This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.mft File: zkK0OF5XcvUdWI4rtyGaEiOZWHo.mft (raw, json) Hash identifier: iaf2tJFKjgFvqV0jyqlJ1PCxfjHJeL3NIQ593OtSpZY= Subject key identifier: 58:F5:7A:0C:D9:EF:85:5E:11:49:9B:9E:FB:32:1B:6B:2C:A2:32:54 Authority key identifier: CE:42:B4:38:5E:57:72:F5:1D:58:8E:2B:B7:21:9A:12:23:99:58:7A Certificate issuer: /CN=ce42b4385e5772f51d588e2bb7219a122399587a Certificate serial: 019B2B8ADAB65E17080D9D0B60CA196A107A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zkK0OF5XcvUdWI4rtyGaEiOZWHo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.mft Manifest number: 0BA3 Signing time: Wed 17 Dec 2025 09:01:18 +0000 Manifest this update: Wed 17 Dec 2025 09:01:18 +0000 Manifest next update: Thu 18 Dec 2025 09:01:18 +0000 Files and hashes: 1: zkK0OF5XcvUdWI4rtyGaEiOZWHo.crl (hash: S4tyEjCVCJ5W7m5/2SzoBiy7SD3jfyI/vo9b0Y/JZPA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.crl rsync://rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.mft rsync://rpki.ripe.net/repository/DEFAULT/zkK0OF5XcvUdWI4rtyGaEiOZWHo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 18 Dec 2025 09:01:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2b:8a:da:b6:5e:17:08:0d:9d:0b:60:ca:19:6a:10:7a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ce42b4385e5772f51d588e2bb7219a122399587a Validity Not Before: Dec 17 09:01:18 2025 GMT Not After : Dec 18 09:01:18 2025 GMT Subject: CN=58f57a0cd9ef855e11499b9efb321b6b2ca23254 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:f6:22:8d:41:ad:30:87:ac:d2:90:dd:79:72: 13:c4:bc:e0:c1:9c:c9:95:0a:ea:cc:5d:ff:fa:c6: 47:5d:ed:4d:5e:10:b3:bf:ae:ae:b7:52:19:46:65: 37:04:59:84:13:67:7b:56:3a:af:69:ad:0f:5f:85: 4e:9b:3b:d4:a4:2d:56:eb:6c:5d:b5:e8:55:79:b0: cf:36:db:f7:f8:4e:f2:68:d7:b0:29:bd:82:73:8a: 39:49:2b:98:01:d1:c4:33:7d:90:fc:01:cd:0a:5e: b1:f5:1f:9a:18:d6:b7:03:a8:cc:99:0f:f2:ea:34: 5c:77:5e:30:f3:1e:8e:99:7d:87:94:a6:70:69:82: 63:c9:54:2a:48:39:23:e1:33:7e:54:08:3d:09:dd: 04:ad:e3:23:db:de:f5:4c:17:e1:cd:61:37:f9:8b: eb:71:7b:8f:dd:82:90:10:08:d7:c1:db:3f:9b:63: 52:4a:18:cb:ff:ba:b0:4c:4d:48:bd:32:a9:85:cb: 76:7b:d6:94:ce:a4:0d:3f:f0:34:b0:90:8d:c7:74: 93:46:e0:ce:43:ea:5b:96:07:58:e3:06:83:0e:f1: fc:b4:25:88:44:23:66:45:9b:fe:69:07:73:eb:0f: b7:51:3f:41:58:68:bf:cd:f7:02:77:aa:5b:bd:9d: 3f:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 58:F5:7A:0C:D9:EF:85:5E:11:49:9B:9E:FB:32:1B:6B:2C:A2:32:54 X509v3 Authority Key Identifier: