This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/57784b-107a-42d9-a21d-3a98966f5e31/1/ZAqiwHn96HpUUV0B3iG8LoXeExo.mft File: ZAqiwHn96HpUUV0B3iG8LoXeExo.mft (raw, json) Hash identifier: WFiDYz1SbphGUR36EyUJiEMwyJPok/Kjr5daAXXWz7o= Subject key identifier: E2:16:DB:3D:90:2C:8B:5E:70:AF:AF:50:41:26:46:15:E6:A2:9E:53 Authority key identifier: 64:0A:A2:C0:79:FD:E8:7A:54:51:5D:01:DE:21:BC:2E:85:DE:13:1A Certificate issuer: /CN=640aa2c079fde87a54515d01de21bc2e85de131a Certificate serial: 019AF3F762FA7B820D9D9E8D63C550600273 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZAqiwHn96HpUUV0B3iG8LoXeExo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/57784b-107a-42d9-a21d-3a98966f5e31/1/ZAqiwHn96HpUUV0B3iG8LoXeExo.mft Manifest number: 1760 Signing time: Sat 06 Dec 2025 14:01:07 +0000 Manifest this update: Sat 06 Dec 2025 14:01:07 +0000 Manifest next update: Sun 07 Dec 2025 14:01:07 +0000 Files and hashes: 1: ZAqiwHn96HpUUV0B3iG8LoXeExo.crl (hash: 3U0JZBbCpMMm4dyAVdn2qNHBYUzW1YNAL0ZSO0F0tqs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/57784b-107a-42d9-a21d-3a98966f5e31/1/ZAqiwHn96HpUUV0B3iG8LoXeExo.crl rsync://rpki.ripe.net/repository/DEFAULT/8e/57784b-107a-42d9-a21d-3a98966f5e31/1/ZAqiwHn96HpUUV0B3iG8LoXeExo.mft rsync://rpki.ripe.net/repository/DEFAULT/ZAqiwHn96HpUUV0B3iG8LoXeExo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 14:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:f7:62:fa:7b:82:0d:9d:9e:8d:63:c5:50:60:02:73 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=640aa2c079fde87a54515d01de21bc2e85de131a Validity Not Before: Dec 6 14:01:07 2025 GMT Not After : Dec 7 14:01:07 2025 GMT Subject: CN=e216db3d902c8b5e70afaf5041264615e6a29e53 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:05:bb:14:f0:76:a8:83:5e:33:7a:af:7d:a0: 2f:2b:62:4e:64:16:11:7e:1f:ab:e1:bb:1a:47:21: 62:b7:2a:1b:ae:e5:28:4f:80:91:c9:88:b1:65:c3: 41:dc:09:83:ee:22:48:76:a6:9d:12:18:e2:0e:b9: 06:64:9c:a3:23:f4:c6:fe:d3:03:19:08:2f:ca:d1: a8:0b:ae:e7:44:9f:26:70:4c:da:6d:33:2f:e9:98: b0:f6:cd:48:26:4d:ac:ac:94:c4:dc:ca:aa:4b:f4: b2:fc:b4:af:e3:e6:b4:c5:4a:b6:66:c2:e1:17:8b: 9b:65:87:cc:27:6d:b1:d4:8e:fd:f2:e9:20:25:2d: ae:07:07:29:93:f9:a3:98:2a:f6:72:14:26:04:dd: 72:f8:34:c0:ad:1f:db:67:c1:dc:da:14:ec:a5:16: 00:16:b4:66:cd:db:5b:60:de:10:85:d1:ba:b2:78: 2a:32:3e:8a:91:2a:bd:dd:2f:06:c0:9b:0c:f9:d0: b2:ab:3e:09:4e:53:4f:09:8d:17:a7:a0:a6:f3:37: 06:ea:13:4f:28:45:79:20:a3:ac:8f:b0:d7:84:69: 2c:22:85:65:22:67:76:68:00:17:4f:b5:c1:7e:15: 2b:51:57:4a:75:5a:92:3c:e7:52:f3:57:0f:f5:78: e2:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E2:16:DB:3D:90:2C:8B:5E:70:AF:AF:50:41:26:46:15:E6:A2:9E:53 X509v3 Authority Key Identifier: