This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/03a52d-f9b5-4f71-b428-2d90001570e1/1/zkyVbVLdh2NjwhME-cAl8H1fJjE.mft File: zkyVbVLdh2NjwhME-cAl8H1fJjE.mft (raw, json) Hash identifier: 2orNitU+iQlHCyR9XQhemFgqEiYdV0Ygp0BfhTvf4bE= Subject key identifier: 2F:5E:87:EC:B4:80:62:9A:F4:AC:27:E8:1E:2C:00:29:A1:54:2C:9F Authority key identifier: CE:4C:95:6D:52:DD:87:63:63:C2:13:04:F9:C0:25:F0:7D:5F:26:31 Certificate issuer: /CN=ce4c956d52dd876363c21304f9c025f07d5f2631 Certificate serial: 019B3A8F73B460B4B265B41FB91A585D54B0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zkyVbVLdh2NjwhME-cAl8H1fJjE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/03a52d-f9b5-4f71-b428-2d90001570e1/1/zkyVbVLdh2NjwhME-cAl8H1fJjE.mft Manifest number: 0700 Signing time: Sat 20 Dec 2025 07:00:38 +0000 Manifest this update: Sat 20 Dec 2025 07:00:38 +0000 Manifest next update: Sun 21 Dec 2025 07:00:38 +0000 Files and hashes: 1: zkyVbVLdh2NjwhME-cAl8H1fJjE.crl (hash: yOXQfeFsJO6+4dZdvOPbCjJUgajUAPMSmJQPKgZGb8M=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/03a52d-f9b5-4f71-b428-2d90001570e1/1/zkyVbVLdh2NjwhME-cAl8H1fJjE.crl rsync://rpki.ripe.net/repository/DEFAULT/aa/03a52d-f9b5-4f71-b428-2d90001570e1/1/zkyVbVLdh2NjwhME-cAl8H1fJjE.mft rsync://rpki.ripe.net/repository/DEFAULT/zkyVbVLdh2NjwhME-cAl8H1fJjE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 01:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3a:8f:73:b4:60:b4:b2:65:b4:1f:b9:1a:58:5d:54:b0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ce4c956d52dd876363c21304f9c025f07d5f2631 Validity Not Before: Dec 20 07:00:38 2025 GMT Not After : Dec 21 07:00:38 2025 GMT Subject: CN=2f5e87ecb480629af4ac27e81e2c0029a1542c9f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:a5:d3:8d:3a:20:ae:6e:e9:64:d9:e1:84:6c: 63:09:5b:a3:c7:35:32:90:b3:b6:4f:8e:64:99:2f: 9a:e0:26:a2:6f:b4:1e:49:8d:b2:e1:d1:19:3c:f2: 71:fe:94:01:3e:c5:65:17:aa:de:93:4b:a1:81:6a: d1:20:7c:e2:c7:46:73:e1:32:05:ff:0e:c2:cd:6d: 4b:bd:93:0e:d1:d4:40:22:d4:59:07:b0:5f:42:b4: ee:d0:b7:d7:5f:84:34:28:b3:aa:df:79:b5:c3:99: de:37:7c:e1:6e:68:93:7c:4e:9a:13:7d:9d:b8:61: d0:fc:15:2c:a0:67:c3:47:c5:40:55:69:8d:fc:5d: be:63:6b:4c:a4:fd:19:d0:fd:af:eb:9e:d2:12:41: dc:c4:f7:f2:e6:29:29:60:b5:ec:17:d9:f7:9a:08: c6:de:0e:eb:86:3f:c1:5e:72:0c:a2:46:ce:92:62: f8:6b:ed:4e:81:d3:c7:dc:bc:6c:63:78:ae:b3:fb: 0c:1d:26:ca:29:00:42:f1:a1:22:af:e0:39:2a:8c: 8f:75:43:b2:10:30:d9:72:4e:1d:9b:f2:2f:54:bd: 1c:c9:d1:d6:64:e9:a1:72:d5:4f:60:62:86:27:f5: 81:93:13:9a:c0:0a:5f:c2:34:ab:03:67:da:58:39: ef:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2F:5E:87:EC:B4:80:62:9A:F4:AC:27:E8:1E:2C:00:29:A1:54:2C:9F X509v3 Authority Key Identifier: keyid:CE:4C:95:6D:52:DD:87:63:63:C2:13:04:F9:C0:25:F0:7D:5F:26:31 