This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/407bad-aed8-45e1-b3ea-2b369158a8b3/1/zrxhguhz_3oDHIiV79xXw2hx3XI.mft File: zrxhguhz_3oDHIiV79xXw2hx3XI.mft (raw, json) Hash identifier: eE9YefgAFSjg5339X0cI428EejMNWTJi8/P5MwJjJcQ= Subject key identifier: B7:20:E0:A9:F1:31:6C:84:24:C4:24:0C:F7:6A:9D:FE:5F:43:21:B9 Authority key identifier: CE:BC:61:82:E8:73:FF:7A:03:1C:88:95:EF:DC:57:C3:68:71:DD:72 Certificate issuer: /CN=cebc6182e873ff7a031c8895efdc57c36871dd72 Certificate serial: 019AF50BB5F6A598171A6664B3C81DA6ED38 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zrxhguhz_3oDHIiV79xXw2hx3XI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/407bad-aed8-45e1-b3ea-2b369158a8b3/1/zrxhguhz_3oDHIiV79xXw2hx3XI.mft Manifest number: 02F7 Signing time: Sat 06 Dec 2025 19:02:56 +0000 Manifest this update: Sat 06 Dec 2025 19:02:56 +0000 Manifest next update: Sun 07 Dec 2025 19:02:56 +0000 Files and hashes: 1: zrxhguhz_3oDHIiV79xXw2hx3XI.crl (hash: Jzr5e827ISL7D8xnVfXGYqPyZ4fAcSlvYeBGCvRl9Lk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/407bad-aed8-45e1-b3ea-2b369158a8b3/1/zrxhguhz_3oDHIiV79xXw2hx3XI.crl rsync://rpki.ripe.net/repository/DEFAULT/da/407bad-aed8-45e1-b3ea-2b369158a8b3/1/zrxhguhz_3oDHIiV79xXw2hx3XI.mft rsync://rpki.ripe.net/repository/DEFAULT/zrxhguhz_3oDHIiV79xXw2hx3XI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 19:02:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:0b:b5:f6:a5:98:17:1a:66:64:b3:c8:1d:a6:ed:38 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cebc6182e873ff7a031c8895efdc57c36871dd72 Validity Not Before: Dec 6 19:02:56 2025 GMT Not After : Dec 7 19:02:56 2025 GMT Subject: CN=b720e0a9f1316c8424c4240cf76a9dfe5f4321b9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:2d:fc:21:81:84:5a:22:c8:37:1d:93:f7:84: eb:02:8c:14:99:bb:f8:85:a9:ea:2b:ba:05:14:31: 08:47:12:bc:3f:52:14:2f:54:33:08:2f:8a:04:b3: cb:25:a2:27:09:b2:d5:1c:7a:58:c3:a9:d2:ca:65: 50:70:4a:b5:6c:11:ab:0c:98:14:38:40:2b:4c:65: d8:51:df:34:61:bc:2d:fe:60:68:c2:25:bb:c9:eb: 4f:4e:2f:c7:97:3e:f0:f8:c4:30:56:27:4f:23:1e: 47:d2:aa:33:00:33:1a:39:6a:ce:cc:97:bf:dc:40: ac:04:8b:cb:9e:4e:90:d7:41:45:11:91:df:20:7b: b2:cc:fd:4c:5e:b3:71:b0:27:06:3e:5b:a8:aa:f5: 3b:df:e4:bd:2e:be:16:63:27:91:de:7d:9b:87:44: e6:59:cd:55:87:f3:50:cd:7a:d3:56:b8:99:3b:fa: a9:98:17:0d:a4:c7:43:2b:b6:c8:df:6e:91:5e:b6: 91:5d:68:53:1d:e2:07:cb:b2:68:aa:7f:0f:6d:a0: 12:9c:63:61:e6:35:a8:bb:50:51:74:7e:6e:49:34: ad:6b:23:86:7d:23:fa:7c:13:9d:30:6a:9a:5c:48: d1:fc:15:c5:e1:3f:41:90:18:78:c9:52:23:81:38: 31:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B7:20:E0:A9:F1:31:6C:84:24:C4:24:0C:F7:6A:9D:FE:5F:43:21:B9 X509v3 Authority Key Identifier: keyid:CE:BC:61:82:E8:73:FF:7A:03:1C:88:95:EF:DC:57:C3:68:71:DD:72 