This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/1a15fa-ace6-464d-8969-e4928180033c/1/TBdAzvl0ncKw9fiM3xA02oHWBtw.mft File: TBdAzvl0ncKw9fiM3xA02oHWBtw.mft (raw, json) Hash identifier: zmy7Q8bt9iVDV4kuxOJ0kTip9JD5sXwVLprh9Mt8rtA= Subject key identifier: 7A:BA:3D:DB:5C:ED:07:EF:77:ED:DA:3C:88:99:FB:59:E2:CE:AE:79 Authority key identifier: 4C:17:40:CE:F9:74:9D:C2:B0:F5:F8:8C:DF:10:34:DA:81:D6:06:DC Certificate issuer: /CN=4c1740cef9749dc2b0f5f88cdf1034da81d606dc Certificate serial: 019B7D82ACDF9D650EA5BA466514A8330DBE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TBdAzvl0ncKw9fiM3xA02oHWBtw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/1a15fa-ace6-464d-8969-e4928180033c/1/TBdAzvl0ncKw9fiM3xA02oHWBtw.mft Manifest number: 1129 Signing time: Fri 02 Jan 2026 07:01:14 +0000 Manifest this update: Fri 02 Jan 2026 07:01:14 +0000 Manifest next update: Sat 03 Jan 2026 07:01:14 +0000 Files and hashes: 1: TBdAzvl0ncKw9fiM3xA02oHWBtw.crl (hash: sMjKYrxgZeIQRSfcn7yDSeW5wEYnTILqcLE8Pg/EWEc=) 2: YVsXJWPnPlqWMFeltxgBZhUCs4Q.roa (hash: q9sjXMHf5vLLJ+Iss0xTQC2tfqQnUkneeNz0HcAGC9Q=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/1a15fa-ace6-464d-8969-e4928180033c/1/TBdAzvl0ncKw9fiM3xA02oHWBtw.crl rsync://rpki.ripe.net/repository/DEFAULT/11/1a15fa-ace6-464d-8969-e4928180033c/1/TBdAzvl0ncKw9fiM3xA02oHWBtw.mft rsync://rpki.ripe.net/repository/DEFAULT/TBdAzvl0ncKw9fiM3xA02oHWBtw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 07:01:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:82:ac:df:9d:65:0e:a5:ba:46:65:14:a8:33:0d:be Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4c1740cef9749dc2b0f5f88cdf1034da81d606dc Validity Not Before: Jan 2 07:01:14 2026 GMT Not After : Jan 3 07:01:14 2026 GMT Subject: CN=7aba3ddb5ced07ef77edda3c8899fb59e2ceae79 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:58:d0:70:23:9d:e5:f4:ae:70:73:52:23:c7: 5a:b9:d3:c0:48:90:bc:74:00:79:f0:b4:53:dc:1d: 2b:58:01:21:0a:44:fe:4f:8e:73:a5:70:6d:fc:fa: 37:9b:90:b5:79:c4:b3:32:86:8b:c7:98:45:5b:a2: 0f:c8:ca:c5:ca:6d:16:a3:e4:c0:5d:43:12:4c:d7: c9:5a:fe:9e:6a:4c:6d:54:67:78:61:c6:0e:86:eb: 2d:1f:42:a0:09:9f:79:58:81:a0:b8:e7:84:e9:61: 72:7b:06:14:16:78:88:52:d1:5e:1d:44:39:3a:e6: d8:ac:31:22:b4:0f:03:f0:a3:92:1e:ca:9a:ba:46: 4f:48:b7:57:0c:1d:6d:ed:2e:b9:65:5a:de:3b:e0: c0:44:61:04:78:54:31:37:09:3b:39:79:71:ae:e3: af:77:cb:17:a9:d2:84:a5:f6:af:1c:b5:9e:d8:a2: df:65:c5:9b:fc:0a:d4:52:e8:52:c2:08:37:72:1b: 3c:80:6a:fd:94:2c:6a:da:10:3b:e7:70:0a:38:22: 51:e3:c3:81:ff:f4:6c:f5:c9:2f:94:53:75:3f:11: da:57:12:9d:12:67:93:92:63:7d:fb:6e:d9:31:ed: a9:ae:6c:7b:ff:0a:98:9e:e0:8b:88:ea:ff:93:2f: c7:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7A:BA:3D:DB:5C:ED:07:EF:77:ED:DA:3C:88:99:FB:59:E2:CE:AE:79 X509v3 Authority Key Identifier: keyid:4C:17:40:CE:F9:74:9D:C2:B0:F5:F8:8C:DF:10:34:DA:81:D6:06:DC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TBdAzvl0ncKw9fiM3xA02oHWBtw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/1a15fa-ace6-464d-8969-e4928180033c/1/TBdAzvl0ncKw9fiM3xA02oHWBtw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/11/1a15fa-ace6-464d-8969-e4928180033c/1/TBdAzvl0ncKw9fiM3xA02oHWBtw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2c:87:0c:80:71:41:bc:54:7b:df:a7:4a:44:91:f1:37:27:99: c9:87:2c:cc:2d:7a:0b:48:16:e6:06:ed:72:eb:26:8b:29:09: 7c:30:4e:0a:70:60:d9:52:2a:34:8a:03:e7:f6:43:d3:d5:ab: 79:b0:80:cc:5b:48:5f:60:45:88:5f:c1:07:a4:c1:2c:34:cb: 17:02:3f:90:c3:86:84:f3:45:53:da:df:70:6f:9c:e4:0f:b9: 87:e7:76:94:6d:d0:17:f8:3f:82:d9:43:00:bd:4c:1e:ae:38: 0c:74:e3:43:f0:36:c4:0d:83:7f:42:19:15:a6:06:e5:6b:e2: 58:73:84:ab:d3:d4:ff:82:ca:7a:8a:af:5d:d2:c5:cf:6c:53: 21:3b:9d:24:0b:f4:20:cb:ed:38:5a:90:67:24:4e:fe:f8:56: 6b:18:01:3e:dc:e1:a2:27:e7:e5:3b:db:cb:c2:80:54:1d:d8: a0:aa:1b:48:11:b3:e6:e7:1e:1e:ff:91:8a:d3:2d:91:6f:6f: 86:40:04:08:ed:72:52:4c:bf:94:8e:b6:a3:30:31:4d:5b:99: 73:b2:68:84:e3:1f:d4:23:2a:d9:5f:5e:71:de:fe:30:f7:3a: 5b:e4:81:d0:27:fd:c9:99:85:ec:07:15:76:a5:1f:78:23:47: af:bd:96:78 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZt9gqzfnWUOpbpGZRSoMw2+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRjMTc0MGNlZjk3NDlkYzJiMGY1Zjg4Y2RmMTAzNGRhODFk NjA2ZGMwHhcNMjYwMTAyMDcwMTE0WhcNMjYwMTAzMDcwMTE0WjAzMTEwLwYDVQQD Eyg3YWJhM2RkYjVjZWQwN2VmNzdlZGRhM2M4ODk5ZmI1OWUyY2VhZTc5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3VjQcCOd5fSucHNSI8daudPASJC8 dAB58LRT3B0rWAEhCkT+T45zpXBt/Po3m5C1ecSzMoaLx5hFW6IPyMrFym0Wo+TA XUMSTNfJWv6eakxtVGd4YcYOhustH0KgCZ95WIGguOeE6WFyewYUFniIUtFeHUQ5 OubYrDEitA8D8KOSHsqaukZPSLdXDB1t7S65ZVreO+DARGEEeFQxNwk7OXlxruOv d8sXqdKEpfavHLWe2KLfZcWb/ArUUuhSwgg3chs8gGr9lCxq2hA753AKOCJR48OB //Rs9ckvlFN1PxHaVxKdEmeTkmN9+27ZMe2prmx7/wqYnuCLiOr/ky/HYQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHq6Pdtc7Qfvd+3aPIiZ+1nizq55MB8GA1UdIwQY MBaAFEwXQM75dJ3CsPX4jN8QNNqB1gbcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVEJkQXp2bDBuY0t3OWZpTTN4QTAyb0hXQnR3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS8xYTE1ZmEtYWNlNi00NjRkLTg5Njkt ZTQ5MjgxODAwMzNjLzEvVEJkQXp2bDBuY0t3OWZpTTN4QTAyb0hXQnR3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xMS8xYTE1ZmEtYWNlNi00NjRkLTg5NjktZTQ5MjgxODAwMzNj LzEvVEJkQXp2bDBuY0t3OWZpTTN4QTAyb0hXQnR3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALIcMgHFB vFR736dKRJHxNyeZyYcszC16C0gW5gbtcusmiykJfDBOCnBg2VIqNIoD5/ZD09Wr ebCAzFtIX2BFiF/BB6TBLDTLFwI/kMOGhPNFU9rfcG+c5A+5h+d2lG3QF/g/gtlD AL1MHq44DHTjQ/A2xA2Df0IZFaYG5WviWHOEq9PU/4LKeoqvXdLFz2xTITudJAv0 IMvtOFqQZyRO/vhWaxgBPtzhoifn5Tvby8KAVB3YoKobSBGz5uceHv+RitMtkW9v hkAECO1yUky/lI62ozAxTVuZc7JohOMf1CMq2V9ecd7+MPc6W+SB0Cf9yZmF7AcV dqUfeCNHr72WeA== -----END CERTIFICATE-----Generated at Fri Jan 2 15:07:46 2026 by rpki-client