This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/a830a2-0271-4de9-bc38-03c82157421a/1/1gTknpKDBavLjzLe8_78A-u83kQ.mft File: 1gTknpKDBavLjzLe8_78A-u83kQ.mft (raw, json) Hash identifier: PFc2GeZhKvE3J4CDcKrXH2uotist6cEUcPMrALoe1hA= Subject key identifier: B2:97:26:D3:A8:7F:00:7D:EC:89:D6:62:E2:2E:27:65:4E:89:D9:7F Authority key identifier: D6:04:E4:9E:92:83:05:AB:CB:8F:32:DE:F3:FE:FC:03:EB:BC:DE:44 Certificate issuer: /CN=d604e49e928305abcb8f32def3fefc03ebbcde44 Certificate serial: 019B3C7E1F3FE87CEF3FFDBBE9F3B16F987F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gTknpKDBavLjzLe8_78A-u83kQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/a830a2-0271-4de9-bc38-03c82157421a/1/1gTknpKDBavLjzLe8_78A-u83kQ.mft Manifest number: 171B Signing time: Sat 20 Dec 2025 16:00:56 +0000 Manifest this update: Sat 20 Dec 2025 16:00:56 +0000 Manifest next update: Sun 21 Dec 2025 16:00:56 +0000 Files and hashes: 1: 1gTknpKDBavLjzLe8_78A-u83kQ.crl (hash: R1qx+DrZLprmTv+jaWZfqBp6BQuRzWW4rje/nWj3dwA=) 2: pucl_qoNJsFNHYReBDscEGdx2N0.roa (hash: SiJfUuqs3fjKSI6Mo6WtKDUOtA0gOnKfbqvupwDeWPw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/a830a2-0271-4de9-bc38-03c82157421a/1/1gTknpKDBavLjzLe8_78A-u83kQ.crl rsync://rpki.ripe.net/repository/DEFAULT/10/a830a2-0271-4de9-bc38-03c82157421a/1/1gTknpKDBavLjzLe8_78A-u83kQ.mft rsync://rpki.ripe.net/repository/DEFAULT/1gTknpKDBavLjzLe8_78A-u83kQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 10:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3c:7e:1f:3f:e8:7c:ef:3f:fd:bb:e9:f3:b1:6f:98:7f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d604e49e928305abcb8f32def3fefc03ebbcde44 Validity Not Before: Dec 20 16:00:56 2025 GMT Not After : Dec 21 16:00:56 2025 GMT Subject: CN=b29726d3a87f007dec89d662e22e27654e89d97f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:95:29:8b:1f:10:2a:29:00:fb:0f:fa:40:88: 47:50:60:b7:f1:cb:35:4a:35:c1:1d:ca:5a:ce:ea: a2:8b:64:13:ed:a4:cb:57:9b:6a:1a:84:9b:b7:52: 69:03:1c:51:10:9e:7e:d4:d8:ca:df:1e:2b:02:ae: 15:ec:19:da:7d:e8:b8:2e:34:6e:14:62:56:4d:05: 35:1b:62:48:ef:09:d1:72:2c:43:77:1c:d8:73:05: 77:ce:40:3f:bf:f6:18:ac:ad:16:9c:6f:82:e8:bf: 56:c0:5d:db:b0:7e:b2:31:ec:4c:90:a9:3b:e8:b1: 91:ba:5c:8a:a3:fd:f5:ce:f7:20:df:ec:f7:68:7c: c2:1b:53:42:e0:e0:53:08:ce:9e:ba:2d:1a:6f:7a: 03:64:e4:a1:9a:06:31:50:3e:07:c3:66:d7:b0:ac: 77:1e:4d:0f:31:3f:f4:4f:4f:3c:18:8f:b2:51:b1: 68:78:78:33:41:73:a0:be:4d:fa:e2:f8:f1:02:be: c7:d0:c7:20:1f:e5:4d:5d:87:34:23:ce:d6:be:ab: 8f:ff:3a:66:e8:c6:62:39:c8:0e:9b:3d:3a:88:06: 6a:d6:df:b3:f9:47:50:7d:66:9c:d4:4c:b6:26:aa: 33:83:11:ac:93:38:72:80:80:ab:da:4a:a1:1b:5b: fb:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B2:97:26:D3:A8:7F:00:7D:EC:89:D6:62:E2:2E:27:65:4E:89:D9:7F X509v3 Authority Key Identifier: keyid:D6:04:E4:9E:92:83:05:AB:CB:8F:32:DE:F3:FE:FC:03:EB:BC:DE:44 