This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/f152e0-a7fb-4afc-9c70-1ccb54f372aa/1/ZTwsX-3AjoxdH2VGksPkVkDIou0.mft File: ZTwsX-3AjoxdH2VGksPkVkDIou0.mft (raw, json) Hash identifier: 2Qo9U4vyWXmi5eCQKuBhbs0IBoeRuKQR3cg49qBO3GQ= Subject key identifier: 1F:C4:10:3B:32:FB:7D:B3:44:06:1B:AE:AA:6B:C1:80:B1:39:98:4B Authority key identifier: 65:3C:2C:5F:ED:C0:8E:8C:5D:1F:65:46:92:C3:E4:56:40:C8:A2:ED Certificate issuer: /CN=653c2c5fedc08e8c5d1f654692c3e45640c8a2ed Certificate serial: 019AF31BD86DE3190687928AF85ED30B67AB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZTwsX-3AjoxdH2VGksPkVkDIou0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/f152e0-a7fb-4afc-9c70-1ccb54f372aa/1/ZTwsX-3AjoxdH2VGksPkVkDIou0.mft Manifest number: 0C65 Signing time: Sat 06 Dec 2025 10:01:19 +0000 Manifest this update: Sat 06 Dec 2025 10:01:19 +0000 Manifest next update: Sun 07 Dec 2025 10:01:19 +0000 Files and hashes: 1: ZTwsX-3AjoxdH2VGksPkVkDIou0.crl (hash: vesbWKm+TA7dQaDg0j1EhZUQBtYy0cK2pSSkC0nQJIo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/f152e0-a7fb-4afc-9c70-1ccb54f372aa/1/ZTwsX-3AjoxdH2VGksPkVkDIou0.crl rsync://rpki.ripe.net/repository/DEFAULT/42/f152e0-a7fb-4afc-9c70-1ccb54f372aa/1/ZTwsX-3AjoxdH2VGksPkVkDIou0.mft rsync://rpki.ripe.net/repository/DEFAULT/ZTwsX-3AjoxdH2VGksPkVkDIou0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 10:01:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1b:d8:6d:e3:19:06:87:92:8a:f8:5e:d3:0b:67:ab Signature Algorithm: sha256WithRSAEncryption Issuer: CN=653c2c5fedc08e8c5d1f654692c3e45640c8a2ed Validity Not Before: Dec 6 10:01:19 2025 GMT Not After : Dec 7 10:01:19 2025 GMT Subject: CN=1fc4103b32fb7db344061baeaa6bc180b139984b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:6e:9b:d3:18:06:c6:c6:ea:6d:0a:a5:66:19: 45:6e:73:0d:2c:ee:7b:f4:40:fd:74:a4:ed:e4:5b: 24:3c:83:13:ce:f8:6d:0d:d0:d4:d1:33:b5:fc:3a: 98:88:62:54:7b:93:be:e1:9f:db:ca:9e:db:88:87: aa:c2:6f:5e:03:e1:0e:e2:b5:7e:04:e7:42:fb:ab: 49:2d:21:7e:13:db:2b:d7:50:c1:ab:d3:13:94:1b: 44:47:e7:a7:73:87:d2:21:97:91:f4:38:92:c1:a0: ce:1a:b6:48:f2:bb:7a:17:78:42:fd:ce:6f:19:b5: 29:a7:c6:23:4f:16:f0:9a:24:35:38:fe:18:c9:03: 06:87:ab:ac:af:8f:01:1a:33:b9:46:01:57:6a:14: b4:7d:02:23:6d:21:e8:61:d0:3f:6a:c8:76:09:80: f1:f0:4c:39:54:60:fd:44:ef:69:6b:2b:27:65:ba: d9:ea:39:28:b1:dd:53:bb:7c:dc:c1:bd:62:27:5c: 22:42:ef:9f:eb:57:78:ae:a2:97:c1:79:6b:54:0c: de:a3:52:4f:66:a8:77:6b:ec:ba:bd:ec:19:f4:43: f9:73:c8:34:86:d5:21:3e:c6:dd:21:c6:80:b2:9d: 63:3c:37:19:5c:88:87:40:a0:61:c7:10:28:f2:c0: b8:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1F:C4:10:3B:32:FB:7D:B3:44:06:1B:AE:AA:6B:C1:80:B1:39:98:4B X509v3 Authority Key Identifier: keyid:65:3C:2C:5F:ED:C0:8E:8C:5D:1F:65:46:92:C3:E4:56:40:C8:A2:ED