This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.mft File: ZU1pIWDdRicDh5kpfUd1FIDQfxY.mft (raw, json) Hash identifier: AFS2AvK9ouv+R1rsFjB3zZ8wdMVCezxzsiNvJWoyRAg= Subject key identifier: F4:53:21:BC:A7:2C:06:96:A9:B2:CA:06:82:D1:C5:F5:E5:9A:6D:4E Authority key identifier: 65:4D:69:21:60:DD:46:27:03:87:99:29:7D:47:75:14:80:D0:7F:16 Certificate issuer: /CN=654d692160dd4627038799297d47751480d07f16 Certificate serial: 019B4C95B20B0352132D7CC746B22D53BA8E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZU1pIWDdRicDh5kpfUd1FIDQfxY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.mft Manifest number: 15FD Signing time: Tue 23 Dec 2025 19:00:37 +0000 Manifest this update: Tue 23 Dec 2025 19:00:37 +0000 Manifest next update: Wed 24 Dec 2025 19:00:37 +0000 Files and hashes: 1: ZU1pIWDdRicDh5kpfUd1FIDQfxY.crl (hash: wXbSJ/f2G5uutESBJIdBZeHJ8MR6zuOwjpRMRGs00Nw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.crl rsync://rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.mft rsync://rpki.ripe.net/repository/DEFAULT/ZU1pIWDdRicDh5kpfUd1FIDQfxY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 24 Dec 2025 15:46:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4c:95:b2:0b:03:52:13:2d:7c:c7:46:b2:2d:53:ba:8e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=654d692160dd4627038799297d47751480d07f16 Validity Not Before: Dec 23 19:00:37 2025 GMT Not After : Dec 24 19:00:37 2025 GMT Subject: CN=f45321bca72c0696a9b2ca0682d1c5f5e59a6d4e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:f8:7b:05:3e:8d:ad:41:02:5d:4b:8a:a7:89: b5:d6:ac:a4:63:d6:1a:fa:6f:c9:b5:f0:6f:fe:c0: 60:ed:e0:2d:84:ce:0e:fa:44:78:09:42:4e:a0:30: aa:34:44:2e:ca:0d:62:a8:c4:dc:cc:54:d8:b1:01: 57:c4:8b:33:ce:17:2e:ee:f7:32:63:d2:11:cd:67: 47:a2:de:f0:d6:32:b8:a0:74:81:70:16:2b:8d:3d: c3:f6:6a:08:52:9b:40:78:c9:16:d7:44:98:f7:ce: bb:66:1c:a9:5f:18:f7:38:75:4b:ea:da:fb:2d:38: f4:be:80:24:f3:5b:85:a6:f5:00:d0:8b:9e:4a:37: 29:8f:0b:66:35:31:c5:e4:68:9e:df:72:d3:ac:95: 13:a8:30:43:48:a4:09:99:11:86:a4:30:2c:08:32: 78:6e:36:cd:b4:81:e0:ea:ea:11:01:b9:90:71:06: af:9b:29:3b:a6:53:8a:82:24:0f:6e:38:f2:8c:6a: fd:e0:30:99:a9:b6:ad:24:2d:52:9e:ba:6e:69:67: 1c:9f:03:47:70:a4:75:bb:96:b7:bc:50:c6:1b:cf: 6b:d4:ee:ad:3a:18:b5:5d:44:27:66:ab:2d:a5:45: a3:3f:e4:4f:b1:91:15:62:a8:37:d2:2b:eb:50:c2: 7a:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F4:53:21:BC:A7:2C:06:96:A9:B2:CA:06:82:D1:C5:F5:E5:9A:6D:4E X509v3 Authority Key Identifier: keyid:65:4D:69:21:60:DD:46:27:03:87:99:29:7D:47:75:14:80:D0:7F:16 