This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/dcf4a2-c374-4573-940a-ed3d27055020/1/Zhao67AREZsvaVMn-xblH4hwRHk.mft File: Zhao67AREZsvaVMn-xblH4hwRHk.mft (raw, json) Hash identifier: G+bAXCDVky1vafvX8LunFuBhYUcR2XKnky7cySPCdcY= Subject key identifier: E4:D5:F5:F1:D2:AD:3D:26:91:2E:CA:BB:7E:62:F0:32:44:7E:C9:EF Authority key identifier: 66:16:A8:EB:B0:11:11:9B:2F:69:53:27:FB:16:E5:1F:88:70:44:79 Certificate issuer: /CN=6616a8ebb011119b2f695327fb16e51f88704479 Certificate serial: 019AF1D21B66418CF2260B66D40F0FDE6CEB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zhao67AREZsvaVMn-xblH4hwRHk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/dcf4a2-c374-4573-940a-ed3d27055020/1/Zhao67AREZsvaVMn-xblH4hwRHk.mft Manifest number: 021D Signing time: Sat 06 Dec 2025 04:01:09 +0000 Manifest this update: Sat 06 Dec 2025 04:01:09 +0000 Manifest next update: Sun 07 Dec 2025 04:01:09 +0000 Files and hashes: 1: Zhao67AREZsvaVMn-xblH4hwRHk.crl (hash: l+mb1JrHpBpn5ZHZdrYXctYkVwqU03A35AQxEuuvQlc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/dcf4a2-c374-4573-940a-ed3d27055020/1/Zhao67AREZsvaVMn-xblH4hwRHk.crl rsync://rpki.ripe.net/repository/DEFAULT/03/dcf4a2-c374-4573-940a-ed3d27055020/1/Zhao67AREZsvaVMn-xblH4hwRHk.mft rsync://rpki.ripe.net/repository/DEFAULT/Zhao67AREZsvaVMn-xblH4hwRHk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:d2:1b:66:41:8c:f2:26:0b:66:d4:0f:0f:de:6c:eb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6616a8ebb011119b2f695327fb16e51f88704479 Validity Not Before: Dec 6 04:01:09 2025 GMT Not After : Dec 7 04:01:09 2025 GMT Subject: CN=e4d5f5f1d2ad3d26912ecabb7e62f032447ec9ef Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:83:10:d8:41:9d:7b:ea:c3:99:e9:69:5b:15: 49:f5:17:7e:5e:b0:cf:6c:9d:28:1c:7d:e5:9f:b4: 1f:bc:ee:6f:5a:99:fa:b9:80:e7:75:dc:c2:81:be: 7e:54:48:d6:f3:93:ff:eb:58:ea:6a:f6:05:7f:65: 12:51:0b:6b:01:9f:9b:76:f2:50:03:73:dc:82:e1: fd:95:4c:7f:31:50:e7:de:0b:b9:50:6f:66:3b:c3: 80:30:9f:ce:7e:06:1b:4c:b8:83:20:1f:5c:e7:79: c1:4d:b7:0b:4f:e7:56:8b:2a:63:0c:91:ea:00:93: ff:ac:db:2d:99:eb:fd:5d:dd:2d:fa:f2:11:de:d1: b6:5f:7c:5b:99:14:0b:d9:88:89:03:db:ce:ba:16: b4:c6:13:c0:13:65:62:47:98:2d:7a:fd:61:74:e2: 67:74:4d:a9:ca:8d:8b:28:e3:a8:32:5b:25:dc:cc: 69:09:73:a5:b4:9a:c1:a9:ff:4a:0e:a5:28:a4:a6: b8:08:1f:aa:19:b0:61:f2:f1:b0:82:40:f6:c8:30: ed:63:5c:62:59:37:19:02:93:c3:61:e7:23:1d:e7: cf:2c:a3:f2:3a:fa:b0:0a:92:d2:a2:56:32:58:b1: 53:46:c4:5a:1c:61:11:10:69:1e:80:c5:4d:9a:c6: e0:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E4:D5:F5:F1:D2:AD:3D:26:91:2E:CA:BB:7E:62:F0:32:44:7E:C9:EF X509v3 Authority Key Identifier: keyid:66:16:A8:EB:B0:11:11:9B:2F:69:53:27:FB:16:E5:1F:88:70:44:79 