This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/1042dd-e67b-402a-81dc-c13b1f977d57/1/zNHiiTDXen65iRtvq7spFe44hao.mft File: zNHiiTDXen65iRtvq7spFe44hao.mft (raw, json) Hash identifier: BvGRdJlf7Ra8rkTW9sQYBSC5uR2V6vOOMNRu9BonF3s= Subject key identifier: 0D:2D:AB:00:1E:7C:C1:F8:5E:C9:67:00:30:EB:EE:FE:F3:A8:46:00 Authority key identifier: CC:D1:E2:89:30:D7:7A:7E:B9:89:1B:6F:AB:BB:29:15:EE:38:85:AA Certificate issuer: /CN=ccd1e28930d77a7eb9891b6fabbb2915ee3885aa Certificate serial: 019B3C7E8147D7F2DC77EC0F73020D79259C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zNHiiTDXen65iRtvq7spFe44hao.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/1042dd-e67b-402a-81dc-c13b1f977d57/1/zNHiiTDXen65iRtvq7spFe44hao.mft Manifest number: 1789 Signing time: Sat 20 Dec 2025 16:01:22 +0000 Manifest this update: Sat 20 Dec 2025 16:01:22 +0000 Manifest next update: Sun 21 Dec 2025 16:01:22 +0000 Files and hashes: 1: zNHiiTDXen65iRtvq7spFe44hao.crl (hash: m5Y0VDR6CNWalbmHwvIJUWR5t/xAX5gKaNQR4iV652c=) 2: zwMZXsX6Z6y_GtPEpsaBS7FPtIU.roa (hash: bi378rHsH1o9Uq16RD7qe5x44q14EkwJzXLivtK1Naw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/1042dd-e67b-402a-81dc-c13b1f977d57/1/zNHiiTDXen65iRtvq7spFe44hao.crl rsync://rpki.ripe.net/repository/DEFAULT/2f/1042dd-e67b-402a-81dc-c13b1f977d57/1/zNHiiTDXen65iRtvq7spFe44hao.mft rsync://rpki.ripe.net/repository/DEFAULT/zNHiiTDXen65iRtvq7spFe44hao.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 15:46:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3c:7e:81:47:d7:f2:dc:77:ec:0f:73:02:0d:79:25:9c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ccd1e28930d77a7eb9891b6fabbb2915ee3885aa Validity Not Before: Dec 20 16:01:22 2025 GMT Not After : Dec 21 16:01:22 2025 GMT Subject: CN=0d2dab001e7cc1f85ec9670030ebeefef3a84600 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:b1:9c:79:29:3d:10:bc:89:2d:57:7a:53:e0: ca:47:33:69:10:b7:8a:2f:98:49:e4:10:33:06:46: 5b:2d:cd:30:3b:3d:fb:a3:89:ea:1a:3b:08:d1:c4: 83:d0:0f:52:c6:80:0b:ca:04:17:80:fa:88:76:87: 1f:82:b4:e0:fb:af:80:6d:50:06:a1:ca:7c:ed:3d: be:15:55:91:92:82:03:bf:99:45:c8:80:49:a0:a5: 51:d9:2b:58:db:4b:b7:cb:3d:50:f8:fd:9c:5b:f0: 2e:95:fa:18:61:31:ff:f3:fe:8b:e5:05:24:a3:11: 7d:5f:c6:b9:12:bf:00:65:2e:f3:3c:44:95:b6:29: ef:4e:a3:33:36:97:6e:70:be:3b:d6:14:c8:70:5e: a9:73:fc:21:e8:cc:bc:77:4d:10:da:29:27:30:77: 10:be:a4:94:4c:6e:36:22:fe:df:2b:a7:74:2b:87: 63:13:e8:b1:5c:57:d0:82:3b:7f:26:21:10:f9:ce: 7a:d4:08:11:72:b4:cc:d1:6e:0c:3e:52:ad:24:5c: 81:28:21:03:83:d5:22:80:a6:36:08:5a:8b:dc:a9: 05:a1:da:14:55:5d:41:9c:cc:ef:8b:5c:b8:52:cb: fb:20:2e:02:43:e3:b9:1b:81:f4:90:72:9f:ab:17: 0c:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0D:2D:AB:00:1E:7C:C1:F8:5E:C9:67:00:30:EB:EE:FE:F3:A8:46:00 X509v3 Authority Key Identifier: keyid:CC:D1:E2:89:30:D7:7A:7E:B9:89:1B:6F:AB:BB:29:15:EE:38:85:AA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zNHiiTDXen65iRtvq7spFe44hao.