This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/7fd85d-0152-4ef2-9ebf-1e240b97d2c4/1/0tiRsOMo58hWrUt6B2TYLYVgltY.mft File: 0tiRsOMo58hWrUt6B2TYLYVgltY.mft (raw, json) Hash identifier: 3LyL8ZpCr9sEr5qus5VGcWPyqRUo/9pFsVShgNkvqP4= Subject key identifier: EA:D8:91:CB:8C:A0:62:54:6C:C7:7D:25:57:7D:B4:E6:07:CD:E7:4E Authority key identifier: D2:D8:91:B0:E3:28:E7:C8:56:AD:4B:7A:07:64:D8:2D:85:60:96:D6 Certificate issuer: /CN=d2d891b0e328e7c856ad4b7a0764d82d856096d6 Certificate serial: 019B311E7A9DBDD31F5C90EA7FCD587120ED Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0tiRsOMo58hWrUt6B2TYLYVgltY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/7fd85d-0152-4ef2-9ebf-1e240b97d2c4/1/0tiRsOMo58hWrUt6B2TYLYVgltY.mft Manifest number: 03D5 Signing time: Thu 18 Dec 2025 11:00:39 +0000 Manifest this update: Thu 18 Dec 2025 11:00:39 +0000 Manifest next update: Fri 19 Dec 2025 11:00:39 +0000 Files and hashes: 1: 0tiRsOMo58hWrUt6B2TYLYVgltY.crl (hash: oOKj9hJEvRldqSzDZsPblWIBDWj+L2Uvi+t2L7f76wQ=) 2: LL8JcAdqtBuww975zCJ3NT8wbIo.roa (hash: OazqFiciLO+01js5WnVLTxcyLBf+8JShIpJGoJGbyKE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/7fd85d-0152-4ef2-9ebf-1e240b97d2c4/1/0tiRsOMo58hWrUt6B2TYLYVgltY.crl rsync://rpki.ripe.net/repository/DEFAULT/22/7fd85d-0152-4ef2-9ebf-1e240b97d2c4/1/0tiRsOMo58hWrUt6B2TYLYVgltY.mft rsync://rpki.ripe.net/repository/DEFAULT/0tiRsOMo58hWrUt6B2TYLYVgltY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 11:00:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:31:1e:7a:9d:bd:d3:1f:5c:90:ea:7f:cd:58:71:20:ed Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d2d891b0e328e7c856ad4b7a0764d82d856096d6 Validity Not Before: Dec 18 11:00:39 2025 GMT Not After : Dec 19 11:00:39 2025 GMT Subject: CN=ead891cb8ca062546cc77d25577db4e607cde74e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f2:3a:15:f2:b6:b9:87:bb:d7:3a:c8:b0:8a:91: c0:63:65:c1:d7:c5:00:39:c9:ff:39:fc:ab:f7:ed: 5a:a3:27:80:2b:24:04:c2:e5:43:e6:28:15:21:55: d1:33:8d:f1:c8:4b:fb:7d:d0:6c:22:f0:22:07:66: cf:eb:fb:b6:a6:f0:44:fe:d4:ed:39:3c:86:cb:c9: ff:e4:b5:34:6a:25:bd:e6:b1:6d:3b:d7:40:d6:22: d2:10:10:69:fd:13:af:3c:ac:19:f3:b8:30:46:36: e7:5d:a5:cd:2f:57:cb:c3:cd:01:95:f5:09:e4:e6: 3d:ad:78:17:05:d6:84:69:8a:5d:af:e8:3e:f9:db: 28:32:8d:21:c2:b3:32:ba:f5:35:27:f0:b7:0b:fb: 1a:69:66:d8:30:2d:37:15:65:4c:e1:05:82:9e:69: 4a:9b:d2:ad:ff:d1:11:55:d8:bc:b6:92:04:a3:46: 1f:44:61:8c:d7:11:1c:88:68:79:5b:f3:3b:74:86: 7e:fd:99:0c:0f:aa:42:c1:93:f3:32:38:f8:c4:29: e3:92:d4:22:15:10:0f:ef:f7:81:4c:b0:0a:8c:21: 54:b9:d6:35:2c:60:e9:72:35:7f:b2:7d:02:d5:58: 9a:7c:4f:38:2c:db:45:83:5f:ef:29:d4:3f:be:de: ed:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EA:D8:91:CB:8C:A0:62:54:6C:C7:7D:25:57:7D:B4:E6:07:CD:E7:4E X509v3 Authority Key Identifier: keyid:D2:D8:91:B0:E3:28:E7:C8:56:AD:4B:7A:07:64:D8:2D:85:60:96:D6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0tiRsOMo58hWrUt6B2TYLYVgltY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/7fd85d-0152-4ef2-9ebf-1e240b97d2c4/1/0tiRsOMo58hWrUt6B2TYLYVgltY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/22/7fd85d-0152-4ef2-9ebf-1e240b97d2c4/1/0tiRsOMo58hWrUt6B2TYLYVgltY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4a:ca:37:4d:c3:67:91:d6:57:9f:d3:5c:db:5d:79:92:5f:3f: 89:24:04:a8:de:ec:e0:91:f8:d2:92:89:c6:54:5a:56:50:1c: db:16:68:b4:f0:3d:31:cd:99:ab:b8:26:ab:67:c6:fd:ae:29: a7:bc:d9:b5:0d:3e:a4:3b:71:2a:87:64:98:2a:80:57:28:ff: 33:5b:b7:4b:72:33:9c:fc:1b:8a:ff:2c:d8:9d:2a:19:dc:d1: 1c:6a:bb:6b:11:66:43:e6:28:36:8d:22:c4:df:49:8f:91:23: 93:0f:3e:d2:80:da:88:b0:8b:6b:7f:fa:0b:d9:f5:5b:11:26: ee:c5:94:5d:1f:c0:84:c2:49:ea:06:94:8d:1b:ca:ea:43:96: 0d:f8:f4:dc:68:52:32:73:5e:35:3b:ad:72:b8:bf:81:be:d1: 4b:8a:0f:c4:31:95:77:43:39:43:20:15:84:3f:d6:90:aa:2c: 54:f1:e1:91:64:93:b9:76:ab:7b:b2:53:af:8b:b5:ec:7d:a8: 64:0e:8b:8f:27:51:9a:bd:18:4a:78:af:6a:0e:99:b6:80:78: d5:35:17:55:13:c6:53:b4:89:96:d1:7d:a8:36:3e:6a:68:6d: a8:82:25:d3:3d:06:cc:84:2c:7e:aa:8d:75:d3:15:fa:d3:39: aa:38:29:48 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsxHnqdvdMfXJDqf81YcSDtMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQyZDg5MWIwZTMyOGU3Yzg1NmFkNGI3YTA3NjRkODJkODU2 MDk2ZDYwHhcNMjUxMjE4MTEwMDM5WhcNMjUxMjE5MTEwMDM5WjAzMTEwLwYDVQQD EyhlYWQ4OTFjYjhjYTA2MjU0NmNjNzdkMjU1NzdkYjRlNjA3Y2RlNzRlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8joV8ra5h7vXOsiwipHAY2XB18UA Ocn/Ofyr9+1aoyeAKyQEwuVD5igVIVXRM43xyEv7fdBsIvAiB2bP6/u2pvBE/tTt OTyGy8n/5LU0aiW95rFtO9dA1iLSEBBp/ROvPKwZ87gwRjbnXaXNL1fLw80BlfUJ 5OY9rXgXBdaEaYpdr+g++dsoMo0hwrMyuvU1J/C3C/saaWbYMC03FWVM4QWCnmlK m9Kt/9ERVdi8tpIEo0YfRGGM1xEciGh5W/M7dIZ+/ZkMD6pCwZPzMjj4xCnjktQi FRAP7/eBTLAKjCFUudY1LGDpcjV/sn0C1ViafE84LNtFg1/vKdQ/vt7tEQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOrYkcuMoGJUbMd9JVd9tOYHzedOMB8GA1UdIwQY MBaAFNLYkbDjKOfIVq1Legdk2C2FYJbWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMHRpUnNPTW81OGhXclV0NkIyVFlMWVZnbHRZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi83ZmQ4NWQtMDE1Mi00ZWYyLTllYmYt MWUyNDBiOTdkMmM0LzEvMHRpUnNPTW81OGhXclV0NkIyVFlMWVZnbHRZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMi83ZmQ4NWQtMDE1Mi00ZWYyLTllYmYtMWUyNDBiOTdkMmM0 LzEvMHRpUnNPTW81OGhXclV0NkIyVFlMWVZnbHRZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASso3TcNn kdZXn9Nc2115kl8/iSQEqN7s4JH40pKJxlRaVlAc2xZotPA9Mc2Zq7gmq2fG/a4p p7zZtQ0+pDtxKodkmCqAVyj/M1u3S3IznPwbiv8s2J0qGdzRHGq7axFmQ+YoNo0i xN9Jj5Ejkw8+0oDaiLCLa3/6C9n1WxEm7sWUXR/AhMJJ6gaUjRvK6kOWDfj03GhS MnNeNTutcri/gb7RS4oPxDGVd0M5QyAVhD/WkKosVPHhkWSTuXare7JTr4u17H2o ZA6LjydRmr0YSnivag6ZtoB41TUXVRPGU7SJltF9qDY+amhtqIIl0z0GzIQsfqqN ddMV+tM5qjgpSA== -----END CERTIFICATE-----Generated at Thu Dec 18 20:22:15 2025 by rpki-client