This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/9fd384-a8c0-427f-962d-c4502da869bb/1/zKw3L3qbgXHcv8EWDKoiyP3Gi3s.mft File: zKw3L3qbgXHcv8EWDKoiyP3Gi3s.mft (raw, json) Hash identifier: QHn87qrhTDq68EA39zeLQfMUkfAePodHYykDHco7pEg= Subject key identifier: D0:EE:41:91:02:1C:C2:A1:25:48:09:D4:90:33:08:66:7D:C0:D6:16 Authority key identifier: CC:AC:37:2F:7A:9B:81:71:DC:BF:C1:16:0C:AA:22:C8:FD:C6:8B:7B Certificate issuer: /CN=ccac372f7a9b8171dcbfc1160caa22c8fdc68b7b Certificate serial: 019B0E92FE330E29FE1C0CF50869DA58AD5C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zKw3L3qbgXHcv8EWDKoiyP3Gi3s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/9fd384-a8c0-427f-962d-c4502da869bb/1/zKw3L3qbgXHcv8EWDKoiyP3Gi3s.mft Manifest number: 0F02 Signing time: Thu 11 Dec 2025 18:01:12 +0000 Manifest this update: Thu 11 Dec 2025 18:01:12 +0000 Manifest next update: Fri 12 Dec 2025 18:01:12 +0000 Files and hashes: 1: zKw3L3qbgXHcv8EWDKoiyP3Gi3s.crl (hash: CBEv44A3WgtjtwvK71xIDDgxpFX3y3yAJebRaiTbeKE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/82/9fd384-a8c0-427f-962d-c4502da869bb/1/zKw3L3qbgXHcv8EWDKoiyP3Gi3s.crl rsync://rpki.ripe.net/repository/DEFAULT/82/9fd384-a8c0-427f-962d-c4502da869bb/1/zKw3L3qbgXHcv8EWDKoiyP3Gi3s.mft rsync://rpki.ripe.net/repository/DEFAULT/zKw3L3qbgXHcv8EWDKoiyP3Gi3s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 12 Dec 2025 18:01:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:0e:92:fe:33:0e:29:fe:1c:0c:f5:08:69:da:58:ad:5c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ccac372f7a9b8171dcbfc1160caa22c8fdc68b7b Validity Not Before: Dec 11 18:01:12 2025 GMT Not After : Dec 12 18:01:12 2025 GMT Subject: CN=d0ee4191021cc2a1254809d4903308667dc0d616 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:86:0f:7d:21:b3:32:07:bc:dc:bd:02:31:bb: ec:c1:44:98:3b:bf:1b:eb:89:2a:5c:f1:5c:b4:87: 33:bf:18:15:6c:00:0d:10:f9:29:c9:7b:76:43:5f: 43:aa:df:58:11:6d:9d:44:59:13:93:f3:91:af:6b: ff:2b:2e:83:4e:e3:6f:8d:2f:61:8d:00:3f:15:15: ce:e6:19:e1:2a:84:d5:58:bd:12:da:d7:43:46:4a: 1e:b7:04:39:79:49:ff:10:9a:e9:ec:5d:81:96:48: 94:d6:ed:0a:91:e0:93:ae:9a:a1:19:45:67:87:74: 70:26:4a:46:78:06:d3:6d:5d:68:da:8a:1f:bc:09: bb:17:50:ac:30:de:92:03:d1:9b:cf:eb:30:cb:d3: c1:69:a6:04:91:14:fb:46:50:51:5d:13:5d:d8:75: 10:68:3b:26:fd:51:95:73:2c:90:86:2c:22:f2:9d: f8:10:60:0c:2f:13:bb:3b:99:6b:7a:38:27:3c:1a: 04:b4:a9:be:b6:77:89:48:17:d6:30:91:d5:7e:87: ca:05:db:a9:67:84:24:4f:d4:4a:88:14:34:54:da: 80:a2:8a:90:16:bc:02:f4:e8:30:bd:aa:bc:70:56: de:8c:eb:b8:d4:48:c6:80:e2:b3:1b:fd:23:38:8a: 28:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D0:EE:41:91:02:1C:C2:A1:25:48:09:D4:90:33:08:66:7D:C0:D6:16 X509v3 Authority Key Identifier: keyid:CC:AC:37:2F:7A:9B:81:71:DC:BF:C1:16:0C:AA:22:C8:FD:C6:8B:7B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zKw3L3qbgXHcv8EWDKoiyP3Gi3s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/9fd384-a8c0-427f-962d-c4502da869bb/1/zKw3L3qbgXHcv8EWDKoiyP3Gi3s.