This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/d527f8-e5af-4820-a248-1e66505131ca/1/ZdZjKVdsnAGzzYKF9LVLAXDYw5o.mft File: ZdZjKVdsnAGzzYKF9LVLAXDYw5o.mft (raw, json) Hash identifier: GWtlXPIp4M7os1ZvZPKtEp+rCOikRJTmO1RHD2tyW5g= Subject key identifier: 54:40:A1:A2:12:BC:98:BF:EA:51:E0:DF:08:96:89:F4:52:E1:D6:96 Authority key identifier: 65:D6:63:29:57:6C:9C:01:B3:CD:82:85:F4:B5:4B:01:70:D8:C3:9A Certificate issuer: /CN=65d66329576c9c01b3cd8285f4b54b0170d8c39a Certificate serial: 019B3F4874480924EB09B307844C57A57D96 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZdZjKVdsnAGzzYKF9LVLAXDYw5o.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/d527f8-e5af-4820-a248-1e66505131ca/1/ZdZjKVdsnAGzzYKF9LVLAXDYw5o.mft Manifest number: 1448 Signing time: Sun 21 Dec 2025 05:01:11 +0000 Manifest this update: Sun 21 Dec 2025 05:01:11 +0000 Manifest next update: Mon 22 Dec 2025 05:01:11 +0000 Files and hashes: 1: ZdZjKVdsnAGzzYKF9LVLAXDYw5o.crl (hash: t3oXw5lhAzCLqQf8d5No9R0aYV0rwKvejQ/p4LkpEPg=) 2: cD0i6eXUEb95MRC9zt2P-QsR-zI.roa (hash: bwRfJD4nIDDz+Ohj/YcPEu2i5IBHAbvcA7uyG/Ew8EE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/d527f8-e5af-4820-a248-1e66505131ca/1/ZdZjKVdsnAGzzYKF9LVLAXDYw5o.crl rsync://rpki.ripe.net/repository/DEFAULT/fa/d527f8-e5af-4820-a248-1e66505131ca/1/ZdZjKVdsnAGzzYKF9LVLAXDYw5o.mft rsync://rpki.ripe.net/repository/DEFAULT/ZdZjKVdsnAGzzYKF9LVLAXDYw5o.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3f:48:74:48:09:24:eb:09:b3:07:84:4c:57:a5:7d:96 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=65d66329576c9c01b3cd8285f4b54b0170d8c39a Validity Not Before: Dec 21 05:01:11 2025 GMT Not After : Dec 22 05:01:11 2025 GMT Subject: CN=5440a1a212bc98bfea51e0df089689f452e1d696 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:55:28:c7:70:ac:29:8f:95:bd:d3:55:b0:d8: 10:34:b6:98:8a:95:af:65:e2:66:8f:2e:31:e0:60: c2:3d:5e:af:7b:2b:ec:d8:4f:97:44:e0:c6:96:ba: 8e:ad:0e:78:97:e2:d8:bf:17:f7:ed:95:42:93:a0: 8e:9e:df:71:21:ac:08:04:88:55:87:5a:51:58:75: 85:58:bb:93:9e:2a:a4:66:c7:04:c0:7d:2d:59:58: 00:aa:42:89:c7:a3:10:3f:73:c7:97:3f:d9:42:49: ba:ae:f4:ce:9f:f0:85:da:3a:a4:d0:12:b8:5b:dd: 00:5b:03:f3:34:0c:43:be:e0:ee:42:80:f5:3d:ec: d0:e1:13:8a:ea:d3:56:23:60:3b:6b:1f:1e:28:c9: 85:7d:0c:f7:87:f8:f4:b8:0f:06:f4:2c:69:db:31: 2f:36:2b:05:95:97:8e:24:3e:f0:7b:d5:6d:28:2e: cc:58:80:03:0a:e1:dc:2c:1b:4f:e4:50:51:fd:4b: 5a:74:e9:6c:bb:1c:a2:3a:12:6a:08:3c:4a:d1:7f: e9:f1:8c:6f:7a:d8:61:15:71:09:c8:64:63:4b:5e: 03:61:34:fc:fe:a6:43:da:06:24:17:0c:38:c7:db: d8:75:64:7c:07:6e:b5:d0:94:06:a1:c4:2a:24:de: e7:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 54:40:A1:A2:12:BC:98:BF:EA:51:E0:DF:08:96:89:F4:52:E1:D6:96 X509v3 Authority Key Identifier: keyid:65:D6:63:29:57:6C:9C:01:B3:CD:82:85:F4:B5:4B:01:70:D8:C3:9A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZdZjKVdsnAGzzYKF9LVLAXDYw5o.