This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/3689be-8152-4bad-b996-3cda71373dc9/1/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.mft File: zbxDGxyYhtwrIQCNzP3hjbc1Nxw.mft (raw, json) Hash identifier: kuxNk6xTfqBOklrGbTeMnlKd0TnzKFdzJl6APIzD64Y= Subject key identifier: D0:49:9F:E1:AA:8E:AC:A5:AE:B8:61:DF:62:99:DB:11:52:B3:E5:B1 Authority key identifier: CD:BC:43:1B:1C:98:86:DC:2B:21:00:8D:CC:FD:E1:8D:B7:35:37:1C Certificate issuer: /CN=cdbc431b1c9886dc2b21008dccfde18db735371c Certificate serial: 019B4A03B4E790C8E793C8C8E196B8CE590F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/3689be-8152-4bad-b996-3cda71373dc9/1/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.mft Manifest number: 0509 Signing time: Tue 23 Dec 2025 07:01:55 +0000 Manifest this update: Tue 23 Dec 2025 07:01:55 +0000 Manifest next update: Wed 24 Dec 2025 07:01:55 +0000 Files and hashes: 1: zbxDGxyYhtwrIQCNzP3hjbc1Nxw.crl (hash: KTglmk07j/mNV6ZezboKboogGWD1sNeIoF6SucTKQBw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/3689be-8152-4bad-b996-3cda71373dc9/1/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.crl rsync://rpki.ripe.net/repository/DEFAULT/c3/3689be-8152-4bad-b996-3cda71373dc9/1/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.mft rsync://rpki.ripe.net/repository/DEFAULT/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 23:03:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4a:03:b4:e7:90:c8:e7:93:c8:c8:e1:96:b8:ce:59:0f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cdbc431b1c9886dc2b21008dccfde18db735371c Validity Not Before: Dec 23 07:01:55 2025 GMT Not After : Dec 24 07:01:55 2025 GMT Subject: CN=d0499fe1aa8eaca5aeb861df6299db1152b3e5b1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:47:56:d7:d9:01:ad:ff:c0:77:d3:77:ce:38: df:51:1b:4a:5c:c6:70:ef:1c:06:8f:54:6b:09:24: d7:f3:69:cc:5a:ba:42:bf:e8:9a:39:9e:5b:9e:c7: 31:04:cc:0f:23:d9:a5:34:db:97:41:71:cb:7c:41: b0:4d:9d:06:5b:2a:24:2f:c0:4c:4c:e0:b0:26:a0: 9a:3c:64:c2:df:14:d4:e8:67:04:ec:fa:5b:86:c6: e7:90:f9:82:72:fb:4e:4f:c7:47:1d:a7:9a:3f:cb: 9a:6f:7b:7c:2b:e6:76:5d:2e:3e:78:33:28:50:d2: 79:c7:51:35:ee:2e:88:f6:a1:b8:4b:5c:bb:3f:19: 4c:00:07:ab:2f:28:c2:69:8a:6b:91:f6:af:b5:a7: e9:10:a4:61:36:be:6c:e7:b8:b6:cf:33:32:f3:de: 6b:98:45:2f:3b:d4:06:38:62:03:f3:68:23:ff:6c: 33:29:9f:5c:80:38:f6:7e:8f:d6:22:1b:51:ae:1a: db:9e:5d:ce:8b:82:72:4e:36:ea:3e:0d:c2:c1:09: 41:ab:f5:a8:19:89:29:b9:3a:8d:19:34:fa:9b:55: 10:9a:10:51:8b:c1:3e:fe:20:a8:57:ec:23:59:37: 1b:c1:3e:9d:b3:55:3a:d1:00:62:ab:1a:25:1a:47: 78:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D0:49:9F:E1:AA:8E:AC:A5:AE:B8:61:DF:62:99:DB:11:52:B3:E5:B1 X509v3 Authority Key Identifier: keyid:CD:BC:43:1B:1C:98:86:DC:2B:21:00:8D:CC:FD:E1:8D:B7:35:37:1C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/3689be-8152-4bad-b996-3cda71373dc9/1/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/3689be-8152-4bad-b996-3cda71373dc9/1/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2f:9b:b7:f9:39:b2:d5:2b:3c:22:90:17:8d:6e:be:dd:41:35: ae:78:7f:c0:25:eb:2d:3f:43:6b:9a:55:24:89:07:2a:e6:19: e7:12:14:10:e6:c4:fe:a3:20:6f:73:c5:54:f0:51:35:6d:fe: a5:9d:74:1a:27:ec:b0:54:52:12:e0:76:10:0a:7d:ef:a1:59: 97:cf:93:fd:af:ea:66:d6:b2:5c:62:5e:2e:0c:e1:f4:f5:bc: b8:66:ed:eb:b8:8b:88:61:2b:c2:9e:70:67:51:87:a4:18:69: 00:e2:1f:67:8d:fa:fa:70:d8:93:ec:3e:79:62:64:bd:b6:6f: 41:ce:29:9f:16:e8:bc:e7:e1:b1:58:ea:01:5f:5b:58:09:ec: 61:60:1b:74:b8:20:72:8a:48:09:6c:b8:56:d5:f3:cd:c7:35: 63:4e:9e:61:bc:42:40:6e:e1:90:da:42:40:56:65:c2:b9:c1: 86:7d:f2:c2:d7:81:30:a1:b9:41:5d:f5:15:35:11:87:87:a3: 83:b9:f4:fb:4e:28:0b:34:d9:cd:5a:84:24:1f:b7:f9:78:09: e4:c9:a5:6e:f8:fc:0d:15:6a:56:b1:c7:6a:a2:93:38:92:af: 95:12:24:7d:d1:04:67:85:cf:dc:e1:d0:30:cc:98:ee:ce:29: 69:13:e7:9c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtKA7TnkMjnk8jI4Za4zlkPMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNkYmM0MzFiMWM5ODg2ZGMyYjIxMDA4ZGNjZmRlMThkYjcz NTM3MWMwHhcNMjUxMjIzMDcwMTU1WhcNMjUxMjI0MDcwMTU1WjAzMTEwLwYDVQQD EyhkMDQ5OWZlMWFhOGVhY2E1YWViODYxZGY2Mjk5ZGIxMTUyYjNlNWIxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqkdW19kBrf/Ad9N3zjjfURtKXMZw 7xwGj1RrCSTX82nMWrpCv+iaOZ5bnscxBMwPI9mlNNuXQXHLfEGwTZ0GWyokL8BM TOCwJqCaPGTC3xTU6GcE7PpbhsbnkPmCcvtOT8dHHaeaP8uab3t8K+Z2XS4+eDMo UNJ5x1E17i6I9qG4S1y7PxlMAAerLyjCaYprkfavtafpEKRhNr5s57i2zzMy895r mEUvO9QGOGID82gj/2wzKZ9cgDj2fo/WIhtRrhrbnl3Oi4JyTjbqPg3CwQlBq/Wo GYkpuTqNGTT6m1UQmhBRi8E+/iCoV+wjWTcbwT6ds1U60QBiqxolGkd4JwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNBJn+Gqjqylrrhh32KZ2xFSs+WxMB8GA1UdIwQY MBaAFM28QxscmIbcKyEAjcz94Y23NTccMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvemJ4REd4eVlodHdySVFDTnpQM2hqYmMxTnh3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zNjg5YmUtODE1Mi00YmFkLWI5OTYt M2NkYTcxMzczZGM5LzEvemJ4REd4eVlodHdySVFDTnpQM2hqYmMxTnh3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jMy8zNjg5YmUtODE1Mi00YmFkLWI5OTYtM2NkYTcxMzczZGM5 LzEvemJ4REd4eVlodHdySVFDTnpQM2hqYmMxTnh3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAL5u3+Tmy 1Ss8IpAXjW6+3UE1rnh/wCXrLT9Da5pVJIkHKuYZ5xIUEObE/qMgb3PFVPBRNW3+ pZ10GifssFRSEuB2EAp976FZl8+T/a/qZtayXGJeLgzh9PW8uGbt67iLiGErwp5w Z1GHpBhpAOIfZ436+nDYk+w+eWJkvbZvQc4pnxbovOfhsVjqAV9bWAnsYWAbdLgg copICWy4VtXzzcc1Y06eYbxCQG7hkNpCQFZlwrnBhn3ywteBMKG5QV31FTURh4ej g7n0+04oCzTZzVqEJB+3+XgJ5Mmlbvj8DRVqVrHHaqKTOJKvlRIkfdEEZ4XP3OHQ MMyY7s4paRPnnA== -----END CERTIFICATE-----Generated at Tue Dec 23 08:25:10 2025 by rpki-client