keyid:CE:42:B4:38:5E:57:72:F5:1D:58:8E:2B:B7:21:9A:12:23:99:58:7A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zkK0OF5XcvUdWI4rtyGaEiOZWHo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8a:35:23:68:6f:fb:c8:8c:97:2f:ef:57:36:4f:2e:20:e3:dd: 92:8d:21:fe:b2:83:9c:62:db:b7:7d:f5:c8:96:4b:71:93:66: 63:1e:43:a9:bd:17:66:06:48:38:59:9a:47:fb:44:9e:15:d5: d7:2d:75:93:5f:0d:99:26:d5:2a:c8:1b:6a:a5:34:5f:f4:fc: f3:d2:7e:e8:66:e2:ed:9b:e5:2b:d1:c0:f7:39:82:90:f2:7f: 20:7b:f9:c6:75:41:ca:ff:8a:96:97:ac:d0:9f:df:cc:30:20: da:22:42:80:a2:5e:2d:1e:ac:18:2c:dd:71:79:8c:99:ae:f4: c2:1f:b1:96:64:d4:22:53:14:81:6c:ad:e5:64:00:71:22:83: a3:79:62:e5:f3:31:69:82:d0:17:c6:4d:72:80:46:76:be:3d: aa:e2:e3:20:9b:74:db:79:66:60:6e:d7:33:d3:cc:f0:7e:7f: ae:91:e4:8f:fd:b8:1f:6f:77:af:96:79:04:27:ea:67:ad:bd: 39:e7:42:36:6a:97:da:45:3b:bd:10:25:dd:a9:67:2f:92:6c: e6:d8:31:c7:34:c2:6f:8b:9b:83:78:f8:cd:bc:87:c4:cf:ff: eb:ec:a9:c3:9a:a3:60:db:9f:bf:67:d7:0c:7b:51:20:ca:71: 88:54:e5:2c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsritq2XhcIDZ0LYMoZahB6MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNlNDJiNDM4NWU1NzcyZjUxZDU4OGUyYmI3MjE5YTEyMjM5 OTU4N2EwHhcNMjUxMjE3MDkwMTE4WhcNMjUxMjE4MDkwMTE4WjAzMTEwLwYDVQQD Eyg1OGY1N2EwY2Q5ZWY4NTVlMTE0OTliOWVmYjMyMWI2YjJjYTIzMjU0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArvYijUGtMIes0pDdeXITxLzgwZzJ lQrqzF3/+sZHXe1NXhCzv66ut1IZRmU3BFmEE2d7Vjqvaa0PX4VOmzvUpC1W62xd tehVebDPNtv3+E7yaNewKb2Cc4o5SSuYAdHEM32Q/AHNCl6x9R+aGNa3A6jMmQ/y 6jRcd14w8x6OmX2HlKZwaYJjyVQqSDkj4TN+VAg9Cd0EreMj2971TBfhzWE3+Yvr cXuP3YKQEAjXwds/m2NSShjL/7qwTE1IvTKphct2e9aUzqQNP/A0sJCNx3STRuDO Q+pblgdY4waDDvH8tCWIRCNmRZv+aQdz6w+3UT9BWGi/zfcCd6pbvZ0/PQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFj1egzZ74VeEUmbnvsyG2ssojJUMB8GA1UdIwQY MBaAFM5CtDheV3L1HViOK7chmhIjmVh6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvemtLME9GNVhjdlVkV0k0cnR5R2FFaU9aV0hvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9iMmU1MjgtZjFmNS00YzA1LTkzZWUt Y2ExNWViZjM3ZWM3LzEvemtLME9GNVhjdlVkV0k0cnR5R2FFaU9aV0hvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYy9iMmU1MjgtZjFmNS00YzA1LTkzZWUtY2ExNWViZjM3ZWM3 LzEvemtLME9GNVhjdlVkV0k0cnR5R2FFaU9aV0hvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAijUjaG/7 yIyXL+9XNk8uIOPdko0h/rKDnGLbt331yJZLcZNmYx5Dqb0XZgZIOFmaR/tEnhXV 1y11k18NmSbVKsgbaqU0X/T889J+6Gbi7ZvlK9HA9zmCkPJ/IHv5xnVByv+Klpes 0J/fzDAg2iJCgKJeLR6sGCzdcXmMma70wh+xlmTUIlMUgWyt5WQAcSKDo3li5fMx aYLQF8ZNcoBGdr49quLjIJt023lmYG7XM9PM8H5/rpHkj/24H293r5Z5BCfqZ629 OedCNmqX2kU7vRAl3alnL5Js5tgxxzTCb4ubg3j4zbyHxM//6+ypw5qjYNufv2fX DHtRIMpxiFTlLA== -----END CERTIFICATE-----Generated at Wed Dec 17 13:43:50 2025 by rpki-client