This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/384a32-3e1c-4d86-bdb8-35276b7975ae/1/zQwDKJL2la9ME_sKyoBD0Xsbl78.mft File: zQwDKJL2la9ME_sKyoBD0Xsbl78.mft (raw, json) Hash identifier: Ut+3ygqVqos+++I5oUnTSv6ZWKgCsm6M9+M8dZpUTnw= Subject key identifier: 21:72:73:6E:59:D6:43:BF:9D:F6:3D:AF:D0:EF:5C:7B:B7:A2:3F:8F Authority key identifier: CD:0C:03:28:92:F6:95:AF:4C:13:FB:0A:CA:80:43:D1:7B:1B:97:BF Certificate issuer: /CN=cd0c032892f695af4c13fb0aca8043d17b1b97bf Certificate serial: 019B413675737A7477DD1660058C21ACE835 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zQwDKJL2la9ME_sKyoBD0Xsbl78.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/384a32-3e1c-4d86-bdb8-35276b7975ae/1/zQwDKJL2la9ME_sKyoBD0Xsbl78.mft Manifest number: 0B2C Signing time: Sun 21 Dec 2025 14:00:46 +0000 Manifest this update: Sun 21 Dec 2025 14:00:46 +0000 Manifest next update: Mon 22 Dec 2025 14:00:46 +0000 Files and hashes: 1: zQwDKJL2la9ME_sKyoBD0Xsbl78.crl (hash: 3chapAXlfn0M51Wi2CTLLj0moxLmMA3/cr8ErlgXZKo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/50/384a32-3e1c-4d86-bdb8-35276b7975ae/1/zQwDKJL2la9ME_sKyoBD0Xsbl78.crl rsync://rpki.ripe.net/repository/DEFAULT/50/384a32-3e1c-4d86-bdb8-35276b7975ae/1/zQwDKJL2la9ME_sKyoBD0Xsbl78.mft rsync://rpki.ripe.net/repository/DEFAULT/zQwDKJL2la9ME_sKyoBD0Xsbl78.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 13:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:41:36:75:73:7a:74:77:dd:16:60:05:8c:21:ac:e8:35 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cd0c032892f695af4c13fb0aca8043d17b1b97bf Validity Not Before: Dec 21 14:00:46 2025 GMT Not After : Dec 22 14:00:46 2025 GMT Subject: CN=2172736e59d643bf9df63dafd0ef5c7bb7a23f8f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:62:00:5e:90:74:78:72:d9:76:a1:8a:10:b2: 69:5d:5b:61:3b:c4:ac:0e:75:d9:7d:1a:33:2c:c8: 80:db:4e:00:b1:fc:13:34:42:4e:79:e6:f7:d4:e5: 9c:09:88:5c:6d:dc:5d:d0:c1:47:70:10:eb:1a:dd: 6f:42:ab:4a:0e:7c:da:4d:80:b1:b0:f8:c6:5f:77: 4e:ee:7f:64:b3:f0:b1:86:a4:bb:ed:91:92:3f:2c: 7a:8c:68:1f:b8:0d:ca:b6:9e:fb:8d:a5:41:fc:d3: 6d:19:33:cf:ec:f0:b7:93:3e:78:a6:21:52:96:98: 10:e2:d4:c6:95:45:1a:4a:80:57:15:91:b7:3a:9d: 1c:b6:36:91:62:fa:3d:99:c1:fb:fe:10:84:57:58: 3f:e3:73:87:6d:06:97:11:de:50:36:39:1c:d3:1f: 28:75:18:b4:6f:4c:5c:b2:22:0b:43:ba:ff:42:3d: 69:0f:1a:e7:d0:ed:94:94:19:98:64:7c:53:16:0a: 77:00:dd:e0:65:0a:29:b6:0f:98:46:a2:a1:a9:bb: 89:fa:3e:8f:b4:5b:18:7d:41:db:53:e9:ec:f1:4e: a1:1f:46:c5:54:0d:2b:e6:fd:7e:cc:6d:55:40:74: 0e:dd:0e:a0:e6:eb:5b:44:6b:09:90:9e:76:16:bf: 50:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:72:73:6E:59:D6:43:BF:9D:F6:3D:AF:D0:EF:5C:7B:B7:A2:3F:8F X509v3 Authority Key Identifier: keyid:CD:0C:03:28:92:F6:95:AF:4C:13:FB:0A:CA:80:43:D1:7B:1B:97:BF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zQwDKJL2la9ME_sKyoBD0Xsbl78.