This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/c7a7f5-e3a2-493b-a8bd-7bdb672e0c54/1/ZLkPNFJfgAJep3y2GOdRmYKrhZI.mft File: ZLkPNFJfgAJep3y2GOdRmYKrhZI.mft (raw, json) Hash identifier: NJcGlcEb3BoFSVMmh3xGXhAjR80c/oIwDaKb/sNNHNU= Subject key identifier: C8:1C:66:2C:9A:D8:7D:81:B5:43:17:C1:56:8F:B0:D4:B9:A7:FD:A4 Authority key identifier: 64:B9:0F:34:52:5F:80:02:5E:A7:7C:B6:18:E7:51:99:82:AB:85:92 Certificate issuer: /CN=64b90f34525f80025ea77cb618e7519982ab8592 Certificate serial: 019B481536C9DD8D87713C1DF9A3EB616743 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZLkPNFJfgAJep3y2GOdRmYKrhZI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/c7a7f5-e3a2-493b-a8bd-7bdb672e0c54/1/ZLkPNFJfgAJep3y2GOdRmYKrhZI.mft Manifest number: 178C Signing time: Mon 22 Dec 2025 22:01:48 +0000 Manifest this update: Mon 22 Dec 2025 22:01:48 +0000 Manifest next update: Tue 23 Dec 2025 22:01:48 +0000 Files and hashes: 1: ZLkPNFJfgAJep3y2GOdRmYKrhZI.crl (hash: SUE2qwwIhkwBmlmloGhOio1lSMfno3INvauskwlxKK8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/c7a7f5-e3a2-493b-a8bd-7bdb672e0c54/1/ZLkPNFJfgAJep3y2GOdRmYKrhZI.crl rsync://rpki.ripe.net/repository/DEFAULT/40/c7a7f5-e3a2-493b-a8bd-7bdb672e0c54/1/ZLkPNFJfgAJep3y2GOdRmYKrhZI.mft rsync://rpki.ripe.net/repository/DEFAULT/ZLkPNFJfgAJep3y2GOdRmYKrhZI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 15:30:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:48:15:36:c9:dd:8d:87:71:3c:1d:f9:a3:eb:61:67:43 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=64b90f34525f80025ea77cb618e7519982ab8592 Validity Not Before: Dec 22 22:01:48 2025 GMT Not After : Dec 23 22:01:48 2025 GMT Subject: CN=c81c662c9ad87d81b54317c1568fb0d4b9a7fda4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:47:1d:68:b2:9c:27:2d:a1:dc:28:91:9b:72: c1:d2:a8:a3:03:ab:7a:87:a8:e1:6f:64:81:d6:e9: 71:3e:48:e6:98:db:5b:e8:39:1f:d9:36:3c:b0:41: 86:8a:63:4e:d4:93:4d:87:78:3e:82:44:e0:d2:9c: 21:9e:23:c2:94:97:c8:cb:64:2b:90:7b:0f:52:51: 00:3e:14:29:8b:c8:04:f3:6e:34:c3:74:d1:b1:d2: 97:84:67:99:30:86:63:ac:a3:21:64:5f:6d:94:c7: 36:12:47:95:77:e4:73:7d:79:ac:f5:44:63:ab:6a: 37:c0:44:41:7c:d4:fe:6c:9d:ae:12:41:31:38:3b: 05:23:c8:ac:33:d1:f0:1e:7c:fd:cd:3a:c1:c3:17: ee:98:9f:a7:23:a4:31:ad:56:98:15:08:b4:e9:7b: a9:e5:c9:ab:d2:b7:a6:fa:b3:e4:1b:59:1e:0f:2b: 0c:e0:7a:75:dc:fc:61:6e:2a:54:3d:a7:cc:d1:e3: cb:f9:97:07:ac:98:79:d1:a0:21:c8:3e:db:b3:33: 18:b6:a6:24:17:cd:65:2e:32:27:35:c5:85:44:51: ce:5b:d5:25:8c:c6:c9:1d:e3:b6:a1:e1:dd:5c:93: 37:b2:c6:48:e3:03:6b:cd:00:c7:65:9b:36:d6:1b: 4c:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:1C:66:2C:9A:D8:7D:81:B5:43:17:C1:56:8F:B0:D4:B9:A7:FD:A4 X509v3 Authority Key Identifier: keyid:64:B9:0F:34:52:5F:80:02:5E:A7:7C:B6:18:E7:51:99:82:AB:85:92 