This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/c77797-0ec7-4a0e-a542-c408576089b1/1/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.mft File: 2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.mft (raw, json) Hash identifier: A4gs8AgsG0O+E+9ijaVEFwiKb/6yUlAKlWDz99V0ubU= Subject key identifier: FE:90:6A:9B:2A:F3:0F:11:34:8E:2A:64:10:0F:F7:25:44:57:76:0C Authority key identifier: D9:91:D6:89:0F:91:FB:2C:D7:79:31:B8:09:BD:B1:EB:05:09:13:49 Certificate issuer: /CN=d991d6890f91fb2cd77931b809bdb1eb05091349 Certificate serial: 019B5B64C2CD67D77E32E9B057298ABABE9B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/c77797-0ec7-4a0e-a542-c408576089b1/1/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.mft Manifest number: 1233 Signing time: Fri 26 Dec 2025 16:01:28 +0000 Manifest this update: Fri 26 Dec 2025 16:01:28 +0000 Manifest next update: Sat 27 Dec 2025 16:01:28 +0000 Files and hashes: 1: 2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.crl (hash: 7Mxt78SJPl+zzetTAcY0qiuHglaL3RV8UIUmateaf4s=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/c77797-0ec7-4a0e-a542-c408576089b1/1/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.crl rsync://rpki.ripe.net/repository/DEFAULT/8e/c77797-0ec7-4a0e-a542-c408576089b1/1/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.mft rsync://rpki.ripe.net/repository/DEFAULT/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 11:47:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5b:64:c2:cd:67:d7:7e:32:e9:b0:57:29:8a:ba:be:9b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d991d6890f91fb2cd77931b809bdb1eb05091349 Validity Not Before: Dec 26 16:01:28 2025 GMT Not After : Dec 27 16:01:28 2025 GMT Subject: CN=fe906a9b2af30f11348e2a64100ff7254457760c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:76:11:ac:b9:5b:99:46:ba:b2:40:26:e6:00: a5:6b:21:c4:b9:9c:e0:1a:81:2f:a4:c3:9e:d2:ba: 8e:7e:29:bd:db:93:e8:d1:ad:11:de:f5:83:3d:07: 83:d4:4f:e2:d3:53:72:69:c8:3b:b8:28:79:31:73: f0:ee:f4:be:5c:f5:49:f8:3a:75:1d:97:7f:76:1e: 26:aa:b7:4b:f6:88:d5:31:7b:67:42:17:6b:8e:0a: b2:f6:a1:e4:63:ea:96:2c:61:78:d7:8e:5e:2f:d1: 7f:bc:57:3c:bc:d8:66:6d:30:8f:74:f6:be:c8:9b: a3:7d:d7:3a:ed:d6:d3:5c:ec:ef:4e:d7:08:67:30: da:64:34:5f:7b:47:6b:e6:7d:d9:93:fb:0f:0e:8c: c0:96:e6:ff:11:29:92:ac:29:04:bc:ba:70:1d:9d: 63:02:a9:35:e4:fc:c4:d4:66:0c:5f:88:d7:ab:fd: 64:2c:00:be:bc:4c:e2:ce:10:ff:fd:37:d8:b3:60: 1e:f4:72:a1:e6:aa:11:ff:28:0a:22:84:13:e7:d0: 6f:d3:6a:da:85:70:dc:15:37:37:99:9e:7e:02:45: a5:ef:c6:86:cd:6e:97:47:1d:ca:f2:79:12:86:1d: a5:d6:02:56:90:9f:1b:c4:88:ca:91:19:b1:5a:8e: af:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FE:90:6A:9B:2A:F3:0F:11:34:8E:2A:64:10:0F:F7:25:44:57:76:0C X509v3 Authority Key Identifier: keyid:D9:91:D6:89:0F:91:FB:2C:D7:79:31:B8:09:BD:B1:EB:05:09:13:49 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/c77797-0ec7-4a0e-a542-c408576089b1/1/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/c77797-0ec7-4a0e-a542-c408576089b1/1/2ZHWiQ-R-yzXeTG4Cb2x6wUJE0k.