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zhao67AREZsvaVMn-xblH4hwRHk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/dcf4a2-c374-4573-940a-ed3d27055020/1/Zhao67AREZsvaVMn-xblH4hwRHk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/03/dcf4a2-c374-4573-940a-ed3d27055020/1/Zhao67AREZsvaVMn-xblH4hwRHk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a4:b9:48:43:b5:d2:ac:4c:45:f6:8e:57:e7:50:60:09:03:dc: 5f:37:fe:e3:65:6c:a8:30:cb:3d:8d:72:d8:67:e6:0e:43:cc: 3b:56:d9:e3:a3:ba:47:6d:ba:ac:42:a9:0f:6f:ce:db:0d:2e: 92:c8:e2:d5:c5:f8:40:dc:eb:55:fb:72:d9:b5:73:f9:e2:ec: 68:93:57:28:fb:ce:28:f7:5c:fc:27:35:43:e1:e4:ce:78:fd: 8b:d0:e3:65:3d:78:fe:a9:72:53:e8:4e:ab:52:10:a7:4b:de: a2:35:83:0f:b9:59:f8:5a:10:b2:e9:b3:44:5f:cf:1b:44:7c: 08:6d:2a:7b:89:5c:2e:4e:75:f8:48:b8:23:31:a3:19:5b:d8: 28:02:bd:57:ec:b4:fc:23:45:05:42:0c:bb:92:73:7f:9c:01: 77:69:15:0f:78:46:4a:6c:f2:97:3d:da:ac:7d:0a:9f:8d:d7: 03:79:e9:04:f5:86:f3:9e:9a:b7:44:02:08:9a:61:f1:ac:1b: 79:25:a6:ff:8f:3b:81:b0:50:0c:00:df:50:c9:23:11:e7:c9: 72:23:2b:0d:05:66:7c:1f:e9:19:b7:dd:cc:18:b0:1f:d2:aa: c1:3e:e8:67:41:dc:ab:95:52:b7:40:ca:25:8c:f5:90:01:2c: 91:81:05:10 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrx0htmQYzyJgtm1A8P3mzrMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY2MTZhOGViYjAxMTExOWIyZjY5NTMyN2ZiMTZlNTFmODg3 MDQ0NzkwHhcNMjUxMjA2MDQwMTA5WhcNMjUxMjA3MDQwMTA5WjAzMTEwLwYDVQQD EyhlNGQ1ZjVmMWQyYWQzZDI2OTEyZWNhYmI3ZTYyZjAzMjQ0N2VjOWVmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuoMQ2EGde+rDmelpWxVJ9Rd+XrDP bJ0oHH3ln7QfvO5vWpn6uYDnddzCgb5+VEjW85P/61jqavYFf2USUQtrAZ+bdvJQ A3PcguH9lUx/MVDn3gu5UG9mO8OAMJ/OfgYbTLiDIB9c53nBTbcLT+dWiypjDJHq AJP/rNstmev9Xd0t+vIR3tG2X3xbmRQL2YiJA9vOuha0xhPAE2ViR5gtev1hdOJn dE2pyo2LKOOoMlsl3MxpCXOltJrBqf9KDqUopKa4CB+qGbBh8vGwgkD2yDDtY1xi WTcZApPDYecjHefPLKPyOvqwCpLSolYyWLFTRsRaHGEREGkegMVNmsbg8QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOTV9fHSrT0mkS7Ku35i8DJEfsnvMB8GA1UdIwQY MBaAFGYWqOuwERGbL2lTJ/sW5R+IcER5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWmhhbzY3QVJFWnN2YVZNbi14YmxINGh3UkhrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9kY2Y0YTItYzM3NC00NTczLTk0MGEt ZWQzZDI3MDU1MDIwLzEvWmhhbzY3QVJFWnN2YVZNbi14YmxINGh3UkhrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMy9kY2Y0YTItYzM3NC00NTczLTk0MGEtZWQzZDI3MDU1MDIw LzEvWmhhbzY3QVJFWnN2YVZNbi14YmxINGh3UkhrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApLlIQ7XS rExF9o5X51BgCQPcXzf+42VsqDDLPY1y2GfmDkPMO1bZ46O6R226rEKpD2/O2w0u ksji1cX4QNzrVfty2bVz+eLsaJNXKPvOKPdc/Cc1Q+Hkznj9i9DjZT14/qlyU+hO q1IQp0veojWDD7lZ+FoQsumzRF/PG0R8CG0qe4lcLk51+Ei4IzGjGVvYKAK9V+y0 /CNFBUIMu5Jzf5wBd2kVD3hGSmzylz3arH0Kn43XA3npBPWG856at0QCCJph8awb eSWm/487gbBQDADfUMkjEefJciMrDQVmfB/pGbfdzBiwH9KqwT7oZ0Hcq5VSt0DK JYz1kAEskYEFEA== -----END CERTIFICATE-----Generated at Sat Dec 6 08:08:30 2025 by rpki-client