----Generated at Sun Dec 21 01:30:58 2025 by rpki-client