This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/224967-cd1b-46f9-a46e-2583af237e2c/1/zfDoJMYqWSimUCFO8z6Md-fB_40.mft File: zfDoJMYqWSimUCFO8z6Md-fB_40.mft (raw, json) Hash identifier: hL77G+PcfrTcDn7qTyU0cvpRswwTblVQFQQcDQUpkWQ= Subject key identifier: 2A:73:49:A0:64:6F:91:BB:8F:FD:A3:65:FF:05:CF:86:36:A3:CA:0D Authority key identifier: CD:F0:E8:24:C6:2A:59:28:A6:50:21:4E:F3:3E:8C:77:E7:C1:FF:8D Certificate issuer: /CN=cdf0e824c62a5928a650214ef33e8c77e7c1ff8d Certificate serial: 019AF12D93C1BA16BC800418F47A190321F3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zfDoJMYqWSimUCFO8z6Md-fB_40.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/224967-cd1b-46f9-a46e-2583af237e2c/1/zfDoJMYqWSimUCFO8z6Md-fB_40.mft Manifest number: 1102 Signing time: Sat 06 Dec 2025 01:01:27 +0000 Manifest this update: Sat 06 Dec 2025 01:01:27 +0000 Manifest next update: Sun 07 Dec 2025 01:01:27 +0000 Files and hashes: 1: zfDoJMYqWSimUCFO8z6Md-fB_40.crl (hash: 7qv8uYC5h9tAdSyH5S5HfhNDQOZO1C9RTWWL9hu5K+c=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/224967-cd1b-46f9-a46e-2583af237e2c/1/zfDoJMYqWSimUCFO8z6Md-fB_40.crl rsync://rpki.ripe.net/repository/DEFAULT/bb/224967-cd1b-46f9-a46e-2583af237e2c/1/zfDoJMYqWSimUCFO8z6Md-fB_40.mft rsync://rpki.ripe.net/repository/DEFAULT/zfDoJMYqWSimUCFO8z6Md-fB_40.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:01:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2d:93:c1:ba:16:bc:80:04:18:f4:7a:19:03:21:f3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cdf0e824c62a5928a650214ef33e8c77e7c1ff8d Validity Not Before: Dec 6 01:01:27 2025 GMT Not After : Dec 7 01:01:27 2025 GMT Subject: CN=2a7349a0646f91bb8ffda365ff05cf8636a3ca0d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:a4:c5:7b:c7:67:88:6a:32:99:50:b9:2d:ac: 97:98:3e:9a:ee:e1:e8:57:a8:2c:e3:f5:f2:24:bf: ad:b5:17:3c:90:22:9e:60:ce:da:60:62:36:69:6b: ca:cb:8a:52:a8:b9:0c:98:03:48:b2:c7:8e:91:98: 87:ef:9f:1f:ec:7c:4e:5f:49:64:7e:45:63:32:0e: b7:1c:f4:2e:b9:df:5e:97:e3:01:1c:5f:b9:08:f8: 39:56:da:44:6d:88:c1:2c:32:b6:99:aa:cd:ad:67: 33:cd:9e:31:8e:ff:42:67:ef:ef:e8:bb:c7:96:8c: 38:4e:fe:dc:d6:a1:79:f4:18:d3:81:45:60:0f:05: e3:6e:8d:52:9d:f7:02:d9:7a:1b:0d:a8:e3:2c:39: f6:34:13:e4:b8:94:92:26:bc:61:35:27:9b:b3:e2: f4:d1:6d:b0:1b:a5:2a:e3:2a:76:cc:98:e7:8f:82: c5:6d:fe:e6:1b:97:0f:83:e3:d7:3c:64:4d:71:2e: 44:31:9f:31:a8:34:8d:f6:e3:f9:9e:ff:fc:3f:b5: 53:c2:78:f6:05:1b:85:ac:cc:91:0b:c3:d4:5c:f4: 07:73:bf:0d:2b:5f:e6:44:62:a5:7b:76:bf:d5:d0: 3c:4d:89:89:34:aa:ea:2c:ba:9f:1e:2a:19:15:4c: 03:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:73:49:A0:64:6F:91:BB:8F:FD:A3:65:FF:05:CF:86:36:A3:CA:0D X509v3 Authority Key Identifier: keyid:CD:F0:E8:24:C6:2A:59:28:A6:50:21:4E:F3:3E:8C:77:E7:C1:FF:8D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zfDoJMYqWSimUCFO8z6Md-fB_40.