This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/0b22ba-4911-4fbe-847c-d24aa5794d8b/1/zsUHpaHlUBp61jVTNazf5j2ryQs.mft File: zsUHpaHlUBp61jVTNazf5j2ryQs.mft (raw, json) Hash identifier: tkV+BRXQ01bf+RAwqx2c7tmOQ6fLDgAwiLCdFpNYj9g= Subject key identifier: 48:B1:CA:5F:4E:3E:D6:E0:5D:48:2D:CC:00:36:C4:3E:9F:A0:B6:69 Authority key identifier: CE:C5:07:A5:A1:E5:50:1A:7A:D6:35:53:35:AC:DF:E6:3D:AB:C9:0B Certificate issuer: /CN=cec507a5a1e5501a7ad6355335acdfe63dabc90b Certificate serial: 019AF087F114697A6CCEC7A0587F2D1F1690 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zsUHpaHlUBp61jVTNazf5j2ryQs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/0b22ba-4911-4fbe-847c-d24aa5794d8b/1/zsUHpaHlUBp61jVTNazf5j2ryQs.mft Manifest number: 175D Signing time: Fri 05 Dec 2025 22:00:32 +0000 Manifest this update: Fri 05 Dec 2025 22:00:32 +0000 Manifest next update: Sat 06 Dec 2025 22:00:32 +0000 Files and hashes: 1: zsUHpaHlUBp61jVTNazf5j2ryQs.crl (hash: Iw21EIuMfCk+XrtWO4woCBnFnkvLuxjVMJjvhxyx/Ig=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/0b22ba-4911-4fbe-847c-d24aa5794d8b/1/zsUHpaHlUBp61jVTNazf5j2ryQs.crl rsync://rpki.ripe.net/repository/DEFAULT/c3/0b22ba-4911-4fbe-847c-d24aa5794d8b/1/zsUHpaHlUBp61jVTNazf5j2ryQs.mft rsync://rpki.ripe.net/repository/DEFAULT/zsUHpaHlUBp61jVTNazf5j2ryQs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 22:00:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f0:87:f1:14:69:7a:6c:ce:c7:a0:58:7f:2d:1f:16:90 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cec507a5a1e5501a7ad6355335acdfe63dabc90b Validity Not Before: Dec 5 22:00:32 2025 GMT Not After : Dec 6 22:00:32 2025 GMT Subject: CN=48b1ca5f4e3ed6e05d482dcc0036c43e9fa0b669 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:3e:d3:73:06:76:79:1e:b8:05:34:07:a9:00: c7:96:cd:8a:3d:9e:7b:b4:2b:b4:7b:42:f9:44:12: b0:9d:5c:37:d2:6d:eb:b2:44:76:4d:e0:1d:3c:bd: 13:a3:28:8e:79:04:a8:85:7a:a8:23:82:15:da:3c: a5:e2:bb:17:d3:61:41:9d:78:c4:f7:b5:a7:e6:2c: af:44:ad:0f:99:89:9a:b6:89:c1:cb:b9:ad:2f:5a: 84:8e:36:18:15:7c:0b:59:fc:49:85:6f:9f:b1:a5: 54:86:38:2c:fb:fd:00:3e:28:8c:53:ed:9e:66:4e: 01:a9:eb:da:15:7f:14:4e:30:54:52:41:b8:da:c9: 8b:e5:ee:05:75:2d:47:fe:e3:5d:f4:d9:17:75:c6: 18:6c:27:ae:cb:d9:a4:cb:91:ff:3d:ba:bc:b6:74: d8:eb:43:2c:e7:b6:f4:1f:56:a5:17:9e:38:c6:41: a9:30:61:98:36:70:13:11:7e:c6:db:71:79:31:11: e6:e4:f1:95:32:15:a2:3f:57:4b:5c:a9:c3:3f:89: c7:e0:a2:5b:c4:c9:09:20:2e:c4:5b:e3:79:9b:72: e1:3b:bc:02:d8:9b:60:97:a3:d7:ad:56:70:54:04: 3f:64:c1:7f:b5:41:d4:12:0b:3a:53:fd:55:cb:42: 25:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 48:B1:CA:5F:4E:3E:D6:E0:5D:48:2D:CC:00:36:C4:3E:9F:A0:B6:69 X509v3 Authority Key Identifier: keyid:CE:C5:07:A5:A1:E5:50:1A:7A:D6:35:53:35:AC:DF:E6:3D:AB:C9:0B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zsUHpaHlUBp61jVTNazf5j2ryQs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/0b22ba-4911-4fbe-847c-d24aa5794d8b/1/zsUHpaHlUBp61jVTNazf5j2ryQs.