This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/702564-50a5-4fad-a12f-65dba63b1a82/1/zxNuAf-vhT27Klz8_l0bZ9IMILU.mft File: zxNuAf-vhT27Klz8_l0bZ9IMILU.mft (raw, json) Hash identifier: khV8vDJSWdx/HOFmBlh+eP52qVkl5pVhSNBPqpgwT6w= Subject key identifier: E7:BB:E1:7F:19:0B:BE:07:BF:0A:61:5E:02:3E:FA:14:02:BC:83:CB Authority key identifier: CF:13:6E:01:FF:AF:85:3D:BB:2A:5C:FC:FE:5D:1B:67:D2:0C:20:B5 Certificate issuer: /CN=cf136e01ffaf853dbb2a5cfcfe5d1b67d20c20b5 Certificate serial: 019B337B7A9703734854A2B89D3BD056DC19 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zxNuAf-vhT27Klz8_l0bZ9IMILU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/702564-50a5-4fad-a12f-65dba63b1a82/1/zxNuAf-vhT27Klz8_l0bZ9IMILU.mft Manifest number: 120D Signing time: Thu 18 Dec 2025 22:01:28 +0000 Manifest this update: Thu 18 Dec 2025 22:01:28 +0000 Manifest next update: Fri 19 Dec 2025 22:01:28 +0000 Files and hashes: 1: OmwRoJ3JPu5X08Xp_X1_3qE1I7k.roa (hash: Adg8t51EAwBbzjl4kDJAi92mlZw1Om+k918pc8UAy2M=) 2: zxNuAf-vhT27Klz8_l0bZ9IMILU.crl (hash: Rn0SxYqgv3IX2Xn823lFjrOq2et838NUFHTaVfjRvJk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/702564-50a5-4fad-a12f-65dba63b1a82/1/zxNuAf-vhT27Klz8_l0bZ9IMILU.crl rsync://rpki.ripe.net/repository/DEFAULT/17/702564-50a5-4fad-a12f-65dba63b1a82/1/zxNuAf-vhT27Klz8_l0bZ9IMILU.mft rsync://rpki.ripe.net/repository/DEFAULT/zxNuAf-vhT27Klz8_l0bZ9IMILU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:33:7b:7a:97:03:73:48:54:a2:b8:9d:3b:d0:56:dc:19 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cf136e01ffaf853dbb2a5cfcfe5d1b67d20c20b5 Validity Not Before: Dec 18 22:01:28 2025 GMT Not After : Dec 19 22:01:28 2025 GMT Subject: CN=e7bbe17f190bbe07bf0a615e023efa1402bc83cb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:85:12:5f:3d:0d:25:c5:81:8d:1e:a7:b1:29: ac:b6:03:f8:8a:e8:54:e9:80:24:2a:37:c3:86:13: 23:e7:b6:bf:48:9a:6f:48:3c:e8:e2:d7:9b:93:7a: d2:55:ea:ec:01:f7:b0:fb:df:13:fc:a1:21:c2:89: 4d:d9:19:64:01:5b:f8:25:1c:f1:59:f5:cb:4a:29: 71:20:e5:a6:00:e7:80:a1:6d:2a:75:e6:62:52:e5: 14:74:d9:a2:6e:a4:54:89:9a:84:83:be:65:1b:96: e8:ee:b7:d4:a6:01:a6:8c:bb:c0:d3:f8:38:5e:98: 7b:18:97:09:d9:ed:06:13:a3:44:40:a0:bd:ae:89: 81:04:67:c5:b0:a7:7e:f3:6c:79:16:2c:ad:1f:5b: f8:e6:ed:c1:f6:87:f4:35:6b:09:b4:c2:04:c6:fc: a7:ba:c9:8f:b1:9f:48:ed:f4:6b:2a:3b:16:73:4a: 90:4b:13:3b:34:d9:97:10:91:da:2c:35:48:9a:a8: 3b:8c:c4:4c:3f:ae:68:fe:6f:4c:3b:22:19:b2:0f: 2d:f1:c3:01:2e:31:51:5c:dd:a5:30:9d:0f:a5:78: df:4a:a5:bc:a2:85:a9:35:2c:a7:b8:52:63:38:12: 07:8e:bd:db:22:b6:9d:23:9d:af:3c:05:f9:76:eb: 1f:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E7:BB:E1:7F:19:0B:BE:07:BF:0A:61:5E:02:3E:FA:14:02:BC:83:CB X509v3 Authority Key Identifier: keyid:CF:13:6E:01:FF:AF:85:3D:BB:2A:5C:FC:FE:5D:1B:67:D2:0C:20:B5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zxNuAf-vhT27Klz8_l0bZ9IMILU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/702564-50a5-4fad-a12f-65dba63b1a82/1/zxNuAf-vhT27Klz8_l0bZ9IMILU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/17/702564-50a5-4fad-a12f-65dba63b1a82/1/zxNuAf-vhT27Klz8_l0bZ9IMILU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 79:5d:f2:22:20:5a:43:83:21:5b:9d:99:d4:33:f0:9d:e7:0b: 33:cf:33:b9:83:23:ad:c0:4c:77:37:d5:c1:0d:e8:71:73:c7: d4:79:f1:d1:7b:3f:01:1e:25:fb:c3:5a:13:23:3d:f2:8c:c0: f8:c4:d1:a7:a9:d8:92:bf:40:b4:2d:d3:a4:b6:45:a1:ee:44: d6:8b:da:0c:28:43:36:7c:fb:6b:33:ea:5f:0f:ff:43:0a:f8: 76:f9:24:fe:37:99:c3:0e:f0:8d:27:23:23:b5:60:6b:80:5c: 16:f3:2b:bb:b5:cb:dc:d5:c6:6e:24:df:73:ee:b7:c7:97:81: 25:1e:6e:87:c4:59:e6:fb:7a:49:ab:7e:83:aa:24:cd:f1:cf: 4d:16:5a:af:b9:6b:bf:29:59:b4:1b:b0:f1:bd:ce:6b:c3:5b: 12:63:89:b2:4e:67:46:eb:06:86:e1:b5:1a:b8:4c:e8:19:a7: 81:da:8b:0e:a4:2b:a9:9e:a3:77:6e:b5:a9:d7:a0:2d:6b:2f: db:f2:73:cf:8b:09:52:00:ec:59:97:de:5e:98:77:d4:f5:73: cf:d4:7b:00:44:4e:bd:00:c4:23:dc:ac:ca:b6:78:06:5f:1b: b8:b8:43:8c:ec:9b:10:8c:79:fa:c2:1a:5f:54:64:b5:31:43: 49:e3:ee:f2 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsze3qXA3NIVKK4nTvQVtwZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNmMTM2ZTAxZmZhZjg1M2RiYjJhNWNmY2ZlNWQxYjY3ZDIw YzIwYjUwHhcNMjUxMjE4MjIwMTI4WhcNMjUxMjE5MjIwMTI4WjAzMTEwLwYDVQQD EyhlN2JiZTE3ZjE5MGJiZTA3YmYwYTYxNWUwMjNlZmExNDAyYmM4M2NiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu4USXz0NJcWBjR6nsSmstgP4iuhU 6YAkKjfDhhMj57a/SJpvSDzo4tebk3rSVersAfew+98T/KEhwolN2RlkAVv4JRzx WfXLSilxIOWmAOeAoW0qdeZiUuUUdNmibqRUiZqEg75lG5bo7rfUpgGmjLvA0/g4 Xph7GJcJ2e0GE6NEQKC9romBBGfFsKd+82x5FiytH1v45u3B9of0NWsJtMIExvyn usmPsZ9I7fRrKjsWc0qQSxM7NNmXEJHaLDVImqg7jMRMP65o/m9MOyIZsg8t8cMB LjFRXN2lMJ0PpXjfSqW8ooWpNSynuFJjOBIHjr3bIradI52vPAX5dusfyQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOe74X8ZC74HvwphXgI++hQCvIPLMB8GA1UdIwQY MBaAFM8TbgH/r4U9uypc/P5dG2fSDCC1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvenhOdUFmLXZoVDI3S2x6OF9sMGJaOUlNSUxVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy83MDI1NjQtNTBhNS00ZmFkLWExMmYt NjVkYmE2M2IxYTgyLzEvenhOdUFmLXZoVDI3S2x6OF9sMGJaOUlNSUxVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNy83MDI1NjQtNTBhNS00ZmFkLWExMmYtNjVkYmE2M2IxYTgy LzEvenhOdUFmLXZoVDI3S2x6OF9sMGJaOUlNSUxVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeV3yIiBa Q4MhW52Z1DPwnecLM88zuYMjrcBMdzfVwQ3ocXPH1Hnx0Xs/AR4l+8NaEyM98ozA +MTRp6nYkr9AtC3TpLZFoe5E1ovaDChDNnz7azPqXw//Qwr4dvkk/jeZww7wjScj I7Vga4BcFvMru7XL3NXGbiTfc+63x5eBJR5uh8RZ5vt6Sat+g6okzfHPTRZar7lr vylZtBuw8b3Oa8NbEmOJsk5nRusGhuG1GrhM6BmngdqLDqQrqZ6jd261qdegLWsv 2/Jzz4sJUgDsWZfeXph31PVzz9R7AEROvQDEI9ysyrZ4Bl8buLhDjOybEIx5+sIa X1RktTFDSePu8g== -----END CERTIFICATE-----Generated at Fri Dec 19 04:56:04 2025 by rpki-client