This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/5af7a5-b67c-459a-9893-c6fadeb285ba/1/zTu8GVzaflgkWmHLMLlv5XL9eBE.mft File: zTu8GVzaflgkWmHLMLlv5XL9eBE.mft (raw, json) Hash identifier: dme1QdnPsYsmxtp3Jod4TH68IQpTrss8MIhHlh+3g5U= Subject key identifier: 19:2B:66:E8:6B:69:0B:2D:C1:F8:61:E1:96:70:54:48:2C:09:85:BC Authority key identifier: CD:3B:BC:19:5C:DA:7E:58:24:5A:61:CB:30:B9:6F:E5:72:FD:78:11 Certificate issuer: /CN=cd3bbc195cda7e58245a61cb30b96fe572fd7811 Certificate serial: 019AF19B4D491507BD1B9E87519D7FB182D7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zTu8GVzaflgkWmHLMLlv5XL9eBE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/5af7a5-b67c-459a-9893-c6fadeb285ba/1/zTu8GVzaflgkWmHLMLlv5XL9eBE.mft Manifest number: 10B4 Signing time: Sat 06 Dec 2025 03:01:18 +0000 Manifest this update: Sat 06 Dec 2025 03:01:18 +0000 Manifest next update: Sun 07 Dec 2025 03:01:18 +0000 Files and hashes: 1: clDd21QzHwOlwdLoUbCFlA9N4Bc.roa (hash: b4fVPg9ViPXbDXBeIAFrk3g5qdFMK0V6puBPZsjXHfs=) 2: zTu8GVzaflgkWmHLMLlv5XL9eBE.crl (hash: nit+LJJRenTmuuT+Rb1CXtntS/hTZ2hTMoLdibUegN4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/5af7a5-b67c-459a-9893-c6fadeb285ba/1/zTu8GVzaflgkWmHLMLlv5XL9eBE.crl rsync://rpki.ripe.net/repository/DEFAULT/87/5af7a5-b67c-459a-9893-c6fadeb285ba/1/zTu8GVzaflgkWmHLMLlv5XL9eBE.mft rsync://rpki.ripe.net/repository/DEFAULT/zTu8GVzaflgkWmHLMLlv5XL9eBE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 03:01:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:9b:4d:49:15:07:bd:1b:9e:87:51:9d:7f:b1:82:d7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cd3bbc195cda7e58245a61cb30b96fe572fd7811 Validity Not Before: Dec 6 03:01:18 2025 GMT Not After : Dec 7 03:01:18 2025 GMT Subject: CN=192b66e86b690b2dc1f861e1967054482c0985bc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:0e:fc:97:ed:f1:42:48:f6:d7:4b:71:79:b7: 02:93:56:74:16:20:19:44:2f:d3:c0:be:cb:ad:2a: 72:b9:10:df:f1:62:d8:59:f7:11:e0:b4:b6:f3:0d: 19:30:2b:64:69:78:4f:e5:b9:a9:49:7e:12:c7:0d: cc:f2:c5:a6:83:a1:eb:50:c3:0f:82:49:e0:ec:06: 01:9e:a3:be:e5:6f:bb:b3:b2:63:18:95:6f:ef:16: d1:6f:7d:89:d0:19:77:68:99:ba:37:50:41:fa:6a: fe:51:26:cf:b0:50:9c:38:9d:ba:37:bc:1f:9a:3d: 58:b4:5d:5e:13:c4:76:9a:35:0c:8b:b4:ce:85:d3: 76:cf:4c:98:2b:4b:d4:d3:0a:84:f5:59:73:83:6a: 75:30:95:da:00:38:a6:59:36:a7:8a:91:2c:ab:a8: 6a:7a:a9:18:ca:da:92:dc:79:fa:a0:55:25:d3:e7: 11:7b:60:71:39:12:9a:93:e6:41:31:5c:8c:fd:1c: c6:a6:47:d7:ac:38:79:ef:d3:50:12:4b:f3:65:f5: cd:06:cd:88:b5:bd:a7:f5:d9:79:4a:a0:67:c6:ae: 31:f8:97:d6:99:a5:46:44:47:d5:7f:51:95:40:12: 2c:5e:e1:b9:2b:c0:60:4a:e7:c1:6c:9d:e9:d9:3c: b8:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 19:2B:66:E8:6B:69:0B:2D:C1:F8:61:E1:96:70:54:48:2C:09:85:BC X509v3 Authority Key Identifier: keyid:CD:3B:BC:19:5C:DA:7E:58:24:5A:61:CB:30:B9:6F:E5:72:FD:78:11 