This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/c20cdc-b1a6-498b-8ccc-9493a74b5f75/1/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.mft File: zoHi1W_Z8ZMtvA8hYymUL-I_dVo.mft (raw, json) Hash identifier: RJm7ImUqk+zOaYMhRNgh7wZRSdf2UP+50YOHYjMUsHc= Subject key identifier: 47:0C:7C:C0:11:BA:B7:93:9A:29:8A:8E:FD:A0:92:11:00:3E:EC:3D Authority key identifier: CE:81:E2:D5:6F:D9:F1:93:2D:BC:0F:21:63:29:94:2F:E2:3F:75:5A Certificate issuer: /CN=ce81e2d56fd9f1932dbc0f216329942fe23f755a Certificate serial: 019AF19A9AD0D7F631B5967CB2E0252644DE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/c20cdc-b1a6-498b-8ccc-9493a74b5f75/1/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.mft Manifest number: 0370 Signing time: Sat 06 Dec 2025 03:00:32 +0000 Manifest this update: Sat 06 Dec 2025 03:00:32 +0000 Manifest next update: Sun 07 Dec 2025 03:00:32 +0000 Files and hashes: 1: zoHi1W_Z8ZMtvA8hYymUL-I_dVo.crl (hash: I/HRsyP+ZsXCIqtkqzItjre4b+0lKYI4mBLpfym1fIQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/c20cdc-b1a6-498b-8ccc-9493a74b5f75/1/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.crl rsync://rpki.ripe.net/repository/DEFAULT/fd/c20cdc-b1a6-498b-8ccc-9493a74b5f75/1/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.mft rsync://rpki.ripe.net/repository/DEFAULT/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:9a:9a:d0:d7:f6:31:b5:96:7c:b2:e0:25:26:44:de Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ce81e2d56fd9f1932dbc0f216329942fe23f755a Validity Not Before: Dec 6 03:00:32 2025 GMT Not After : Dec 7 03:00:32 2025 GMT Subject: CN=470c7cc011bab7939a298a8efda09211003eec3d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8e:cc:5a:cd:7a:ce:3e:07:d6:3c:f2:f5:53:1c: ee:9f:2e:be:3f:32:c4:18:dd:20:fa:57:75:f6:65: d2:06:25:f0:97:90:35:b7:ab:9c:cd:eb:dc:d3:5b: e1:9c:4e:54:95:9b:09:21:7b:92:09:28:4f:73:69: 2b:75:f7:4b:97:a8:4a:5c:03:6f:22:67:6b:41:37: 3d:5d:c8:02:96:99:7e:fb:b1:54:a7:16:17:f5:d9: 81:dc:5d:ee:cc:32:82:d7:6c:58:2d:a4:af:0d:33: 8e:b8:98:3e:df:0e:06:a9:2b:49:d6:25:52:16:63: ba:64:04:67:d4:27:f2:ea:a7:b1:c3:a8:09:1e:11: cc:04:c1:a5:94:72:a7:1b:28:5d:c7:3e:8f:34:28: 14:0e:ca:a1:32:b3:25:8f:19:c9:31:db:02:2b:9d: 34:84:26:01:be:b4:ef:04:7a:3e:da:45:d9:4b:0d: 58:f2:21:68:cd:45:3f:bf:d5:2e:38:cc:c9:05:47: 8f:a9:db:5e:83:b8:8d:55:52:ce:6b:18:e1:ee:ff: dd:66:71:21:43:f8:a0:60:2a:68:6f:77:35:b5:55: 69:55:33:fc:58:cb:d0:1c:a8:d2:60:04:30:f7:b6: 6f:71:6c:5f:e9:da:60:b4:0a:ac:5c:51:d7:02:31: 88:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 47:0C:7C:C0:11:BA:B7:93:9A:29:8A:8E:FD:A0:92:11:00:3E:EC:3D X509v3 Authority Key Identifier: keyid:CE:81:E2:D5:6F:D9:F1:93:2D:BC:0F:21:63:29:94:2F:E2:3F:75:5A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/c20cdc-b1a6-498b-8ccc-9493a74b5f75/1/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/c20cdc-b1a6-498b-8ccc-9493a74b5f75/1/zoHi1W_Z8ZMtvA8hYymUL-I_dVo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a6:1d:00:6c:90:62:55:78:9b:c6:01:d9:4f:9a:03:25:13:ed: 13:1d:b3:26:e1:b9:4d:01:3c:82:d8:14:57:50:9c:26:3b:84: f7:1d:d1:a8:c2:a8:48:3b:bf:2a:df:36:bb:ec:70:e2:93:45: 44:9d:50:74:30:06:70:60:ff:16:a0:f6:69:95:99:96:2f:ec: b8:28:b5:46:74:fd:65:9d:f1:ba:2e:af:ee:21:22:bd:af:2b: ff:48:fa:73:ed:fb:ce:0e:c1:2b:13:39:91:48:d1:91:a3:0b: 79:70:91:b6:7a:3b:c0:81:b6:d7:e6:49:8d:95:cd:e6:13:bf: 3b:eb:96:1c:24:f5:59:ab:41:b9:d9:7d:c2:18:b4:2f:f4:17: 64:08:14:2d:62:e2:b9:af:d3:61:7b:b7:82:1c:1b:bf:e6:d2: 2c:47:47:bd:a6:82:b0:28:95:ef:be:63:e8:90:17:76:12:cd: c8:63:c9:18:2c:44:7a:b3:be:f5:14:5f:90:22:c4:11:2c:57: ad:d7:65:dd:4c:e0:8e:fb:be:09:9f:b3:fa:59:34:32:89:e1: 87:c6:e6:01:37:0f:60:28:03:06:9e:c5:7d:e4:11:f7:24:93: 1d:68:10:05:79:f4:af:a6:e0:0d:94:8e:80:b2:08:20:14:ce: 70:0a:9b:11 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxmprQ1/YxtZZ8suAlJkTeMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNlODFlMmQ1NmZkOWYxOTMyZGJjMGYyMTYzMjk5NDJmZTIz Zjc1NWEwHhcNMjUxMjA2MDMwMDMyWhcNMjUxMjA3MDMwMDMyWjAzMTEwLwYDVQQD Eyg0NzBjN2NjMDExYmFiNzkzOWEyOThhOGVmZGEwOTIxMTAwM2VlYzNkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjsxazXrOPgfWPPL1Uxzuny6+PzLE GN0g+ld19mXSBiXwl5A1t6uczevc01vhnE5UlZsJIXuSCShPc2krdfdLl6hKXANv ImdrQTc9XcgClpl++7FUpxYX9dmB3F3uzDKC12xYLaSvDTOOuJg+3w4GqStJ1iVS FmO6ZARn1Cfy6qexw6gJHhHMBMGllHKnGyhdxz6PNCgUDsqhMrMljxnJMdsCK500 hCYBvrTvBHo+2kXZSw1Y8iFozUU/v9UuOMzJBUePqdteg7iNVVLOaxjh7v/dZnEh Q/igYCpob3c1tVVpVTP8WMvQHKjSYAQw97ZvcWxf6dpgtAqsXFHXAjGIVQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEcMfMARureTmimKjv2gkhEAPuw9MB8GA1UdIwQY MBaAFM6B4tVv2fGTLbwPIWMplC/iP3VaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvem9IaTFXX1o4Wk10dkE4aFl5bVVMLUlfZFZvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9jMjBjZGMtYjFhNi00OThiLThjY2Mt OTQ5M2E3NGI1Zjc1LzEvem9IaTFXX1o4Wk10dkE4aFl5bVVMLUlfZFZvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZC9jMjBjZGMtYjFhNi00OThiLThjY2MtOTQ5M2E3NGI1Zjc1 LzEvem9IaTFXX1o4Wk10dkE4aFl5bVVMLUlfZFZvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAph0AbJBi VXibxgHZT5oDJRPtEx2zJuG5TQE8gtgUV1CcJjuE9x3RqMKoSDu/Kt82u+xw4pNF RJ1QdDAGcGD/FqD2aZWZli/suCi1RnT9ZZ3xui6v7iEiva8r/0j6c+37zg7BKxM5 kUjRkaMLeXCRtno7wIG21+ZJjZXN5hO/O+uWHCT1WatBudl9whi0L/QXZAgULWLi ua/TYXu3ghwbv+bSLEdHvaaCsCiV775j6JAXdhLNyGPJGCxEerO+9RRfkCLEESxX rddl3Uzgjvu+CZ+z+lk0Monhh8bmATcPYCgDBp7FfeQR9ySTHWgQBXn0r6bgDZSO gLIIIBTOcAqbEQ== -----END CERTIFICATE-----Generated at Sat Dec 6 09:43:52 2025 by rpki-client