This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8b5f1e-4190-48b6-bdc5-7d05f9888e98/1/ZhPZyFZESnCW46hQjK4wf968DNQ.mft File: ZhPZyFZESnCW46hQjK4wf968DNQ.mft (raw, json) Hash identifier: V+YiFkSribnxgziHqwKzCd7D3REOc+7bJfQs7IyicB0= Subject key identifier: 2A:B2:DF:03:4F:BF:E4:50:FA:B7:F9:3A:C3:2E:C9:D4:9B:4F:A6:F7 Authority key identifier: 66:13:D9:C8:56:44:4A:70:96:E3:A8:50:8C:AE:30:7F:DE:BC:0C:D4 Certificate issuer: /CN=6613d9c856444a7096e3a8508cae307fdebc0cd4 Certificate serial: 019B443754150AA95511DE1C1C3D21FF1066 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZhPZyFZESnCW46hQjK4wf968DNQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8b5f1e-4190-48b6-bdc5-7d05f9888e98/1/ZhPZyFZESnCW46hQjK4wf968DNQ.mft Manifest number: 178D Signing time: Mon 22 Dec 2025 04:00:35 +0000 Manifest this update: Mon 22 Dec 2025 04:00:35 +0000 Manifest next update: Tue 23 Dec 2025 04:00:35 +0000 Files and hashes: 1: 4D_rZ45BYofG_PKX7NdD5oQoUdM.roa (hash: 8wujCBX6hI1Ut+YVGttUi2MlgiyCoDf/nLWfLC5wQhA=) 2: ZhPZyFZESnCW46hQjK4wf968DNQ.crl (hash: RP/zuV0jG6M4lCQTtzWRsSME51kare+b1Tepdvew7vI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8b5f1e-4190-48b6-bdc5-7d05f9888e98/1/ZhPZyFZESnCW46hQjK4wf968DNQ.crl rsync://rpki.ripe.net/repository/DEFAULT/bc/8b5f1e-4190-48b6-bdc5-7d05f9888e98/1/ZhPZyFZESnCW46hQjK4wf968DNQ.mft rsync://rpki.ripe.net/repository/DEFAULT/ZhPZyFZESnCW46hQjK4wf968DNQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:44:37:54:15:0a:a9:55:11:de:1c:1c:3d:21:ff:10:66 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6613d9c856444a7096e3a8508cae307fdebc0cd4 Validity Not Before: Dec 22 04:00:35 2025 GMT Not After : Dec 23 04:00:35 2025 GMT Subject: CN=2ab2df034fbfe450fab7f93ac32ec9d49b4fa6f7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:ff:14:cd:71:64:c8:9a:f8:be:18:df:6e:57: 93:bc:65:97:3f:86:87:ee:69:f5:2c:a2:47:fa:2c: ef:fc:2d:28:86:be:4f:cd:ec:b2:8a:7a:34:82:c1: 47:1e:a5:18:e1:58:f5:a0:c9:96:8c:d4:34:09:fe: ab:eb:95:b6:f2:94:44:20:33:b1:3e:b6:08:09:40: fd:e6:db:08:3e:1c:9c:6b:5a:e1:8a:99:66:c1:99: 5e:3a:45:82:a6:79:c2:72:76:1c:7e:b1:49:ac:cf: 2c:b3:20:b3:27:09:f4:44:81:cc:e1:94:88:d7:84: 4f:96:28:17:ac:59:2d:94:b0:f1:44:29:12:20:c8: 40:6b:6f:ad:65:2f:be:83:fe:3d:f0:8b:33:a3:a9: 65:14:a9:4c:ce:d6:78:d8:05:13:f1:54:80:eb:a6: 46:ce:03:e9:25:a1:6b:04:27:c7:c6:0c:1d:44:bd: 0d:ed:68:f3:f2:f8:b5:36:08:9c:e5:5f:2c:9b:48: 15:aa:54:66:cf:ab:96:16:f7:c6:d3:9b:8f:b2:51: bf:dc:8a:3c:5c:ce:76:92:4b:bb:8d:13:2c:41:5c: 2f:57:a3:95:19:84:b0:cf:8a:31:73:ae:da:84:c4: 9c:06:99:01:53:0a:45:e6:4b:51:2e:c5:cb:4e:f3: 41:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:B2:DF:03:4F:BF:E4:50:FA:B7:F9:3A:C3:2E:C9:D4:9B:4F:A6:F7 X509v3 Authority Key Identifier: keyid:66:13:D9:C8:56:44:4A:70:96:E3:A8:50:8C:AE:30:7F:DE:BC:0C:D4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZhPZyFZESnCW46hQjK4wf968DNQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8b5f1e-4190-48b6-bdc5-7d05f9888e98/1/ZhPZyFZESnCW46hQjK4wf968DNQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8b5f1e-4190-48b6-bdc5-7d05f9888e98/1/ZhPZyFZESnCW46hQjK4wf968DNQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 21:cc:fd:27:05:24:a4:17:98:70:73:28:3a:de:c5:1b:6a:db: df:da:51:04:72:e0:5c:0d:a6:76:32:c3:1e:19:ce:ad:3e:d9: 6a:b0:d6:66:5c:af:e7:19:b7:c9:73:38:c2:7e:47:db:fb:63: 5c:50:db:1e:a2:6e:03:3e:9c:c8:30:a8:ba:23:b6:5c:3f:42: 79:a9:9f:e5:ac:11:15:b4:82:47:fb:87:2a:89:8d:40:3e:8e: d7:3b:bc:ee:f4:43:0e:65:79:4d:0a:2b:bd:a4:5d:89:cf:06: e2:71:d8:7d:04:76:f3:99:16:7d:da:e2:8a:94:da:c7:de:cf: e8:4d:57:5b:12:0d:c4:c8:da:c7:55:84:60:f6:cf:7f:7f:5d: 2e:18:b4:20:6c:57:c3:24:66:a9:69:c4:97:1e:75:44:6f:36: cd:06:57:e1:d3:ed:9b:25:d9:41:71:79:50:57:b4:83:30:13: 44:22:54:fe:bb:7a:fd:b4:54:ae:71:e8:96:31:bc:22:3a:f4: 55:6b:d3:e6:b8:99:d7:ce:db:74:45:cc:c6:2f:a6:b6:aa:57: 15:ac:18:2d:60:c6:00:8e:f0:a4:06:47:1a:44:c0:57:b2:df: d5:76:df:fe:cc:38:6b:27:c0:6e:05:48:4a:d1:56:68:b4:ed: 0d:ae:b6:42 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtEN1QVCqlVEd4cHD0h/xBmMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY2MTNkOWM4NTY0NDRhNzA5NmUzYTg1MDhjYWUzMDdmZGVi YzBjZDQwHhcNMjUxMjIyMDQwMDM1WhcNMjUxMjIzMDQwMDM1WjAzMTEwLwYDVQQD EygyYWIyZGYwMzRmYmZlNDUwZmFiN2Y5M2FjMzJlYzlkNDliNGZhNmY3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAof8UzXFkyJr4vhjfbleTvGWXP4aH 7mn1LKJH+izv/C0ohr5Pzeyyino0gsFHHqUY4Vj1oMmWjNQ0Cf6r65W28pREIDOx PrYICUD95tsIPhyca1rhiplmwZleOkWCpnnCcnYcfrFJrM8ssyCzJwn0RIHM4ZSI 14RPligXrFktlLDxRCkSIMhAa2+tZS++g/498Iszo6llFKlMztZ42AUT8VSA66ZG zgPpJaFrBCfHxgwdRL0N7Wjz8vi1Ngic5V8sm0gVqlRmz6uWFvfG05uPslG/3Io8 XM52kku7jRMsQVwvV6OVGYSwz4oxc67ahMScBpkBUwpF5ktRLsXLTvNBoQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCqy3wNPv+RQ+rf5OsMuydSbT6b3MB8GA1UdIwQY MBaAFGYT2chWREpwluOoUIyuMH/evAzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWmhQWnlGWkVTbkNXNDZoUWpLNHdmOTY4RE5RLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84YjVmMWUtNDE5MC00OGI2LWJkYzUt N2QwNWY5ODg4ZTk4LzEvWmhQWnlGWkVTbkNXNDZoUWpLNHdmOTY4RE5RLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYy84YjVmMWUtNDE5MC00OGI2LWJkYzUtN2QwNWY5ODg4ZTk4 LzEvWmhQWnlGWkVTbkNXNDZoUWpLNHdmOTY4RE5RLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIcz9JwUk pBeYcHMoOt7FG2rb39pRBHLgXA2mdjLDHhnOrT7ZarDWZlyv5xm3yXM4wn5H2/tj XFDbHqJuAz6cyDCouiO2XD9Ceamf5awRFbSCR/uHKomNQD6O1zu87vRDDmV5TQor vaRdic8G4nHYfQR285kWfdriipTax97P6E1XWxINxMjax1WEYPbPf39dLhi0IGxX wyRmqWnElx51RG82zQZX4dPtmyXZQXF5UFe0gzATRCJU/rt6/bRUrnHoljG8Ijr0 VWvT5riZ187bdEXMxi+mtqpXFawYLWDGAI7wpAZHGkTAV7Lf1Xbf/sw4ayfAbgVI StFWaLTtDa62Qg== -----END CERTIFICATE-----Generated at Mon Dec 22 07:51:43 2025 by rpki-client