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/1042dd-e67b-402a-81dc-c13b1f977d57/1/zNHiiTDXen65iRtvq7spFe44hao.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/1042dd-e67b-402a-81dc-c13b1f977d57/1/zNHiiTDXen65iRtvq7spFe44hao.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 45:47:13:31:9c:bb:81:db:ba:56:af:d7:ef:f7:eb:c8:69:33: 58:95:f5:9a:a4:47:20:39:9b:f3:62:f4:4c:9b:c7:71:1a:d1: 5a:23:59:6a:02:96:45:8b:c1:3a:3e:6b:77:bc:1b:e1:8e:2e: 04:ea:c1:d6:1d:b2:c4:e7:9b:7f:c3:46:eb:0e:09:44:56:6a: ce:6a:7e:0f:39:ea:7a:7d:06:58:9a:a7:b0:b2:e9:e7:42:80: 6e:38:fa:20:36:a0:50:5f:4e:e9:4a:5d:a2:31:0a:c0:88:6c: 01:cf:1d:65:0f:25:aa:e4:f3:cd:bf:b3:07:22:6c:82:ba:4f: 2b:14:e4:41:7d:a8:21:fc:b0:e9:92:a4:50:0c:39:fa:5d:c4: 37:cc:f2:c8:38:04:0a:e6:87:22:7e:d9:18:f9:cd:26:3b:1f: 40:72:53:58:82:89:87:40:a1:58:29:8c:b2:e6:dd:a5:78:3f: 53:aa:ff:21:3d:5a:24:a4:5e:f5:95:31:62:cc:35:94:93:05: 45:90:4e:7d:41:ad:cc:0e:a9:40:3d:c6:6c:e3:24:65:41:02: ed:42:86:a2:98:97:99:41:68:79:f2:dd:e5:65:89:72:60:4e: e1:69:16:9a:e4:32:e9:07:fa:95:61:e5:82:7a:82:30:6c:fd: 4d:15:ee:e9 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs8foFH1/Lcd+wPcwINeSWcMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNjZDFlMjg5MzBkNzdhN2ViOTg5MWI2ZmFiYmIyOTE1ZWUz ODg1YWEwHhcNMjUxMjIwMTYwMTIyWhcNMjUxMjIxMTYwMTIyWjAzMTEwLwYDVQQD EygwZDJkYWIwMDFlN2NjMWY4NWVjOTY3MDAzMGViZWVmZWYzYTg0NjAwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmrGceSk9ELyJLVd6U+DKRzNpELeK L5hJ5BAzBkZbLc0wOz37o4nqGjsI0cSD0A9SxoALygQXgPqIdocfgrTg+6+AbVAG ocp87T2+FVWRkoIDv5lFyIBJoKVR2StY20u3yz1Q+P2cW/AulfoYYTH/8/6L5QUk oxF9X8a5Er8AZS7zPESVtinvTqMzNpducL471hTIcF6pc/wh6My8d00Q2iknMHcQ vqSUTG42Iv7fK6d0K4djE+ixXFfQgjt/JiEQ+c561AgRcrTM0W4MPlKtJFyBKCED g9UigKY2CFqL3KkFodoUVV1BnMzvi1y4Usv7IC4CQ+O5G4H0kHKfqxcMSwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFA0tqwAefMH4XslnADDr7v7zqEYAMB8GA1UdIwQY MBaAFMzR4okw13p+uYkbb6u7KRXuOIWqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvek5IaWlURFhlbjY1aVJ0dnE3c3BGZTQ0aGFvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8xMDQyZGQtZTY3Yi00MDJhLTgxZGMt YzEzYjFmOTc3ZDU3LzEvek5IaWlURFhlbjY1aVJ0dnE3c3BGZTQ0aGFvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yZi8xMDQyZGQtZTY3Yi00MDJhLTgxZGMtYzEzYjFmOTc3ZDU3 LzEvek5IaWlURFhlbjY1aVJ0dnE3c3BGZTQ0aGFvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARUcTMZy7 gdu6Vq/X7/fryGkzWJX1mqRHIDmb82L0TJvHcRrRWiNZagKWRYvBOj5rd7wb4Y4u BOrB1h2yxOebf8NG6w4JRFZqzmp+Dznqen0GWJqnsLLp50KAbjj6IDagUF9O6Upd ojEKwIhsAc8dZQ8lquTzzb+zByJsgrpPKxTkQX2oIfyw6ZKkUAw5+l3EN8zyyDgE CuaHIn7ZGPnNJjsfQHJTWIKJh0ChWCmMsubdpXg/U6r/IT1aJKRe9ZUxYsw1lJMF RZBOfUGtzA6pQD3GbOMkZUEC7UKGopiXmUFoefLd5WWJcmBO4WkWmuQy6Qf6lWHl gnqCMGz9TRXu6Q== -----END CERTIFICATE-----Generated at Sun Dec 21 01:15:58 2025 by rpki-client