This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/2a420d-9d0e-4ea8-95bc-f53d9e36e95a/1/txRZXFDDUZIbDemldUChXlwcYYo.mft File: txRZXFDDUZIbDemldUChXlwcYYo.mft (raw, json) Hash identifier: ppCzzRqPAuLz2FiW2sCWvUFdaPKK2PZvQ6HEJYbrA/c= Subject key identifier: 37:A6:0C:49:B6:4B:64:DF:15:8B:43:87:DF:F6:FB:7B:6F:AF:66:05 Authority key identifier: B7:14:59:5C:50:C3:51:92:1B:0D:E9:A5:75:40:A1:5E:5C:1C:61:8A Certificate issuer: /CN=b714595c50c351921b0de9a57540a15e5c1c618a Certificate serial: 019B4136D426FD4C0758AD55184BE3F13488 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/txRZXFDDUZIbDemldUChXlwcYYo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/2a420d-9d0e-4ea8-95bc-f53d9e36e95a/1/txRZXFDDUZIbDemldUChXlwcYYo.mft Manifest number: 11EC Signing time: Sun 21 Dec 2025 14:01:10 +0000 Manifest this update: Sun 21 Dec 2025 14:01:10 +0000 Manifest next update: Mon 22 Dec 2025 14:01:10 +0000 Files and hashes: 1: 2m5iIAK03n8_QUvPwXckjr2TMEU.roa (hash: ZU7+W8vWoLJfyvrECJJAIJpcDrdAhqoCYTZBjsh+l9c=) 2: txRZXFDDUZIbDemldUChXlwcYYo.crl (hash: ALN6I10bqSXwUcCevJBAsNH5/mQsvWPollajC5UVOjE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/2a420d-9d0e-4ea8-95bc-f53d9e36e95a/1/txRZXFDDUZIbDemldUChXlwcYYo.crl rsync://rpki.ripe.net/repository/DEFAULT/16/2a420d-9d0e-4ea8-95bc-f53d9e36e95a/1/txRZXFDDUZIbDemldUChXlwcYYo.mft rsync://rpki.ripe.net/repository/DEFAULT/txRZXFDDUZIbDemldUChXlwcYYo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 13:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:41:36:d4:26:fd:4c:07:58:ad:55:18:4b:e3:f1:34:88 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b714595c50c351921b0de9a57540a15e5c1c618a Validity Not Before: Dec 21 14:01:10 2025 GMT Not After : Dec 22 14:01:10 2025 GMT Subject: CN=37a60c49b64b64df158b4387dff6fb7b6faf6605 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:09:75:87:7f:7d:3a:a4:05:37:fe:5e:97:22: 45:08:4c:3b:e9:92:17:93:46:1e:12:88:a1:5d:f7: a1:99:d6:98:87:f7:32:8c:72:2d:80:39:b0:20:07: ba:78:b9:45:77:44:f4:60:87:26:29:62:18:02:ed: 82:9e:60:0a:4a:4e:36:9f:c6:00:31:d4:83:14:8e: d9:5d:73:29:ef:a4:9f:ae:b8:d4:84:7f:3a:fd:24: 7e:af:35:27:41:5f:a9:26:11:f3:9f:5a:49:43:f2: d8:b5:ad:df:7b:e8:2c:b8:67:8b:2d:f4:7a:74:89: 70:6f:4e:f4:33:27:8b:83:ac:36:46:d3:28:a2:a8: 77:c4:f5:33:90:eb:c5:a4:7c:96:fc:f5:33:fe:2b: ec:3e:24:0f:9b:ee:26:95:98:20:a1:83:ef:0e:05: 7c:ca:b1:b9:77:57:af:b7:a2:a7:40:41:2b:51:bd: 12:5b:eb:bb:1b:28:4b:8a:7b:45:07:f7:5b:3b:36: 10:a4:3d:2e:48:d9:27:68:de:c6:0a:de:68:da:ef: 64:2f:35:cc:e8:f0:40:6d:78:ff:88:86:b4:a1:46: fd:3b:a2:cd:d7:cc:bd:18:88:2c:ca:77:8c:56:70: 6f:65:be:ae:58:86:76:80:b2:7a:46:20:6a:d2:62: 89:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 37:A6:0C:49:B6:4B:64:DF:15:8B:43:87:DF:F6:FB:7B:6F:AF:66:05 X509v3 Authority Key Identifier: keyid:B7:14:59:5C:50:C3:51:92:1B:0D:E9:A5:75:40:A1:5E:5C:1C:61:8A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/txRZXFDDUZIbDemldUChXlwcYYo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/2a420d-9d0e-4ea8-95bc-f53d9e36e95a/1/txRZXFDDUZIbDemldUChXlwcYYo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/16/2a420d-9d0e-4ea8-95bc-f53d9e36e95a/1/txRZXFDDUZIbDemldUChXlwcYYo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 87:bf:ef:be:f5:a6:1f:6e:ca:24:6e:7e:a6:21:2a:33:50:cc: d2:cc:9e:6d:95:40:f5:34:35:5e:05:13:eb:70:d0:31:81:04: 8f:95:d7:f2:c6:d2:de:86:11:58:12:f3:da:e1:7c:c4:f6:54: 14:c0:e3:92:e5:16:ba:09:ad:72:96:0f:68:9f:e3:8c:ec:36: 37:f0:31:48:09:0d:04:9c:0c:bd:9c:4a:d1:fc:59:a1:b1:42: c8:33:d4:98:6a:93:19:b5:e8:9b:7c:61:cc:b0:34:78:a6:e0: 03:6d:1f:9b:42:f3:7e:ab:6b:29:f4:68:22:a4:fd:2a:8a:08: 24:ed:5f:f8:81:d9:8d:a6:fa:70:c0:79:6c:0c:11:80:42:7c: d8:cc:45:94:42:78:11:cb:45:8f:cd:6a:61:ab:55:9c:5a:79: 8b:2f:97:61:af:09:d5:de:2b:f4:f3:3e:dd:5d:90:4c:d6:ca: 11:eb:a1:41:c1:c2:aa:cb:ff:4c:03:f4:fb:8e:d7:f3:bd:f4: c1:95:60:26:bc:a0:d8:c1:cb:90:93:02:c6:cc:6d:e2:3e:a5: 4d:93:16:67:f0:d4:a9:ee:26:1e:fb:3f:39:7d:ea:95:03:36: 97:08:65:a5:17:33:40:70:03:dd:f3:43:56:16:10:4f:42:43: d5:e3:14:b3 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtBNtQm/UwHWK1VGEvj8TSIMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI3MTQ1OTVjNTBjMzUxOTIxYjBkZTlhNTc1NDBhMTVlNWMx YzYxOGEwHhcNMjUxMjIxMTQwMTEwWhcNMjUxMjIyMTQwMTEwWjAzMTEwLwYDVQQD EygzN2E2MGM0OWI2NGI2NGRmMTU4YjQzODdkZmY2ZmI3YjZmYWY2NjA1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5gl1h399OqQFN/5elyJFCEw76ZIX k0YeEoihXfehmdaYh/cyjHItgDmwIAe6eLlFd0T0YIcmKWIYAu2CnmAKSk42n8YA MdSDFI7ZXXMp76SfrrjUhH86/SR+rzUnQV+pJhHzn1pJQ/LYta3fe+gsuGeLLfR6 dIlwb070MyeLg6w2RtMooqh3xPUzkOvFpHyW/PUz/ivsPiQPm+4mlZggoYPvDgV8 yrG5d1evt6KnQEErUb0SW+u7GyhLintFB/dbOzYQpD0uSNknaN7GCt5o2u9kLzXM 6PBAbXj/iIa0oUb9O6LN18y9GIgsyneMVnBvZb6uWIZ2gLJ6RiBq0mKJmQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDemDEm2S2TfFYtDh9/2+3tvr2YFMB8GA1UdIwQY MBaAFLcUWVxQw1GSGw3ppXVAoV5cHGGKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdHhSWlhGRERVWkliRGVtbGRVQ2hYbHdjWVlvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8yYTQyMGQtOWQwZS00ZWE4LTk1YmMt ZjUzZDllMzZlOTVhLzEvdHhSWlhGRERVWkliRGVtbGRVQ2hYbHdjWVlvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNi8yYTQyMGQtOWQwZS00ZWE4LTk1YmMtZjUzZDllMzZlOTVh LzEvdHhSWlhGRERVWkliRGVtbGRVQ2hYbHdjWVlvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAh7/vvvWm H27KJG5+piEqM1DM0syebZVA9TQ1XgUT63DQMYEEj5XX8sbS3oYRWBLz2uF8xPZU FMDjkuUWugmtcpYPaJ/jjOw2N/AxSAkNBJwMvZxK0fxZobFCyDPUmGqTGbXom3xh zLA0eKbgA20fm0LzfqtrKfRoIqT9KooIJO1f+IHZjab6cMB5bAwRgEJ82MxFlEJ4 EctFj81qYatVnFp5iy+XYa8J1d4r9PM+3V2QTNbKEeuhQcHCqsv/TAP0+47X8730 wZVgJryg2MHLkJMCxsxt4j6lTZMWZ/DUqe4mHvs/OX3qlQM2lwhlpRczQHAD3fND VhYQT0JD1eMUsw== -----END CERTIFICATE-----Generated at Sun Dec 21 15:50:07 2025 by rpki-client