This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/14d71e-e0d8-4fff-b3fa-428324a9244e/1/zdCuQc2rVZhilkF4v-rjaElrB9c.mft File: zdCuQc2rVZhilkF4v-rjaElrB9c.mft (raw, json) Hash identifier: Sk/t3lii08zSgcx4DwEUqxnNmhtOF1eCCDMdn/vlq/c= Subject key identifier: 91:F7:AB:CD:2A:9B:6C:F0:52:69:31:72:A2:8B:DF:42:D8:AF:6E:09 Authority key identifier: CD:D0:AE:41:CD:AB:55:98:62:96:41:78:BF:EA:E3:68:49:6B:07:D7 Certificate issuer: /CN=cdd0ae41cdab559862964178bfeae368496b07d7 Certificate serial: 019AF4651B62670D676CA0940E6BADA1CB3F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zdCuQc2rVZhilkF4v-rjaElrB9c.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/14d71e-e0d8-4fff-b3fa-428324a9244e/1/zdCuQc2rVZhilkF4v-rjaElrB9c.mft Manifest number: 0E42 Signing time: Sat 06 Dec 2025 16:00:57 +0000 Manifest this update: Sat 06 Dec 2025 16:00:57 +0000 Manifest next update: Sun 07 Dec 2025 16:00:57 +0000 Files and hashes: 1: zdCuQc2rVZhilkF4v-rjaElrB9c.crl (hash: VEu4HX0nP4Ll7vFPjlm8uD9qUusrInDJPl/ISDxj0hI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6e/14d71e-e0d8-4fff-b3fa-428324a9244e/1/zdCuQc2rVZhilkF4v-rjaElrB9c.crl rsync://rpki.ripe.net/repository/DEFAULT/6e/14d71e-e0d8-4fff-b3fa-428324a9244e/1/zdCuQc2rVZhilkF4v-rjaElrB9c.mft rsync://rpki.ripe.net/repository/DEFAULT/zdCuQc2rVZhilkF4v-rjaElrB9c.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f4:65:1b:62:67:0d:67:6c:a0:94:0e:6b:ad:a1:cb:3f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cdd0ae41cdab559862964178bfeae368496b07d7 Validity Not Before: Dec 6 16:00:57 2025 GMT Not After : Dec 7 16:00:57 2025 GMT Subject: CN=91f7abcd2a9b6cf052693172a28bdf42d8af6e09 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f0:be:8a:9f:6c:08:5d:c5:03:eb:10:52:c7:9e: 1f:2a:21:12:89:f8:87:14:93:63:0f:21:e6:7c:33: 27:45:7d:59:f5:cd:58:6a:e6:80:85:29:ed:13:b4: cf:33:6c:34:3f:9a:ef:54:6f:e1:3a:5c:00:73:2c: 6c:a0:ae:bc:e1:a6:d8:51:c9:52:ec:e5:f7:45:e4: 4f:83:40:25:8c:af:3c:df:e3:a9:ea:7e:b6:82:5a: a0:c3:ab:79:92:c4:f8:4b:0e:57:0e:1c:76:75:67: 48:63:e7:d2:84:4d:ff:1e:7c:6a:ca:85:e6:97:b6: 67:99:3a:98:ad:83:d9:6c:45:35:fd:e6:30:04:27: 91:a5:60:12:41:8a:d9:ff:cb:a2:64:db:f0:e9:7a: 00:da:3e:50:cf:8f:67:07:e7:fe:06:1e:78:f6:d0: 63:d9:75:e3:f3:8e:56:0c:22:a0:f4:0d:da:19:06: 5d:e0:fb:87:ef:34:81:f3:16:55:19:48:f3:4e:c4: ce:94:90:4a:39:b8:4e:1b:8a:95:68:f1:7d:e9:ad: 8d:fb:de:7f:9a:99:5f:81:e2:e5:ac:b8:5e:82:80: 16:81:24:80:f6:bf:39:0a:64:8b:e3:38:c2:56:8f: 14:07:4b:ff:2c:ce:c4:5a:ed:81:ed:52:c3:66:e9: ce:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:F7:AB:CD:2A:9B:6C:F0:52:69:31:72:A2:8B:DF:42:D8:AF:6E:09 X509v3 Authority Key Identifier: keyid:CD:D0:AE:41:CD:AB:55:98:62:96:41:78:BF:EA:E3:68:49:6B:07:D7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zdCuQc2rVZhilkF4v-rjaElrB9c.