This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.mft File: zgQm-dLl8wq4eoJ2f9iW7rpLHFc.mft (raw, json) Hash identifier: IXwXbBi7xeJWsMnKUUeii36BGB8UXgtx+j77xLVef+E= Subject key identifier: 42:4D:FC:30:49:05:9C:ED:07:E6:A5:88:C1:D2:C1:94:D3:EC:76:0B Authority key identifier: CE:04:26:F9:D2:E5:F3:0A:B8:7A:82:76:7F:D8:96:EE:BA:4B:1C:57 Certificate issuer: /CN=ce0426f9d2e5f30ab87a82767fd896eeba4b1c57 Certificate serial: 019B6F8F494B54B75E17DBBA96039C25DDC4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.mft Manifest number: 0BDB Signing time: Tue 30 Dec 2025 14:00:19 +0000 Manifest this update: Tue 30 Dec 2025 14:00:19 +0000 Manifest next update: Wed 31 Dec 2025 14:00:19 +0000 Files and hashes: 1: zgQm-dLl8wq4eoJ2f9iW7rpLHFc.crl (hash: QrA+yltByugycBSG61TfZNpMahulSaILvB6WmvSm9R8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.crl rsync://rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.mft rsync://rpki.ripe.net/repository/DEFAULT/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 31 Dec 2025 14:00:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:6f:8f:49:4b:54:b7:5e:17:db:ba:96:03:9c:25:dd:c4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ce0426f9d2e5f30ab87a82767fd896eeba4b1c57 Validity Not Before: Dec 30 14:00:19 2025 GMT Not After : Dec 31 14:00:19 2025 GMT Subject: CN=424dfc3049059ced07e6a588c1d2c194d3ec760b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:1e:56:18:dd:a7:ae:85:84:55:c9:9f:ac:88: 8d:63:da:d8:4d:b5:d7:54:41:59:7a:9e:5f:c4:f6: 0c:42:ff:34:63:60:08:83:68:c7:23:26:4d:a9:9d: 68:44:75:45:13:50:a4:bf:a3:83:a8:fc:f7:2c:2d: d8:c3:6e:f7:f9:dd:78:36:41:99:fc:45:9e:dd:02: dc:1f:13:a8:09:34:df:f7:fa:bc:bc:e3:9b:20:10: b6:ea:a2:96:f5:0e:8f:be:e2:fd:82:3f:13:e6:30: 2a:69:6c:93:d2:0d:5e:4a:f7:8e:a8:bc:fe:aa:66: 00:39:9b:f0:60:3a:b0:93:db:2b:3d:9c:f9:e1:e5: 6c:14:91:51:74:a2:f5:09:70:a4:cd:3e:a7:dc:04: b9:9c:72:88:95:ee:76:71:59:25:fe:55:4c:a5:7a: b6:6e:3e:8c:0e:b5:d2:99:5a:d5:4e:18:87:4f:8d: d0:10:f5:9d:b1:36:28:09:34:bd:66:ef:a4:ea:2b: 54:0c:a8:a0:50:c5:56:e2:86:b2:6e:d8:b2:2a:1a: 19:9e:eb:7a:0a:54:ac:11:81:a2:50:4d:ab:c1:96: f2:43:33:de:f7:41:59:71:58:35:d7:54:d8:e2:a9: 1f:b8:d1:ca:19:a1:2f:7c:41:19:48:0b:fb:b1:33: db:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:4D:FC:30:49:05:9C:ED:07:E6:A5:88:C1:D2:C1:94:D3:EC:76:0B X509v3 Authority Key Identifier: keyid:CE:04:26:F9:D2:E5:F3:0A:B8:7A:82:76:7F:D8:96:EE:BA:4B:1C:57 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/394dc0-75aa-40a8-8222-ee4a4618524c/1/zgQm-dLl8wq4eoJ2f9iW7rpLHFc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 