This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/c77797-0ec7-4a0e-a542-c408576089b1/1/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.mft File: 2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.mft (raw, json) Hash identifier: q65M/hJ3QHuLbes8mGdI+ZhkM7UEegSfKq/prqMXrVo= Subject key identifier: B7:90:CB:6C:F4:AF:59:62:CB:01:CD:93:DE:02:4C:D2:7E:D3:99:2C Authority key identifier: D9:91:D6:89:0F:91:FB:2C:D7:79:31:B8:09:BD:B1:EB:05:09:13:49 Certificate issuer: /CN=d991d6890f91fb2cd77931b809bdb1eb05091349 Certificate serial: 019AF509D24489F50D667FF871C1CA20C62E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/c77797-0ec7-4a0e-a542-c408576089b1/1/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.mft Manifest number: 11FE Signing time: Sat 06 Dec 2025 19:00:52 +0000 Manifest this update: Sat 06 Dec 2025 19:00:52 +0000 Manifest next update: Sun 07 Dec 2025 19:00:52 +0000 Files and hashes: 1: 2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.crl (hash: gANNYTihEuptwQNdEB4X8yTBqaDAk+IJKWySMfXXbPk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/c77797-0ec7-4a0e-a542-c408576089b1/1/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.crl rsync://rpki.ripe.net/repository/DEFAULT/8e/c77797-0ec7-4a0e-a542-c408576089b1/1/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.mft rsync://rpki.ripe.net/repository/DEFAULT/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 14:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:09:d2:44:89:f5:0d:66:7f:f8:71:c1:ca:20:c6:2e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d991d6890f91fb2cd77931b809bdb1eb05091349 Validity Not Before: Dec 6 19:00:52 2025 GMT Not After : Dec 7 19:00:52 2025 GMT Subject: CN=b790cb6cf4af5962cb01cd93de024cd27ed3992c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:6a:4d:97:28:78:57:a3:f4:15:9e:ee:d9:94: de:ec:b9:ee:ff:ea:a2:fd:57:66:1c:cb:13:b2:44: 35:8b:64:af:67:c4:ea:f0:3c:86:c8:73:36:f0:d3: d2:35:f5:d5:22:66:4e:ec:3d:98:8c:25:ec:16:ff: d8:a1:f4:33:89:59:d4:5c:78:62:f3:b2:00:3a:22: 4f:f6:30:19:c7:56:b2:0e:59:29:9b:04:0b:fb:28: 44:30:6c:7c:02:02:92:99:55:70:dc:f7:f2:39:db: 0b:78:c3:fe:e5:e2:02:1d:e8:95:da:88:b1:35:86: ce:70:97:65:45:38:b6:03:e9:6a:51:49:b8:49:ab: d7:12:06:40:23:31:b2:bf:f6:ff:05:49:c6:06:89: 8b:c0:b4:2a:8d:10:2d:9f:b3:71:b2:3e:54:fe:0f: 8c:fe:55:60:56:5b:c2:7a:5e:13:f8:09:d7:26:6e: 7e:b2:1f:21:d9:5a:fc:8b:54:0a:6e:d3:53:00:ab: 34:11:f7:a7:f0:59:4d:b8:9c:8d:0f:5a:75:18:45: a6:55:53:76:52:df:e6:72:80:83:c6:9b:13:a8:da: bb:6d:ee:b6:ea:e1:b0:14:7d:06:26:07:37:1a:46: f8:23:02:1c:b2:63:b5:20:c4:90:40:35:b6:3d:f4: 73:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B7:90:CB:6C:F4:AF:59:62:CB:01:CD:93:DE:02:4C:D2:7E:D3:99:2C X509v3 Authority Key Identifier: keyid:D9:91:D6:89:0F:91:FB:2C:D7:79:31:B8:09:BD:B1:EB:05:09:13:49 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/c77797-0ec7-4a0e-a542-c408576089b1/1/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/c77797-0ec7-4a0e-a542-c408576089b1/1/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 91:00:a9:ce:f5:c8:b0:03:2c:be:24:75:78:ae:72:9c:ea:ef: d0:0e:7d:b0:79:6e:9d:30:a6:b7:97:08:58:09:85:b3:fd:d8: c4:57:d8:50:07:38:1a:9d:63:e1:90:07:5c:c1:ec:0c:3b:33: 7a:c8:97:44:81:6d:21:af:dc:36:08:27:65:25:f9:e6:b4:27: c3:79:82:fa:7a:2c:bb:ab:f0:ca:5f:33:71:ec:6e:e6:4d:1a: cf:44:af:da:d6:92:93:be:21:47:5e:54:03:ca:e4:d0:e0:12: 67:ab:e9:b5:fb:e5:ad:74:2e:10:8c:bd:3c:35:6d:11:ef:09: 1e:36:34:d9:9f:52:bc:55:26:61:04:b8:34:be:cb:84:fa:79: 5b:53:1d:b2:a7:42:00:4f:51:5d:79:2d:92:fa:7a:ae:d3:bc: 78:9e:40:ef:67:02:8b:7d:13:d4:71:83:bb:46:03:2a:ec:1b: 6a:ad:a5:29:85:1b:47:69:30:8a:df:6f:d6:a6:c7:f1:24:bd: 10:5e:32:03:22:8d:d1:5f:97:53:c6:88:b1:e8:c1:4a:cf:ee: 9a:55:4b:f8:3b:0c:a9:20:67:c5:ee:00:18:b6:7c:a9:e3:d8: d4:11:36:ec:ac:70:b7:2b:de:3c:9d:bf:87:0e:69:ea:bb:f9: 3d:ad:b2:ba -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr1CdJEifUNZn/4ccHKIMYuMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ5OTFkNjg5MGY5MWZiMmNkNzc5MzFiODA5YmRiMWViMDUw OTEzNDkwHhcNMjUxMjA2MTkwMDUyWhcNMjUxMjA3MTkwMDUyWjAzMTEwLwYDVQQD EyhiNzkwY2I2Y2Y0YWY1OTYyY2IwMWNkOTNkZTAyNGNkMjdlZDM5OTJjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwGpNlyh4V6P0FZ7u2ZTe7Lnu/+qi /VdmHMsTskQ1i2SvZ8Tq8DyGyHM28NPSNfXVImZO7D2YjCXsFv/YofQziVnUXHhi 87IAOiJP9jAZx1ayDlkpmwQL+yhEMGx8AgKSmVVw3PfyOdsLeMP+5eICHeiV2oix NYbOcJdlRTi2A+lqUUm4SavXEgZAIzGyv/b/BUnGBomLwLQqjRAtn7Nxsj5U/g+M /lVgVlvCel4T+AnXJm5+sh8h2Vr8i1QKbtNTAKs0Efen8FlNuJyND1p1GEWmVVN2 Ut/mcoCDxpsTqNq7be626uGwFH0GJgc3Gkb4IwIcsmO1IMSQQDW2PfRzUQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLeQy2z0r1liywHNk94CTNJ+05ksMB8GA1UdIwQY MBaAFNmR1okPkfss13kxuAm9sesFCRNJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMlpIV2lRLVIteXpYZVRHNENiMng2d1VKRTBrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9jNzc3OTctMGVjNy00YTBlLWE1NDIt YzQwODU3NjA4OWIxLzEvMlpIV2lRLVIteXpYZVRHNENiMng2d1VKRTBrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84ZS9jNzc3OTctMGVjNy00YTBlLWE1NDItYzQwODU3NjA4OWIx LzEvMlpIV2lRLVIteXpYZVRHNENiMng2d1VKRTBrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkQCpzvXI sAMsviR1eK5ynOrv0A59sHlunTCmt5cIWAmFs/3YxFfYUAc4Gp1j4ZAHXMHsDDsz esiXRIFtIa/cNggnZSX55rQnw3mC+nosu6vwyl8zcexu5k0az0Sv2taSk74hR15U A8rk0OASZ6vptfvlrXQuEIy9PDVtEe8JHjY02Z9SvFUmYQS4NL7LhPp5W1MdsqdC AE9RXXktkvp6rtO8eJ5A72cCi30T1HGDu0YDKuwbaq2lKYUbR2kwit9v1qbH8SS9 EF4yAyKN0V+XU8aIsejBSs/umlVL+DsMqSBnxe4AGLZ8qePY1BE27KxwtyvePJ2/ hw5p6rv5Pa2yug== -----END CERTIFICATE-----Generated at Sat Dec 6 23:55:22 2025 by rpki-client