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zTu8GVzaflgkWmHLMLlv5XL9eBE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/5af7a5-b67c-459a-9893-c6fadeb285ba/1/zTu8GVzaflgkWmHLMLlv5XL9eBE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/87/5af7a5-b67c-459a-9893-c6fadeb285ba/1/zTu8GVzaflgkWmHLMLlv5XL9eBE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 14:45:48:5c:cc:25:5f:d1:15:9c:67:4c:3a:80:36:32:8c:f3: a9:b7:f0:d9:59:17:57:05:07:22:b6:de:f8:d0:92:4e:09:fd: dc:48:32:9e:38:95:c8:4b:d2:1c:01:9e:3a:fe:ef:a9:87:02: 59:f7:0a:94:c1:0e:65:c8:5a:27:99:d9:c6:c0:74:9b:9a:85: ed:71:ad:ed:45:b8:25:e3:c6:48:d2:26:fb:9c:c1:2f:2e:e0: 4b:39:39:54:7a:d6:04:e5:4a:74:98:4e:a7:52:64:be:ab:1b: 3c:16:c3:5f:a7:27:38:11:7a:d6:60:a7:49:24:6f:dd:1f:47: 40:04:5a:02:d9:41:c2:4d:84:db:01:62:d4:a6:2d:29:5b:a3: 64:67:fb:82:99:fc:28:10:97:3b:b6:56:51:c6:b1:61:cf:4c: 15:66:07:fb:72:0b:3b:3f:a8:1d:87:18:d1:fd:25:f5:26:3e: 69:34:76:7c:76:dc:9a:3a:03:0b:f4:13:e3:23:f1:2b:87:22: c3:e6:93:58:78:83:3b:b0:09:ce:33:85:1a:a2:15:b5:5c:4e: cf:a8:b0:05:a9:85:c6:5a:02:ef:0b:b2:35:9a:01:e1:f9:ff: 4c:de:21:db:dc:60:16:f3:0e:25:cf:ac:f6:b8:7c:00:01:83: 2c:5d:46:31 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxm01JFQe9G56HUZ1/sYLXMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNkM2JiYzE5NWNkYTdlNTgyNDVhNjFjYjMwYjk2ZmU1NzJm ZDc4MTEwHhcNMjUxMjA2MDMwMTE4WhcNMjUxMjA3MDMwMTE4WjAzMTEwLwYDVQQD EygxOTJiNjZlODZiNjkwYjJkYzFmODYxZTE5NjcwNTQ0ODJjMDk4NWJjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqA78l+3xQkj210txebcCk1Z0FiAZ RC/TwL7LrSpyuRDf8WLYWfcR4LS28w0ZMCtkaXhP5bmpSX4Sxw3M8sWmg6HrUMMP gkng7AYBnqO+5W+7s7JjGJVv7xbRb32J0Bl3aJm6N1BB+mr+USbPsFCcOJ26N7wf mj1YtF1eE8R2mjUMi7TOhdN2z0yYK0vU0wqE9Vlzg2p1MJXaADimWTanipEsq6hq eqkYytqS3Hn6oFUl0+cRe2BxORKak+ZBMVyM/RzGpkfXrDh579NQEkvzZfXNBs2I tb2n9dl5SqBnxq4x+JfWmaVGREfVf1GVQBIsXuG5K8BgSufBbJ3p2Ty4TwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBkrZuhraQstwfhh4ZZwVEgsCYW8MB8GA1UdIwQY MBaAFM07vBlc2n5YJFphyzC5b+Vy/XgRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvelR1OEdWemFmbGdrV21ITE1MbHY1WEw5ZUJFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny81YWY3YTUtYjY3Yy00NTlhLTk4OTMt YzZmYWRlYjI4NWJhLzEvelR1OEdWemFmbGdrV21ITE1MbHY1WEw5ZUJFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Ny81YWY3YTUtYjY3Yy00NTlhLTk4OTMtYzZmYWRlYjI4NWJh LzEvelR1OEdWemFmbGdrV21ITE1MbHY1WEw5ZUJFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFEVIXMwl X9EVnGdMOoA2Mozzqbfw2VkXVwUHIrbe+NCSTgn93EgynjiVyEvSHAGeOv7vqYcC WfcKlMEOZchaJ5nZxsB0m5qF7XGt7UW4JePGSNIm+5zBLy7gSzk5VHrWBOVKdJhO p1JkvqsbPBbDX6cnOBF61mCnSSRv3R9HQARaAtlBwk2E2wFi1KYtKVujZGf7gpn8 KBCXO7ZWUcaxYc9MFWYH+3ILOz+oHYcY0f0l9SY+aTR2fHbcmjoDC/QT4yPxK4ci w+aTWHiDO7AJzjOFGqIVtVxOz6iwBamFxloC7wuyNZoB4fn/TN4h29xgFvMOJc+s 9rh8AAGDLF1GMQ== -----END CERTIFICATE-----Generated at Sat Dec 6 11:22:38 2025 by rpki-client