This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/5813e4-4861-4630-bfdb-37f999cece23/1/ZFOB6enwr6NsKmagd8odV50ikr8.mft File: ZFOB6enwr6NsKmagd8odV50ikr8.mft (raw, json) Hash identifier: qa1+9ez/CzbvXFLCI6Xwg8FaikEDQePaMDxjgekg69c= Subject key identifier: B2:CC:8E:3A:DC:38:53:7C:36:E6:DA:E5:DC:F2:DD:6E:C5:7E:F0:5D Authority key identifier: 64:53:81:E9:E9:F0:AF:A3:6C:2A:66:A0:77:CA:1D:57:9D:22:92:BF Certificate issuer: /CN=645381e9e9f0afa36c2a66a077ca1d579d2292bf Certificate serial: 019AF31CFAA1DE8937D35F5D23BBF0A90AB0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZFOB6enwr6NsKmagd8odV50ikr8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/5813e4-4861-4630-bfdb-37f999cece23/1/ZFOB6enwr6NsKmagd8odV50ikr8.mft Manifest number: 157D Signing time: Sat 06 Dec 2025 10:02:33 +0000 Manifest this update: Sat 06 Dec 2025 10:02:33 +0000 Manifest next update: Sun 07 Dec 2025 10:02:33 +0000 Files and hashes: 1: ZFOB6enwr6NsKmagd8odV50ikr8.crl (hash: Gw2j/+npp9VOYasoEYMETHXBmnTaFdsW06h8rvg7g8o=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/5813e4-4861-4630-bfdb-37f999cece23/1/ZFOB6enwr6NsKmagd8odV50ikr8.crl rsync://rpki.ripe.net/repository/DEFAULT/b4/5813e4-4861-4630-bfdb-37f999cece23/1/ZFOB6enwr6NsKmagd8odV50ikr8.mft rsync://rpki.ripe.net/repository/DEFAULT/ZFOB6enwr6NsKmagd8odV50ikr8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1c:fa:a1:de:89:37:d3:5f:5d:23:bb:f0:a9:0a:b0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=645381e9e9f0afa36c2a66a077ca1d579d2292bf Validity Not Before: Dec 6 10:02:33 2025 GMT Not After : Dec 7 10:02:33 2025 GMT Subject: CN=b2cc8e3adc38537c36e6dae5dcf2dd6ec57ef05d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:59:9b:43:5b:34:2f:8d:3e:f8:ee:08:cd:84: b2:d1:76:d4:27:90:e2:08:6c:46:50:96:9f:23:37: 8b:2c:47:05:71:11:7f:38:40:5f:ee:4b:cc:23:b3: 85:32:91:74:03:6b:48:2f:4f:9b:04:de:75:01:19: 30:ea:99:e5:88:a8:e6:93:bc:5b:b0:ff:dc:61:cd: c5:ae:2a:7d:10:b7:84:96:87:a8:e2:3e:a2:14:b8: e7:0a:eb:67:c5:80:80:32:68:c9:ba:aa:21:b1:32: 04:2b:98:e6:08:33:57:cb:88:7d:a5:c2:a1:2d:ce: e9:43:8d:97:01:8c:79:48:4b:74:63:0b:d7:6e:f8: bf:85:a2:ad:ab:c0:2f:73:00:e9:ac:dd:b0:21:92: f9:46:28:26:62:88:ab:11:99:cb:52:62:85:73:34: 3c:b8:a7:87:7d:d5:21:9d:f0:65:26:0d:4c:98:7d: a6:0b:44:4e:81:2d:ad:3d:81:c0:3e:95:95:99:7f: 2f:05:ff:54:ae:20:f1:97:6e:2f:57:f1:5c:df:a5: ac:fb:1e:fd:1a:1a:7b:ca:64:28:66:75:0f:aa:60: 19:f2:fc:46:97:c0:a7:b2:ea:6e:7f:c4:5c:41:c1: 40:d1:b9:39:b1:6a:f5:dc:84:77:51:4c:e9:ee:10: 9d:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B2:CC:8E:3A:DC:38:53:7C:36:E6:DA:E5:DC:F2:DD:6E:C5:7E:F0:5D X509v3 Authority Key Identifier: keyid:64:53:81:E9:E9:F0:AF:A3:6C:2A:66:A0:77:CA:1D:57:9D:22:92:BF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZFOB6enwr6NsKmagd8odV50ikr8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/5813e4-4861-4630-bfdb-37f999cece23/1/ZFOB6enwr6NsKmagd8odV50ikr8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/5813e4-4861-4630-bfdb-37f999cece23/1/ZFOB6enwr6NsKmagd8odV50ikr8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 31:b9:b2:4c:45:da:24:8b:ff:73:68:d5:8a:1b:31:b6:ce:0e: ce:cf:ff:37:29:46:d8:18:1d:1d:bf:5d:95:5a:4b:5b:0d:0e: 0a:23:38:07:08:b5:b9:85:b6:72:93:47:93:8b:2d:8a:40:3f: 0e:d0:7a:5a:3b:2e:03:13:ba:09:d8:ad:c5:1a:dc:74:19:cd: 7a:42:9e:58:1f:a3:f1:d7:c7:48:7a:cc:56:5f:24:41:59:b5: 87:6e:6c:7a:60:e6:37:76:80:74:be:f9:3b:95:24:72:be:95: 32:ca:ff:52:86:2e:8e:dc:70:f7:65:94:6e:d9:07:ac:b0:07: 3e:22:1f:df:dc:78:38:d5:c8:9b:2d:17:ae:14:72:5d:2d:3d: 33:ef:ff:8f:37:7b:74:d8:78:3d:dd:65:ac:37:4f:4e:84:8b: fb:ee:0b:df:a9:06:e7:2e:fd:e4:54:b8:85:b4:13:5d:91:c7: 8e:f7:41:74:8d:25:d4:85:34:69:3c:b5:be:12:2a:bf:d7:a9: bd:76:1b:65:bc:b9:ef:b2:46:3a:ca:99:45:c5:9d:33:0a:66: 75:1c:6b:5d:d2:22:bc:7f:cc:6c:96:b4:fb:ea:54:67:de:cb: 04:05:f1:bb:f8:8b:b0:68:b2:c4:36:f9:f6:3e:5f:26:86:7f: 91:54:dc:f4 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzHPqh3ok3019dI7vwqQqwMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY0NTM4MWU5ZTlmMGFmYTM2YzJhNjZhMDc3Y2ExZDU3OWQy MjkyYmYwHhcNMjUxMjA2MTAwMjMzWhcNMjUxMjA3MTAwMjMzWjAzMTEwLwYDVQQD EyhiMmNjOGUzYWRjMzg1MzdjMzZlNmRhZTVkY2YyZGQ2ZWM1N2VmMDVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnVmbQ1s0L40++O4IzYSy0XbUJ5Di CGxGUJafIzeLLEcFcRF/OEBf7kvMI7OFMpF0A2tIL0+bBN51ARkw6pnliKjmk7xb sP/cYc3Frip9ELeEloeo4j6iFLjnCutnxYCAMmjJuqohsTIEK5jmCDNXy4h9pcKh Lc7pQ42XAYx5SEt0YwvXbvi/haKtq8AvcwDprN2wIZL5RigmYoirEZnLUmKFczQ8 uKeHfdUhnfBlJg1MmH2mC0ROgS2tPYHAPpWVmX8vBf9UriDxl24vV/Fc36Ws+x79 Ghp7ymQoZnUPqmAZ8vxGl8Cnsupuf8RcQcFA0bk5sWr13IR3UUzp7hCdQwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLLMjjrcOFN8Nuba5dzy3W7FfvBdMB8GA1UdIwQY MBaAFGRTgenp8K+jbCpmoHfKHVedIpK/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWkZPQjZlbndyNk5zS21hZ2Q4b2RWNTBpa3I4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC81ODEzZTQtNDg2MS00NjMwLWJmZGIt MzdmOTk5Y2VjZTIzLzEvWkZPQjZlbndyNk5zS21hZ2Q4b2RWNTBpa3I4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNC81ODEzZTQtNDg2MS00NjMwLWJmZGItMzdmOTk5Y2VjZTIz LzEvWkZPQjZlbndyNk5zS21hZ2Q4b2RWNTBpa3I4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMbmyTEXa JIv/c2jVihsxts4Ozs//NylG2BgdHb9dlVpLWw0OCiM4Bwi1uYW2cpNHk4stikA/ DtB6WjsuAxO6CditxRrcdBnNekKeWB+j8dfHSHrMVl8kQVm1h25semDmN3aAdL75 O5Ukcr6VMsr/UoYujtxw92WUbtkHrLAHPiIf39x4ONXImy0XrhRyXS09M+//jzd7 dNh4Pd1lrDdPToSL++4L36kG5y795FS4hbQTXZHHjvdBdI0l1IU0aTy1vhIqv9ep vXYbZby577JGOsqZRcWdMwpmdRxrXdIivH/MbJa0++pUZ97LBAXxu/iLsGiyxDb5 9j5fJoZ/kVTc9A== -----END CERTIFICATE-----Generated at Sat Dec 6 12:13:40 2025 by rpki-client