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZU1pIWDdRicDh5kpfUd1FIDQfxY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/399058-81c7-46d8-a8f4-61f1c1bcbecd/1/ZU1pIWDdRicDh5kpfUd1FIDQfxY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 80:8e:ff:5c:48:bb:01:05:28:4b:5a:ab:1e:bb:80:4c:e4:4c: cd:56:f1:65:7d:f4:c2:b2:0e:72:00:6f:65:c5:7c:a5:c7:06: 3e:54:3d:2e:87:01:58:4f:a0:30:96:2e:a3:51:65:a7:e0:93: 6e:9b:ff:2f:b7:17:e0:ab:0e:20:e6:36:48:d4:43:1c:00:87: 7c:02:ba:fc:af:9d:8a:30:07:db:67:65:72:14:f5:70:20:ad: 0b:34:78:d7:fc:46:69:f4:cc:d3:45:48:d4:c5:31:1b:30:91: ae:79:fb:ff:5e:e1:5a:06:60:09:60:32:e8:24:df:26:6a:b4: 1d:45:b2:3f:ac:ef:2c:2f:e0:98:c3:26:dd:29:b9:96:fa:9a: 76:d9:a4:3d:f3:1d:7d:42:4a:a1:39:f8:1a:37:8c:f3:91:fc: 62:f1:b4:d3:4b:20:a3:e1:a5:09:06:c2:f5:56:a2:22:e4:6d: 31:56:03:84:c0:6d:69:06:73:92:eb:b0:9d:15:bc:87:fb:f8: 16:7b:09:2f:64:e9:e6:04:a9:1c:6f:fc:e5:1d:7e:f3:e1:6f: 5a:42:da:77:63:00:d0:83:89:55:d1:0a:b9:c2:e8:08:dd:f7: c6:7a:f2:83:54:40:4c:66:d3:ad:9f:82:1c:e4:40:5d:b7:64: 12:5c:d7:e5 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtMlbILA1ITLXzHRrItU7qOMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY1NGQ2OTIxNjBkZDQ2MjcwMzg3OTkyOTdkNDc3NTE0ODBk MDdmMTYwHhcNMjUxMjIzMTkwMDM3WhcNMjUxMjI0MTkwMDM3WjAzMTEwLwYDVQQD EyhmNDUzMjFiY2E3MmMwNjk2YTliMmNhMDY4MmQxYzVmNWU1OWE2ZDRlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApfh7BT6NrUECXUuKp4m11qykY9Ya +m/JtfBv/sBg7eAthM4O+kR4CUJOoDCqNEQuyg1iqMTczFTYsQFXxIszzhcu7vcy Y9IRzWdHot7w1jK4oHSBcBYrjT3D9moIUptAeMkW10SY9867ZhypXxj3OHVL6tr7 LTj0voAk81uFpvUA0IueSjcpjwtmNTHF5Gie33LTrJUTqDBDSKQJmRGGpDAsCDJ4 bjbNtIHg6uoRAbmQcQavmyk7plOKgiQPbjjyjGr94DCZqbatJC1SnrpuaWccnwNH cKR1u5a3vFDGG89r1O6tOhi1XUQnZqstpUWjP+RPsZEVYqg30ivrUMJ6JwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPRTIbynLAaWqbLKBoLRxfXlmm1OMB8GA1UdIwQY MBaAFGVNaSFg3UYnA4eZKX1HdRSA0H8WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWlUxcElXRGRSaWNEaDVrcGZVZDFGSURRZnhZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8zOTkwNTgtODFjNy00NmQ4LWE4ZjQt NjFmMWMxYmNiZWNkLzEvWlUxcElXRGRSaWNEaDVrcGZVZDFGSURRZnhZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wZi8zOTkwNTgtODFjNy00NmQ4LWE4ZjQtNjFmMWMxYmNiZWNk LzEvWlUxcElXRGRSaWNEaDVrcGZVZDFGSURRZnhZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgI7/XEi7 AQUoS1qrHruATORMzVbxZX30wrIOcgBvZcV8pccGPlQ9LocBWE+gMJYuo1Flp+CT bpv/L7cX4KsOIOY2SNRDHACHfAK6/K+dijAH22dlchT1cCCtCzR41/xGafTM00VI 1MUxGzCRrnn7/17hWgZgCWAy6CTfJmq0HUWyP6zvLC/gmMMm3Sm5lvqadtmkPfMd fUJKoTn4GjeM85H8YvG000sgo+GlCQbC9VaiIuRtMVYDhMBtaQZzkuuwnRW8h/v4 FnsJL2Tp5gSpHG/85R1+8+FvWkLad2MA0IOJVdEKucLoCN33xnryg1RATGbTrZ+C HORAXbdkElzX5Q== -----END CERTIFICATE-----Generated at Tue Dec 23 20:41:55 2025 by rpki-client