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/384a32-3e1c-4d86-bdb8-35276b7975ae/1/zQwDKJL2la9ME_sKyoBD0Xsbl78.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/50/384a32-3e1c-4d86-bdb8-35276b7975ae/1/zQwDKJL2la9ME_sKyoBD0Xsbl78.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 33:c7:fe:ad:b1:0b:71:7a:17:8c:18:24:ab:03:e2:26:d2:b3: 0b:cb:fc:d1:4b:0a:0c:e1:34:4e:ab:d1:23:16:56:73:d8:4b: 07:5f:17:a2:23:78:6d:53:bc:43:96:e5:fa:9e:a2:33:be:84: fd:ed:67:9e:af:9b:77:e5:c8:2c:37:23:5a:81:33:9b:87:5b: 36:96:ee:73:11:4f:12:8f:99:ee:b9:9e:f8:40:ea:ea:d7:57: be:36:6d:fc:30:84:2a:1d:71:2b:ff:06:93:e7:5f:74:85:40: 00:1b:58:8c:93:24:5b:5e:5d:c2:fd:68:e3:2f:1e:f5:46:a5: 08:bf:e2:d4:4c:16:3c:d4:b3:a1:f1:3a:bc:66:23:41:c0:f0: 13:e3:a7:c7:5f:fb:20:6f:ae:2c:ca:6a:cd:cb:db:f0:92:79: f8:f3:91:e3:42:0e:62:3f:98:5a:72:d7:ea:81:af:cd:3d:47: c9:f5:1a:8d:54:eb:ae:2d:ed:93:23:41:30:82:57:43:08:6f: 0f:ca:bf:fc:a8:72:2b:0d:06:35:0e:52:2f:90:f8:6c:9d:1a: 32:fc:2b:bd:43:9c:a2:bb:88:7f:db:c2:c4:9a:2c:d3:c1:a8: 86:1f:9d:c8:b0:71:40:dd:76:e1:14:be:c2:63:23:5d:8b:9d: f6:49:e9:1d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtBNnVzenR33RZgBYwhrOg1MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNkMGMwMzI4OTJmNjk1YWY0YzEzZmIwYWNhODA0M2QxN2Ix Yjk3YmYwHhcNMjUxMjIxMTQwMDQ2WhcNMjUxMjIyMTQwMDQ2WjAzMTEwLwYDVQQD EygyMTcyNzM2ZTU5ZDY0M2JmOWRmNjNkYWZkMGVmNWM3YmI3YTIzZjhmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA02IAXpB0eHLZdqGKELJpXVthO8Ss DnXZfRozLMiA204AsfwTNEJOeeb31OWcCYhcbdxd0MFHcBDrGt1vQqtKDnzaTYCx sPjGX3dO7n9ks/CxhqS77ZGSPyx6jGgfuA3Ktp77jaVB/NNtGTPP7PC3kz54piFS lpgQ4tTGlUUaSoBXFZG3Op0ctjaRYvo9mcH7/hCEV1g/43OHbQaXEd5QNjkc0x8o dRi0b0xcsiILQ7r/Qj1pDxrn0O2UlBmYZHxTFgp3AN3gZQoptg+YRqKhqbuJ+j6P tFsYfUHbU+ns8U6hH0bFVA0r5v1+zG1VQHQO3Q6g5utbRGsJkJ52Fr9QJwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCFyc25Z1kO/nfY9r9DvXHu3oj+PMB8GA1UdIwQY MBaAFM0MAyiS9pWvTBP7CsqAQ9F7G5e/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvelF3REtKTDJsYTlNRV9zS3lvQkQwWHNibDc4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8zODRhMzItM2UxYy00ZDg2LWJkYjgt MzUyNzZiNzk3NWFlLzEvelF3REtKTDJsYTlNRV9zS3lvQkQwWHNibDc4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81MC8zODRhMzItM2UxYy00ZDg2LWJkYjgtMzUyNzZiNzk3NWFl LzEvelF3REtKTDJsYTlNRV9zS3lvQkQwWHNibDc4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAM8f+rbEL cXoXjBgkqwPiJtKzC8v80UsKDOE0TqvRIxZWc9hLB18XoiN4bVO8Q5bl+p6iM76E /e1nnq+bd+XILDcjWoEzm4dbNpbucxFPEo+Z7rme+EDq6tdXvjZt/DCEKh1xK/8G k+dfdIVAABtYjJMkW15dwv1o4y8e9UalCL/i1EwWPNSzofE6vGYjQcDwE+Onx1/7 IG+uLMpqzcvb8JJ5+POR40IOYj+YWnLX6oGvzT1HyfUajVTrri3tkyNBMIJXQwhv D8q//KhyKw0GNQ5SL5D4bJ0aMvwrvUOcoruIf9vCxJos08Gohh+dyLBxQN124RS+ wmMjXYud9knpHQ== -----END CERTIFICATE-----Generated at Sun Dec 21 19:17:56 2025 by rpki-client