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZLkPNFJfgAJep3y2GOdRmYKrhZI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/c7a7f5-e3a2-493b-a8bd-7bdb672e0c54/1/ZLkPNFJfgAJep3y2GOdRmYKrhZI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/40/c7a7f5-e3a2-493b-a8bd-7bdb672e0c54/1/ZLkPNFJfgAJep3y2GOdRmYKrhZI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 65:50:8d:d5:65:ff:2f:a8:89:ba:9f:5e:af:cd:c1:db:d7:30: 73:36:d8:22:10:91:31:ee:42:eb:8e:41:ec:90:5c:8e:b9:3a: a0:fa:d8:84:75:9c:90:52:af:52:6f:ac:78:67:f7:76:2c:bc: fb:df:c0:d0:e6:29:86:a1:bb:f5:27:f9:98:1f:23:6f:d8:c9: 49:7e:08:9b:34:49:86:22:76:73:47:a5:de:6b:a5:36:f6:f1: d0:57:c9:c9:c5:a8:ed:f6:79:fb:1b:ae:ed:08:2c:80:2b:24: b1:9b:f6:c0:6b:48:b8:30:66:01:a0:da:9d:e1:07:ce:7d:d1: 49:dd:79:a8:b3:ef:5d:f3:41:b9:d0:07:58:98:03:e8:3b:97: 86:3f:70:57:6e:e5:6e:8d:45:f9:dd:bf:bc:36:1c:cf:bb:d1: 96:86:6e:a4:f4:b3:8f:2e:e2:35:29:ae:52:a7:70:c9:3a:95: 56:a5:8f:cf:3e:0e:0b:7a:3d:e9:a1:89:a3:ca:44:df:25:0e: e4:45:77:bc:a3:11:52:1b:ab:d1:1f:0e:69:c8:05:32:e6:55: 03:b0:fd:61:5e:4a:44:fd:36:f2:22:37:79:9b:c4:fa:19:07: 99:f6:b7:d1:17:03:b6:c3:d5:c7:3b:ea:70:1b:d2:65:55:b1: 3e:27:31:16 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtIFTbJ3Y2HcTwd+aPrYWdDMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY0YjkwZjM0NTI1ZjgwMDI1ZWE3N2NiNjE4ZTc1MTk5ODJh Yjg1OTIwHhcNMjUxMjIyMjIwMTQ4WhcNMjUxMjIzMjIwMTQ4WjAzMTEwLwYDVQQD EyhjODFjNjYyYzlhZDg3ZDgxYjU0MzE3YzE1NjhmYjBkNGI5YTdmZGE0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxkcdaLKcJy2h3CiRm3LB0qijA6t6 h6jhb2SB1ulxPkjmmNtb6Dkf2TY8sEGGimNO1JNNh3g+gkTg0pwhniPClJfIy2Qr kHsPUlEAPhQpi8gE8240w3TRsdKXhGeZMIZjrKMhZF9tlMc2EkeVd+RzfXms9URj q2o3wERBfNT+bJ2uEkExODsFI8isM9HwHnz9zTrBwxfumJ+nI6QxrVaYFQi06Xup 5cmr0rem+rPkG1keDysM4Hp13PxhbipUPafM0ePL+ZcHrJh50aAhyD7bszMYtqYk F81lLjInNcWFRFHOW9UljMbJHeO2oeHdXJM3ssZI4wNrzQDHZZs21htMkwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMgcZiya2H2BtUMXwVaPsNS5p/2kMB8GA1UdIwQY MBaAFGS5DzRSX4ACXqd8thjnUZmCq4WSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWkxrUE5GSmZnQUplcDN5MkdPZFJtWUtyaFpJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9jN2E3ZjUtZTNhMi00OTNiLWE4YmQt N2JkYjY3MmUwYzU0LzEvWkxrUE5GSmZnQUplcDN5MkdPZFJtWUtyaFpJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80MC9jN2E3ZjUtZTNhMi00OTNiLWE4YmQtN2JkYjY3MmUwYzU0 LzEvWkxrUE5GSmZnQUplcDN5MkdPZFJtWUtyaFpJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZVCN1WX/ L6iJup9er83B29cwczbYIhCRMe5C645B7JBcjrk6oPrYhHWckFKvUm+seGf3diy8 +9/A0OYphqG79Sf5mB8jb9jJSX4ImzRJhiJ2c0el3mulNvbx0FfJycWo7fZ5+xuu 7QgsgCsksZv2wGtIuDBmAaDaneEHzn3RSd15qLPvXfNBudAHWJgD6DuXhj9wV27l bo1F+d2/vDYcz7vRloZupPSzjy7iNSmuUqdwyTqVVqWPzz4OC3o96aGJo8pE3yUO 5EV3vKMRUhur0R8OacgFMuZVA7D9YV5KRP028iI3eZvE+hkHmfa30RcDtsPVxzvq cBvSZVWxPicxFg== -----END CERTIFICATE-----Generated at Tue Dec 23 00:49:23 2025 by rpki-client