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/d527f8-e5af-4820-a248-1e66505131ca/1/ZdZjKVdsnAGzzYKF9LVLAXDYw5o.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/d527f8-e5af-4820-a248-1e66505131ca/1/ZdZjKVdsnAGzzYKF9LVLAXDYw5o.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 43:23:e8:76:b7:1a:17:e0:0e:bb:ec:ed:c5:9e:29:e7:ec:85: 23:8c:ef:91:3b:c6:78:17:e6:d4:74:3b:8a:19:b5:15:a0:87: b3:8b:f1:64:f2:f4:f3:0e:d2:a7:a6:03:c8:95:e6:c4:fd:51: 71:85:39:93:f7:9f:00:b4:78:f5:00:ca:42:c7:4b:aa:cf:75: 9c:93:1c:3f:58:a4:90:48:19:a8:65:5a:3a:4a:5e:08:3e:ba: 02:76:1e:d7:a1:76:c2:80:4e:87:67:74:a1:bc:b0:5d:43:15: 43:08:1f:10:34:aa:12:e3:6d:f6:80:1c:14:57:f0:f8:c2:fc: 09:d2:35:9c:2a:03:fc:fe:0f:0a:ab:8a:67:16:d3:d4:09:14: ca:cb:51:16:0b:36:b5:f6:3b:88:7f:49:36:6a:4a:40:76:85: 0b:47:80:6d:24:c3:cc:33:2c:9e:b5:37:b8:9d:f3:d0:fb:1d: 48:4e:4d:67:56:24:9a:68:25:4b:8c:ad:9f:62:d2:54:0d:9a: fa:f6:73:19:e9:c0:c3:39:62:83:6b:74:1e:3b:5c:10:b4:8e: 55:9c:21:6a:6a:2e:9d:f3:61:87:d5:89:4e:60:28:dd:66:ca: 7b:e6:ab:ee:e5:0a:6d:4e:47:4a:5c:03:26:f6:1d:f8:5d:03: 94:30:91:9f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs/SHRICSTrCbMHhExXpX2WMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY1ZDY2MzI5NTc2YzljMDFiM2NkODI4NWY0YjU0YjAxNzBk OGMzOWEwHhcNMjUxMjIxMDUwMTExWhcNMjUxMjIyMDUwMTExWjAzMTEwLwYDVQQD Eyg1NDQwYTFhMjEyYmM5OGJmZWE1MWUwZGYwODk2ODlmNDUyZTFkNjk2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3lUox3CsKY+VvdNVsNgQNLaYipWv ZeJmjy4x4GDCPV6veyvs2E+XRODGlrqOrQ54l+LYvxf37ZVCk6COnt9xIawIBIhV h1pRWHWFWLuTniqkZscEwH0tWVgAqkKJx6MQP3PHlz/ZQkm6rvTOn/CF2jqk0BK4 W90AWwPzNAxDvuDuQoD1PezQ4ROK6tNWI2A7ax8eKMmFfQz3h/j0uA8G9Cxp2zEv NisFlZeOJD7we9VtKC7MWIADCuHcLBtP5FBR/UtadOlsuxyiOhJqCDxK0X/p8Yxv ethhFXEJyGRjS14DYTT8/qZD2gYkFww4x9vYdWR8B2610JQGocQqJN7nPQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFRAoaISvJi/6lHg3wiWifRS4daWMB8GA1UdIwQY MBaAFGXWYylXbJwBs82ChfS1SwFw2MOaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWmRaaktWZHNuQUd6ellLRjlMVkxBWERZdzVvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9kNTI3ZjgtZTVhZi00ODIwLWEyNDgt MWU2NjUwNTEzMWNhLzEvWmRaaktWZHNuQUd6ellLRjlMVkxBWERZdzVvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mYS9kNTI3ZjgtZTVhZi00ODIwLWEyNDgtMWU2NjUwNTEzMWNh LzEvWmRaaktWZHNuQUd6ellLRjlMVkxBWERZdzVvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQyPodrca F+AOu+ztxZ4p5+yFI4zvkTvGeBfm1HQ7ihm1FaCHs4vxZPL08w7Sp6YDyJXmxP1R cYU5k/efALR49QDKQsdLqs91nJMcP1ikkEgZqGVaOkpeCD66AnYe16F2woBOh2d0 obywXUMVQwgfEDSqEuNt9oAcFFfw+ML8CdI1nCoD/P4PCquKZxbT1AkUystRFgs2 tfY7iH9JNmpKQHaFC0eAbSTDzDMsnrU3uJ3z0PsdSE5NZ1YkmmglS4ytn2LSVA2a +vZzGenAwzlig2t0HjtcELSOVZwhamounfNhh9WJTmAo3WbKe+ar7uUKbU5HSlwD JvYd+F0DlDCRnw== -----END CERTIFICATE-----Generated at Sun Dec 21 06:43:53 2025 by rpki-client