This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/4fa2d8-d71d-49b1-8eb0-a3589da16c85/1/zh9ZrjRUgTKJL8yJsVlfmwNgGY0.mft File: zh9ZrjRUgTKJL8yJsVlfmwNgGY0.mft (raw, json) Hash identifier: YLKXQjDtEzEr8VZh8BN17vUGbhgiJnRsJi12KACJyMQ= Subject key identifier: 40:6D:F3:84:F2:B5:F8:63:7B:B0:A7:19:14:52:04:D6:C4:6A:F8:BA Authority key identifier: CE:1F:59:AE:34:54:81:32:89:2F:CC:89:B1:59:5F:9B:03:60:19:8D Certificate issuer: /CN=ce1f59ae34548132892fcc89b1595f9b0360198d Certificate serial: 019B33442A20EB4C892CD647F4C09F2F852B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zh9ZrjRUgTKJL8yJsVlfmwNgGY0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/4fa2d8-d71d-49b1-8eb0-a3589da16c85/1/zh9ZrjRUgTKJL8yJsVlfmwNgGY0.mft Manifest number: 117E Signing time: Thu 18 Dec 2025 21:01:03 +0000 Manifest this update: Thu 18 Dec 2025 21:01:03 +0000 Manifest next update: Fri 19 Dec 2025 21:01:03 +0000 Files and hashes: 1: DnTbZNQqyk7b1Kpp-h3yl2scJwY.roa (hash: TJ12NvtCptbjwY91XKfeBV5bJZ6ugQZ1nYOaUhjOlp4=) 2: zh9ZrjRUgTKJL8yJsVlfmwNgGY0.crl (hash: J3ePbedgJ/GxSklt21dxBfK4Ye8v2dNWg5Xsj+oEL/A=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/46/4fa2d8-d71d-49b1-8eb0-a3589da16c85/1/zh9ZrjRUgTKJL8yJsVlfmwNgGY0.crl rsync://rpki.ripe.net/repository/DEFAULT/46/4fa2d8-d71d-49b1-8eb0-a3589da16c85/1/zh9ZrjRUgTKJL8yJsVlfmwNgGY0.mft rsync://rpki.ripe.net/repository/DEFAULT/zh9ZrjRUgTKJL8yJsVlfmwNgGY0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 21:01:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:33:44:2a:20:eb:4c:89:2c:d6:47:f4:c0:9f:2f:85:2b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ce1f59ae34548132892fcc89b1595f9b0360198d Validity Not Before: Dec 18 21:01:03 2025 GMT Not After : Dec 19 21:01:03 2025 GMT Subject: CN=406df384f2b5f8637bb0a719145204d6c46af8ba Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:a9:30:0c:59:f3:03:67:ea:a4:ec:65:45:5b: b4:ac:44:88:25:76:f7:d4:15:04:65:56:b4:f9:69: c9:47:18:b8:3f:d9:96:c4:d0:55:38:05:49:55:51: 3c:a7:d9:20:58:42:a4:13:da:ba:f7:08:de:f9:a5: bc:70:f5:86:22:5e:b8:33:a4:74:e2:e7:69:10:7d: 44:9b:9f:37:08:df:51:d5:db:4b:ba:84:c8:c2:d1: 27:24:8b:10:12:f9:55:9f:57:d6:36:ff:ab:90:c6: d7:bf:d0:ba:23:55:69:8a:cb:5c:1d:30:69:75:cb: 9c:18:a0:00:80:d7:8d:31:9e:75:43:cf:38:43:22: 06:b7:26:43:3f:23:c7:2f:c8:e5:74:ac:34:5a:cd: b1:99:f0:37:a6:00:a7:11:ea:f1:c1:f6:bd:28:80: a3:72:89:aa:26:dd:ad:27:44:f7:66:39:8c:48:98: 4b:b2:a3:4a:b5:16:91:fa:a7:7e:a3:b9:8a:71:7b: fa:ad:ee:95:dd:3e:44:e4:7f:47:c9:3e:f6:97:ec: 3e:ef:98:60:af:a7:ab:c3:33:c4:43:ef:7c:8c:da: 95:6c:7d:91:69:16:e6:7d:82:ae:4b:9c:d5:b2:1e: 9e:79:c5:c3:f8:4b:b9:fe:d5:28:1e:59:a7:97:e4: 87:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:6D:F3:84:F2:B5:F8:63:7B:B0:A7:19:14:52:04:D6:C4:6A:F8:BA X509v3 Authority Key Identifier: