This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/0b0d7f-8196-4275-a911-7a793992fba0/1/z3P3vZzZk2geMP7FxZtHVlIroxw.mft File: z3P3vZzZk2geMP7FxZtHVlIroxw.mft (raw, json) Hash identifier: Ezulj1DbEjebpz7Crl1W8tnZ1H842+uFafQpmizK3nA= Subject key identifier: 89:E2:FF:14:77:45:77:AB:98:DA:53:6F:AC:50:EE:E6:81:1E:E8:D7 Authority key identifier: CF:73:F7:BD:9C:D9:93:68:1E:30:FE:C5:C5:9B:47:56:52:2B:A3:1C Certificate issuer: /CN=cf73f7bd9cd993681e30fec5c59b4756522ba31c Certificate serial: 019AF19A9F9ABB182D29E7251F52714A5C9C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z3P3vZzZk2geMP7FxZtHVlIroxw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/0b0d7f-8196-4275-a911-7a793992fba0/1/z3P3vZzZk2geMP7FxZtHVlIroxw.mft Manifest number: 175D Signing time: Sat 06 Dec 2025 03:00:33 +0000 Manifest this update: Sat 06 Dec 2025 03:00:33 +0000 Manifest next update: Sun 07 Dec 2025 03:00:33 +0000 Files and hashes: 1: z3P3vZzZk2geMP7FxZtHVlIroxw.crl (hash: XSGkudsjVG0ACpzz/5TzKlajSQO5iOyh68fRIa0CLfg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/0b0d7f-8196-4275-a911-7a793992fba0/1/z3P3vZzZk2geMP7FxZtHVlIroxw.crl rsync://rpki.ripe.net/repository/DEFAULT/df/0b0d7f-8196-4275-a911-7a793992fba0/1/z3P3vZzZk2geMP7FxZtHVlIroxw.mft rsync://rpki.ripe.net/repository/DEFAULT/z3P3vZzZk2geMP7FxZtHVlIroxw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 03:00:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:9a:9f:9a:bb:18:2d:29:e7:25:1f:52:71:4a:5c:9c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cf73f7bd9cd993681e30fec5c59b4756522ba31c Validity Not Before: Dec 6 03:00:33 2025 GMT Not After : Dec 7 03:00:33 2025 GMT Subject: CN=89e2ff14774577ab98da536fac50eee6811ee8d7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:20:8b:b0:8f:a9:3e:d7:87:5f:a3:15:e2:15: 51:00:2d:91:6a:79:b7:8e:ae:09:cb:cb:b2:6d:b7: 88:72:6d:05:3f:dd:54:1d:cb:6d:de:b2:06:82:0f: 46:20:10:2a:c0:90:00:f6:70:08:0d:50:6c:be:9d: d6:17:ad:5b:ac:1d:22:d4:6b:2e:e7:d4:8f:03:af: ce:64:3f:04:bc:ae:c1:ab:cc:d9:27:c9:54:1a:98: 5c:43:9a:6c:84:e9:47:92:fe:5c:b5:d3:6b:1c:60: b8:3f:42:af:b5:b4:5a:37:de:99:bb:97:6d:5a:b7: c8:5d:78:05:56:80:4a:c3:d2:31:fd:00:a6:6d:1d: 1e:39:f0:9c:66:6f:38:80:d3:86:39:d4:4a:44:17: ef:94:36:69:7e:62:63:39:4a:2d:ec:17:5a:08:bf: c5:f0:f6:c0:cf:94:4f:99:2f:e0:f6:15:ca:6a:bd: b0:5f:a0:0d:b6:e5:f3:24:96:3c:2e:2d:52:17:73: 6f:cb:6f:8b:3b:c8:75:a6:6e:cd:68:98:23:7b:1c: 8c:25:f9:64:86:5d:84:8b:fb:d9:92:7a:ef:ff:88: d1:91:f1:56:d4:be:9e:90:94:4b:19:3c:f0:da:59: 0b:86:41:10:f5:6e:2b:7b:62:9b:c1:e9:93:ed:55: 6a:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:E2:FF:14:77:45:77:AB:98:DA:53:6F:AC:50:EE:E6:81:1E:E8:D7 X509v3 Authority Key Identifier: keyid:CF:73:F7:BD:9C:D9:93:68:1E:30:FE:C5:C5:9B:47:56:52:2B:A3:1C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z3P3vZzZk2geMP7FxZtHVlIroxw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/0b0d7f-8196-4275-a911-7a793992fba0/1/z3P3vZzZk2geMP7FxZtHVlIroxw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/df/0b0d7f-8196-4275-a911-7a793992fba0/1/z3P3vZzZk2geMP7FxZtHVlIroxw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0f:10:c2:af:b8:aa:11:d4:48:f1:1a:2c:c6:0a:ba:ef:8f:79: c7:c4:2c:8a:13:9d:b7:36:3c:85:11:44:76:a5:40:59:b1:70: 0c:e2:7f:7b:1a:40:61:90:25:f4:d4:7a:52:8d:0b:e1:2d:5d: 5e:56:0b:8f:ab:68:f7:9f:d0:c2:6b:c8:06:58:0d:89:6e:ca: 15:52:01:63:45:81:90:6b:ff:3d:db:be:3d:d0:cd:31:da:fa: 20:af:4a:b7:ff:9e:b5:34:fa:41:94:36:e8:57:c3:f4:aa:85: 16:eb:c7:55:75:32:16:8a:de:31:36:2c:d0:a3:7f:c8:96:92: f8:07:c3:5b:06:85:cb:bd:0b:71:7a:cc:18:f0:7b:a5:a9:f8: 30:41:b8:43:40:84:75:f2:ad:04:b2:b4:39:2c:91:ff:68:fd: eb:03:a3:cd:39:34:cd:49:ac:51:0f:ff:08:30:e3:72:de:bb: 97:a2:b5:7c:ac:48:35:4f:64:7f:00:d5:e5:aa:96:d2:d3:02: 3d:03:d3:a4:25:39:08:4b:12:8d:ac:cd:41:50:b9:4e:07:a5: f0:b8:80:79:a5:26:8f:85:4e:cb:f4:1d:a9:51:69:e2:70:1e: 2a:34:72:e6:a0:26:09:fb:5a:10:bd:69:59:53:86:62:ee:b2: 23:f4:88:09 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxmp+auxgtKeclH1JxSlycMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNmNzNmN2JkOWNkOTkzNjgxZTMwZmVjNWM1OWI0NzU2NTIy YmEzMWMwHhcNMjUxMjA2MDMwMDMzWhcNMjUxMjA3MDMwMDMzWjAzMTEwLwYDVQQD Eyg4OWUyZmYxNDc3NDU3N2FiOThkYTUzNmZhYzUwZWVlNjgxMWVlOGQ3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxyCLsI+pPteHX6MV4hVRAC2Ranm3 jq4Jy8uybbeIcm0FP91UHctt3rIGgg9GIBAqwJAA9nAIDVBsvp3WF61brB0i1Gsu 59SPA6/OZD8EvK7Bq8zZJ8lUGphcQ5pshOlHkv5ctdNrHGC4P0KvtbRaN96Zu5dt WrfIXXgFVoBKw9Ix/QCmbR0eOfCcZm84gNOGOdRKRBfvlDZpfmJjOUot7BdaCL/F 8PbAz5RPmS/g9hXKar2wX6ANtuXzJJY8Li1SF3Nvy2+LO8h1pm7NaJgjexyMJflk hl2Ei/vZknrv/4jRkfFW1L6ekJRLGTzw2lkLhkEQ9W4re2KbwemT7VVqMwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIni/xR3RXermNpTb6xQ7uaBHujXMB8GA1UdIwQY MBaAFM9z972c2ZNoHjD+xcWbR1ZSK6McMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvejNQM3ZaelprMmdlTVA3RnhadEhWbElyb3h3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8wYjBkN2YtODE5Ni00Mjc1LWE5MTEt N2E3OTM5OTJmYmEwLzEvejNQM3ZaelprMmdlTVA3RnhadEhWbElyb3h3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZi8wYjBkN2YtODE5Ni00Mjc1LWE5MTEtN2E3OTM5OTJmYmEw LzEvejNQM3ZaelprMmdlTVA3RnhadEhWbElyb3h3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADxDCr7iq EdRI8Rosxgq67495x8QsihOdtzY8hRFEdqVAWbFwDOJ/expAYZAl9NR6Uo0L4S1d XlYLj6to95/QwmvIBlgNiW7KFVIBY0WBkGv/Pdu+PdDNMdr6IK9Kt/+etTT6QZQ2 6FfD9KqFFuvHVXUyForeMTYs0KN/yJaS+AfDWwaFy70LcXrMGPB7pan4MEG4Q0CE dfKtBLK0OSyR/2j96wOjzTk0zUmsUQ//CDDjct67l6K1fKxINU9kfwDV5aqW0tMC PQPTpCU5CEsSjazNQVC5Tgel8LiAeaUmj4VOy/QdqVFp4nAeKjRy5qAmCftaEL1p WVOGYu6yI/SICQ== -----END CERTIFICATE-----Generated at Sat Dec 6 12:37:00 2025 by rpki-client