This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/171cea-3d78-4513-ad49-5a905af507c3/1/tu2bXLS2SGbDg97kV2v_P_h1JC0.mft File: tu2bXLS2SGbDg97kV2v_P_h1JC0.mft (raw, json) Hash identifier: kf+WKm3cHGqKBfD1y/+Ys1HwHChJFAm+JjIUvLb6VF4= Subject key identifier: 88:64:5E:40:1F:BB:BC:69:B5:C2:3C:94:FE:5D:75:77:21:16:D2:5B Authority key identifier: B6:ED:9B:5C:B4:B6:48:66:C3:83:DE:E4:57:6B:FF:3F:F8:75:24:2D Certificate issuer: /CN=b6ed9b5cb4b64866c383dee4576bff3ff875242d Certificate serial: 019B3D5A104DBB1E2AB63A380B47415307F6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tu2bXLS2SGbDg97kV2v_P_h1JC0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/171cea-3d78-4513-ad49-5a905af507c3/1/tu2bXLS2SGbDg97kV2v_P_h1JC0.mft Manifest number: 0F00 Signing time: Sat 20 Dec 2025 20:01:11 +0000 Manifest this update: Sat 20 Dec 2025 20:01:11 +0000 Manifest next update: Sun 21 Dec 2025 20:01:11 +0000 Files and hashes: 1: Cr7WIZXJqqSxx1MgWk3fJvY56gA.roa (hash: W0p2Ng/L4A+CUhGlPSgje47dkJ8+aMEjdUAnh4zo9Rc=) 2: tu2bXLS2SGbDg97kV2v_P_h1JC0.crl (hash: yFzGwG8jMtrnQ68Zwez5gJ4Oemiwo4OgdYoL4kR6Un4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/171cea-3d78-4513-ad49-5a905af507c3/1/tu2bXLS2SGbDg97kV2v_P_h1JC0.crl rsync://rpki.ripe.net/repository/DEFAULT/14/171cea-3d78-4513-ad49-5a905af507c3/1/tu2bXLS2SGbDg97kV2v_P_h1JC0.mft rsync://rpki.ripe.net/repository/DEFAULT/tu2bXLS2SGbDg97kV2v_P_h1JC0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 19:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3d:5a:10:4d:bb:1e:2a:b6:3a:38:0b:47:41:53:07:f6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b6ed9b5cb4b64866c383dee4576bff3ff875242d Validity Not Before: Dec 20 20:01:11 2025 GMT Not After : Dec 21 20:01:11 2025 GMT Subject: CN=88645e401fbbbc69b5c23c94fe5d75772116d25b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:f8:40:0c:56:5e:2e:e4:6a:88:b2:20:24:7e: 5b:9f:ad:1a:2e:ad:84:15:38:4a:0b:2e:09:fa:2f: 91:28:86:b2:13:6b:87:d6:ab:c3:f6:49:01:8b:78: 2d:97:e1:6e:c9:34:36:0f:94:c2:6a:60:79:b9:bc: ff:a7:ea:9c:b6:0e:5f:ce:b6:03:97:94:9f:82:ea: a6:9d:d9:12:61:9a:5d:fd:61:3f:5f:52:90:e6:08: b7:61:ed:5a:c4:d2:70:27:14:1a:8e:e5:e0:2f:3e: 5f:eb:56:6e:17:6b:30:ab:20:8a:80:68:f6:58:41: 5b:ea:44:70:3c:b2:3d:ad:eb:15:e2:47:a7:b6:9f: d1:5b:dd:0a:36:41:0f:4d:b5:51:93:f4:2a:95:73: 02:78:18:c7:62:7a:f0:33:25:ba:8c:b9:86:64:2d: 0d:a5:c7:67:f9:ac:e8:2e:6a:2a:49:34:e9:de:3c: 92:4b:f6:22:1e:b0:cc:2f:d6:74:81:60:52:75:43: 16:01:9f:c3:0e:30:a3:74:28:ec:6a:37:18:0d:22: ef:6c:c0:f4:ae:06:79:c4:c4:dd:57:3f:76:f8:bc: 26:cb:fe:51:01:4c:1e:9d:fd:de:a4:02:04:54:21: a1:c5:01:2e:60:b4:c4:de:99:d2:82:e9:34:3c:2d: 23:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:64:5E:40:1F:BB:BC:69:B5:C2:3C:94:FE:5D:75:77:21:16:D2:5B X509v3 Authority Key Identifier: keyid:B6:ED:9B:5C:B4:B6:48:66:C3:83:DE:E4:57:6B:FF:3F:F8:75:24:2D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tu2bXLS2SGbDg97kV2v_P_h1JC0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/171cea-3d78-4513-ad49-5a905af507c3/1/tu2bXLS2SGbDg97kV2v_P_h1JC0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/14/171cea-3d78-4513-ad49-5a905af507c3/1/tu2bXLS2SGbDg97kV2v_P_h1JC0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3f:5c:c3:dc:ad:b7:a8:9e:4b:73:17:de:d3:50:55:67:1e:37: 4f:0b:ad:e6:8e:52:60:51:a4:19:0a:e7:14:a8:8a:a0:c0:17: 80:d5:7b:de:3e:a4:79:9e:4c:6a:b1:c3:1f:6d:97:73:9f:34: fb:8f:45:78:ba:d5:95:f3:bd:e1:b9:1a:4d:ca:28:6e:43:6e: fb:20:fc:c2:61:a3:5d:5a:19:54:51:d7:f8:c6:89:1c:eb:7c: fa:37:40:1a:ba:2f:22:39:49:cb:47:7c:5f:0c:94:7c:1b:43: 95:f4:ac:22:d1:78:7d:dc:f8:15:2b:62:ef:a5:84:4f:9c:24: 74:d1:cb:e2:22:da:e9:51:c0:31:8d:79:74:6c:f1:73:e7:25: c5:38:58:00:77:31:0d:d2:bc:ff:b9:7b:fd:eb:05:69:37:58: 2b:b5:8c:41:08:04:c4:a6:e0:34:b0:cf:ab:18:cd:a5:53:29: 8a:58:7d:99:ae:3f:ff:4a:79:e7:2a:cd:13:22:67:7b:96:6b: 10:b8:7a:5a:32:75:d7:4f:64:6a:d7:bf:2f:7a:0c:2b:81:29: 1f:0e:77:07:12:09:42:81:00:63:d9:5d:e5:f8:45:94:3d:6a: 1a:e0:66:0a:8b:47:e3:d5:bf:39:06:7b:e6:14:fb:23:cf:2d: f2:83:53:b5 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs9WhBNux4qtjo4C0dBUwf2MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI2ZWQ5YjVjYjRiNjQ4NjZjMzgzZGVlNDU3NmJmZjNmZjg3 NTI0MmQwHhcNMjUxMjIwMjAwMTExWhcNMjUxMjIxMjAwMTExWjAzMTEwLwYDVQQD Eyg4ODY0NWU0MDFmYmJiYzY5YjVjMjNjOTRmZTVkNzU3NzIxMTZkMjViMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0fhADFZeLuRqiLIgJH5bn60aLq2E FThKCy4J+i+RKIayE2uH1qvD9kkBi3gtl+FuyTQ2D5TCamB5ubz/p+qctg5fzrYD l5SfguqmndkSYZpd/WE/X1KQ5gi3Ye1axNJwJxQajuXgLz5f61ZuF2swqyCKgGj2 WEFb6kRwPLI9resV4kentp/RW90KNkEPTbVRk/QqlXMCeBjHYnrwMyW6jLmGZC0N pcdn+azoLmoqSTTp3jySS/YiHrDML9Z0gWBSdUMWAZ/DDjCjdCjsajcYDSLvbMD0 rgZ5xMTdVz92+Lwmy/5RAUwenf3epAIEVCGhxQEuYLTE3pnSguk0PC0j7wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIhkXkAfu7xptcI8lP5ddXchFtJbMB8GA1UdIwQY MBaAFLbtm1y0tkhmw4Pe5Fdr/z/4dSQtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdHUyYlhMUzJTR2JEZzk3a1Yydl9QX2gxSkMwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xNzFjZWEtM2Q3OC00NTEzLWFkNDkt NWE5MDVhZjUwN2MzLzEvdHUyYlhMUzJTR2JEZzk3a1Yydl9QX2gxSkMwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNC8xNzFjZWEtM2Q3OC00NTEzLWFkNDktNWE5MDVhZjUwN2Mz LzEvdHUyYlhMUzJTR2JEZzk3a1Yydl9QX2gxSkMwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAP1zD3K23 qJ5Lcxfe01BVZx43Twut5o5SYFGkGQrnFKiKoMAXgNV73j6keZ5MarHDH22Xc580 +49FeLrVlfO94bkaTcoobkNu+yD8wmGjXVoZVFHX+MaJHOt8+jdAGrovIjlJy0d8 XwyUfBtDlfSsItF4fdz4FSti76WET5wkdNHL4iLa6VHAMY15dGzxc+clxThYAHcx DdK8/7l7/esFaTdYK7WMQQgExKbgNLDPqxjNpVMpilh9ma4//0p55yrNEyJne5Zr ELh6WjJ1109kate/L3oMK4EpHw53BxIJQoEAY9ld5fhFlD1qGuBmCotH49W/OQZ7 5hT7I88t8oNTtQ== -----END CERTIFICATE-----Generated at Sun Dec 21 04:24:44 2025 by rpki-client