keyid:CE:1F:59:AE:34:54:81:32:89:2F:CC:89:B1:59:5F:9B:03:60:19:8D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zh9ZrjRUgTKJL8yJsVlfmwNgGY0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/4fa2d8-d71d-49b1-8eb0-a3589da16c85/1/zh9ZrjRUgTKJL8yJsVlfmwNgGY0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/46/4fa2d8-d71d-49b1-8eb0-a3589da16c85/1/zh9ZrjRUgTKJL8yJsVlfmwNgGY0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 29:6c:fc:4d:20:ed:6c:04:00:66:0e:12:f9:b5:b5:82:56:48: 0e:88:eb:8b:bd:f9:99:15:cc:00:73:7f:31:1a:ac:00:9e:7b: 06:40:6d:2a:e2:d6:45:99:48:7f:ae:92:22:2c:03:dc:f9:97: 70:3e:db:91:13:e5:ed:ad:0b:2c:9f:78:c0:8a:31:de:87:4b: c3:ac:b9:a9:0c:8f:af:16:ce:26:a2:ee:25:13:79:dd:e9:5e: 6f:07:1b:fc:c6:4a:68:2c:92:56:63:93:ab:f1:b7:33:e4:41: 3a:4b:8c:02:c8:2d:9a:37:2d:75:12:ac:a2:19:e6:c5:80:19: 70:54:fe:85:e1:2e:4a:50:f6:e4:86:69:aa:c0:2f:e8:f5:89: 9d:52:61:24:cd:a5:4b:2e:1a:da:9d:f7:85:41:ed:ee:c8:25: 75:d6:f8:cf:7a:0a:94:87:9a:c1:b9:f4:f7:2a:97:ab:49:f5: 22:fb:ef:56:e1:86:44:33:8d:7d:70:f3:e1:96:1d:26:02:ee: b1:3f:3a:e0:ac:b8:d6:1b:00:3d:89:e0:9c:f8:ea:7b:73:a7: 20:9f:5b:ba:f0:e4:1b:24:31:a0:82:e9:ca:c1:11:8c:32:03: ce:f5:51:1c:b1:f3:9a:eb:34:5c:e3:85:61:34:2d:74:6b:c4: 9c:a7:a3:14 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZszRCog60yJLNZH9MCfL4UrMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNlMWY1OWFlMzQ1NDgxMzI4OTJmY2M4OWIxNTk1ZjliMDM2 MDE5OGQwHhcNMjUxMjE4MjEwMTAzWhcNMjUxMjE5MjEwMTAzWjAzMTEwLwYDVQQD Eyg0MDZkZjM4NGYyYjVmODYzN2JiMGE3MTkxNDUyMDRkNmM0NmFmOGJhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr6kwDFnzA2fqpOxlRVu0rESIJXb3 1BUEZVa0+WnJRxi4P9mWxNBVOAVJVVE8p9kgWEKkE9q69wje+aW8cPWGIl64M6R0 4udpEH1Em583CN9R1dtLuoTIwtEnJIsQEvlVn1fWNv+rkMbXv9C6I1VpistcHTBp dcucGKAAgNeNMZ51Q884QyIGtyZDPyPHL8jldKw0Ws2xmfA3pgCnEerxwfa9KICj comqJt2tJ0T3ZjmMSJhLsqNKtRaR+qd+o7mKcXv6re6V3T5E5H9HyT72l+w+75hg r6erwzPEQ+98jNqVbH2RaRbmfYKuS5zVsh6eecXD+Eu5/tUoHlmnl+SHsQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEBt84Tytfhje7CnGRRSBNbEavi6MB8GA1UdIwQY MBaAFM4fWa40VIEyiS/MibFZX5sDYBmNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvemg5WnJqUlVnVEtKTDh5SnNWbGZtd05nR1kwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni80ZmEyZDgtZDcxZC00OWIxLThlYjAt YTM1ODlkYTE2Yzg1LzEvemg5WnJqUlVnVEtKTDh5SnNWbGZtd05nR1kwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Ni80ZmEyZDgtZDcxZC00OWIxLThlYjAtYTM1ODlkYTE2Yzg1 LzEvemg5WnJqUlVnVEtKTDh5SnNWbGZtd05nR1kwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKWz8TSDt bAQAZg4S+bW1glZIDojri735mRXMAHN/MRqsAJ57BkBtKuLWRZlIf66SIiwD3PmX cD7bkRPl7a0LLJ94wIox3odLw6y5qQyPrxbOJqLuJRN53elebwcb/MZKaCySVmOT q/G3M+RBOkuMAsgtmjctdRKsohnmxYAZcFT+heEuSlD25IZpqsAv6PWJnVJhJM2l Sy4a2p33hUHt7sglddb4z3oKlIeawbn09yqXq0n1IvvvVuGGRDONfXDz4ZYdJgLu sT864Ky41hsAPYngnPjqe3OnIJ9buvDkGyQxoILpysERjDIDzvVRHLHzmus0XOOF YTQtdGvEnKejFA== -----END CERTIFICATE-----Generated at Fri Dec 19 02:33:25 2025 by rpki-client