This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/32f9b3-de2b-41f5-a949-90030d040ff7/1/Zr5SEJO7idx2JQsif39_umbiKNg.mft File: Zr5SEJO7idx2JQsif39_umbiKNg.mft (raw, json) Hash identifier: kEXxx4Wl3cxLvAsZpBnpPnZs4jrBkfO7BElKCX07rmY= Subject key identifier: 9B:44:B8:C4:8C:3D:55:2B:E4:4A:DB:47:E7:59:A6:23:0A:E9:99:C8 Authority key identifier: 66:BE:52:10:93:BB:89:DC:76:25:0B:22:7F:7F:7F:BA:66:E2:28:D8 Certificate issuer: /CN=66be521093bb89dc76250b227f7f7fba66e228d8 Certificate serial: 019AFB432A402C9203A5A8818FDEF3339C0F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zr5SEJO7idx2JQsif39_umbiKNg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/32f9b3-de2b-41f5-a949-90030d040ff7/1/Zr5SEJO7idx2JQsif39_umbiKNg.mft Manifest number: 02BA Signing time: Mon 08 Dec 2025 00:01:14 +0000 Manifest this update: Mon 08 Dec 2025 00:01:14 +0000 Manifest next update: Tue 09 Dec 2025 00:01:14 +0000 Files and hashes: 1: Zr5SEJO7idx2JQsif39_umbiKNg.crl (hash: j4CXmGTPRkR42Mj29eZ/zH+aiKNBhKYWBnpQMRT7JJk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/32f9b3-de2b-41f5-a949-90030d040ff7/1/Zr5SEJO7idx2JQsif39_umbiKNg.crl rsync://rpki.ripe.net/repository/DEFAULT/a0/32f9b3-de2b-41f5-a949-90030d040ff7/1/Zr5SEJO7idx2JQsif39_umbiKNg.mft rsync://rpki.ripe.net/repository/DEFAULT/Zr5SEJO7idx2JQsif39_umbiKNg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 09 Dec 2025 00:01:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:fb:43:2a:40:2c:92:03:a5:a8:81:8f:de:f3:33:9c:0f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=66be521093bb89dc76250b227f7f7fba66e228d8 Validity Not Before: Dec 8 00:01:14 2025 GMT Not After : Dec 9 00:01:14 2025 GMT Subject: CN=9b44b8c48c3d552be44adb47e759a6230ae999c8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:5e:01:dc:5a:dd:15:da:89:d7:7e:03:02:ba: 55:59:9d:56:5d:1b:02:b1:2e:35:c3:7b:66:1a:bf: 62:41:b1:3a:55:e7:fb:15:8a:15:97:eb:56:71:93: 2d:69:3c:96:26:f9:a5:ae:e3:b2:be:5f:29:a4:13: d0:45:f2:50:50:82:ba:ea:d1:8c:ba:a9:e6:cf:b9: d9:d2:59:8d:3c:29:1b:71:8f:8f:e7:c0:04:bf:99: 10:a4:b8:0f:f6:a5:ff:34:c7:dd:46:41:74:73:0d: f7:f7:4e:f9:5c:a9:f9:1b:39:e7:fa:51:e0:dd:94: af:67:91:69:f5:13:ce:93:a9:c2:b4:f7:e7:a1:48: 79:c3:8f:94:59:ce:2b:e1:9a:ce:b2:bc:88:b4:0d: d0:70:71:4a:7b:4d:6f:d8:31:20:e7:a8:96:dd:9f: 98:c0:0a:95:f9:30:c7:5c:d5:45:89:75:f1:2a:14: e9:07:49:e9:86:90:59:80:63:00:d8:a0:25:ca:91: 41:67:60:5e:0f:41:f3:7b:aa:96:98:96:c0:65:b4: 2b:34:0b:25:70:f1:00:cc:fa:60:51:86:6f:bd:f9: 76:a9:76:42:f1:c8:da:a4:02:eb:8f:86:86:79:c9: e1:bf:15:51:c5:74:c1:e5:21:4c:cc:f0:8a:e4:73: 7a:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9B:44:B8:C4:8C:3D:55:2B:E4:4A:DB:47:E7:59:A6:23:0A:E9:99:C8 X509v3 Authority Key Identifier: keyid:66:BE:52:10:93:BB:89:DC:76:25:0B:22:7F:7F:7F:BA:66:E2:28:D8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zr5SEJO7idx2JQsif39_umbiKNg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/32f9b3-de2b-41f5-a949-90030d040ff7/1/Zr5SEJO7idx2JQsif39_umbiKNg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/32f9b3-de2b-41f5-a949-90030d040ff7/1/Zr5SEJO7idx2JQsif39_umbiKNg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 10:2a:70:c5:37:fc:c3:33:75:17:b6:90:52:c9:43:af:9b:c1: b5:69:5f:c8:a7:50:47:75:0e:c0:e3:d0:40:02:55:1a:0e:5b: a6:ea:4c:6a:9d:9b:31:6a:5f:c8:3b:a2:74:9f:17:a5:9c:73: ef:ec:b1:f5:30:36:69:a2:5e:ef:b0:77:7d:72:63:95:84:e8: 0a:89:44:ba:c3:8d:46:74:e4:7e:94:55:89:cf:7a:6c:a5:96: a9:f8:95:15:56:37:dd:41:78:54:cc:fd:7d:d8:5b:58:9e:e9: 36:86:67:4f:6d:a3:38:f7:70:1a:19:65:d8:7e:97:21:8e:7c: 03:c3:6c:4e:6a:c2:4a:6f:31:c9:f0:2e:f9:c4:89:aa:2b:3e: 05:47:0e:34:03:54:40:0e:9e:c9:8a:dd:c2:c1:86:c6:ff:06: cd:0b:39:e8:7d:d8:30:0e:c3:3b:d1:0b:9d:e5:e9:f7:fd:13: 44:04:db:c2:ad:5b:10:b7:66:62:d0:6f:63:c5:5a:ea:ec:e6: 1a:7f:6b:fd:87:08:f7:da:5f:35:19:71:84:bd:a6:f4:4a:70: ec:48:77:e9:ef:ca:19:d5:ea:a1:85:33:d4:0d:95:a4:55:1b: cd:92:66:1d:75:c8:0e:74:6e:61:2a:27:ae:9c:22:a8:07:ab: 93:1f:68:91 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr7QypALJIDpaiBj97zM5wPMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY2YmU1MjEwOTNiYjg5ZGM3NjI1MGIyMjdmN2Y3ZmJhNjZl MjI4ZDgwHhcNMjUxMjA4MDAwMTE0WhcNMjUxMjA5MDAwMTE0WjAzMTEwLwYDVQQD Eyg5YjQ0YjhjNDhjM2Q1NTJiZTQ0YWRiNDdlNzU5YTYyMzBhZTk5OWM4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvF4B3FrdFdqJ134DArpVWZ1WXRsC sS41w3tmGr9iQbE6Vef7FYoVl+tWcZMtaTyWJvmlruOyvl8ppBPQRfJQUIK66tGM uqnmz7nZ0lmNPCkbcY+P58AEv5kQpLgP9qX/NMfdRkF0cw339075XKn5Gznn+lHg 3ZSvZ5Fp9RPOk6nCtPfnoUh5w4+UWc4r4ZrOsryItA3QcHFKe01v2DEg56iW3Z+Y wAqV+TDHXNVFiXXxKhTpB0nphpBZgGMA2KAlypFBZ2BeD0Hze6qWmJbAZbQrNAsl cPEAzPpgUYZvvfl2qXZC8cjapALrj4aGecnhvxVRxXTB5SFMzPCK5HN6hwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJtEuMSMPVUr5ErbR+dZpiMK6ZnIMB8GA1UdIwQY MBaAFGa+UhCTu4ncdiULIn9/f7pm4ijYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWnI1U0VKTzdpZHgySlFzaWYzOV91bWJpS05nLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC8zMmY5YjMtZGUyYi00MWY1LWE5NDkt OTAwMzBkMDQwZmY3LzEvWnI1U0VKTzdpZHgySlFzaWYzOV91bWJpS05nLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMC8zMmY5YjMtZGUyYi00MWY1LWE5NDktOTAwMzBkMDQwZmY3 LzEvWnI1U0VKTzdpZHgySlFzaWYzOV91bWJpS05nLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAECpwxTf8 wzN1F7aQUslDr5vBtWlfyKdQR3UOwOPQQAJVGg5bpupMap2bMWpfyDuidJ8XpZxz 7+yx9TA2aaJe77B3fXJjlYToColEusONRnTkfpRVic96bKWWqfiVFVY33UF4VMz9 fdhbWJ7pNoZnT22jOPdwGhll2H6XIY58A8NsTmrCSm8xyfAu+cSJqis+BUcONANU QA6eyYrdwsGGxv8GzQs56H3YMA7DO9ELneXp9/0TRATbwq1bELdmYtBvY8Va6uzm Gn9r/YcI99pfNRlxhL2m9Epw7Eh36e/KGdXqoYUz1A2VpFUbzZJmHXXIDnRuYSon rpwiqAerkx9okQ== -----END CERTIFICATE-----Generated at Mon Dec 8 09:35:58 2025 by rpki-client