This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/264934-2a7f-428b-afe5-81d214edf298/1/tN1tZY4UVx6Dn3gT2jHyIXQigY4.mft File: tN1tZY4UVx6Dn3gT2jHyIXQigY4.mft (raw, json) Hash identifier: B5MLqlM+pG2R7l+xOcUtV/jFzXrhCDYZpjsuaAYaWwM= Subject key identifier: 83:DD:EE:81:82:B7:B1:47:0B:12:45:AB:2B:E6:D5:27:0A:A8:FE:7C Authority key identifier: B4:DD:6D:65:8E:14:57:1E:83:9F:78:13:DA:31:F2:21:74:22:81:8E Certificate issuer: /CN=b4dd6d658e14571e839f7813da31f2217422818e Certificate serial: 019B397D3AEC1E0AD3810A154CC82AE36A93 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tN1tZY4UVx6Dn3gT2jHyIXQigY4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/264934-2a7f-428b-afe5-81d214edf298/1/tN1tZY4UVx6Dn3gT2jHyIXQigY4.mft Manifest number: 1787 Signing time: Sat 20 Dec 2025 02:01:06 +0000 Manifest this update: Sat 20 Dec 2025 02:01:06 +0000 Manifest next update: Sun 21 Dec 2025 02:01:06 +0000 Files and hashes: 1: LKAft93oZKWm8C5vqJwOGZJiSJU.roa (hash: DXlp4EQmxRSQHGzjwfBhaby6m7/cBeVJqjDN3Ga+MWk=) 2: tN1tZY4UVx6Dn3gT2jHyIXQigY4.crl (hash: ZLG+kGeiL2+zJwLNh0TBGAu5g16UdIEhNi7lWJN7pJ0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/264934-2a7f-428b-afe5-81d214edf298/1/tN1tZY4UVx6Dn3gT2jHyIXQigY4.crl rsync://rpki.ripe.net/repository/DEFAULT/0c/264934-2a7f-428b-afe5-81d214edf298/1/tN1tZY4UVx6Dn3gT2jHyIXQigY4.mft rsync://rpki.ripe.net/repository/DEFAULT/tN1tZY4UVx6Dn3gT2jHyIXQigY4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 01:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:39:7d:3a:ec:1e:0a:d3:81:0a:15:4c:c8:2a:e3:6a:93 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b4dd6d658e14571e839f7813da31f2217422818e Validity Not Before: Dec 20 02:01:06 2025 GMT Not After : Dec 21 02:01:06 2025 GMT Subject: CN=83ddee8182b7b1470b1245ab2be6d5270aa8fe7c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:7d:00:62:a7:11:75:3a:e9:89:e4:18:be:46: e1:a5:fd:c0:ce:3c:5c:86:9f:a2:f7:9f:d9:f1:12: d8:4f:f8:f7:7e:48:cc:43:35:17:06:94:04:ee:fe: ea:35:67:73:59:71:5f:75:6d:db:66:8d:bf:4e:9b: 97:ab:df:7a:15:11:c9:b8:2d:b9:f9:b8:24:2d:97: fe:f2:a8:c1:53:c0:e0:7b:21:c0:69:98:1a:40:f9: 64:81:f0:60:b8:7c:12:8a:46:49:f0:62:dc:77:bf: 58:b7:88:83:7e:3d:ad:2e:5d:6c:56:25:a8:c9:05: be:36:ac:ab:fd:8e:a6:fc:d9:70:8c:72:f5:fb:bf: dd:30:d6:73:0f:01:f3:6e:60:d9:5e:2d:38:56:c3: 47:39:ea:b2:20:43:c6:cd:06:64:e1:85:99:b4:f7: 02:ba:c8:19:3d:6d:82:cb:0b:b5:ab:c8:98:9e:fd: 19:f9:ea:43:40:22:88:1d:15:43:38:7a:87:d0:0f: c5:fa:a3:3c:a4:8f:b8:3b:04:b0:40:50:b7:34:8c: 6c:b3:43:27:9c:f0:1a:69:41:65:2b:90:3d:da:1f: 72:1a:cd:c9:60:82:e3:18:1a:5d:08:28:6f:fd:3c: 14:c2:9b:9d:f3:aa:f3:cb:ec:f1:c8:a6:42:b1:4c: 5c:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 83:DD:EE:81:82:B7:B1:47:0B:12:45:AB:2B:E6:D5:27:0A:A8:FE:7C X509v3 Authority Key Identifier: keyid:B4:DD:6D:65:8E:14:57:1E:83:9F:78:13:DA:31:F2:21:74:22:81:8E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tN1tZY4UVx6Dn3gT2jHyIXQigY4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/264934-2a7f-428b-afe5-81d214edf298/1/tN1tZY4UVx6Dn3gT2jHyIXQigY4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/264934-2a7f-428b-afe5-81d214edf298/1/tN1tZY4UVx6Dn3gT2jHyIXQigY4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 54:bf:ab:19:f7:36:21:d6:2d:42:87:16:f7:dd:2b:b5:3c:54: d7:75:62:0a:8f:2e:e5:c0:00:75:0e:d3:57:61:d1:00:0d:de: c4:74:77:cb:7e:ca:3a:cf:8d:3a:32:cc:a5:d2:6f:a5:75:ae: cf:b4:dd:ff:31:b9:ac:45:ba:da:27:8e:49:3f:8a:7b:e7:32: 68:2a:0b:52:17:4f:7d:55:aa:cc:77:f7:0f:93:4b:90:12:10: d0:32:86:56:3c:a6:ef:83:80:68:f8:6e:3b:5b:d9:df:89:1a: f3:ef:07:ec:cf:9e:a0:3f:cc:b8:5e:f3:0c:16:b5:8e:1c:c5: 7f:0a:24:c4:ee:12:7c:6e:39:e5:02:d6:62:98:69:18:1a:66: 14:69:87:90:d6:aa:8d:eb:50:7b:2e:a7:cd:d4:d5:29:0b:52: 58:24:ef:b3:11:1b:c5:7a:51:ac:24:db:26:cf:38:33:5c:31: 6d:fe:fb:ad:ab:af:d7:75:d7:a7:27:66:03:bd:bf:38:63:c0: 23:be:10:9f:a1:02:8b:14:bf:b5:3d:83:ad:89:a9:35:4f:3e: 4e:84:42:44:36:c2:40:0e:f9:72:90:c8:45:9c:7c:09:62:da: eb:67:71:96:32:a2:59:9b:56:87:1d:9c:25:5a:8c:aa:ea:33: 4a:8e:7b:35 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs5fTrsHgrTgQoVTMgq42qTMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI0ZGQ2ZDY1OGUxNDU3MWU4MzlmNzgxM2RhMzFmMjIxNzQy MjgxOGUwHhcNMjUxMjIwMDIwMTA2WhcNMjUxMjIxMDIwMTA2WjAzMTEwLwYDVQQD Eyg4M2RkZWU4MTgyYjdiMTQ3MGIxMjQ1YWIyYmU2ZDUyNzBhYThmZTdjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmH0AYqcRdTrpieQYvkbhpf3Azjxc hp+i95/Z8RLYT/j3fkjMQzUXBpQE7v7qNWdzWXFfdW3bZo2/TpuXq996FRHJuC25 +bgkLZf+8qjBU8DgeyHAaZgaQPlkgfBguHwSikZJ8GLcd79Yt4iDfj2tLl1sViWo yQW+Nqyr/Y6m/NlwjHL1+7/dMNZzDwHzbmDZXi04VsNHOeqyIEPGzQZk4YWZtPcC usgZPW2Cywu1q8iYnv0Z+epDQCKIHRVDOHqH0A/F+qM8pI+4OwSwQFC3NIxss0Mn nPAaaUFlK5A92h9yGs3JYILjGBpdCChv/TwUwpud86rzy+zxyKZCsUxc6QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIPd7oGCt7FHCxJFqyvm1ScKqP58MB8GA1UdIwQY MBaAFLTdbWWOFFceg594E9ox8iF0IoGOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdE4xdFpZNFVWeDZEbjNnVDJqSHlJWFFpZ1k0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy8yNjQ5MzQtMmE3Zi00MjhiLWFmZTUt ODFkMjE0ZWRmMjk4LzEvdE4xdFpZNFVWeDZEbjNnVDJqSHlJWFFpZ1k0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wYy8yNjQ5MzQtMmE3Zi00MjhiLWFmZTUtODFkMjE0ZWRmMjk4 LzEvdE4xdFpZNFVWeDZEbjNnVDJqSHlJWFFpZ1k0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVL+rGfc2 IdYtQocW990rtTxU13ViCo8u5cAAdQ7TV2HRAA3exHR3y37KOs+NOjLMpdJvpXWu z7Td/zG5rEW62ieOST+Ke+cyaCoLUhdPfVWqzHf3D5NLkBIQ0DKGVjym74OAaPhu O1vZ34ka8+8H7M+eoD/MuF7zDBa1jhzFfwokxO4SfG455QLWYphpGBpmFGmHkNaq jetQey6nzdTVKQtSWCTvsxEbxXpRrCTbJs84M1wxbf77rauv13XXpydmA72/OGPA I74Qn6ECixS/tT2DrYmpNU8+ToRCRDbCQA75cpDIRZx8CWLa62dxljKiWZtWhx2c JVqMquozSo57NQ== -----END CERTIFICATE-----Generated at Sat Dec 20 04:50:50 2025 by rpki-client