This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/171cea-3d78-4513-ad49-5a905af507c3/1/tu2bXLS2SGbDg97kV2v_P_h1JC0.mft File: tu2bXLS2SGbDg97kV2v_P_h1JC0.mft (raw, json) Hash identifier: q+wBM7jhyHWj+wbe8wFWgwz/oEqDw3soRylXaL5yVtI= Subject key identifier: F6:71:30:50:12:D0:5A:94:DD:6A:24:72:71:E4:4B:22:85:81:C2:56 Authority key identifier: B6:ED:9B:5C:B4:B6:48:66:C3:83:DE:E4:57:6B:FF:3F:F8:75:24:2D Certificate issuer: /CN=b6ed9b5cb4b64866c383dee4576bff3ff875242d Certificate serial: 019B5862FE03690EC63B6A41DF9D5ACAA6D9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tu2bXLS2SGbDg97kV2v_P_h1JC0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/171cea-3d78-4513-ad49-5a905af507c3/1/tu2bXLS2SGbDg97kV2v_P_h1JC0.mft Manifest number: 0F0E Signing time: Fri 26 Dec 2025 02:00:41 +0000 Manifest this update: Fri 26 Dec 2025 02:00:41 +0000 Manifest next update: Sat 27 Dec 2025 02:00:41 +0000 Files and hashes: 1: Cr7WIZXJqqSxx1MgWk3fJvY56gA.roa (hash: W0p2Ng/L4A+CUhGlPSgje47dkJ8+aMEjdUAnh4zo9Rc=) 2: tu2bXLS2SGbDg97kV2v_P_h1JC0.crl (hash: 6pTJQVsRW6pmkcYbx1l2zEt2gpd62Y31rpoFaT9pjOc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/171cea-3d78-4513-ad49-5a905af507c3/1/tu2bXLS2SGbDg97kV2v_P_h1JC0.crl rsync://rpki.ripe.net/repository/DEFAULT/14/171cea-3d78-4513-ad49-5a905af507c3/1/tu2bXLS2SGbDg97kV2v_P_h1JC0.mft rsync://rpki.ripe.net/repository/DEFAULT/tu2bXLS2SGbDg97kV2v_P_h1JC0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 02:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:58:62:fe:03:69:0e:c6:3b:6a:41:df:9d:5a:ca:a6:d9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b6ed9b5cb4b64866c383dee4576bff3ff875242d Validity Not Before: Dec 26 02:00:41 2025 GMT Not After : Dec 27 02:00:41 2025 GMT Subject: CN=f671305012d05a94dd6a247271e44b228581c256 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:bb:e7:db:9d:1e:f1:6f:5f:1d:52:62:10:00: 65:35:bd:0a:92:ab:e1:34:2d:49:a5:cd:9e:08:1d: 95:6f:49:cc:c5:6b:54:56:70:e8:55:c7:b7:6e:ee: 92:b8:e0:e8:ec:ee:dc:83:9e:29:bd:00:ef:96:d3: 26:2b:9b:37:70:c1:00:54:d4:6e:10:c6:24:06:b7: ed:cb:f6:9a:c4:d0:de:e1:ae:34:d8:67:11:0e:92: 69:9d:21:30:3a:e0:5d:3e:b7:ac:c6:42:c7:a6:0d: 0c:d1:5d:8c:e7:bd:e7:02:93:80:7c:f2:e1:b5:12: 90:dd:a2:66:51:d9:6a:6e:ed:2c:31:6d:45:28:34: 8a:0b:c8:cd:d7:7e:8a:4f:9a:da:55:cc:96:48:68: 46:7a:34:c5:38:d4:04:5c:44:32:f9:70:94:9a:03: 2b:31:06:c6:5c:27:45:9f:65:65:5f:09:32:15:e4: 81:d9:d9:5f:c8:dc:73:8f:ac:3d:ac:32:33:aa:0c: ed:21:9c:d2:da:9a:ac:d5:fb:3a:79:c7:b7:ee:ad: 9b:e8:96:07:88:58:47:3d:89:0f:ae:2f:42:61:37: c0:53:8f:17:27:98:e5:39:3d:b5:fb:97:16:25:83: 88:09:8a:d6:25:50:70:b3:91:de:dd:12:8b:e4:7a: df:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F6:71:30:50:12:D0:5A:94:DD:6A:24:72:71:E4:4B:22:85:81:C2:56 X509v3 Authority Key Identifier: keyid:B6:ED:9B:5C:B4:B6:48:66:C3:83:DE:E4:57:6B:FF:3F:F8:75:24:2D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tu2bXLS2SGbDg97kV2v_P_h1JC0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/171cea-3d78-4513-ad49-5a905af507c3/1/tu2bXLS2SGbDg97kV2v_P_h1JC0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/14/171cea-3d78-4513-ad49-5a905af507c3/1/tu2bXLS2SGbDg97kV2v_P_h1JC0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 99:d1:af:5f:25:06:a5:e4:bb:27:03:b1:ce:3d:0a:86:e1:ff: 9c:65:88:2e:6e:bf:d9:25:fb:a5:06:6f:57:32:ed:d9:68:c2: 99:9c:07:11:b5:01:db:9b:6e:6c:93:88:ae:99:7c:4a:0b:74: ab:3f:4b:27:cd:9a:9d:04:4f:95:9a:2e:1b:0a:2b:30:1c:41: 36:f5:97:29:3e:e9:94:f4:fb:3d:17:28:94:d5:46:63:31:70: ab:43:4a:8b:07:bb:9a:9f:81:ad:6f:a0:85:f3:b7:a4:05:0e: da:59:c2:0b:52:52:24:7c:35:81:45:e1:62:d0:74:82:70:72: 6e:d8:fb:ff:f3:1b:fd:33:70:60:ef:2e:17:3a:d9:56:cc:83: eb:b7:72:14:3b:b3:26:3f:2a:56:dc:02:70:9b:e7:7e:88:7f: 9b:b3:8d:1a:f5:ab:5b:b9:c6:ba:a7:67:59:f4:5c:d7:6e:a8: cb:9d:ac:12:4f:90:9c:c8:09:2c:36:cf:6a:77:b0:2c:8f:48: 26:2f:9a:b2:c8:64:25:db:8d:f6:59:f3:1e:1b:3a:28:3c:23: f4:8a:ba:0f:9d:2e:b3:52:6e:79:af:bd:b3:37:ea:fc:e7:8f: b1:c5:96:fa:8e:d3:ec:c2:02:67:52:da:26:8a:de:05:b7:fa: b9:84:a1:01 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtYYv4DaQ7GO2pB351ayqbZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI2ZWQ5YjVjYjRiNjQ4NjZjMzgzZGVlNDU3NmJmZjNmZjg3 NTI0MmQwHhcNMjUxMjI2MDIwMDQxWhcNMjUxMjI3MDIwMDQxWjAzMTEwLwYDVQQD EyhmNjcxMzA1MDEyZDA1YTk0ZGQ2YTI0NzI3MWU0NGIyMjg1ODFjMjU2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmrvn250e8W9fHVJiEABlNb0Kkqvh NC1Jpc2eCB2Vb0nMxWtUVnDoVce3bu6SuODo7O7cg54pvQDvltMmK5s3cMEAVNRu EMYkBrfty/aaxNDe4a402GcRDpJpnSEwOuBdPresxkLHpg0M0V2M573nApOAfPLh tRKQ3aJmUdlqbu0sMW1FKDSKC8jN136KT5raVcyWSGhGejTFONQEXEQy+XCUmgMr MQbGXCdFn2VlXwkyFeSB2dlfyNxzj6w9rDIzqgztIZzS2pqs1fs6ece37q2b6JYH iFhHPYkPri9CYTfAU48XJ5jlOT21+5cWJYOICYrWJVBws5He3RKL5HrfiwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPZxMFAS0FqU3WokcnHkSyKFgcJWMB8GA1UdIwQY MBaAFLbtm1y0tkhmw4Pe5Fdr/z/4dSQtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdHUyYlhMUzJTR2JEZzk3a1Yydl9QX2gxSkMwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xNzFjZWEtM2Q3OC00NTEzLWFkNDkt NWE5MDVhZjUwN2MzLzEvdHUyYlhMUzJTR2JEZzk3a1Yydl9QX2gxSkMwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNC8xNzFjZWEtM2Q3OC00NTEzLWFkNDktNWE5MDVhZjUwN2Mz LzEvdHUyYlhMUzJTR2JEZzk3a1Yydl9QX2gxSkMwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmdGvXyUG peS7JwOxzj0KhuH/nGWILm6/2SX7pQZvVzLt2WjCmZwHEbUB25tubJOIrpl8Sgt0 qz9LJ82anQRPlZouGworMBxBNvWXKT7plPT7PRcolNVGYzFwq0NKiwe7mp+BrW+g hfO3pAUO2lnCC1JSJHw1gUXhYtB0gnBybtj7//Mb/TNwYO8uFzrZVsyD67dyFDuz Jj8qVtwCcJvnfoh/m7ONGvWrW7nGuqdnWfRc126oy52sEk+QnMgJLDbPanewLI9I Ji+asshkJduN9lnzHhs6KDwj9Iq6D50us1Juea+9szfq/OePscWW+o7T7MICZ1La JoreBbf6uYShAQ== -----END CERTIFICATE-----Generated at Fri Dec 26 09:27:43 2025 by rpki-client