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zrxhguhz_3oDHIiV79xXw2hx3XI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/407bad-aed8-45e1-b3ea-2b369158a8b3/1/zrxhguhz_3oDHIiV79xXw2hx3XI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/da/407bad-aed8-45e1-b3ea-2b369158a8b3/1/zrxhguhz_3oDHIiV79xXw2hx3XI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 87:d2:4d:25:eb:6e:e6:3d:9a:5a:c2:13:c6:80:b5:e5:16:9a: 42:03:0a:e3:07:b4:53:d1:95:67:01:93:98:e3:9f:1a:92:84: 9a:72:5d:5a:9e:ab:86:c3:19:c8:7b:c8:a0:50:cb:fc:b6:e3: 7e:0a:27:ed:dc:5f:5f:53:7b:ac:5b:ee:10:6e:9a:82:3e:41: bb:d2:c9:e0:d7:8d:bd:58:b9:a4:e8:ed:0c:e8:3a:f1:26:e9: 52:69:b2:95:07:c1:57:38:3a:fe:63:87:d6:ca:c5:1a:ee:72: 5a:30:31:cd:49:81:5f:7b:06:a8:ab:54:98:dc:94:25:16:e7: 1a:ce:55:66:0e:71:6e:4e:50:de:48:cc:a9:87:05:60:76:73: 07:bd:34:d6:60:a9:68:9a:21:b5:35:3c:9f:f6:b7:a5:5d:6d: 9a:ac:f8:e1:2d:53:ac:9b:7e:fc:d2:30:f4:27:17:f7:f4:5b: dc:3e:cb:63:31:55:3b:2c:8d:1d:a7:56:c7:51:d6:06:f0:ce: 94:87:42:1f:d5:4f:55:0d:58:29:7b:b6:60:33:64:c7:fa:82: 29:5f:89:12:83:c1:c2:92:f8:a1:4d:02:7f:28:6d:d5:d3:45: b5:e3:cf:3e:06:b5:2d:cb:e5:52:02:9f:cc:c9:cb:52:f1:5a: e1:f8:83:47 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr1C7X2pZgXGmZks8gdpu04MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNlYmM2MTgyZTg3M2ZmN2EwMzFjODg5NWVmZGM1N2MzNjg3 MWRkNzIwHhcNMjUxMjA2MTkwMjU2WhcNMjUxMjA3MTkwMjU2WjAzMTEwLwYDVQQD EyhiNzIwZTBhOWYxMzE2Yzg0MjRjNDI0MGNmNzZhOWRmZTVmNDMyMWI5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqy38IYGEWiLINx2T94TrAowUmbv4 hanqK7oFFDEIRxK8P1IUL1QzCC+KBLPLJaInCbLVHHpYw6nSymVQcEq1bBGrDJgU OEArTGXYUd80Ybwt/mBowiW7yetPTi/Hlz7w+MQwVidPIx5H0qozADMaOWrOzJe/ 3ECsBIvLnk6Q10FFEZHfIHuyzP1MXrNxsCcGPluoqvU73+S9Lr4WYyeR3n2bh0Tm Wc1Vh/NQzXrTVriZO/qpmBcNpMdDK7bI326RXraRXWhTHeIHy7Joqn8PbaASnGNh 5jWou1BRdH5uSTStayOGfSP6fBOdMGqaXEjR/BXF4T9BkBh4yVIjgTgxvQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLcg4KnxMWyEJMQkDPdqnf5fQyG5MB8GA1UdIwQY MBaAFM68YYLoc/96AxyIle/cV8Nocd1yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvenJ4aGd1aHpfM29ESElpVjc5eFh3Mmh4M1hJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS80MDdiYWQtYWVkOC00NWUxLWIzZWEt MmIzNjkxNThhOGIzLzEvenJ4aGd1aHpfM29ESElpVjc5eFh3Mmh4M1hJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kYS80MDdiYWQtYWVkOC00NWUxLWIzZWEtMmIzNjkxNThhOGIz LzEvenJ4aGd1aHpfM29ESElpVjc5eFh3Mmh4M1hJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAh9JNJetu 5j2aWsITxoC15RaaQgMK4we0U9GVZwGTmOOfGpKEmnJdWp6rhsMZyHvIoFDL/Lbj fgon7dxfX1N7rFvuEG6agj5Bu9LJ4NeNvVi5pOjtDOg68SbpUmmylQfBVzg6/mOH 1srFGu5yWjAxzUmBX3sGqKtUmNyUJRbnGs5VZg5xbk5Q3kjMqYcFYHZzB7001mCp aJohtTU8n/a3pV1tmqz44S1TrJt+/NIw9CcX9/Rb3D7LYzFVOyyNHadWx1HWBvDO lIdCH9VPVQ1YKXu2YDNkx/qCKV+JEoPBwpL4oU0Cfyht1dNFtePPPga1LcvlUgKf zMnLUvFa4fiDRw== -----END CERTIFICATE-----Generated at Sun Dec 7 02:47:31 2025 by rpki-client