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/0b22ba-4911-4fbe-847c-d24aa5794d8b/1/zsUHpaHlUBp61jVTNazf5j2ryQs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8d:8b:76:c2:7e:9d:34:04:96:e6:6d:6a:a0:d9:11:20:1d:e7: f0:80:76:f4:e6:d4:a0:9a:1f:23:d7:7f:92:71:a2:bd:53:8f: 0c:ee:a1:7b:b4:86:2d:84:4f:ef:9c:13:f7:95:64:87:f9:7e: eb:17:f6:a1:42:89:c6:32:3c:ba:08:1f:1e:00:27:ce:12:c9: e5:ed:37:25:e9:e7:00:40:02:91:be:a9:94:13:d8:ee:d0:1a: c5:5a:a1:b3:44:b7:52:48:bb:31:93:cd:6c:76:14:6d:cc:ba: 70:3c:fd:e4:aa:35:7f:63:e9:b3:b7:7f:3e:c7:ec:ce:cb:c9: 4e:45:4e:fb:e4:31:53:15:a5:0c:14:1d:c5:99:2e:0c:fc:51: 93:ec:b3:d8:07:78:79:53:1a:c9:a4:33:44:82:c6:2a:3a:c3: 17:5d:a2:6b:b8:69:9a:dc:a8:2a:5a:4f:49:eb:19:db:8f:a2: c5:ee:20:12:f2:4a:f4:7e:9e:82:09:46:d8:be:e8:9d:23:d3: 8f:74:e2:23:6c:84:20:a5:d5:99:9e:e6:b7:58:03:40:f1:4f: 71:df:fa:e8:db:78:94:8c:a2:e6:3d:ec:cf:c2:3e:5e:ee:4b: df:72:dc:23:ac:1d:b2:97:81:f6:e9:69:90:78:50:55:9d:36: 81:5f:00:a7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrwh/EUaXpszsegWH8tHxaQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNlYzUwN2E1YTFlNTUwMWE3YWQ2MzU1MzM1YWNkZmU2M2Rh YmM5MGIwHhcNMjUxMjA1MjIwMDMyWhcNMjUxMjA2MjIwMDMyWjAzMTEwLwYDVQQD Eyg0OGIxY2E1ZjRlM2VkNmUwNWQ0ODJkY2MwMDM2YzQzZTlmYTBiNjY5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxz7TcwZ2eR64BTQHqQDHls2KPZ57 tCu0e0L5RBKwnVw30m3rskR2TeAdPL0ToyiOeQSohXqoI4IV2jyl4rsX02FBnXjE 97Wn5iyvRK0PmYmatonBy7mtL1qEjjYYFXwLWfxJhW+fsaVUhjgs+/0APiiMU+2e Zk4BqevaFX8UTjBUUkG42smL5e4FdS1H/uNd9NkXdcYYbCeuy9mky5H/Pbq8tnTY 60Ms57b0H1alF544xkGpMGGYNnATEX7G23F5MRHm5PGVMhWiP1dLXKnDP4nH4KJb xMkJIC7EW+N5m3LhO7wC2Jtgl6PXrVZwVAQ/ZMF/tUHUEgs6U/1Vy0Il1QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEixyl9OPtbgXUgtzAA2xD6foLZpMB8GA1UdIwQY MBaAFM7FB6Wh5VAaetY1UzWs3+Y9q8kLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvenNVSHBhSGxVQnA2MWpWVE5hemY1ajJyeVFzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8wYjIyYmEtNDkxMS00ZmJlLTg0N2Mt ZDI0YWE1Nzk0ZDhiLzEvenNVSHBhSGxVQnA2MWpWVE5hemY1ajJyeVFzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jMy8wYjIyYmEtNDkxMS00ZmJlLTg0N2MtZDI0YWE1Nzk0ZDhi LzEvenNVSHBhSGxVQnA2MWpWVE5hemY1ajJyeVFzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjYt2wn6d NASW5m1qoNkRIB3n8IB29ObUoJofI9d/knGivVOPDO6he7SGLYRP75wT95Vkh/l+ 6xf2oUKJxjI8uggfHgAnzhLJ5e03JennAEACkb6plBPY7tAaxVqhs0S3Uki7MZPN bHYUbcy6cDz95Ko1f2Pps7d/PsfszsvJTkVO++QxUxWlDBQdxZkuDPxRk+yz2Ad4 eVMayaQzRILGKjrDF12ia7hpmtyoKlpPSesZ24+ixe4gEvJK9H6egglG2L7onSPT j3TiI2yEIKXVmZ7mt1gDQPFPcd/66Nt4lIyi5j3sz8I+Xu5L33LcI6wdspeB9ulp kHhQVZ02gV8Apw== -----END CERTIFICATE-----Generated at Sat Dec 6 08:07:09 2025 by rpki-client