24:08:99:0d:50:6c:c1:56:4f:a1:b2:9a:63:85:74:35:9f:38: 66:b7:ce:db:84:08:df:89:4e:da:45:b6:dd:d1:fb:51:04:e9: 26:ce:bd:c9:59:10:97:d0:7b:a6:df:1b:40:87:6b:1d:2c:63: 4b:a5:49:50:cf:7f:3a:22:95:10:af:92:89:94:06:2c:95:94: 4d:59:24:25:97:3e:20:ae:4e:e9:c0:44:75:6d:7f:31:aa:f7: 3d:ef:f9:65:c7:f6:77:8a:8c:b6:3e:90:eb:40:3e:9b:63:fc: 1d:63:6f:af:a6:cc:04:26:2c:77:b9:e8:be:89:5d:06:68:17: ef:73:b5:88:e5:0b:c0:23:d2:f1:1e:2b:1b:2b:36:8b:e9:54: b9:1b:22:cd:41:eb:99:04:f1:a3:90:0d:18:2b:df:04:d7:e7: 9d:2b:9c:bb:d0:16:98:3a:b0:e2:e2:08:f5:60:a3:83:9c:c4: fb:ef:0d:50:ef:1b:0a:1a:cf:a8:e8:a7:1c:78:43:11:98:04: 73:b2:c9:cc:62:58:91:f9:7a:47:3b:66:12:8a:1c:40:22:98: c2:06:42:e0:00:1c:7a:f9:08:03:b3:e8:a1:a7:e4:2e:66:6b: 61:d7:c6:b9:fc:9f:ae:7f:8d:ef:66:05:e3:bb:e7:4a:51:98: 6c:6a:3d:4b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtvj0lLVLdeF9u6lgOcJd3EMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNlMDQyNmY5ZDJlNWYzMGFiODdhODI3NjdmZDg5NmVlYmE0 YjFjNTcwHhcNMjUxMjMwMTQwMDE5WhcNMjUxMjMxMTQwMDE5WjAzMTEwLwYDVQQD Eyg0MjRkZmMzMDQ5MDU5Y2VkMDdlNmE1ODhjMWQyYzE5NGQzZWM3NjBiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnR5WGN2nroWEVcmfrIiNY9rYTbXX VEFZep5fxPYMQv80Y2AIg2jHIyZNqZ1oRHVFE1Ckv6ODqPz3LC3Yw273+d14NkGZ /EWe3QLcHxOoCTTf9/q8vOObIBC26qKW9Q6PvuL9gj8T5jAqaWyT0g1eSveOqLz+ qmYAOZvwYDqwk9srPZz54eVsFJFRdKL1CXCkzT6n3AS5nHKIle52cVkl/lVMpXq2 bj6MDrXSmVrVThiHT43QEPWdsTYoCTS9Zu+k6itUDKigUMVW4oaybtiyKhoZnut6 ClSsEYGiUE2rwZbyQzPe90FZcVg111TY4qkfuNHKGaEvfEEZSAv7sTPbnQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEJN/DBJBZztB+aliMHSwZTT7HYLMB8GA1UdIwQY MBaAFM4EJvnS5fMKuHqCdn/Ylu66SxxXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvemdRbS1kTGw4d3E0ZW9KMmY5aVc3cnBMSEZjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi8zOTRkYzAtNzVhYS00MGE4LTgyMjIt ZWU0YTQ2MTg1MjRjLzEvemdRbS1kTGw4d3E0ZW9KMmY5aVc3cnBMSEZjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lMi8zOTRkYzAtNzVhYS00MGE4LTgyMjItZWU0YTQ2MTg1MjRj LzEvemdRbS1kTGw4d3E0ZW9KMmY5aVc3cnBMSEZjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJAiZDVBs wVZPobKaY4V0NZ84ZrfO24QI34lO2kW23dH7UQTpJs69yVkQl9B7pt8bQIdrHSxj S6VJUM9/OiKVEK+SiZQGLJWUTVkkJZc+IK5O6cBEdW1/Mar3Pe/5Zcf2d4qMtj6Q 60A+m2P8HWNvr6bMBCYsd7novoldBmgX73O1iOULwCPS8R4rGys2i+lUuRsizUHr mQTxo5ANGCvfBNfnnSucu9AWmDqw4uII9WCjg5zE++8NUO8bChrPqOinHHhDEZgE c7LJzGJYkfl6RztmEoocQCKYwgZC4AAcevkIA7PooafkLmZrYdfGufyfrn+N72YF 47vnSlGYbGo9Sw== -----END CERTIFICATE-----Generated at Wed Dec 31 00:02:29 2025 by rpki-client