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/224967-cd1b-46f9-a46e-2583af237e2c/1/zfDoJMYqWSimUCFO8z6Md-fB_40.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/224967-cd1b-46f9-a46e-2583af237e2c/1/zfDoJMYqWSimUCFO8z6Md-fB_40.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7c:6e:f1:ef:6b:3d:0f:b6:25:c7:17:47:84:75:5d:4d:5b:ac: 9c:b1:0d:7a:65:f0:80:ba:a0:08:93:00:72:ce:f6:99:52:06: 42:61:cc:be:85:45:5d:85:ef:8e:9d:05:4d:4f:66:7d:b5:8c: 05:0b:a9:a8:ed:18:d0:56:af:b8:8f:ec:fb:f2:20:06:76:16: 8e:64:a2:93:d3:f1:58:3a:2a:d7:72:bf:62:c8:63:fe:ca:81: 9d:10:dd:36:34:6e:fb:35:10:e0:28:26:35:26:52:73:ff:6c: 27:1a:90:9b:af:6a:70:3d:e9:97:23:b6:e5:62:51:8d:78:6d: 7c:36:cf:d6:0f:f5:71:b6:10:7e:69:97:0c:6e:5f:a6:e4:4b: 88:93:2f:27:0b:0e:ae:b4:e3:a3:c0:7a:78:b4:1d:c0:b7:ff: 0e:17:8e:85:80:81:03:dc:f7:63:03:52:e3:6f:2d:14:a2:9d: c8:b2:9b:52:28:8e:43:8c:6b:72:7c:f3:1e:b4:ec:03:34:d0: 30:70:69:32:3d:b8:fe:55:82:88:42:5f:94:23:35:c4:3c:bd: 62:0a:63:25:8e:d3:e9:a3:4c:8f:5d:5a:0a:a8:7f:c0:37:0e: 81:63:18:33:ef:21:94:68:27:ae:56:fb:b3:5f:23:f1:78:55: 05:7b:22:f1 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLZPBuha8gAQY9HoZAyHzMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNkZjBlODI0YzYyYTU5MjhhNjUwMjE0ZWYzM2U4Yzc3ZTdj MWZmOGQwHhcNMjUxMjA2MDEwMTI3WhcNMjUxMjA3MDEwMTI3WjAzMTEwLwYDVQQD EygyYTczNDlhMDY0NmY5MWJiOGZmZGEzNjVmZjA1Y2Y4NjM2YTNjYTBkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4KTFe8dniGoymVC5LayXmD6a7uHo V6gs4/XyJL+ttRc8kCKeYM7aYGI2aWvKy4pSqLkMmANIsseOkZiH758f7HxOX0lk fkVjMg63HPQuud9el+MBHF+5CPg5VtpEbYjBLDK2marNrWczzZ4xjv9CZ+/v6LvH low4Tv7c1qF59BjTgUVgDwXjbo1SnfcC2XobDajjLDn2NBPkuJSSJrxhNSebs+L0 0W2wG6Uq4yp2zJjnj4LFbf7mG5cPg+PXPGRNcS5EMZ8xqDSN9uP5nv/8P7VTwnj2 BRuFrMyRC8PUXPQHc78NK1/mRGKle3a/1dA8TYmJNKrqLLqfHioZFUwDSwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCpzSaBkb5G7j/2jZf8Fz4Y2o8oNMB8GA1UdIwQY MBaAFM3w6CTGKlkoplAhTvM+jHfnwf+NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvemZEb0pNWXFXU2ltVUNGTzh6Nk1kLWZCXzQwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8yMjQ5NjctY2QxYi00NmY5LWE0NmUt MjU4M2FmMjM3ZTJjLzEvemZEb0pNWXFXU2ltVUNGTzh6Nk1kLWZCXzQwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYi8yMjQ5NjctY2QxYi00NmY5LWE0NmUtMjU4M2FmMjM3ZTJj LzEvemZEb0pNWXFXU2ltVUNGTzh6Nk1kLWZCXzQwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfG7x72s9 D7YlxxdHhHVdTVusnLENemXwgLqgCJMAcs72mVIGQmHMvoVFXYXvjp0FTU9mfbWM BQupqO0Y0FavuI/s+/IgBnYWjmSik9PxWDoq13K/Yshj/sqBnRDdNjRu+zUQ4Cgm NSZSc/9sJxqQm69qcD3plyO25WJRjXhtfDbP1g/1cbYQfmmXDG5fpuRLiJMvJwsO rrTjo8B6eLQdwLf/DheOhYCBA9z3YwNS428tFKKdyLKbUiiOQ4xrcnzzHrTsAzTQ MHBpMj24/lWCiEJflCM1xDy9YgpjJY7T6aNMj11aCqh/wDcOgWMYM+8hlGgnrlb7 s18j8XhVBXsi8Q== -----END CERTIFICATE-----Generated at Sat Dec 6 11:05:57 2025 by rpki-client