This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/57784b-107a-42d9-a21d-3a98966f5e31/1/ZAqiwHn96HpUUV0B3iG8LoXeExo.mft File: ZAqiwHn96HpUUV0B3iG8LoXeExo.mft (raw, json) Hash identifier: RcwnVGm6RzHFfHihoF0nRk/2v/xZHhqWJO9FTpaWN8A= Subject key identifier: EF:CC:69:E4:92:C1:15:35:BF:1B:71:6C:A7:0D:5F:56:33:E6:67:1D Authority key identifier: 64:0A:A2:C0:79:FD:E8:7A:54:51:5D:01:DE:21:BC:2E:85:DE:13:1A Certificate issuer: /CN=640aa2c079fde87a54515d01de21bc2e85de131a Certificate serial: 019B4702757AE818B92C214C1F2254F69EFB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZAqiwHn96HpUUV0B3iG8LoXeExo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/57784b-107a-42d9-a21d-3a98966f5e31/1/ZAqiwHn96HpUUV0B3iG8LoXeExo.mft Manifest number: 178B Signing time: Mon 22 Dec 2025 17:01:41 +0000 Manifest this update: Mon 22 Dec 2025 17:01:41 +0000 Manifest next update: Tue 23 Dec 2025 17:01:41 +0000 Files and hashes: 1: ZAqiwHn96HpUUV0B3iG8LoXeExo.crl (hash: i4GVg+981B5E6qkeHczgf7O6X2bhGj/r++0y75RzeeQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/57784b-107a-42d9-a21d-3a98966f5e31/1/ZAqiwHn96HpUUV0B3iG8LoXeExo.crl rsync://rpki.ripe.net/repository/DEFAULT/8e/57784b-107a-42d9-a21d-3a98966f5e31/1/ZAqiwHn96HpUUV0B3iG8LoXeExo.mft rsync://rpki.ripe.net/repository/DEFAULT/ZAqiwHn96HpUUV0B3iG8LoXeExo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 15:30:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:47:02:75:7a:e8:18:b9:2c:21:4c:1f:22:54:f6:9e:fb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=640aa2c079fde87a54515d01de21bc2e85de131a Validity Not Before: Dec 22 17:01:41 2025 GMT Not After : Dec 23 17:01:41 2025 GMT Subject: CN=efcc69e492c11535bf1b716ca70d5f5633e6671d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:f0:24:da:4c:c9:2d:22:4c:bd:5a:3c:d4:f0: a3:f7:d6:16:9e:6e:44:1b:40:8e:14:82:49:94:04: c8:25:45:d6:fb:12:81:f9:f1:64:45:6f:45:46:91: 09:e5:81:7f:55:32:4c:54:f0:dc:69:55:90:2f:33: a9:fa:ce:c3:67:01:25:a2:ab:a0:d9:b9:0b:3f:10: 8b:1c:eb:71:66:c9:e7:e6:b3:09:75:f5:fa:37:20: 66:d2:0c:39:d5:cc:2d:57:3e:e5:68:7a:70:ed:f3: eb:b8:ff:c6:c7:d7:b0:cb:e4:7b:72:84:35:f9:39: 7a:4e:6d:91:bf:be:11:7c:48:ac:4e:83:b1:01:d2: e2:4c:c2:4e:09:35:7f:1f:26:33:c4:1f:9a:02:78: 4d:1f:59:4d:85:10:f9:27:5e:86:a7:51:35:f1:90: 3e:34:6d:ab:f0:c1:8e:b0:7a:f6:71:b5:e2:e2:bd: 63:09:32:42:45:94:2b:2a:7a:ed:d1:29:9a:e2:59: bc:4b:f1:bc:92:ff:c4:2a:fd:e7:b0:8a:5d:74:09: 87:fc:6e:39:94:1e:e1:6e:06:8b:21:6d:85:c5:05: 73:68:cc:f1:64:16:1a:8e:fc:27:d6:17:14:04:3e: db:f4:02:21:47:1f:50:ab:d8:20:75:0c:ee:de:4f: c9:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EF:CC:69:E4:92:C1:15:35:BF:1B:71:6C:A7:0D:5F:56:33:E6:67:1D X509v3 Authority Key Identifier: keyid:64:0A:A2:C0:79:FD:E8:7A:54:51:5D:01:DE:21:BC:2E:85:DE:13:1A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZAqiwHn96HpUUV0B3iG8LoXeExo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/57784b-107a-42d9-a21d-3a98966f5e31/1/ZAqiwHn96HpUUV0B3iG8LoXeExo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/57784b-107a-42d9-a21d-3a98966f5e31/1/ZAqiwHn96HpUUV0B3iG8LoXeExo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2b:cb:d9:69:b4:39:05:db:01:b5:0c:99:b2:40:ba:2e:85:39: 2c:8e:d3:b0:8a:95:63:c6:f7:41:1e:07:8f:7d:77:67:1d:3c: 8a:b5:bc:93:ac:01:19:0d:92:bf:26:1a:fd:da:dd:a3:8f:46: 8e:dd:e9:7c:07:b7:28:c6:17:5c:61:ff:27:70:f4:da:db:40: de:54:e8:ab:d0:55:0a:33:02:34:bd:61:8a:55:a8:a9:84:c3: 61:43:b5:d5:7d:98:4b:f7:80:ae:3e:0f:a2:88:59:f4:cb:2c: c6:18:7f:20:d1:ba:6b:1d:88:4d:03:93:ab:e8:99:8d:a6:e3: 04:e6:15:42:99:dd:41:9d:dc:89:5f:86:29:35:8f:6a:5e:50: bf:b0:fe:7c:a4:5e:b3:7a:57:50:6a:51:04:d6:a4:06:38:5e: 91:43:01:b0:f0:23:67:42:b6:21:a6:89:30:32:8f:ba:d1:d4: cb:b4:20:ab:15:77:d2:7c:77:c1:92:cf:8c:03:fc:64:48:94: e5:c4:4d:e0:78:0c:35:67:03:38:3b:88:11:9d:5c:4e:78:68: 38:29:ae:7d:96:9d:1a:d1:0d:3c:df:f6:74:c5:1d:7b:3c:d0: 37:2e:60:54:29:28:5e:55:5d:f5:dd:aa:0f:de:c6:52:6b:68: c5:e0:89:3c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtHAnV66Bi5LCFMHyJU9p77MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY0MGFhMmMwNzlmZGU4N2E1NDUxNWQwMWRlMjFiYzJlODVk ZTEzMWEwHhcNMjUxMjIyMTcwMTQxWhcNMjUxMjIzMTcwMTQxWjAzMTEwLwYDVQQD EyhlZmNjNjllNDkyYzExNTM1YmYxYjcxNmNhNzBkNWY1NjMzZTY2NzFkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/Ak2kzJLSJMvVo81PCj99YWnm5E G0COFIJJlATIJUXW+xKB+fFkRW9FRpEJ5YF/VTJMVPDcaVWQLzOp+s7DZwEloqug 2bkLPxCLHOtxZsnn5rMJdfX6NyBm0gw51cwtVz7laHpw7fPruP/Gx9ewy+R7coQ1 +Tl6Tm2Rv74RfEisToOxAdLiTMJOCTV/HyYzxB+aAnhNH1lNhRD5J16Gp1E18ZA+ NG2r8MGOsHr2cbXi4r1jCTJCRZQrKnrt0Sma4lm8S/G8kv/EKv3nsIpddAmH/G45 lB7hbgaLIW2FxQVzaMzxZBYajvwn1hcUBD7b9AIhRx9Qq9ggdQzu3k/JMwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFO/MaeSSwRU1vxtxbKcNX1Yz5mcdMB8GA1UdIwQY MBaAFGQKosB5/eh6VFFdAd4hvC6F3hMaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWkFxaXdIbjk2SHBVVVYwQjNpRzhMb1hlRXhvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS81Nzc4NGItMTA3YS00MmQ5LWEyMWQt M2E5ODk2NmY1ZTMxLzEvWkFxaXdIbjk2SHBVVVYwQjNpRzhMb1hlRXhvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84ZS81Nzc4NGItMTA3YS00MmQ5LWEyMWQtM2E5ODk2NmY1ZTMx LzEvWkFxaXdIbjk2SHBVVVYwQjNpRzhMb1hlRXhvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAK8vZabQ5 BdsBtQyZskC6LoU5LI7TsIqVY8b3QR4Hj313Zx08irW8k6wBGQ2SvyYa/drdo49G jt3pfAe3KMYXXGH/J3D02ttA3lToq9BVCjMCNL1hilWoqYTDYUO11X2YS/eArj4P oohZ9Mssxhh/ING6ax2ITQOTq+iZjabjBOYVQpndQZ3ciV+GKTWPal5Qv7D+fKRe s3pXUGpRBNakBjhekUMBsPAjZ0K2IaaJMDKPutHUy7QgqxV30nx3wZLPjAP8ZEiU 5cRN4HgMNWcDODuIEZ1cTnhoOCmufZadGtENPN/2dMUdezzQNy5gVCkoXlVd9d2q D97GUmtoxeCJPA== -----END CERTIFICATE-----Generated at Mon Dec 22 20:30:07 2025 by rpki-client