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zkyVbVLdh2NjwhME-cAl8H1fJjE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/03a52d-f9b5-4f71-b428-2d90001570e1/1/zkyVbVLdh2NjwhME-cAl8H1fJjE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/03a52d-f9b5-4f71-b428-2d90001570e1/1/zkyVbVLdh2NjwhME-cAl8H1fJjE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 81:6a:f4:4a:5e:38:ed:81:80:46:57:cd:97:92:59:ae:f4:f7: d6:b7:c0:59:06:d6:31:69:38:4f:64:07:00:5a:b6:73:45:08: 9c:4d:3f:39:9a:56:84:e0:41:11:90:ca:4c:50:37:65:2e:47: ad:1a:8f:f3:50:5e:3f:10:b3:a3:3f:70:a8:cb:15:ac:80:bd: ab:61:0e:6b:b8:e3:8d:e9:c4:f5:7b:11:aa:01:cf:f9:bf:5f: 68:e1:e7:72:a5:33:89:4c:26:51:27:5f:f4:b5:de:0f:fd:46: 7b:70:a2:99:8a:6b:59:d9:6b:62:84:9e:8e:08:66:75:45:26: 72:8a:11:4e:15:93:5f:4d:4e:50:78:bd:a8:39:62:50:76:9d: 3b:63:01:2f:38:1d:db:c9:c5:d9:da:c4:93:e3:60:df:4d:fa: 6e:36:81:68:1f:33:4a:62:b0:85:a8:5c:63:eb:fd:ad:be:0c: 7e:bc:97:3e:37:07:aa:88:fa:fd:06:ad:8b:ae:75:81:45:cc: 3b:83:80:0d:3f:8a:de:37:aa:b0:d0:64:d6:12:ec:4c:7b:e4: 37:c7:28:13:69:3e:02:9e:54:4b:7c:bf:4a:ea:bb:5d:84:19: 9a:cd:5c:be:fb:24:60:2a:e0:89:01:2e:e6:b5:f5:ec:18:da: 36:7e:d9:af -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs6j3O0YLSyZbQfuRpYXVSwMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNlNGM5NTZkNTJkZDg3NjM2M2MyMTMwNGY5YzAyNWYwN2Q1 ZjI2MzEwHhcNMjUxMjIwMDcwMDM4WhcNMjUxMjIxMDcwMDM4WjAzMTEwLwYDVQQD EygyZjVlODdlY2I0ODA2MjlhZjRhYzI3ZTgxZTJjMDAyOWExNTQyYzlmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwKXTjTogrm7pZNnhhGxjCVujxzUy kLO2T45kmS+a4Caib7QeSY2y4dEZPPJx/pQBPsVlF6rek0uhgWrRIHzix0Zz4TIF /w7CzW1LvZMO0dRAItRZB7BfQrTu0LfXX4Q0KLOq33m1w5neN3zhbmiTfE6aE32d uGHQ/BUsoGfDR8VAVWmN/F2+Y2tMpP0Z0P2v657SEkHcxPfy5ikpYLXsF9n3mgjG 3g7rhj/BXnIMokbOkmL4a+1OgdPH3LxsY3ius/sMHSbKKQBC8aEir+A5KoyPdUOy EDDZck4dm/IvVL0cydHWZOmhctVPYGKGJ/WBkxOawApfwjSrA2faWDnvQQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFC9eh+y0gGKa9Kwn6B4sACmhVCyfMB8GA1UdIwQY MBaAFM5MlW1S3YdjY8ITBPnAJfB9XyYxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvemt5VmJWTGRoMk5qd2hNRS1jQWw4SDFmSmpFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS8wM2E1MmQtZjliNS00ZjcxLWI0Mjgt MmQ5MDAwMTU3MGUxLzEvemt5VmJWTGRoMk5qd2hNRS1jQWw4SDFmSmpFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hYS8wM2E1MmQtZjliNS00ZjcxLWI0MjgtMmQ5MDAwMTU3MGUx LzEvemt5VmJWTGRoMk5qd2hNRS1jQWw4SDFmSmpFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgWr0Sl44 7YGARlfNl5JZrvT31rfAWQbWMWk4T2QHAFq2c0UInE0/OZpWhOBBEZDKTFA3ZS5H rRqP81BePxCzoz9wqMsVrIC9q2EOa7jjjenE9XsRqgHP+b9faOHncqUziUwmUSdf 9LXeD/1Ge3CimYprWdlrYoSejghmdUUmcooRThWTX01OUHi9qDliUHadO2MBLzgd 28nF2drEk+Ng3036bjaBaB8zSmKwhahcY+v9rb4MfryXPjcHqoj6/Qati651gUXM O4OADT+K3jeqsNBk1hLsTHvkN8coE2k+Ap5US3y/Suq7XYQZms1cvvskYCrgiQEu 5rX17BjaNn7Zrw== -----END CERTIFICATE-----Generated at Sat Dec 20 10:42:47 2025 by rpki-client