This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/3689be-8152-4bad-b996-3cda71373dc9/1/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.mft File: zbxDGxyYhtwrIQCNzP3hjbc1Nxw.mft (raw, json) Hash identifier: 4h97vLgj40FnW86v3/S9y6VqXvtUtY2OYxEWF2c/ndc= Subject key identifier: 5F:1A:B2:87:B1:04:6F:0E:CA:1E:78:F6:23:04:1D:AC:6E:29:8A:93 Authority key identifier: CD:BC:43:1B:1C:98:86:DC:2B:21:00:8D:CC:FD:E1:8D:B7:35:37:1C Certificate issuer: /CN=cdbc431b1c9886dc2b21008dccfde18db735371c Certificate serial: 019BB027003E09063C7B8C2D745E77471C94 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/3689be-8152-4bad-b996-3cda71373dc9/1/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.mft Manifest number: 053E Signing time: Mon 12 Jan 2026 03:01:44 +0000 Manifest this update: Mon 12 Jan 2026 03:01:44 +0000 Manifest next update: Tue 13 Jan 2026 03:01:44 +0000 Files and hashes: 1: zbxDGxyYhtwrIQCNzP3hjbc1Nxw.crl (hash: pRnZn9DNnARLAgDWgEQ9HD5MAoEn89pWB/Au19iz3ZE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/3689be-8152-4bad-b996-3cda71373dc9/1/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.crl rsync://rpki.ripe.net/repository/DEFAULT/c3/3689be-8152-4bad-b996-3cda71373dc9/1/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.mft rsync://rpki.ripe.net/repository/DEFAULT/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 13 Jan 2026 02:42:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:b0:27:00:3e:09:06:3c:7b:8c:2d:74:5e:77:47:1c:94 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cdbc431b1c9886dc2b21008dccfde18db735371c Validity Not Before: Jan 12 03:01:44 2026 GMT Not After : Jan 13 03:01:44 2026 GMT Subject: CN=5f1ab287b1046f0eca1e78f623041dac6e298a93 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:93:fa:d8:16:f0:f8:3f:2a:91:be:76:b9:9b:07: 95:a3:d6:13:9e:6b:87:fa:e2:1f:18:0b:6a:6a:bd: e9:0b:2d:2f:c9:14:02:51:c0:8c:9a:76:02:5d:a6: 9c:42:9b:e0:83:5d:4e:ac:e1:6d:96:ad:bc:df:90: 1b:7a:05:64:9b:fe:7d:f1:1e:c7:08:f0:f0:5a:b6: 22:ac:76:ca:81:ab:08:a9:e3:3b:d8:60:21:22:b9: 62:88:1f:94:33:5e:95:11:b5:ab:bc:c4:ec:6e:ad: d3:91:6f:be:3f:39:fa:2e:a0:00:4b:e7:bd:c7:01: d8:15:6b:22:96:ac:68:1c:ff:bb:36:d5:18:9e:40: e7:c6:ca:30:da:f9:f2:a9:6d:65:bf:98:56:50:3c: b6:53:fd:7a:5e:b0:56:99:dd:63:01:90:88:39:a5: 86:40:49:7b:62:13:52:35:10:74:1f:6f:08:ae:9b: 8a:70:64:9a:b1:9b:fe:83:b0:45:2c:3a:1c:97:dc: b1:c4:75:d6:a5:c1:ae:5d:40:63:99:33:3b:47:bb: ad:8b:8f:6f:59:d4:c0:11:f6:84:db:57:7a:e2:61: 77:4d:25:09:78:6b:c8:62:84:24:bb:cb:49:b1:35: 12:fd:df:c8:fa:84:fc:02:fe:82:f2:8d:65:b5:bc: 71:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5F:1A:B2:87:B1:04:6F:0E:CA:1E:78:F6:23:04:1D:AC:6E:29:8A:93 X509v3 Authority Key Identifier: keyid:CD:BC:43:1B:1C:98:86:DC:2B:21:00:8D:CC:FD:E1:8D:B7:35:37:1C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/3689be-8152-4bad-b996-3cda71373dc9/1/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/3689be-8152-4bad-b996-3cda71373dc9/1/zbxDGxyYhtwrIQCNzP3hjbc1Nxw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 33:b3:04:f0:c4:20:eb:e3:49:4a:83:f7:12:be:e2:1f:0e:96: a0:b2:b1:0d:f8:df:b3:44:ad:c5:7e:35:70:69:51:8d:44:eb: 03:ea:77:6f:8a:ac:3f:5b:21:ea:59:1a:00:e3:be:bd:ea:ba: 2c:01:98:2e:63:6f:15:13:57:23:be:ba:7d:81:c6:5c:e0:09: 10:e9:70:09:08:e0:40:45:24:6c:4f:66:c2:be:a2:43:3b:73: f3:40:0e:4e:0b:f4:e6:ba:80:a0:53:52:21:68:07:35:3f:fa: 12:d9:ce:ee:c3:81:e0:b0:78:a7:34:17:06:e8:31:3a:f9:b4: 94:8f:27:14:9a:e9:54:4b:7c:40:79:6c:b3:9d:cd:2e:61:0f: 71:7c:04:d9:1e:2a:0c:16:86:be:c6:da:2e:03:a8:2d:c0:eb: 6f:89:5f:32:5d:c5:87:1d:81:d6:95:eb:f7:98:6f:35:33:e6: d0:52:e7:71:76:fd:73:a9:d5:cf:08:f9:a7:54:c9:19:54:ad: e7:43:33:52:ed:96:83:a0:60:86:2c:25:c7:aa:48:24:cc:32: 62:16:83:2a:ba:4f:11:14:4a:d7:ce:ca:22:be:d9:6e:ee:93: 9b:f3:07:f3:29:9e:d8:65:ea:33:70:b8:36:2f:6b:5f:59:a6: 9b:a2:7e:c7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZuwJwA+CQY8e4wtdF53RxyUMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNkYmM0MzFiMWM5ODg2ZGMyYjIxMDA4ZGNjZmRlMThkYjcz NTM3MWMwHhcNMjYwMTEyMDMwMTQ0WhcNMjYwMTEzMDMwMTQ0WjAzMTEwLwYDVQQD Eyg1ZjFhYjI4N2IxMDQ2ZjBlY2ExZTc4ZjYyMzA0MWRhYzZlMjk4YTkzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk/rYFvD4PyqRvna5mweVo9YTnmuH +uIfGAtqar3pCy0vyRQCUcCMmnYCXaacQpvgg11OrOFtlq2835AbegVkm/598R7H CPDwWrYirHbKgasIqeM72GAhIrliiB+UM16VEbWrvMTsbq3TkW++Pzn6LqAAS+e9 xwHYFWsilqxoHP+7NtUYnkDnxsow2vnyqW1lv5hWUDy2U/16XrBWmd1jAZCIOaWG QEl7YhNSNRB0H28IrpuKcGSasZv+g7BFLDocl9yxxHXWpcGuXUBjmTM7R7uti49v WdTAEfaE21d64mF3TSUJeGvIYoQku8tJsTUS/d/I+oT8Av6C8o1ltbxxyQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFF8asoexBG8Oyh549iMEHaxuKYqTMB8GA1UdIwQY MBaAFM28QxscmIbcKyEAjcz94Y23NTccMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvemJ4REd4eVlodHdySVFDTnpQM2hqYmMxTnh3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zNjg5YmUtODE1Mi00YmFkLWI5OTYt M2NkYTcxMzczZGM5LzEvemJ4REd4eVlodHdySVFDTnpQM2hqYmMxTnh3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jMy8zNjg5YmUtODE1Mi00YmFkLWI5OTYtM2NkYTcxMzczZGM5 LzEvemJ4REd4eVlodHdySVFDTnpQM2hqYmMxTnh3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAM7ME8MQg 6+NJSoP3Er7iHw6WoLKxDfjfs0StxX41cGlRjUTrA+p3b4qsP1sh6lkaAOO+veq6 LAGYLmNvFRNXI766fYHGXOAJEOlwCQjgQEUkbE9mwr6iQztz80AOTgv05rqAoFNS IWgHNT/6EtnO7sOB4LB4pzQXBugxOvm0lI8nFJrpVEt8QHlss53NLmEPcXwE2R4q DBaGvsbaLgOoLcDrb4lfMl3Fhx2B1pXr95hvNTPm0FLncXb9c6nVzwj5p1TJGVSt 50MzUu2Wg6Bghiwlx6pIJMwyYhaDKrpPERRK187KIr7Zbu6Tm/MH8yme2GXqM3C4 Ni9rX1mmm6J+xw== -----END CERTIFICATE-----Generated at Mon Jan 12 06:00:23 2026 by rpki-client