This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/03a52d-f9b5-4f71-b428-2d90001570e1/1/zkyVbVLdh2NjwhME-cAl8H1fJjE.mft File: zkyVbVLdh2NjwhME-cAl8H1fJjE.mft (raw, json) Hash identifier: VXqKt+g+AHMfW9fLTxyffXrbT+kR+/XSlqNv8TUsPlI= Subject key identifier: AE:8F:73:EC:FB:DA:1B:4C:4C:54:03:E9:65:AE:8E:C6:A9:AF:FC:52 Authority key identifier: CE:4C:95:6D:52:DD:87:63:63:C2:13:04:F9:C0:25:F0:7D:5F:26:31 Certificate issuer: /CN=ce4c956d52dd876363c21304f9c025f07d5f2631 Certificate serial: 019B5976722A4E85AAF62B4869A021A1C12E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zkyVbVLdh2NjwhME-cAl8H1fJjE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/03a52d-f9b5-4f71-b428-2d90001570e1/1/zkyVbVLdh2NjwhME-cAl8H1fJjE.mft Manifest number: 0710 Signing time: Fri 26 Dec 2025 07:01:33 +0000 Manifest this update: Fri 26 Dec 2025 07:01:33 +0000 Manifest next update: Sat 27 Dec 2025 07:01:33 +0000 Files and hashes: 1: zkyVbVLdh2NjwhME-cAl8H1fJjE.crl (hash: j4FwZs3/lDcApRw0x03Tn9AtEJdyA77qLERL5vNDWmc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/03a52d-f9b5-4f71-b428-2d90001570e1/1/zkyVbVLdh2NjwhME-cAl8H1fJjE.crl rsync://rpki.ripe.net/repository/DEFAULT/aa/03a52d-f9b5-4f71-b428-2d90001570e1/1/zkyVbVLdh2NjwhME-cAl8H1fJjE.mft rsync://rpki.ripe.net/repository/DEFAULT/zkyVbVLdh2NjwhME-cAl8H1fJjE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:76:72:2a:4e:85:aa:f6:2b:48:69:a0:21:a1:c1:2e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ce4c956d52dd876363c21304f9c025f07d5f2631 Validity Not Before: Dec 26 07:01:33 2025 GMT Not After : Dec 27 07:01:33 2025 GMT Subject: CN=ae8f73ecfbda1b4c4c5403e965ae8ec6a9affc52 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:2d:72:ce:0b:e4:91:5f:9c:fc:c5:67:78:d6: 85:e8:61:d5:67:38:07:9e:8d:37:cb:56:01:98:09: 21:e9:c7:b8:e3:ec:54:b1:94:d9:0e:2c:8b:63:6a: 6c:94:2d:8e:01:1a:aa:51:a2:55:f2:04:86:07:32: f0:95:11:36:8b:f0:87:c8:c8:d3:03:54:a2:c6:f0: 6f:16:53:55:13:58:89:f0:70:95:8e:a1:c1:cb:9a: 69:1b:a6:7f:38:26:64:87:b4:3d:e7:20:df:4c:2e: e2:e1:42:c6:5d:01:61:2a:ad:1e:32:29:f1:7a:99: 4c:dd:f9:b4:6d:d3:4d:dd:ba:fe:78:49:50:98:30: c8:8f:85:b6:2f:52:9d:cf:54:ea:b3:69:c4:7f:e3: 0c:0f:3c:4b:e1:c2:ea:5e:9c:08:31:4d:6e:47:13: b0:2d:24:97:34:e8:d1:59:a5:c7:40:a2:cb:f2:94: 27:60:83:60:12:61:25:d6:f0:4b:a7:3b:15:a7:68: 46:3f:b4:e8:d7:42:ad:1d:13:e9:04:2c:a1:22:2b: 18:b1:83:35:ce:9f:e5:45:6c:b3:d5:4d:17:04:73: f3:90:44:dc:be:97:a0:6c:3d:11:0b:ba:5a:32:bd: ff:19:13:8c:04:e6:9b:8c:11:b1:f5:9e:ab:3f:b0: 0a:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AE:8F:73:EC:FB:DA:1B:4C:4C:54:03:E9:65:AE:8E:C6:A9:AF:FC:52 X509v3 Authority Key Identifier: keyid:CE:4C:95:6D:52:DD:87:63:63:C2:13:04:F9:C0:25:F0:7D:5F:26:31 