keyid:64:0A:A2:C0:79:FD:E8:7A:54:51:5D:01:DE:21:BC:2E:85:DE:13:1A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZAqiwHn96HpUUV0B3iG8LoXeExo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/57784b-107a-42d9-a21d-3a98966f5e31/1/ZAqiwHn96HpUUV0B3iG8LoXeExo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/57784b-107a-42d9-a21d-3a98966f5e31/1/ZAqiwHn96HpUUV0B3iG8LoXeExo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4d:2a:cf:b1:11:47:93:bd:52:cd:90:3f:3f:97:2b:48:19:4e: 8d:b0:56:80:5f:e8:f4:c0:6a:e5:12:54:c0:65:1e:14:c1:0a: 37:79:e2:0b:9f:27:01:b7:47:30:b8:fa:cb:b9:62:32:f1:09: 5c:5c:52:da:a3:d8:bc:f3:91:75:83:6e:54:d9:af:f8:dc:df: 93:c1:10:0d:b8:d3:d5:9a:a7:4f:ce:fd:49:ef:7c:5b:9a:19: 5b:33:10:c7:36:38:a4:f4:4a:27:e6:3f:50:b7:8e:56:d4:3b: 63:06:e2:38:a0:1c:4e:19:be:d0:3e:4f:bc:00:74:64:4b:36: f4:b1:3d:5f:84:e7:9a:5d:33:f3:6d:1f:7c:9b:fa:f5:e8:92: 32:ab:60:20:75:09:c4:0e:0f:f2:8c:6b:56:a4:5c:2d:b8:07: 11:f4:c5:8e:9a:5a:39:03:92:c9:df:28:45:36:ef:65:2c:03: df:1d:7c:45:de:2a:bc:45:0b:ee:bf:00:0f:85:62:ea:d0:ba: 2b:79:61:ea:8c:3c:0c:51:eb:64:75:3f:9c:6b:b4:2f:1f:74: 28:cb:58:e5:8c:53:96:dd:5e:24:d8:17:3a:7c:d2:a6:f3:29: 43:a1:b0:46:9a:53:f6:75:a8:55:85:4c:ba:e6:3d:d0:40:19: be:97:4b:11 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrz92L6e4INnZ6NY8VQYAJzMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY0MGFhMmMwNzlmZGU4N2E1NDUxNWQwMWRlMjFiYzJlODVk ZTEzMWEwHhcNMjUxMjA2MTQwMTA3WhcNMjUxMjA3MTQwMTA3WjAzMTEwLwYDVQQD EyhlMjE2ZGIzZDkwMmM4YjVlNzBhZmFmNTA0MTI2NDYxNWU2YTI5ZTUzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2AW7FPB2qINeM3qvfaAvK2JOZBYR fh+r4bsaRyFityobruUoT4CRyYixZcNB3AmD7iJIdqadEhjiDrkGZJyjI/TG/tMD GQgvytGoC67nRJ8mcEzabTMv6Ziw9s1IJk2srJTE3MqqS/Sy/LSv4+a0xUq2ZsLh F4ubZYfMJ22x1I798ukgJS2uBwcpk/mjmCr2chQmBN1y+DTArR/bZ8Hc2hTspRYA FrRmzdtbYN4QhdG6sngqMj6KkSq93S8GwJsM+dCyqz4JTlNPCY0Xp6Cm8zcG6hNP KEV5IKOsj7DXhGksIoVlImd2aAAXT7XBfhUrUVdKdVqSPOdS81cP9XjiQQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOIW2z2QLItecK+vUEEmRhXmop5TMB8GA1UdIwQY MBaAFGQKosB5/eh6VFFdAd4hvC6F3hMaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWkFxaXdIbjk2SHBVVVYwQjNpRzhMb1hlRXhvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS81Nzc4NGItMTA3YS00MmQ5LWEyMWQt M2E5ODk2NmY1ZTMxLzEvWkFxaXdIbjk2SHBVVVYwQjNpRzhMb1hlRXhvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84ZS81Nzc4NGItMTA3YS00MmQ5LWEyMWQtM2E5ODk2NmY1ZTMx LzEvWkFxaXdIbjk2SHBVVVYwQjNpRzhMb1hlRXhvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATSrPsRFH k71SzZA/P5crSBlOjbBWgF/o9MBq5RJUwGUeFMEKN3niC58nAbdHMLj6y7liMvEJ XFxS2qPYvPORdYNuVNmv+Nzfk8EQDbjT1ZqnT879Se98W5oZWzMQxzY4pPRKJ+Y/ ULeOVtQ7YwbiOKAcThm+0D5PvAB0ZEs29LE9X4Tnml0z820ffJv69eiSMqtgIHUJ xA4P8oxrVqRcLbgHEfTFjppaOQOSyd8oRTbvZSwD3x18Rd4qvEUL7r8AD4Vi6tC6 K3lh6ow8DFHrZHU/nGu0Lx90KMtY5YxTlt1eJNgXOnzSpvMpQ6GwRppT9nWoVYVM uuY90EAZvpdLEQ== -----END CERTIFICATE-----Generated at Sat Dec 6 23:21:07 2025 by rpki-client