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gTknpKDBavLjzLe8_78A-u83kQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/a830a2-0271-4de9-bc38-03c82157421a/1/1gTknpKDBavLjzLe8_78A-u83kQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/10/a830a2-0271-4de9-bc38-03c82157421a/1/1gTknpKDBavLjzLe8_78A-u83kQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1a:59:3d:06:f8:de:79:36:c7:25:19:38:e9:1b:ce:11:3a:bc: 14:dc:92:22:75:cd:5d:c9:00:c3:e3:2b:01:33:8b:69:34:ee: 0f:ac:3d:39:3d:9e:49:6d:d2:f1:0c:ca:a3:0b:3b:e9:51:d8: 4b:87:06:e9:14:99:92:01:d6:4a:c1:b3:e7:98:77:bc:e6:af: 96:e4:a2:84:5a:a0:ca:32:9d:05:dc:e4:0e:a3:21:ad:d3:6b: f4:a5:cd:d8:75:dd:98:1c:9a:8e:c5:4c:5d:0f:f7:cb:b5:dd: fa:5a:b1:56:61:73:15:7f:4d:e2:8d:b7:7c:a4:a8:e2:41:bc: 99:28:70:8a:11:75:a4:d9:19:ab:38:97:6c:64:01:19:58:7a: bc:29:bd:0a:f3:f7:4b:d8:7b:e8:be:92:b3:31:a5:d5:20:0d: ee:12:77:38:6b:06:2b:88:11:7b:36:8f:f0:02:40:a3:a9:72: 76:40:f1:c7:78:79:b8:63:a7:e6:e9:75:ea:fe:76:7c:5c:e3: f1:93:13:7e:d1:04:49:7d:a3:b4:3f:16:44:96:99:d0:f6:15: b1:49:a1:c2:07:61:b9:9f:0c:b6:da:be:4e:27:c6:04:02:2f: 15:50:6d:f5:c2:8b:88:02:cf:d8:ae:33:f8:38:8c:56:b3:09: 03:b6:84:08 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs8fh8/6HzvP/276fOxb5h/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ2MDRlNDllOTI4MzA1YWJjYjhmMzJkZWYzZmVmYzAzZWJi Y2RlNDQwHhcNMjUxMjIwMTYwMDU2WhcNMjUxMjIxMTYwMDU2WjAzMTEwLwYDVQQD EyhiMjk3MjZkM2E4N2YwMDdkZWM4OWQ2NjJlMjJlMjc2NTRlODlkOTdmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzpUpix8QKikA+w/6QIhHUGC38cs1 SjXBHcpazuqii2QT7aTLV5tqGoSbt1JpAxxREJ5+1NjK3x4rAq4V7Bnafei4LjRu FGJWTQU1G2JI7wnRcixDdxzYcwV3zkA/v/YYrK0WnG+C6L9WwF3bsH6yMexMkKk7 6LGRulyKo/31zvcg3+z3aHzCG1NC4OBTCM6eui0ab3oDZOShmgYxUD4Hw2bXsKx3 Hk0PMT/0T088GI+yUbFoeHgzQXOgvk364vjxAr7H0McgH+VNXYc0I87WvquP/zpm 6MZiOcgOmz06iAZq1t+z+UdQfWac1Ey2JqozgxGskzhygICr2kqhG1v7cQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLKXJtOofwB97InWYuIuJ2VOidl/MB8GA1UdIwQY MBaAFNYE5J6SgwWry48y3vP+/APrvN5EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMWdUa25wS0RCYXZManpMZThfNzhBLXU4M2tRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC9hODMwYTItMDI3MS00ZGU5LWJjMzgt MDNjODIxNTc0MjFhLzEvMWdUa25wS0RCYXZManpMZThfNzhBLXU4M2tRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xMC9hODMwYTItMDI3MS00ZGU5LWJjMzgtMDNjODIxNTc0MjFh LzEvMWdUa25wS0RCYXZManpMZThfNzhBLXU4M2tRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGlk9Bvje eTbHJRk46RvOETq8FNySInXNXckAw+MrATOLaTTuD6w9OT2eSW3S8QzKows76VHY S4cG6RSZkgHWSsGz55h3vOavluSihFqgyjKdBdzkDqMhrdNr9KXN2HXdmByajsVM XQ/3y7Xd+lqxVmFzFX9N4o23fKSo4kG8mShwihF1pNkZqziXbGQBGVh6vCm9CvP3 S9h76L6SszGl1SAN7hJ3OGsGK4gRezaP8AJAo6lydkDxx3h5uGOn5ul16v52fFzj 8ZMTftEESX2jtD8WRJaZ0PYVsUmhwgdhuZ8Mttq+TifGBAIvFVBt9cKLiALP2K4z +DiMVrMJA7aECA== -----END CERTIFICATE-----Generated at Sat Dec 20 18:22:47 2025 by rpki-client