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/14d71e-e0d8-4fff-b3fa-428324a9244e/1/zdCuQc2rVZhilkF4v-rjaElrB9c.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/14d71e-e0d8-4fff-b3fa-428324a9244e/1/zdCuQc2rVZhilkF4v-rjaElrB9c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 77:f0:43:05:5f:c7:0d:ca:03:f1:a2:f9:1d:a2:8f:f5:47:8b: 1f:3f:5e:4b:5d:73:17:bb:7d:71:87:87:4a:e3:46:4e:58:30: 98:53:2d:21:51:2f:28:38:a8:2f:7f:69:b5:1c:6e:90:92:14: 39:c3:1a:9d:09:09:e9:64:83:b5:61:23:a0:92:a0:12:48:00: d6:fb:b8:8d:eb:32:5f:90:5d:f3:24:2c:7c:fc:88:37:78:26: f3:ae:6f:29:45:ae:26:63:af:8a:28:76:4f:c0:09:51:96:91: 39:1d:f4:0d:2e:11:85:5c:f6:86:58:d5:f6:c7:1b:98:57:af: ca:45:9e:c2:77:e2:95:8a:3d:49:21:7d:a2:99:b2:e8:51:a3: 5e:6a:e7:a1:91:00:b5:73:e2:61:5e:8f:48:5f:27:b6:da:28: 95:eb:7c:68:50:0b:de:61:fb:e5:c8:74:74:5c:f4:9a:18:ca: b3:61:0a:04:5a:21:eb:60:10:13:d5:4f:f9:fa:9a:30:23:08: 9d:4c:77:61:13:bd:f3:23:c1:fa:1f:92:b4:62:e9:05:20:ce: 26:b2:df:62:65:8f:e2:79:57:44:f4:8a:78:c3:c3:0a:10:b4: 13:8e:e7:ed:e4:86:e9:c4:72:bb:73:c4:02:d6:6e:89:9f:2d: 04:6d:d7:46 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr0ZRtiZw1nbKCUDmutocs/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNkZDBhZTQxY2RhYjU1OTg2Mjk2NDE3OGJmZWFlMzY4NDk2 YjA3ZDcwHhcNMjUxMjA2MTYwMDU3WhcNMjUxMjA3MTYwMDU3WjAzMTEwLwYDVQQD Eyg5MWY3YWJjZDJhOWI2Y2YwNTI2OTMxNzJhMjhiZGY0MmQ4YWY2ZTA5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8L6Kn2wIXcUD6xBSx54fKiESifiH FJNjDyHmfDMnRX1Z9c1YauaAhSntE7TPM2w0P5rvVG/hOlwAcyxsoK684abYUclS 7OX3ReRPg0AljK883+Op6n62glqgw6t5ksT4Sw5XDhx2dWdIY+fShE3/HnxqyoXm l7ZnmTqYrYPZbEU1/eYwBCeRpWASQYrZ/8uiZNvw6XoA2j5Qz49nB+f+Bh549tBj 2XXj845WDCKg9A3aGQZd4PuH7zSB8xZVGUjzTsTOlJBKObhOG4qVaPF96a2N+95/ mplfgeLlrLhegoAWgSSA9r85CmSL4zjCVo8UB0v/LM7EWu2B7VLDZunOOwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJH3q80qm2zwUmkxcqKL30LYr24JMB8GA1UdIwQY MBaAFM3QrkHNq1WYYpZBeL/q42hJawfXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvemRDdVFjMnJWWmhpbGtGNHYtcmphRWxyQjljLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS8xNGQ3MWUtZTBkOC00ZmZmLWIzZmEt NDI4MzI0YTkyNDRlLzEvemRDdVFjMnJWWmhpbGtGNHYtcmphRWxyQjljLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82ZS8xNGQ3MWUtZTBkOC00ZmZmLWIzZmEtNDI4MzI0YTkyNDRl LzEvemRDdVFjMnJWWmhpbGtGNHYtcmphRWxyQjljLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd/BDBV/H DcoD8aL5HaKP9UeLHz9eS11zF7t9cYeHSuNGTlgwmFMtIVEvKDioL39ptRxukJIU OcManQkJ6WSDtWEjoJKgEkgA1vu4jesyX5Bd8yQsfPyIN3gm865vKUWuJmOviih2 T8AJUZaROR30DS4RhVz2hljV9scbmFevykWewnfilYo9SSF9opmy6FGjXmrnoZEA tXPiYV6PSF8nttoolet8aFAL3mH75ch0dFz0mhjKs2EKBFoh62AQE9VP+fqaMCMI nUx3YRO98yPB+h+StGLpBSDOJrLfYmWP4nlXRPSKeMPDChC0E47n7eSG6cRyu3PE AtZuiZ8tBG3XRg== -----END CERTIFICATE-----Generated at Sat Dec 6 20:26:36 2025 by rpki-client