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/82/9fd384-a8c0-427f-962d-c4502da869bb/1/zKw3L3qbgXHcv8EWDKoiyP3Gi3s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption aa:e7:58:d4:52:b3:79:db:09:b1:b0:46:27:b8:f4:3a:b2:b2: 6f:65:6d:e2:5c:3c:b8:37:e1:2c:89:c1:18:d5:d2:43:5f:84: 69:49:13:88:96:5c:44:c3:5d:ba:97:45:36:e3:82:b7:a7:dc: ce:4d:06:9e:c5:a8:01:c9:64:b3:0a:e9:d4:11:5d:cb:86:dd: c8:a4:4a:33:80:2c:eb:99:41:fd:a1:c0:8a:2d:d4:0d:ee:3c: 63:d8:a1:09:59:c1:1f:38:2a:7e:32:1e:a1:01:14:12:03:92: f4:68:e9:52:07:11:b7:71:98:4b:12:5c:52:79:27:fe:d7:10: 60:87:b6:1d:d6:95:9c:e9:46:1d:20:b5:15:0b:c5:8b:73:5d: 3f:38:c0:fe:18:bc:f8:4f:6c:2b:79:34:b4:57:6a:2a:c9:db: 6c:3e:45:23:7f:45:f4:ca:3e:6d:bc:fb:26:04:e2:1b:c6:e6: 4f:93:d9:78:dc:25:3e:b6:9c:4d:a1:bf:4c:80:78:39:d7:3a: 0e:66:2c:be:40:a0:68:3a:b9:3c:c3:61:f1:8e:bc:99:18:ed: b3:e9:92:86:2f:d7:b6:10:5a:75:27:e2:f9:bb:67:9f:95:86: ac:36:a3:57:e0:47:4d:ee:80:07:cf:f2:7f:35:e8:3c:54:f6: 6d:65:7f:97 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsOkv4zDin+HAz1CGnaWK1cMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNjYWMzNzJmN2E5YjgxNzFkY2JmYzExNjBjYWEyMmM4ZmRj NjhiN2IwHhcNMjUxMjExMTgwMTEyWhcNMjUxMjEyMTgwMTEyWjAzMTEwLwYDVQQD EyhkMGVlNDE5MTAyMWNjMmExMjU0ODA5ZDQ5MDMzMDg2NjdkYzBkNjE2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq4YPfSGzMge83L0CMbvswUSYO78b 64kqXPFctIczvxgVbAANEPkpyXt2Q19Dqt9YEW2dRFkTk/ORr2v/Ky6DTuNvjS9h jQA/FRXO5hnhKoTVWL0S2tdDRkoetwQ5eUn/EJrp7F2BlkiU1u0KkeCTrpqhGUVn h3RwJkpGeAbTbV1o2oofvAm7F1CsMN6SA9Gbz+swy9PBaaYEkRT7RlBRXRNd2HUQ aDsm/VGVcyyQhiwi8p34EGAMLxO7O5lrejgnPBoEtKm+tneJSBfWMJHVfofKBdup Z4QkT9RKiBQ0VNqAooqQFrwC9Ogwvaq8cFbejOu41EjGgOKzG/0jOIoo8wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNDuQZECHMKhJUgJ1JAzCGZ9wNYWMB8GA1UdIwQY MBaAFMysNy96m4Fx3L/BFgyqIsj9xot7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvekt3M0wzcWJnWEhjdjhFV0RLb2l5UDNHaTNzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi85ZmQzODQtYThjMC00MjdmLTk2MmQt YzQ1MDJkYTg2OWJiLzEvekt3M0wzcWJnWEhjdjhFV0RLb2l5UDNHaTNzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Mi85ZmQzODQtYThjMC00MjdmLTk2MmQtYzQ1MDJkYTg2OWJi LzEvekt3M0wzcWJnWEhjdjhFV0RLb2l5UDNHaTNzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqudY1FKz edsJsbBGJ7j0OrKyb2Vt4lw8uDfhLInBGNXSQ1+EaUkTiJZcRMNdupdFNuOCt6fc zk0GnsWoAclkswrp1BFdy4bdyKRKM4As65lB/aHAii3UDe48Y9ihCVnBHzgqfjIe oQEUEgOS9GjpUgcRt3GYSxJcUnkn/tcQYIe2HdaVnOlGHSC1FQvFi3NdPzjA/hi8 +E9sK3k0tFdqKsnbbD5FI39F9Mo+bbz7JgTiG8bmT5PZeNwlPracTaG/TIB4Odc6 DmYsvkCgaDq5PMNh8Y68mRjts+mShi/XthBadSfi+btnn5WGrDajV+BHTe6AB8/y fzXoPFT2bWV/lw== -----END CERTIFICATE-----Generated at Fri Dec 12 02:48:55 2025 by rpki-client