This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/dcf4a2-c374-4573-940a-ed3d27055020/1/Zhao67AREZsvaVMn-xblH4hwRHk.mft File: Zhao67AREZsvaVMn-xblH4hwRHk.mft (raw, json) Hash identifier: ckBDuUJCkcEFKqiqJCiJGZIMBA/HOg9jxA5iJGtPLU0= Subject key identifier: 79:A4:0C:E6:9B:39:56:45:8A:57:32:64:4C:6C:D1:6B:CA:55:EC:78 Authority key identifier: 66:16:A8:EB:B0:11:11:9B:2F:69:53:27:FB:16:E5:1F:88:70:44:79 Certificate issuer: /CN=6616a8ebb011119b2f695327fb16e51f88704479 Certificate serial: 019C43C6EBF0DC1B835E8CE4D26803B28D69 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zhao67AREZsvaVMn-xblH4hwRHk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/dcf4a2-c374-4573-940a-ed3d27055020/1/Zhao67AREZsvaVMn-xblH4hwRHk.mft Manifest number: 02CC Signing time: Mon 09 Feb 2026 19:00:35 +0000 Manifest this update: Mon 09 Feb 2026 19:00:35 +0000 Manifest next update: Tue 10 Feb 2026 19:00:35 +0000 Files and hashes: 1: Zhao67AREZsvaVMn-xblH4hwRHk.crl (hash: EQLY4XEX4LcQARq1H3wz/wJ8lpaH0m9KwQBoYlkcLpU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/dcf4a2-c374-4573-940a-ed3d27055020/1/Zhao67AREZsvaVMn-xblH4hwRHk.crl rsync://rpki.ripe.net/repository/DEFAULT/03/dcf4a2-c374-4573-940a-ed3d27055020/1/Zhao67AREZsvaVMn-xblH4hwRHk.mft rsync://rpki.ripe.net/repository/DEFAULT/Zhao67AREZsvaVMn-xblH4hwRHk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:43:c6:eb:f0:dc:1b:83:5e:8c:e4:d2:68:03:b2:8d:69 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6616a8ebb011119b2f695327fb16e51f88704479 Validity Not Before: Feb 9 19:00:35 2026 GMT Not After : Feb 10 19:00:35 2026 GMT Subject: CN=79a40ce69b3956458a5732644c6cd16bca55ec78 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:f4:43:08:4d:7b:14:68:62:59:58:46:a4:ed: 54:2d:a3:4f:45:07:32:36:c6:5e:fe:d3:7e:11:bf: 25:8b:78:eb:77:fe:89:58:cd:38:c4:e7:0c:48:d0: e6:a8:6d:b5:72:ce:1e:40:98:48:95:e6:f8:5e:2e: 04:b7:8f:02:81:f1:9d:9a:f2:50:39:ad:e9:c1:cd: a9:47:1c:bc:1a:64:02:6d:52:35:1a:bd:4a:52:86: d4:76:98:0a:37:2b:48:f5:eb:7e:4b:bd:d9:f6:47: fe:63:fe:98:8e:08:bd:25:0c:7c:53:e2:32:7d:48: f9:a6:ee:9a:02:ee:60:76:80:d8:1d:02:b6:25:ea: 72:51:df:ff:f4:f8:32:0d:df:ab:d2:b0:d7:13:74: 6f:00:7a:94:d2:17:13:42:c8:f0:6a:21:58:f4:9f: 53:d5:ea:f3:77:5b:9e:bb:69:b1:01:76:8e:5b:16: f1:d9:61:18:e3:1e:15:17:09:c0:4c:cc:21:9d:28: 34:16:2d:cf:a2:0b:7b:9a:80:e9:ce:1b:9b:e2:21: 52:b9:3a:be:c8:f1:1a:e1:53:09:be:55:a2:1c:9b: 9c:40:ef:72:01:0b:55:7a:ef:5c:b2:bf:f3:4a:08: 33:eb:c7:7b:0e:2b:a4:9b:b0:b5:1a:39:e2:a7:52: bd:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 79:A4:0C:E6:9B:39:56:45:8A:57:32:64:4C:6C:D1:6B:CA:55:EC:78 X509v3 Authority Key Identifier: keyid:66:16:A8:EB:B0:11:11:9B:2F:69:53:27:FB:16:E5:1F:88:70:44:79 