This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/bac904-2802-436e-ab40-8137c5299aee/1/zaBUR0-v2QsOpHxVdlu-bzdjdTE.mft File: zaBUR0-v2QsOpHxVdlu-bzdjdTE.mft (raw, json) Hash identifier: S3KWJF//KIFEzrn/fUT5w9n4j/+6BMS5LLcShkl2kjg= Subject key identifier: DD:80:9B:AE:A6:7E:45:A2:5D:1F:0C:0A:0D:25:C9:D2:51:22:C4:C8 Authority key identifier: CD:A0:54:47:4F:AF:D9:0B:0E:A4:7C:55:76:5B:BE:6F:37:63:75:31 Certificate issuer: /CN=cda054474fafd90b0ea47c55765bbe6f37637531 Certificate serial: 019AF0BF002EA5D2A0B6A303B1BB5D8407C5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaBUR0-v2QsOpHxVdlu-bzdjdTE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/bac904-2802-436e-ab40-8137c5299aee/1/zaBUR0-v2QsOpHxVdlu-bzdjdTE.mft Manifest number: 0215 Signing time: Fri 05 Dec 2025 23:00:40 +0000 Manifest this update: Fri 05 Dec 2025 23:00:40 +0000 Manifest next update: Sat 06 Dec 2025 23:00:40 +0000 Files and hashes: 1: zaBUR0-v2QsOpHxVdlu-bzdjdTE.crl (hash: OVCrZ5fDJJWXqOBVzFNkQdi2NfLwv3m7RQOAmRFwzC4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/bac904-2802-436e-ab40-8137c5299aee/1/zaBUR0-v2QsOpHxVdlu-bzdjdTE.crl rsync://rpki.ripe.net/repository/DEFAULT/df/bac904-2802-436e-ab40-8137c5299aee/1/zaBUR0-v2QsOpHxVdlu-bzdjdTE.mft rsync://rpki.ripe.net/repository/DEFAULT/zaBUR0-v2QsOpHxVdlu-bzdjdTE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 23:00:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f0:bf:00:2e:a5:d2:a0:b6:a3:03:b1:bb:5d:84:07:c5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cda054474fafd90b0ea47c55765bbe6f37637531 Validity Not Before: Dec 5 23:00:40 2025 GMT Not After : Dec 6 23:00:40 2025 GMT Subject: CN=dd809baea67e45a25d1f0c0a0d25c9d25122c4c8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:93:22:d1:fa:97:47:bd:0e:d7:6e:51:43:cf:25: 22:0d:35:b0:6b:4c:33:e9:0f:e6:a7:a5:78:35:82: 8b:0e:8c:1e:c9:47:a4:b2:0f:06:3b:c3:a0:89:8c: db:73:6f:10:fb:1e:cb:ba:3a:65:7a:1a:25:83:5a: b4:cb:0b:c9:50:c3:38:b0:ca:94:02:fa:18:89:0e: 9d:7d:bf:6d:ff:65:e1:ab:05:ac:07:0f:49:fe:74: 87:03:a0:69:53:d1:67:5f:9a:18:fe:2e:47:a4:c7: 17:73:5a:39:5f:d5:7c:e1:20:39:96:6e:fc:80:c8: e5:a6:e3:8f:6a:61:bb:ae:ca:fc:81:43:9a:dd:c5: 1d:f5:76:dc:71:97:af:5d:40:40:79:59:f2:23:84: 50:fe:4f:76:b8:ea:67:e2:b6:72:e9:c8:71:ef:55: 65:f4:43:07:d8:73:33:c2:90:a8:0e:c3:7c:38:34: 62:03:c7:af:0e:1c:0b:95:70:94:0d:9e:a6:08:d8: 20:ec:50:a0:8b:9b:a1:9a:a6:1c:6b:0c:74:96:43: 6c:58:aa:af:9d:6a:63:e7:88:97:0b:e2:46:e7:e4: 49:32:d7:cf:9e:34:fa:f9:c2:f6:eb:5e:c8:ba:86: 7c:96:5b:09:d5:08:65:58:86:3f:3d:d3:aa:d6:54: d3:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:80:9B:AE:A6:7E:45:A2:5D:1F:0C:0A:0D:25:C9:D2:51:22:C4:C8 X509v3 Authority Key Identifier: keyid:CD:A0:54:47:4F:AF:D9:0B:0E:A4:7C:55:76:5B:BE:6F:37:63:75:31 