This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/2a420d-9d0e-4ea8-95bc-f53d9e36e95a/1/txRZXFDDUZIbDemldUChXlwcYYo.mft File: txRZXFDDUZIbDemldUChXlwcYYo.mft (raw, json) Hash identifier: 8T7Pj7i+FFMjKZCTIJkSpPXe1FlbELf1+Nzaxf86IIo= Subject key identifier: 2F:9F:2C:58:65:A8:FB:00:AE:DE:1A:A6:33:7D:CA:04:E3:A1:13:F1 Authority key identifier: B7:14:59:5C:50:C3:51:92:1B:0D:E9:A5:75:40:A1:5E:5C:1C:61:8A Certificate issuer: /CN=b714595c50c351921b0de9a57540a15e5c1c618a Certificate serial: 019B3F4870B657713BAF8CFD8691C31FA577 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/txRZXFDDUZIbDemldUChXlwcYYo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/2a420d-9d0e-4ea8-95bc-f53d9e36e95a/1/txRZXFDDUZIbDemldUChXlwcYYo.mft Manifest number: 11EB Signing time: Sun 21 Dec 2025 05:01:10 +0000 Manifest this update: Sun 21 Dec 2025 05:01:10 +0000 Manifest next update: Mon 22 Dec 2025 05:01:10 +0000 Files and hashes: 1: 2m5iIAK03n8_QUvPwXckjr2TMEU.roa (hash: ZU7+W8vWoLJfyvrECJJAIJpcDrdAhqoCYTZBjsh+l9c=) 2: txRZXFDDUZIbDemldUChXlwcYYo.crl (hash: ng9PI9OxP3QmQjoPTJ+X6atjddNABQ7uHDImfRHzBv8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/2a420d-9d0e-4ea8-95bc-f53d9e36e95a/1/txRZXFDDUZIbDemldUChXlwcYYo.crl rsync://rpki.ripe.net/repository/DEFAULT/16/2a420d-9d0e-4ea8-95bc-f53d9e36e95a/1/txRZXFDDUZIbDemldUChXlwcYYo.mft rsync://rpki.ripe.net/repository/DEFAULT/txRZXFDDUZIbDemldUChXlwcYYo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 05:01:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3f:48:70:b6:57:71:3b:af:8c:fd:86:91:c3:1f:a5:77 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b714595c50c351921b0de9a57540a15e5c1c618a Validity Not Before: Dec 21 05:01:10 2025 GMT Not After : Dec 22 05:01:10 2025 GMT Subject: CN=2f9f2c5865a8fb00aede1aa6337dca04e3a113f1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:df:f4:73:ff:39:83:f3:dd:b6:03:3b:3c:35: dc:f0:31:6a:c6:c8:f1:9a:ed:40:e3:9a:86:00:4f: 1f:8e:34:bf:9a:d4:84:7c:dd:da:0c:f9:e5:22:4e: 6d:b3:c0:43:4b:31:2a:8f:ff:54:38:cd:8c:63:83: 62:72:ec:52:72:42:08:4b:76:a0:8f:65:0a:b7:70: 3b:a8:94:ac:d3:7b:8d:b2:7e:8f:63:63:a2:d0:7e: 1f:6a:c9:7d:12:15:1c:a0:58:d5:b5:01:99:f5:d8: 2f:91:29:dd:76:05:c5:2c:5a:0c:ee:b4:f0:2d:e5: d4:6e:26:02:e8:dd:c0:de:fc:f2:b0:a4:68:03:26: fa:a9:5c:03:54:f1:d3:04:68:63:62:a1:68:f9:11: e9:c0:34:4c:92:75:cd:c9:ca:54:3c:86:a0:79:70: c6:78:ee:b9:4a:13:08:da:5d:fe:28:9a:30:dc:98: 14:f4:4d:4a:e1:5c:02:ee:28:eb:40:6d:d4:90:8b: 88:d3:8f:66:06:19:5e:8e:c0:d4:63:cb:1a:21:98: 0c:f2:46:d6:4e:49:37:ac:36:23:bc:f7:28:d3:27: a9:dd:8f:15:2f:22:1a:47:b1:bd:e8:cb:c1:6f:bc: 39:7e:8e:fa:a5:f9:8a:a7:a7:7b:e5:cb:ca:45:b8: 65:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2F:9F:2C:58:65:A8:FB:00:AE:DE:1A:A6:33:7D:CA:04:E3:A1:13:F1 X509v3 Authority Key Identifier: keyid:B7:14:59:5C:50:C3:51:92:1B:0D:E9:A5:75:40:A1:5E:5C:1C:61:8A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/txRZXFDDUZIbDemldUChXlwcYYo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/2a420d-9d0e-4ea8-95bc-f53d9e36e95a/1/txRZXFDDUZIbDemldUChXlwcYYo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/16/2a420d-9d0e-4ea8-95bc-f53d9e36e95a/1/txRZXFDDUZIbDemldUChXlwcYYo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 52:d9:95:2f:3c:2b:54:53:a3:85:d4:d2:72:c4:8c:da:99:5e: f8:db:5b:e8:f4:db:d8:d2:2a:fb:c6:7d:9f:1d:3b:86:81:60: 11:86:83:4d:3b:7e:91:98:30:61:c6:e5:a5:10:aa:fa:dd:72: 7a:ee:10:f6:f6:67:05:7d:5e:19:5e:79:bb:e4:5c:b1:fc:80: 4a:cf:98:76:c0:da:09:b5:15:95:b6:6d:1c:50:29:af:73:c3: 31:80:13:28:ae:22:72:a2:34:44:79:70:13:c1:9a:e0:b3:e2: 53:fe:d1:5a:33:40:58:89:4c:8f:8a:0c:77:05:0c:a1:ee:ac: ba:e4:14:79:de:3f:ff:20:25:7d:96:0e:a1:d7:19:96:66:68: ff:fc:74:23:33:4d:84:28:14:c4:91:70:26:ec:45:a2:71:87: 27:60:ab:1d:f2:44:21:b3:ed:c2:5f:06:78:01:be:8a:6f:d5: 15:4f:bb:b2:e2:3f:d0:61:23:48:08:f8:49:0f:0f:da:f7:8d: 79:42:56:40:84:cc:22:29:2e:43:44:27:97:4a:68:e3:d5:7e: 0e:ff:8d:9e:6c:93:5c:f6:1a:f8:53:1d:47:1f:04:a9:3c:78: 49:d1:9f:07:05:cf:36:0f:db:b7:40:ff:ee:c5:52:61:af:99: 95:2b:5c:ce -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs/SHC2V3E7r4z9hpHDH6V3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI3MTQ1OTVjNTBjMzUxOTIxYjBkZTlhNTc1NDBhMTVlNWMx YzYxOGEwHhcNMjUxMjIxMDUwMTEwWhcNMjUxMjIyMDUwMTEwWjAzMTEwLwYDVQQD EygyZjlmMmM1ODY1YThmYjAwYWVkZTFhYTYzMzdkY2EwNGUzYTExM2YxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtt/0c/85g/PdtgM7PDXc8DFqxsjx mu1A45qGAE8fjjS/mtSEfN3aDPnlIk5ts8BDSzEqj/9UOM2MY4NicuxSckIIS3ag j2UKt3A7qJSs03uNsn6PY2Oi0H4fasl9EhUcoFjVtQGZ9dgvkSnddgXFLFoM7rTw LeXUbiYC6N3A3vzysKRoAyb6qVwDVPHTBGhjYqFo+RHpwDRMknXNycpUPIageXDG eO65ShMI2l3+KJow3JgU9E1K4VwC7ijrQG3UkIuI049mBhlejsDUY8saIZgM8kbW Tkk3rDYjvPco0yep3Y8VLyIaR7G96MvBb7w5fo76pfmKp6d75cvKRbhl7QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFC+fLFhlqPsArt4apjN9ygTjoRPxMB8GA1UdIwQY MBaAFLcUWVxQw1GSGw3ppXVAoV5cHGGKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdHhSWlhGRERVWkliRGVtbGRVQ2hYbHdjWVlvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8yYTQyMGQtOWQwZS00ZWE4LTk1YmMt ZjUzZDllMzZlOTVhLzEvdHhSWlhGRERVWkliRGVtbGRVQ2hYbHdjWVlvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNi8yYTQyMGQtOWQwZS00ZWE4LTk1YmMtZjUzZDllMzZlOTVh LzEvdHhSWlhGRERVWkliRGVtbGRVQ2hYbHdjWVlvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUtmVLzwr VFOjhdTScsSM2ple+Ntb6PTb2NIq+8Z9nx07hoFgEYaDTTt+kZgwYcblpRCq+t1y eu4Q9vZnBX1eGV55u+RcsfyASs+YdsDaCbUVlbZtHFApr3PDMYATKK4icqI0RHlw E8Ga4LPiU/7RWjNAWIlMj4oMdwUMoe6suuQUed4//yAlfZYOodcZlmZo//x0IzNN hCgUxJFwJuxFonGHJ2CrHfJEIbPtwl8GeAG+im/VFU+7suI/0GEjSAj4SQ8P2veN eUJWQITMIikuQ0Qnl0po49V+Dv+NnmyTXPYa+FMdRx8EqTx4SdGfBwXPNg/bt0D/ 7sVSYa+ZlStczg== -----END CERTIFICATE-----Generated at Sun Dec 21 14:16:07 2025 by rpki-client