This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/27cbd0-a7b9-45fb-9954-78d1144ad967/1/zl1FYESPeKTc3LeRoH2tIWOgjN8.mft File: zl1FYESPeKTc3LeRoH2tIWOgjN8.mft (raw, json) Hash identifier: Aq0UVJgiJpqjBVnGvI8aGoa3Oi+eO+QP9GyXMZsYfjA= Subject key identifier: D5:52:CC:65:17:47:0C:51:52:28:99:68:AD:A6:02:A7:1F:9D:35:12 Authority key identifier: CE:5D:45:60:44:8F:78:A4:DC:DC:B7:91:A0:7D:AD:21:63:A0:8C:DF Certificate issuer: /CN=ce5d4560448f78a4dcdcb791a07dad2163a08cdf Certificate serial: 019B3A8F941E2B878E63BBF93091CA68C2A2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zl1FYESPeKTc3LeRoH2tIWOgjN8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/27cbd0-a7b9-45fb-9954-78d1144ad967/1/zl1FYESPeKTc3LeRoH2tIWOgjN8.mft Manifest number: 171A Signing time: Sat 20 Dec 2025 07:00:46 +0000 Manifest this update: Sat 20 Dec 2025 07:00:46 +0000 Manifest next update: Sun 21 Dec 2025 07:00:46 +0000 Files and hashes: 1: DnVFEpYRkYdsvx6fTEjYM0mnXYg.roa (hash: Q/XnpIbexx4X2BOItVZgFWxgUIF3KGLUNsRlADlMLPI=) 2: zl1FYESPeKTc3LeRoH2tIWOgjN8.crl (hash: kQMAcXf1XhdC5nfwFEWtxLO1PJgYw1HlnW3vGmQtIcY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/04/27cbd0-a7b9-45fb-9954-78d1144ad967/1/zl1FYESPeKTc3LeRoH2tIWOgjN8.crl rsync://rpki.ripe.net/repository/DEFAULT/04/27cbd0-a7b9-45fb-9954-78d1144ad967/1/zl1FYESPeKTc3LeRoH2tIWOgjN8.mft rsync://rpki.ripe.net/repository/DEFAULT/zl1FYESPeKTc3LeRoH2tIWOgjN8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 01:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3a:8f:94:1e:2b:87:8e:63:bb:f9:30:91:ca:68:c2:a2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ce5d4560448f78a4dcdcb791a07dad2163a08cdf Validity Not Before: Dec 20 07:00:46 2025 GMT Not After : Dec 21 07:00:46 2025 GMT Subject: CN=d552cc6517470c5152289968ada602a71f9d3512 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:24:8e:33:0b:e9:f2:6f:79:eb:94:cc:2c:c5: 24:31:8b:fb:6b:a3:71:f2:8a:db:8d:15:b1:6a:ea: fc:f4:9c:75:93:3e:67:92:ca:44:89:26:b5:ba:5c: 09:f4:30:5c:61:9a:a3:37:8f:5e:67:fb:11:12:0b: 83:af:e1:a4:9b:33:45:f7:6e:7a:99:5e:cf:d6:77: 42:5b:0b:a1:ee:27:1e:31:0a:7c:0f:14:72:f6:d5: ac:41:fd:35:8c:92:04:7d:41:b6:20:e9:af:61:12: 38:5f:bb:00:60:cc:ec:cd:7e:08:53:ed:56:b1:fe: 13:fc:8a:15:76:19:88:80:fe:9c:74:9d:c5:ef:fd: e2:29:f6:7a:7a:89:a1:cc:08:fe:72:9e:35:62:46: 5a:a0:73:85:a1:11:03:5d:92:71:17:17:04:1c:8a: c4:60:f5:6b:b6:1a:b6:cb:dc:fd:f8:c3:1f:ce:ac: 7e:9d:5d:99:f0:6a:29:0c:bd:f9:9e:67:a5:1e:d5: 72:0c:27:4c:38:78:c6:b2:d5:85:6b:a2:a3:b8:33: 9d:88:b8:fe:a2:4f:8e:7b:48:54:68:90:00:16:c9: b9:d1:0a:fb:18:ff:14:78:f5:6e:6c:ec:ec:99:f2: 67:26:b4:89:72:13:be:3c:81:74:ed:e1:1c:43:56: 9d:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D5:52:CC:65:17:47:0C:51:52:28:99:68:AD:A6:02:A7:1F:9D:35:12 X509v3 Authority Key Identifier: keyid:CE:5D:45:60:44:8F:78:A4:DC:DC:B7:91:A0:7D:AD:21:63:A0:8C:DF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zl1FYESPeKTc3LeRoH2tIWOgjN8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/27cbd0-a7b9-45fb-9954-78d1144ad967/1/zl1FYESPeKTc3LeRoH2tIWOgjN8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/04/27cbd0-a7b9-45fb-9954-78d1144ad967/1/zl1FYESPeKTc3LeRoH2tIWOgjN8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a6:05:a5:ef:40:a4:5f:01:32:90:83:9b:7d:a8:0c:b8:be:10: 8e:34:73:f7:3e:a9:23:f5:d7:3a:26:c6:0d:20:30:27:8b:6e: 84:3b:cf:4a:53:21:4f:c0:97:de:65:ff:72:e6:2a:8d:92:22: 1a:c1:66:5e:b7:97:fc:99:42:9c:15:9f:e6:0c:ef:29:11:2a: b7:0c:2c:0a:7f:03:21:11:1a:0c:be:69:03:7a:b2:e5:73:b2: ab:93:95:31:0a:1e:d8:39:38:42:19:1a:d4:5d:df:47:e9:7a: e2:95:1b:3c:43:eb:41:a2:71:42:f5:d3:af:f1:cc:9f:ba:1d: 41:01:d0:bf:0e:fb:f7:a1:3b:40:a1:b1:03:64:03:e5:58:0e: b6:ef:38:da:ac:f6:2a:4a:db:55:00:f9:5b:b4:f1:c7:5c:b0: de:de:41:80:4d:1f:aa:51:f9:c6:c7:d1:da:d2:b9:bb:1a:a5: 35:88:3a:4d:cc:6b:c6:b0:32:47:9a:a6:96:bb:30:94:5e:42: b5:f1:64:a1:f7:31:fe:e0:8e:7d:75:82:0b:2f:39:58:bc:82: a7:d5:cc:92:50:47:fd:51:c5:48:e9:9b:e5:11:bf:84:db:f1: c7:77:ab:de:ef:fc:0a:44:f7:cc:88:2a:b8:3e:63:be:38:a5: d8:7a:90:25 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs6j5QeK4eOY7v5MJHKaMKiMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNlNWQ0NTYwNDQ4Zjc4YTRkY2RjYjc5MWEwN2RhZDIxNjNh MDhjZGYwHhcNMjUxMjIwMDcwMDQ2WhcNMjUxMjIxMDcwMDQ2WjAzMTEwLwYDVQQD EyhkNTUyY2M2NTE3NDcwYzUxNTIyODk5NjhhZGE2MDJhNzFmOWQzNTEyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvSSOMwvp8m9565TMLMUkMYv7a6Nx 8orbjRWxaur89Jx1kz5nkspEiSa1ulwJ9DBcYZqjN49eZ/sREguDr+GkmzNF9256 mV7P1ndCWwuh7iceMQp8DxRy9tWsQf01jJIEfUG2IOmvYRI4X7sAYMzszX4IU+1W sf4T/IoVdhmIgP6cdJ3F7/3iKfZ6eomhzAj+cp41YkZaoHOFoREDXZJxFxcEHIrE YPVrthq2y9z9+MMfzqx+nV2Z8GopDL35nmelHtVyDCdMOHjGstWFa6KjuDOdiLj+ ok+Oe0hUaJAAFsm50Qr7GP8UePVubOzsmfJnJrSJchO+PIF07eEcQ1adjwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNVSzGUXRwxRUiiZaK2mAqcfnTUSMB8GA1UdIwQY MBaAFM5dRWBEj3ik3Ny3kaB9rSFjoIzfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvemwxRllFU1BlS1RjM0xlUm9IMnRJV09nak44LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC8yN2NiZDAtYTdiOS00NWZiLTk5NTQt NzhkMTE0NGFkOTY3LzEvemwxRllFU1BlS1RjM0xlUm9IMnRJV09nak44Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wNC8yN2NiZDAtYTdiOS00NWZiLTk5NTQtNzhkMTE0NGFkOTY3 LzEvemwxRllFU1BlS1RjM0xlUm9IMnRJV09nak44LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApgWl70Ck XwEykIObfagMuL4QjjRz9z6pI/XXOibGDSAwJ4tuhDvPSlMhT8CX3mX/cuYqjZIi GsFmXreX/JlCnBWf5gzvKREqtwwsCn8DIREaDL5pA3qy5XOyq5OVMQoe2Dk4Qhka 1F3fR+l64pUbPEPrQaJxQvXTr/HMn7odQQHQvw7796E7QKGxA2QD5VgOtu842qz2 KkrbVQD5W7Txx1yw3t5BgE0fqlH5xsfR2tK5uxqlNYg6TcxrxrAyR5qmlrswlF5C tfFkofcx/uCOfXWCCy85WLyCp9XMklBH/VHFSOmb5RG/hNvxx3er3u/8CkT3zIgq uD5jvjil2HqQJQ== -----END CERTIFICATE-----Generated at Sat Dec 20 10:47:28 2025 by rpki-client