This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/fa7711-37ff-4aec-9853-1edde6c9d96a/1/ZdCTIXKqLRx3xLuYNwqrPeasNFc.mft File: ZdCTIXKqLRx3xLuYNwqrPeasNFc.mft (raw, json) Hash identifier: URid9SA5vkiemECN9WPueRa1ASneDHSCYDcqvk+kows= Subject key identifier: 67:95:47:6E:6D:41:9D:D4:E3:38:B7:40:D3:16:AE:A9:13:DD:EF:5D Authority key identifier: 65:D0:93:21:72:AA:2D:1C:77:C4:BB:98:37:0A:AB:3D:E6:AC:34:57 Certificate issuer: /CN=65d0932172aa2d1c77c4bb98370aab3de6ac3457 Certificate serial: 019B5A1AA38C6F958B4AA4C5252C4233FAD0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZdCTIXKqLRx3xLuYNwqrPeasNFc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/fa7711-37ff-4aec-9853-1edde6c9d96a/1/ZdCTIXKqLRx3xLuYNwqrPeasNFc.mft Manifest number: 024A Signing time: Fri 26 Dec 2025 10:00:53 +0000 Manifest this update: Fri 26 Dec 2025 10:00:53 +0000 Manifest next update: Sat 27 Dec 2025 10:00:53 +0000 Files and hashes: 1: ZdCTIXKqLRx3xLuYNwqrPeasNFc.crl (hash: u13VBZdqyugjnoIUa7XsXE9asC7LTWHDHGAsoD0k12Y=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/fa7711-37ff-4aec-9853-1edde6c9d96a/1/ZdCTIXKqLRx3xLuYNwqrPeasNFc.crl rsync://rpki.ripe.net/repository/DEFAULT/20/fa7711-37ff-4aec-9853-1edde6c9d96a/1/ZdCTIXKqLRx3xLuYNwqrPeasNFc.mft rsync://rpki.ripe.net/repository/DEFAULT/ZdCTIXKqLRx3xLuYNwqrPeasNFc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:1a:a3:8c:6f:95:8b:4a:a4:c5:25:2c:42:33:fa:d0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=65d0932172aa2d1c77c4bb98370aab3de6ac3457 Validity Not Before: Dec 26 10:00:53 2025 GMT Not After : Dec 27 10:00:53 2025 GMT Subject: CN=6795476e6d419dd4e338b740d316aea913ddef5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:f8:19:a2:6e:e9:4a:f2:5e:8a:b6:a8:3a:3f: 97:36:8c:55:1a:93:dd:69:d9:9f:64:ec:6b:a0:4b: 5e:fb:cc:b3:56:0c:09:0a:07:a0:73:06:70:8b:ae: 9a:bd:2b:b9:06:c7:d6:6a:c7:61:e3:c2:3c:73:5e: 2f:08:45:3b:f8:8e:f0:12:e0:c4:72:1d:9d:17:3f: 44:bc:30:a7:79:08:19:34:1a:24:02:d0:37:c4:b3: f4:62:e2:92:22:49:db:2e:17:fe:2b:39:44:56:eb: 51:9b:57:8a:0b:6c:1b:df:8a:b7:36:90:e0:30:bf: 19:dd:08:c0:2e:7e:84:c6:fb:4e:f2:44:f9:b7:a1: 44:13:05:13:39:56:3b:d8:bf:35:09:82:22:df:f6: 04:61:ee:c4:12:88:fe:8b:d8:56:5d:d4:b8:9a:2d: d7:56:d3:bd:80:2e:1e:ba:f7:1a:26:72:7c:cb:2d: 05:e0:b3:94:b0:cc:83:fe:e8:94:cf:5b:40:39:8b: af:64:c1:3c:73:ec:66:72:22:fb:59:d9:19:e1:05: 78:8f:18:6b:8d:39:0f:0d:09:39:cc:00:9a:db:c7: 2d:a9:87:54:15:35:16:4f:98:d1:fc:eb:44:6a:ed: 75:ef:23:16:c8:ca:21:b4:06:01:57:6e:ed:a1:28: f9:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:95:47:6E:6D:41:9D:D4:E3:38:B7:40:D3:16:AE:A9:13:DD:EF:5D X509v3 Authority Key Identifier: keyid:65:D0:93:21:72:AA:2D:1C:77:C4:BB:98:37:0A:AB:3D:E6:AC:34:57 