X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZTwsX-3AjoxdH2VGksPkVkDIou0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/f152e0-a7fb-4afc-9c70-1ccb54f372aa/1/ZTwsX-3AjoxdH2VGksPkVkDIou0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/42/f152e0-a7fb-4afc-9c70-1ccb54f372aa/1/ZTwsX-3AjoxdH2VGksPkVkDIou0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7a:e6:86:19:56:84:c7:b5:3b:23:56:90:8e:a9:d3:60:1e:41: 6e:e9:c7:be:5f:71:b1:6c:bb:8c:a5:d5:41:28:67:b9:76:4f: 3d:76:84:87:d0:d5:a5:1f:3d:66:f6:e6:30:4c:5a:ca:e4:9a: 4f:04:68:94:bc:6c:b8:e5:2f:fe:4a:f1:d0:f3:f2:99:d7:ed: c2:93:ea:6a:ef:6b:e8:f1:96:76:75:6c:34:a2:cb:f2:33:0f: 2d:bd:33:d7:f4:6e:29:ae:e8:f2:6a:43:6f:90:74:5b:27:f6: 0b:49:b7:ea:7c:44:4a:48:8d:4e:12:3b:1c:74:44:87:3a:c1: 05:71:64:67:34:03:57:b4:38:f5:bb:c1:fb:8c:d0:e8:6b:1e: e6:c9:55:29:60:ce:d8:aa:1e:ed:a4:8c:a5:cb:8e:f5:55:c8: 76:f0:f8:5c:5f:43:02:42:dc:e5:7f:6e:d2:a8:2d:7e:fe:a9: 47:94:ee:cf:23:bd:5c:52:32:0e:4d:93:aa:bf:e1:bb:49:c6: fc:6e:01:de:84:13:93:e1:34:e3:ee:0b:97:ee:5b:46:80:b0: 93:66:b9:eb:8c:b4:72:ac:f7:0e:c9:af:e2:eb:95:71:d5:b3: 0d:0c:cb:76:0f:19:72:d2:d9:dc:81:2c:ba:6d:63:75:33:08: 1e:b3:75:1d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzG9ht4xkGh5KK+F7TC2erMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY1M2MyYzVmZWRjMDhlOGM1ZDFmNjU0NjkyYzNlNDU2NDBj OGEyZWQwHhcNMjUxMjA2MTAwMTE5WhcNMjUxMjA3MTAwMTE5WjAzMTEwLwYDVQQD EygxZmM0MTAzYjMyZmI3ZGIzNDQwNjFiYWVhYTZiYzE4MGIxMzk5ODRiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmW6b0xgGxsbqbQqlZhlFbnMNLO57 9ED9dKTt5FskPIMTzvhtDdDU0TO1/DqYiGJUe5O+4Z/byp7biIeqwm9eA+EO4rV+ BOdC+6tJLSF+E9sr11DBq9MTlBtER+enc4fSIZeR9DiSwaDOGrZI8rt6F3hC/c5v GbUpp8YjTxbwmiQ1OP4YyQMGh6usr48BGjO5RgFXahS0fQIjbSHoYdA/ash2CYDx 8Ew5VGD9RO9paysnZbrZ6jkosd1Tu3zcwb1iJ1wiQu+f61d4rqKXwXlrVAzeo1JP Zqh3a+y6vewZ9EP5c8g0htUhPsbdIcaAsp1jPDcZXIiHQKBhxxAo8sC4xQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFB/EEDsy+32zRAYbrqprwYCxOZhLMB8GA1UdIwQY MBaAFGU8LF/twI6MXR9lRpLD5FZAyKLtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWlR3c1gtM0Fqb3hkSDJWR2tzUGtWa0RJb3UwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9mMTUyZTAtYTdmYi00YWZjLTljNzAt MWNjYjU0ZjM3MmFhLzEvWlR3c1gtM0Fqb3hkSDJWR2tzUGtWa0RJb3UwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Mi9mMTUyZTAtYTdmYi00YWZjLTljNzAtMWNjYjU0ZjM3MmFh LzEvWlR3c1gtM0Fqb3hkSDJWR2tzUGtWa0RJb3UwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeuaGGVaE x7U7I1aQjqnTYB5BbunHvl9xsWy7jKXVQShnuXZPPXaEh9DVpR89ZvbmMExayuSa TwRolLxsuOUv/krx0PPymdftwpPqau9r6PGWdnVsNKLL8jMPLb0z1/RuKa7o8mpD b5B0Wyf2C0m36nxESkiNThI7HHREhzrBBXFkZzQDV7Q49bvB+4zQ6Gse5slVKWDO 2Koe7aSMpcuO9VXIdvD4XF9DAkLc5X9u0qgtfv6pR5TuzyO9XFIyDk2Tqr/hu0nG /G4B3oQTk+E04+4Ll+5bRoCwk2a564y0cqz3Dsmv4uuVcdWzDQzLdg8ZctLZ3IEs um1jdTMIHrN1HQ== -----END CERTIFICATE-----Generated at Sat Dec 6 17:30:43 2025 by rpki-client