This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.mft File: zkK0OF5XcvUdWI4rtyGaEiOZWHo.mft (raw, json) Hash identifier: yZ1RBco6XayTYA51bbRZUkeVQzVZiGwKvoKatc8io6w= Subject key identifier: 01:4B:C5:8C:07:AD:84:82:A3:A4:95:0C:CA:C4:20:11:4C:72:DE:F4 Authority key identifier: CE:42:B4:38:5E:57:72:F5:1D:58:8E:2B:B7:21:9A:12:23:99:58:7A Certificate issuer: /CN=ce42b4385e5772f51d588e2bb7219a122399587a Certificate serial: 019AF19B0C59C6F2FCF15B66F0362F000C82 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zkK0OF5XcvUdWI4rtyGaEiOZWHo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.mft Manifest number: 0B85 Signing time: Sat 06 Dec 2025 03:01:01 +0000 Manifest this update: Sat 06 Dec 2025 03:01:01 +0000 Manifest next update: Sun 07 Dec 2025 03:01:01 +0000 Files and hashes: 1: zkK0OF5XcvUdWI4rtyGaEiOZWHo.crl (hash: eEM3kGbKK7n8/NjCjpcQvw6uhV2q+D4au8Ti8biPBjM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.crl rsync://rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.mft rsync://rpki.ripe.net/repository/DEFAULT/zkK0OF5XcvUdWI4rtyGaEiOZWHo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:9b:0c:59:c6:f2:fc:f1:5b:66:f0:36:2f:00:0c:82 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ce42b4385e5772f51d588e2bb7219a122399587a Validity Not Before: Dec 6 03:01:01 2025 GMT Not After : Dec 7 03:01:01 2025 GMT Subject: CN=014bc58c07ad8482a3a4950ccac420114c72def4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:63:0d:21:ea:4a:a0:ae:51:9a:b0:f1:04:5f: ba:71:11:dd:7f:3b:8b:86:d9:48:d9:58:ae:6e:20: e0:79:91:c0:71:fe:08:33:19:b2:0c:de:94:ff:4f: 38:81:c7:0f:96:51:92:d1:89:a5:86:d3:f9:21:2d: 09:be:6b:26:bb:c7:e2:ba:4f:57:52:2d:fa:20:07: d7:23:c1:f7:d9:12:5b:06:0c:3a:e3:6e:ec:26:0b: 07:a2:29:d9:0b:79:e7:d5:40:4b:8c:b9:19:b0:71: cd:11:85:e4:81:d3:41:fb:3b:9f:1b:f8:71:53:11: 2e:75:d3:d7:44:9c:98:d7:e5:a2:a9:31:2c:7e:bb: 08:e7:c3:87:7a:b2:c2:e4:a7:06:71:c5:6d:24:d0: ea:63:f1:4e:77:dd:29:39:31:dd:a0:5d:d1:2e:bb: 47:8c:b4:cd:c8:86:c4:98:c4:e5:18:48:56:c3:48: 76:3d:e4:68:6b:f6:b1:c6:da:60:7f:4b:dd:8e:42: 8b:2f:66:a8:c9:d1:e3:ad:b9:f6:81:78:e1:b6:74: 25:9b:34:1d:f7:4c:19:4a:7b:18:9d:5c:1b:d7:c0: e8:72:e6:f8:09:9d:4e:e5:40:24:0d:15:69:a4:90: 94:d0:f5:89:98:bd:90:a4:4e:8a:c9:d7:a8:7c:d8: 3d:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 01:4B:C5:8C:07:AD:84:82:A3:A4:95:0C:CA:C4:20:11:4C:72:DE:F4 X509v3 Authority Key Identifier: keyid:CE:42:B4:38:5E:57:72:F5:1D:58:8E:2B:B7:21:9A:12:23:99:58:7A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zkK0OF5XcvUdWI4rtyGaEiOZWHo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b2e528-f1f5-4c05-93ee-ca15ebf37ec7/1/zkK0OF5XcvUdWI4rtyGaEiOZWHo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0c:4e:a3:bf:86:cb:5b:69:82:4d:a8:ba:a2:f9:9b:dc:c4:4f: ba:83:8d:5f:85:7c:8e:b4:f4:dc:02:a1:57:7b:77:8f:b3:46: 56:a8:7a:7b:3a:61:9d:2b:ea:4a:fa:3e:58:0b:09:06:c2:19: 01:a8:02:ed:21:4e:5c:2c:bd:67:db:63:76:9f:67:a5:f7:35: bf:6b:71:91:fd:ad:16:87:4a:18:0b:d9:66:6a:c6:a3:eb:44: b9:de:7c:04:48:40:e3:a1:b4:e2:25:ed:e8:4b:d9:52:90:e0: 73:8a:33:7e:0b:bd:ec:73:8b:27:0e:f2:97:9d:e1:d8:05:bb: 7b:ed:d3:da:bb:05:16:48:07:7f:dd:d6:76:5a:d0:54:52:57: 64:fd:35:fe:a1:27:50:ee:eb:02:eb:3b:1b:1a:0b:52:90:8b: 1f:06:77:35:6d:16:e6:7e:74:e1:39:a2:7a:fc:50:57:92:3a: 13:73:a5:fd:bf:e5:4b:3f:04:b7:7e:88:ba:10:26:9b:1d:71: 2c:70:d0:d3:4e:66:36:5c:d3:cb:2a:76:ed:1a:c7:be:e7:1a: 8c:46:26:66:79:6c:1c:60:98:09:2e:43:aa:0c:41:ac:87:0b: 3c:1f:b0:ce:30:34:69:dc:0e:75:00:4b:8d:92:3e:fa:ad:4d: 5b:9f:d1:eb -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxmwxZxvL88Vtm8DYvAAyCMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNlNDJiNDM4NWU1NzcyZjUxZDU4OGUyYmI3MjE5YTEyMjM5 OTU4N2EwHhcNMjUxMjA2MDMwMTAxWhcNMjUxMjA3MDMwMTAxWjAzMTEwLwYDVQQD EygwMTRiYzU4YzA3YWQ4NDgyYTNhNDk1MGNjYWM0MjAxMTRjNzJkZWY0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwmMNIepKoK5RmrDxBF+6cRHdfzuL htlI2ViubiDgeZHAcf4IMxmyDN6U/084gccPllGS0YmlhtP5IS0Jvmsmu8fiuk9X Ui36IAfXI8H32RJbBgw6427sJgsHoinZC3nn1UBLjLkZsHHNEYXkgdNB+zufG/hx UxEuddPXRJyY1+WiqTEsfrsI58OHerLC5KcGccVtJNDqY/FOd90pOTHdoF3RLrtH jLTNyIbEmMTlGEhWw0h2PeRoa/axxtpgf0vdjkKLL2aoydHjrbn2gXjhtnQlmzQd 90wZSnsYnVwb18Docub4CZ1O5UAkDRVppJCU0PWJmL2QpE6KydeofNg9XwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAFLxYwHrYSCo6SVDMrEIBFMct70MB8GA1UdIwQY MBaAFM5CtDheV3L1HViOK7chmhIjmVh6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvemtLME9GNVhjdlVkV0k0cnR5R2FFaU9aV0hvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9iMmU1MjgtZjFmNS00YzA1LTkzZWUt Y2ExNWViZjM3ZWM3LzEvemtLME9GNVhjdlVkV0k0cnR5R2FFaU9aV0hvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYy9iMmU1MjgtZjFmNS00YzA1LTkzZWUtY2ExNWViZjM3ZWM3 LzEvemtLME9GNVhjdlVkV0k0cnR5R2FFaU9aV0hvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADE6jv4bL W2mCTai6ovmb3MRPuoONX4V8jrT03AKhV3t3j7NGVqh6ezphnSvqSvo+WAsJBsIZ AagC7SFOXCy9Z9tjdp9npfc1v2txkf2tFodKGAvZZmrGo+tEud58BEhA46G04iXt 6EvZUpDgc4ozfgu97HOLJw7yl53h2AW7e+3T2rsFFkgHf93WdlrQVFJXZP01/qEn UO7rAus7GxoLUpCLHwZ3NW0W5n504TmievxQV5I6E3Ol/b/lSz8Et36IuhAmmx1x LHDQ005mNlzTyyp27RrHvucajEYmZnlsHGCYCS5DqgxBrIcLPB+wzjA0adwOdQBL jZI++q1NW5/R6w== -----END CERTIFICATE-----Generated at Sat Dec 6 08:07:46 2025 by rpki-client