This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/7ac50f-4491-44a5-90bf-a7ef1dcfd5f1/1/zfQLRgtIuPNm_sXKObMcOAxkWjI.mft File: zfQLRgtIuPNm_sXKObMcOAxkWjI.mft (raw, json) Hash identifier: mSlVwmmU082sQ+xPJU/VNbIbQngTY9Su+jB3osVrefU= Subject key identifier: 25:60:1A:53:57:E8:2A:1E:10:CA:F5:92:F1:36:E4:9B:2E:7F:5B:94 Authority key identifier: CD:F4:0B:46:0B:48:B8:F3:66:FE:C5:CA:39:B3:1C:38:0C:64:5A:32 Certificate issuer: /CN=cdf40b460b48b8f366fec5ca39b31c380c645a32 Certificate serial: 019AF42E6FE40A7314979D908452914E2CF9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zfQLRgtIuPNm_sXKObMcOAxkWjI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/7ac50f-4491-44a5-90bf-a7ef1dcfd5f1/1/zfQLRgtIuPNm_sXKObMcOAxkWjI.mft Manifest number: 0229 Signing time: Sat 06 Dec 2025 15:01:15 +0000 Manifest this update: Sat 06 Dec 2025 15:01:15 +0000 Manifest next update: Sun 07 Dec 2025 15:01:15 +0000 Files and hashes: 1: zfQLRgtIuPNm_sXKObMcOAxkWjI.crl (hash: 5ShDoPH92ZT2rFX+dWXahTOmN2Qc9Qp5I2c2C7Ou3p0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/7ac50f-4491-44a5-90bf-a7ef1dcfd5f1/1/zfQLRgtIuPNm_sXKObMcOAxkWjI.crl rsync://rpki.ripe.net/repository/DEFAULT/55/7ac50f-4491-44a5-90bf-a7ef1dcfd5f1/1/zfQLRgtIuPNm_sXKObMcOAxkWjI.mft rsync://rpki.ripe.net/repository/DEFAULT/zfQLRgtIuPNm_sXKObMcOAxkWjI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f4:2e:6f:e4:0a:73:14:97:9d:90:84:52:91:4e:2c:f9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cdf40b460b48b8f366fec5ca39b31c380c645a32 Validity Not Before: Dec 6 15:01:15 2025 GMT Not After : Dec 7 15:01:15 2025 GMT Subject: CN=25601a5357e82a1e10caf592f136e49b2e7f5b94 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:1f:f5:5d:44:c5:57:d5:15:0f:b4:c0:e4:12: 02:ed:21:6a:ca:eb:85:d0:5f:e7:35:ad:ca:58:e2: a1:e6:b8:fb:76:a4:7a:9c:93:ce:e6:f4:03:fb:97: ba:78:f0:ce:a7:3f:18:77:83:a2:69:9d:43:1b:f4: 67:3d:ab:9b:a0:10:cc:90:fd:2b:6b:c2:03:19:24: d7:91:aa:a3:0c:c8:43:55:85:81:73:39:40:e5:c5: 61:e2:1b:61:11:76:d6:e9:0a:31:3a:66:0f:e3:95: 4b:74:7c:f0:23:0d:5e:47:27:23:ae:df:2a:6e:38: 8f:8e:a3:11:63:cc:f7:99:b9:51:4c:13:f7:61:c2: fe:cc:6b:7d:2b:f6:1e:56:94:47:24:ad:b3:2c:42: 74:98:6c:ab:9c:85:d7:bc:72:67:6d:28:2e:9d:69: ed:80:cc:a7:bd:a6:c4:79:ed:70:e6:e6:21:44:dd: dc:2b:7d:9b:73:04:2e:34:5e:2e:18:05:d9:b1:ab: b7:24:1a:a9:ca:c9:15:10:ea:cd:9a:d2:ee:a4:06: ea:29:e9:39:da:96:a3:57:05:0c:59:02:ff:0a:f0: d4:f7:72:06:39:1b:02:1a:47:66:61:36:92:be:bd: d5:50:18:11:cc:e0:9e:be:1a:1f:78:82:a6:78:7c: 2f:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 25:60:1A:53:57:E8:2A:1E:10:CA:F5:92:F1:36:E4:9B:2E:7F:5B:94 X509v3 Authority Key Identifier: keyid:CD:F4:0B:46:0B:48:B8:F3:66:FE:C5:CA:39:B3:1C:38:0C:64:5A:32 