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zhao67AREZsvaVMn-xblH4hwRHk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/dcf4a2-c374-4573-940a-ed3d27055020/1/Zhao67AREZsvaVMn-xblH4hwRHk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/03/dcf4a2-c374-4573-940a-ed3d27055020/1/Zhao67AREZsvaVMn-xblH4hwRHk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7f:27:c2:79:10:1b:2c:7e:9f:de:27:56:ea:b8:6c:b5:9d:3d: a5:54:86:6b:9e:25:07:39:51:22:79:e9:ab:2b:ca:fd:4e:c0: 31:13:b2:a5:7f:a7:30:7a:83:fd:6a:37:54:9b:00:82:b8:25: 57:d8:00:a5:75:37:10:3c:5d:a8:a9:3a:7a:b2:d8:97:14:a7: b2:3e:05:3f:27:0f:97:64:29:4b:fc:78:46:b3:76:e7:3d:a5: 5d:7b:30:8c:d3:e8:17:58:58:95:6d:f0:e7:1a:03:b6:39:bb: 75:71:b3:2a:3e:d5:a1:47:92:0c:cf:c7:e8:9c:77:e1:15:ad: f0:9b:2c:5f:18:20:02:75:9d:73:dd:5d:7b:64:bc:e7:bd:e6: 51:59:0e:d2:fb:0e:f5:55:ff:62:ba:ec:b6:fa:99:6e:0d:32: 1c:e9:b6:44:c5:bd:20:ff:7c:5f:c8:50:5c:6a:19:70:f5:9f: f9:a1:85:26:14:97:96:c7:c7:95:72:4e:08:e4:9f:86:f0:b1: b2:50:de:07:e6:1c:0f:6d:a0:9f:30:9f:6c:0b:d3:27:d2:02: 30:4a:eb:ff:bd:19:28:3d:45:f1:f2:e8:dc:90:83:b9:c5:29: 0f:d1:e3:e7:95:ef:dc:77:ef:fd:21:72:6d:4e:76:1f:2f:30: 90:40:4e:80 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZxDxuvw3BuDXozk0mgDso1pMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY2MTZhOGViYjAxMTExOWIyZjY5NTMyN2ZiMTZlNTFmODg3 MDQ0NzkwHhcNMjYwMjA5MTkwMDM1WhcNMjYwMjEwMTkwMDM1WjAzMTEwLwYDVQQD Eyg3OWE0MGNlNjliMzk1NjQ1OGE1NzMyNjQ0YzZjZDE2YmNhNTVlYzc4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmfRDCE17FGhiWVhGpO1ULaNPRQcy NsZe/tN+Eb8li3jrd/6JWM04xOcMSNDmqG21cs4eQJhIleb4Xi4Et48CgfGdmvJQ Oa3pwc2pRxy8GmQCbVI1Gr1KUobUdpgKNytI9et+S73Z9kf+Y/6Yjgi9JQx8U+Iy fUj5pu6aAu5gdoDYHQK2JepyUd//9PgyDd+r0rDXE3RvAHqU0hcTQsjwaiFY9J9T 1erzd1ueu2mxAXaOWxbx2WEY4x4VFwnATMwhnSg0Fi3Pogt7moDpzhub4iFSuTq+ yPEa4VMJvlWiHJucQO9yAQtVeu9csr/zSggz68d7Diukm7C1Gjnip1K9MwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHmkDOabOVZFilcyZExs0WvKVex4MB8GA1UdIwQY MBaAFGYWqOuwERGbL2lTJ/sW5R+IcER5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWmhhbzY3QVJFWnN2YVZNbi14YmxINGh3UkhrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9kY2Y0YTItYzM3NC00NTczLTk0MGEt ZWQzZDI3MDU1MDIwLzEvWmhhbzY3QVJFWnN2YVZNbi14YmxINGh3UkhrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMy9kY2Y0YTItYzM3NC00NTczLTk0MGEtZWQzZDI3MDU1MDIw LzEvWmhhbzY3QVJFWnN2YVZNbi14YmxINGh3UkhrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfyfCeRAb LH6f3idW6rhstZ09pVSGa54lBzlRInnpqyvK/U7AMROypX+nMHqD/Wo3VJsAgrgl V9gApXU3EDxdqKk6erLYlxSnsj4FPycPl2QpS/x4RrN25z2lXXswjNPoF1hYlW3w 5xoDtjm7dXGzKj7VoUeSDM/H6Jx34RWt8JssXxggAnWdc91de2S8573mUVkO0vsO 9VX/YrrstvqZbg0yHOm2RMW9IP98X8hQXGoZcPWf+aGFJhSXlsfHlXJOCOSfhvCx slDeB+YcD22gnzCfbAvTJ9ICMErr/70ZKD1F8fLo3JCDucUpD9Hj55Xv3Hfv/SFy bU52Hy8wkEBOgA== -----END CERTIFICATE-----Generated at Mon Feb 9 23:53:21 2026 by rpki-client