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zkyVbVLdh2NjwhME-cAl8H1fJjE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/03a52d-f9b5-4f71-b428-2d90001570e1/1/zkyVbVLdh2NjwhME-cAl8H1fJjE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/03a52d-f9b5-4f71-b428-2d90001570e1/1/zkyVbVLdh2NjwhME-cAl8H1fJjE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0a:c6:bc:fd:62:94:f8:a1:be:dd:49:20:82:bb:ba:10:2e:51: 3b:14:b9:2b:69:2f:bc:d2:95:3d:0e:70:9c:71:66:e5:74:4e: a3:8f:18:90:54:f5:0d:b9:87:1d:12:f2:f7:38:47:49:01:ff: 17:4c:fa:81:f7:8f:27:2c:66:2b:70:80:f8:ed:b1:24:db:59: cf:ab:08:c3:e7:a6:a5:19:22:90:da:9b:fa:de:dd:fc:65:8e: 2f:56:c5:e7:40:30:90:b3:fa:19:c6:b9:82:22:78:22:54:be: b5:65:74:e5:5f:bd:a3:71:dd:c1:27:8d:db:c0:a5:1f:c7:28: 58:13:05:28:9a:50:f5:0c:0d:c3:1c:a9:1a:63:4d:4a:1a:87: d8:ef:2d:c2:5f:de:53:89:d0:51:22:03:b6:86:8e:d8:78:b0: ba:30:f9:6f:8c:1b:30:3f:21:d5:33:97:74:74:46:52:28:a6: f3:ab:f1:1c:b9:8a:3e:91:1c:07:20:13:e5:38:b5:c0:9d:4b: 44:e5:6f:e0:df:ab:2b:e0:d1:73:b4:ef:6c:16:d6:ba:ac:73: 47:dc:f0:e7:76:10:36:97:9a:b4:c8:a8:74:76:96:60:c9:7f: dc:52:e7:94:47:77:4e:d9:29:96:62:a2:77:d2:d7:21:f6:06: f2:96:10:86 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZdnIqToWq9itIaaAhocEuMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNlNGM5NTZkNTJkZDg3NjM2M2MyMTMwNGY5YzAyNWYwN2Q1 ZjI2MzEwHhcNMjUxMjI2MDcwMTMzWhcNMjUxMjI3MDcwMTMzWjAzMTEwLwYDVQQD EyhhZThmNzNlY2ZiZGExYjRjNGM1NDAzZTk2NWFlOGVjNmE5YWZmYzUyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsS1yzgvkkV+c/MVneNaF6GHVZzgH no03y1YBmAkh6ce44+xUsZTZDiyLY2pslC2OARqqUaJV8gSGBzLwlRE2i/CHyMjT A1SixvBvFlNVE1iJ8HCVjqHBy5ppG6Z/OCZkh7Q95yDfTC7i4ULGXQFhKq0eMinx eplM3fm0bdNN3br+eElQmDDIj4W2L1Kdz1Tqs2nEf+MMDzxL4cLqXpwIMU1uRxOw LSSXNOjRWaXHQKLL8pQnYINgEmEl1vBLpzsVp2hGP7To10KtHRPpBCyhIisYsYM1 zp/lRWyz1U0XBHPzkETcvpegbD0RC7paMr3/GROMBOabjBGx9Z6rP7AKNQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFK6Pc+z72htMTFQD6WWujsapr/xSMB8GA1UdIwQY MBaAFM5MlW1S3YdjY8ITBPnAJfB9XyYxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvemt5VmJWTGRoMk5qd2hNRS1jQWw4SDFmSmpFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8wM2E1MmQtZjliNS00ZjcxLWI0Mjgt MmQ5MDAwMTU3MGUxLzEvemt5VmJWTGRoMk5qd2hNRS1jQWw4SDFmSmpFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hYS8wM2E1MmQtZjliNS00ZjcxLWI0MjgtMmQ5MDAwMTU3MGUx LzEvemt5VmJWTGRoMk5qd2hNRS1jQWw4SDFmSmpFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACsa8/WKU +KG+3Ukggru6EC5ROxS5K2kvvNKVPQ5wnHFm5XROo48YkFT1DbmHHRLy9zhHSQH/ F0z6gfePJyxmK3CA+O2xJNtZz6sIw+empRkikNqb+t7d/GWOL1bF50AwkLP6Gca5 giJ4IlS+tWV05V+9o3HdwSeN28ClH8coWBMFKJpQ9QwNwxypGmNNShqH2O8twl/e U4nQUSIDtoaO2HiwujD5b4wbMD8h1TOXdHRGUiim86vxHLmKPpEcByAT5Ti1wJ1L ROVv4N+rK+DRc7TvbBbWuqxzR9zw53YQNpeatMiodHaWYMl/3FLnlEd3TtkplmKi d9LXIfYG8pYQhg== -----END CERTIFICATE-----Generated at Fri Dec 26 15:46:33 2025 by rpki-client