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zfQLRgtIuPNm_sXKObMcOAxkWjI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/7ac50f-4491-44a5-90bf-a7ef1dcfd5f1/1/zfQLRgtIuPNm_sXKObMcOAxkWjI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/55/7ac50f-4491-44a5-90bf-a7ef1dcfd5f1/1/zfQLRgtIuPNm_sXKObMcOAxkWjI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 77:66:e4:4a:65:bf:8b:c2:08:a5:d1:20:f6:7d:51:df:f5:e9: 35:74:a8:04:a6:86:52:7e:45:e3:89:17:66:ff:25:22:c7:a4: 31:40:4b:f4:61:96:6e:cb:c6:45:47:d4:3c:26:fb:fc:70:3f: b3:d3:ac:b1:c9:77:a1:f8:8b:d5:3c:b2:09:67:bc:a5:17:85: 97:ad:cf:28:55:20:2e:75:2c:38:f7:45:23:55:23:b3:ae:ea: da:bd:b7:76:6b:2f:c3:59:6d:01:45:95:cb:9f:eb:36:b5:a3: d7:03:28:c5:87:53:48:e2:4f:f2:ae:71:eb:1f:51:aa:39:29: 61:43:a4:2c:08:df:ab:e3:3f:59:a6:3f:74:4d:73:0e:33:54: 16:2a:53:16:d0:04:c4:8a:2d:1c:d1:1f:76:6d:c5:ef:2d:01: dc:cb:e3:3a:4c:23:4b:b6:af:3e:78:51:e3:63:56:e4:93:04: 63:45:82:d5:66:d6:da:e1:2f:49:7c:4a:b0:d1:50:f3:f4:fb: c7:f0:f0:eb:10:db:0c:0b:f4:7e:10:6a:ba:30:85:d7:2c:14: a8:e3:9c:9f:26:3e:2f:5b:ae:fd:e2:c4:c7:54:bd:7d:92:08: b9:4c:be:4f:bd:3e:3e:64:f9:cc:15:6a:e9:fe:60:7e:ff:05: 92:ca:9f:90 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr0Lm/kCnMUl52QhFKRTiz5MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNkZjQwYjQ2MGI0OGI4ZjM2NmZlYzVjYTM5YjMxYzM4MGM2 NDVhMzIwHhcNMjUxMjA2MTUwMTE1WhcNMjUxMjA3MTUwMTE1WjAzMTEwLwYDVQQD EygyNTYwMWE1MzU3ZTgyYTFlMTBjYWY1OTJmMTM2ZTQ5YjJlN2Y1Yjk0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoR/1XUTFV9UVD7TA5BIC7SFqyuuF 0F/nNa3KWOKh5rj7dqR6nJPO5vQD+5e6ePDOpz8Yd4OiaZ1DG/RnPauboBDMkP0r a8IDGSTXkaqjDMhDVYWBczlA5cVh4hthEXbW6QoxOmYP45VLdHzwIw1eRycjrt8q bjiPjqMRY8z3mblRTBP3YcL+zGt9K/YeVpRHJK2zLEJ0mGyrnIXXvHJnbSgunWnt gMynvabEee1w5uYhRN3cK32bcwQuNF4uGAXZsau3JBqpyskVEOrNmtLupAbqKek5 2pajVwUMWQL/CvDU93IGORsCGkdmYTaSvr3VUBgRzOCevhofeIKmeHwv+wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCVgGlNX6CoeEMr1kvE25Jsuf1uUMB8GA1UdIwQY MBaAFM30C0YLSLjzZv7FyjmzHDgMZFoyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvemZRTFJndEl1UE5tX3NYS09iTWNPQXhrV2pJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS83YWM1MGYtNDQ5MS00NGE1LTkwYmYt YTdlZjFkY2ZkNWYxLzEvemZRTFJndEl1UE5tX3NYS09iTWNPQXhrV2pJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81NS83YWM1MGYtNDQ5MS00NGE1LTkwYmYtYTdlZjFkY2ZkNWYx LzEvemZRTFJndEl1UE5tX3NYS09iTWNPQXhrV2pJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd2bkSmW/ i8IIpdEg9n1R3/XpNXSoBKaGUn5F44kXZv8lIsekMUBL9GGWbsvGRUfUPCb7/HA/ s9Osscl3ofiL1TyyCWe8pReFl63PKFUgLnUsOPdFI1Ujs67q2r23dmsvw1ltAUWV y5/rNrWj1wMoxYdTSOJP8q5x6x9RqjkpYUOkLAjfq+M/WaY/dE1zDjNUFipTFtAE xIotHNEfdm3F7y0B3MvjOkwjS7avPnhR42NW5JMEY0WC1WbW2uEvSXxKsNFQ8/T7 x/Dw6xDbDAv0fhBqujCF1ywUqOOcnyY+L1uu/eLEx1S9fZIIuUy+T70+PmT5zBVq 6f5gfv8FksqfkA== -----END CERTIFICATE-----Generated at Sat Dec 6 22:19:39 2025 by rpki-client