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZdCTIXKqLRx3xLuYNwqrPeasNFc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/fa7711-37ff-4aec-9853-1edde6c9d96a/1/ZdCTIXKqLRx3xLuYNwqrPeasNFc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/20/fa7711-37ff-4aec-9853-1edde6c9d96a/1/ZdCTIXKqLRx3xLuYNwqrPeasNFc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 64:af:7f:b8:7c:7e:fe:76:8b:5c:61:15:ed:da:e0:82:29:7f: c8:01:13:57:57:11:9b:65:fd:8e:e4:e6:f3:78:d7:27:be:a7: 64:45:48:bd:a0:01:bb:e2:ff:d2:c2:f9:d7:8b:71:63:60:7e: db:60:e4:17:b1:76:7a:75:38:d5:70:c2:51:66:fe:48:e4:52: 4e:c5:f6:16:98:51:94:18:1b:cf:44:16:e8:ed:95:2c:2f:c0: 3d:74:bb:f5:25:81:8d:cc:f5:7e:da:c1:cc:4f:68:0d:72:bd: b8:35:9a:26:1c:02:24:93:d2:9a:b8:77:57:d5:fc:91:a0:ff: 20:b6:24:da:62:13:f2:9b:14:bf:e5:d5:3c:7b:55:35:c7:d4: e8:6e:c9:18:dd:3b:be:57:aa:1f:2f:42:af:c7:af:d5:5d:43: f7:b9:3d:44:10:80:cb:42:6c:df:8e:96:a6:f1:93:13:f3:0f: b8:35:94:58:9b:78:1c:22:5d:c6:10:17:16:87:7c:0a:ce:d0: b0:3b:dd:65:f8:7f:fd:55:c0:76:57:70:e0:d6:3b:33:26:88: 06:00:58:15:cf:ff:19:bf:fc:d6:db:cc:15:00:62:bd:4c:5b: 2a:80:7e:e4:35:ef:74:a9:ac:db:4d:30:2e:ff:27:4c:9a:68: 39:91:57:df -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtaGqOMb5WLSqTFJSxCM/rQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY1ZDA5MzIxNzJhYTJkMWM3N2M0YmI5ODM3MGFhYjNkZTZh YzM0NTcwHhcNMjUxMjI2MTAwMDUzWhcNMjUxMjI3MTAwMDUzWjAzMTEwLwYDVQQD Eyg2Nzk1NDc2ZTZkNDE5ZGQ0ZTMzOGI3NDBkMzE2YWVhOTEzZGRlZjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1PgZom7pSvJeiraoOj+XNoxVGpPd admfZOxroEte+8yzVgwJCgegcwZwi66avSu5BsfWasdh48I8c14vCEU7+I7wEuDE ch2dFz9EvDCneQgZNBokAtA3xLP0YuKSIknbLhf+KzlEVutRm1eKC2wb34q3NpDg ML8Z3QjALn6ExvtO8kT5t6FEEwUTOVY72L81CYIi3/YEYe7EEoj+i9hWXdS4mi3X VtO9gC4euvcaJnJ8yy0F4LOUsMyD/uiUz1tAOYuvZME8c+xmciL7WdkZ4QV4jxhr jTkPDQk5zACa28ctqYdUFTUWT5jR/OtEau117yMWyMohtAYBV27toSj5gQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGeVR25tQZ3U4zi3QNMWrqkT3e9dMB8GA1UdIwQY MBaAFGXQkyFyqi0cd8S7mDcKqz3mrDRXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWmRDVElYS3FMUngzeEx1WU53cXJQZWFzTkZjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC9mYTc3MTEtMzdmZi00YWVjLTk4NTMt MWVkZGU2YzlkOTZhLzEvWmRDVElYS3FMUngzeEx1WU53cXJQZWFzTkZjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMC9mYTc3MTEtMzdmZi00YWVjLTk4NTMtMWVkZGU2YzlkOTZh LzEvWmRDVElYS3FMUngzeEx1WU53cXJQZWFzTkZjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZK9/uHx+ /naLXGEV7drggil/yAETV1cRm2X9juTm83jXJ76nZEVIvaABu+L/0sL514txY2B+ 22DkF7F2enU41XDCUWb+SORSTsX2FphRlBgbz0QW6O2VLC/APXS79SWBjcz1ftrB zE9oDXK9uDWaJhwCJJPSmrh3V9X8kaD/ILYk2mIT8psUv+XVPHtVNcfU6G7JGN07 vleqHy9Cr8ev1V1D97k9RBCAy0Js346WpvGTE/MPuDWUWJt4HCJdxhAXFod8Cs7Q sDvdZfh//VXAdldw4NY7MyaIBgBYFc//Gb/81tvMFQBivUxbKoB+5DXvdKms200w Lv8nTJpoOZFX3w== -----END CERTIFICATE-----Generated at Fri Dec 26 14:08:52 2025 by rpki-client