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 76:f7:2a:cc:58:6a:44:69:d5:d4:3e:f5:be:04:21:01:c0:4d: 83:2f:c8:c3:a6:82:6f:92:39:ce:aa:a8:28:3a:ac:6b:7f:b9: b2:7f:be:48:16:40:c7:55:89:28:7b:36:5f:1f:54:ef:89:15: 46:7a:13:72:a2:33:8a:84:ef:f3:79:5c:f1:86:d5:01:a1:7d: 46:18:e3:8a:6d:c1:62:fc:7a:63:32:2f:3e:44:25:c7:fd:fb: 8c:23:72:9e:77:45:eb:65:5e:2e:b3:99:13:91:6d:b4:96:c1: 05:cc:d9:30:b2:86:1b:84:24:ab:cb:a2:be:d6:ba:c8:df:dd: ce:2f:71:13:21:4c:c0:08:8c:a0:e2:b9:26:a5:e0:e0:fb:f3: 5c:ff:56:c9:f7:c0:76:2a:25:a1:91:bf:ab:a8:d7:89:ac:19: 53:ac:92:09:7d:fd:05:bc:46:95:6d:29:41:c6:5b:d0:06:64: d5:c5:06:72:70:37:2f:ad:5d:ff:a8:bf:14:3e:53:3a:79:17: b8:f0:d3:b3:cf:86:e2:bd:37:b3:03:3a:79:a3:19:e8:28:a4: 80:0c:79:b5:01:24:96:31:5d:4d:e5:a2:d9:62:e8:5f:ce:81: 1f:63:47:8a:2d:7b:17:49:32:fb:e6:6b:d2:cf:6b:81:ef:98: b3:1b:fe:a8 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtbZMLNZ9d+MumwVymKur6bMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ5OTFkNjg5MGY5MWZiMmNkNzc5MzFiODA5YmRiMWViMDUw OTEzNDkwHhcNMjUxMjI2MTYwMTI4WhcNMjUxMjI3MTYwMTI4WjAzMTEwLwYDVQQD EyhmZTkwNmE5YjJhZjMwZjExMzQ4ZTJhNjQxMDBmZjcyNTQ0NTc3NjBjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu3YRrLlbmUa6skAm5gClayHEuZzg GoEvpMOe0rqOfim925Po0a0R3vWDPQeD1E/i01Nyacg7uCh5MXPw7vS+XPVJ+Dp1 HZd/dh4mqrdL9ojVMXtnQhdrjgqy9qHkY+qWLGF4145eL9F/vFc8vNhmbTCPdPa+ yJujfdc67dbTXOzvTtcIZzDaZDRfe0dr5n3Zk/sPDozAlub/ESmSrCkEvLpwHZ1j Aqk15PzE1GYMX4jXq/1kLAC+vEzizhD//TfYs2Ae9HKh5qoR/ygKIoQT59Bv02ra hXDcFTc3mZ5+AkWl78aGzW6XRx3K8nkShh2l1gJWkJ8bxIjKkRmxWo6vAwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFP6Qapsq8w8RNI4qZBAP9yVEV3YMMB8GA1UdIwQY MBaAFNmR1okPkfss13kxuAm9sesFCRNJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMlpIV2lRLVIteXpYZVRHNENiMng2d1VKRTBrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9jNzc3OTctMGVjNy00YTBlLWE1NDIt YzQwODU3NjA4OWIxLzEvMlpIV2lRLVIteXpYZVRHNENiMng2d1VKRTBrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84ZS9jNzc3OTctMGVjNy00YTBlLWE1NDItYzQwODU3NjA4OWIx LzEvMlpIV2lRLVIteXpYZVRHNENiMng2d1VKRTBrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdvcqzFhq RGnV1D71vgQhAcBNgy/Iw6aCb5I5zqqoKDqsa3+5sn++SBZAx1WJKHs2Xx9U74kV RnoTcqIzioTv83lc8YbVAaF9Rhjjim3BYvx6YzIvPkQlx/37jCNynndF62VeLrOZ E5FttJbBBczZMLKGG4Qkq8uivta6yN/dzi9xEyFMwAiMoOK5JqXg4PvzXP9WyffA dioloZG/q6jXiawZU6ySCX39BbxGlW0pQcZb0AZk1cUGcnA3L61d/6i/FD5TOnkX uPDTs8+G4r03swM6eaMZ6CikgAx5tQEkljFdTeWi2WLoX86BH2NHii17F0ky++Zr 0s9rge+Ysxv+qA== -----END CERTIFICATE-----Generated at Fri Dec 26 17:21:19 2025 by rpki-client