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaBUR0-v2QsOpHxVdlu-bzdjdTE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/bac904-2802-436e-ab40-8137c5299aee/1/zaBUR0-v2QsOpHxVdlu-bzdjdTE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/df/bac904-2802-436e-ab40-8137c5299aee/1/zaBUR0-v2QsOpHxVdlu-bzdjdTE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 04:1a:29:de:9e:93:51:4c:19:47:dd:e2:64:57:af:e0:8f:42: fb:f0:26:24:f6:ef:0b:6a:cc:62:f6:1f:b0:d3:19:c7:7d:23: 40:b0:89:79:a8:67:10:10:df:40:11:e4:99:43:97:f2:a6:e7: 08:45:7c:b9:40:a0:dd:72:25:ad:64:eb:1b:e5:4c:24:27:5d: b5:9c:8d:1e:3d:70:54:31:e0:4f:32:8f:44:af:40:9d:28:40: 6a:de:53:8c:e3:b1:3d:d2:78:e9:07:0c:b7:bd:eb:54:5b:03: 21:4d:ea:a4:04:83:c3:86:e9:48:e6:43:fd:69:37:a2:eb:eb: ec:27:de:b5:2d:3e:43:f4:b5:c6:69:59:9c:64:e9:2b:e5:42: a9:1c:ad:ca:f3:63:c7:8b:0a:6d:16:92:15:18:b1:8a:68:91: a4:d0:cb:24:d9:bf:87:f5:df:73:83:49:4d:c8:de:40:92:59: ee:cb:8b:16:8f:96:f1:6a:6e:9a:a2:dd:4e:0a:b5:7f:54:0a: c4:29:ce:08:4e:e4:a8:08:1d:f1:68:69:03:cc:37:d4:b6:03: 35:26:e7:de:c3:79:a2:2a:59:05:4e:b4:a9:57:47:b8:ea:d7: c6:30:2c:33:46:ef:0c:1f:37:a3:64:5a:2e:8b:1b:33:37:55: ed:e1:ac:a9 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrwvwAupdKgtqMDsbtdhAfFMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNkYTA1NDQ3NGZhZmQ5MGIwZWE0N2M1NTc2NWJiZTZmMzc2 Mzc1MzEwHhcNMjUxMjA1MjMwMDQwWhcNMjUxMjA2MjMwMDQwWjAzMTEwLwYDVQQD EyhkZDgwOWJhZWE2N2U0NWEyNWQxZjBjMGEwZDI1YzlkMjUxMjJjNGM4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkyLR+pdHvQ7XblFDzyUiDTWwa0wz 6Q/mp6V4NYKLDoweyUeksg8GO8OgiYzbc28Q+x7Lujpleholg1q0ywvJUMM4sMqU AvoYiQ6dfb9t/2XhqwWsBw9J/nSHA6BpU9FnX5oY/i5HpMcXc1o5X9V84SA5lm78 gMjlpuOPamG7rsr8gUOa3cUd9XbccZevXUBAeVnyI4RQ/k92uOpn4rZy6chx71Vl 9EMH2HMzwpCoDsN8ODRiA8evDhwLlXCUDZ6mCNgg7FCgi5uhmqYcawx0lkNsWKqv nWpj54iXC+JG5+RJMtfPnjT6+cL2617IuoZ8llsJ1QhlWIY/PdOq1lTTcQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFN2Am66mfkWiXR8MCg0lydJRIsTIMB8GA1UdIwQY MBaAFM2gVEdPr9kLDqR8VXZbvm83Y3UxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvemFCVVIwLXYyUXNPcEh4VmRsdS1iemRqZFRFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9iYWM5MDQtMjgwMi00MzZlLWFiNDAt ODEzN2M1Mjk5YWVlLzEvemFCVVIwLXYyUXNPcEh4VmRsdS1iemRqZFRFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZi9iYWM5MDQtMjgwMi00MzZlLWFiNDAtODEzN2M1Mjk5YWVl LzEvemFCVVIwLXYyUXNPcEh4VmRsdS1iemRqZFRFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABBop3p6T UUwZR93iZFev4I9C+/AmJPbvC2rMYvYfsNMZx30jQLCJeahnEBDfQBHkmUOX8qbn CEV8uUCg3XIlrWTrG+VMJCddtZyNHj1wVDHgTzKPRK9AnShAat5TjOOxPdJ46QcM t73rVFsDIU3qpASDw4bpSOZD/Wk3ouvr7CfetS0+Q/S1xmlZnGTpK+VCqRytyvNj x4sKbRaSFRiximiRpNDLJNm/h/Xfc4NJTcjeQJJZ7suLFo+W8WpumqLdTgq1f1QK xCnOCE7kqAgd8WhpA8w31LYDNSbn3sN5oipZBU60qVdHuOrXxjAsM0bvDB83o2Ra LosbMzdV7eGsqQ== -----END CERTIFICATE-----Generated at Sat Dec 6 08:10:29 2025 by rpki-client