This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/d9a672-26c3-4ab4-b53b-099fd2101385/1/tPszH6QvtFHkVRxvkcu5wZ7jek4.mft File: tPszH6QvtFHkVRxvkcu5wZ7jek4.mft (raw, json) Hash identifier: r4brhSI0cIF2E1alG3Ol7X+woDHyaHyGAV7P49X/EV4= Subject key identifier: B0:44:D3:AE:8B:08:EE:F0:03:46:CA:39:62:91:32:01:9E:6F:13:EE Authority key identifier: B4:FB:33:1F:A4:2F:B4:51:E4:55:1C:6F:91:CB:B9:C1:9E:E3:7A:4E Certificate issuer: /CN=b4fb331fa42fb451e4551c6f91cbb9c19ee37a4e Certificate serial: 019B6DD82533912C8E54E62789B06BBB1BA3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPszH6QvtFHkVRxvkcu5wZ7jek4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/d9a672-26c3-4ab4-b53b-099fd2101385/1/tPszH6QvtFHkVRxvkcu5wZ7jek4.mft Manifest number: 17A2 Signing time: Tue 30 Dec 2025 06:00:40 +0000 Manifest this update: Tue 30 Dec 2025 06:00:40 +0000 Manifest next update: Wed 31 Dec 2025 06:00:40 +0000 Files and hashes: 1: DvRXNlTCR35yGxJPggKI6LQ1TXY.roa (hash: uCs5edSvBBj2KY6s6HL8wAMD7pMX49G3e3NvxavAQGo=) 2: tPszH6QvtFHkVRxvkcu5wZ7jek4.crl (hash: bywaSrmLWpdy43SuHa/xBDv39i04de4u8NIBGO3CCAk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/d9a672-26c3-4ab4-b53b-099fd2101385/1/tPszH6QvtFHkVRxvkcu5wZ7jek4.crl rsync://rpki.ripe.net/repository/DEFAULT/29/d9a672-26c3-4ab4-b53b-099fd2101385/1/tPszH6QvtFHkVRxvkcu5wZ7jek4.mft rsync://rpki.ripe.net/repository/DEFAULT/tPszH6QvtFHkVRxvkcu5wZ7jek4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 31 Dec 2025 00:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:6d:d8:25:33:91:2c:8e:54:e6:27:89:b0:6b:bb:1b:a3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b4fb331fa42fb451e4551c6f91cbb9c19ee37a4e Validity Not Before: Dec 30 06:00:40 2025 GMT Not After : Dec 31 06:00:40 2025 GMT Subject: CN=b044d3ae8b08eef00346ca39629132019e6f13ee Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:6c:a2:62:bb:59:b7:52:35:ad:38:3e:76:ba: ce:8b:93:94:87:09:40:22:c6:bf:43:8b:1e:ea:74: 99:10:7a:a7:de:6a:6c:45:77:76:c3:48:3c:64:12: 27:c1:ba:fd:ae:a1:b1:98:76:7d:be:f1:3f:fe:fa: f2:03:fd:75:d3:0c:95:54:5c:3e:7e:d5:52:9e:bf: 87:56:55:3d:2a:d2:49:3d:cf:b0:88:96:5c:08:3e: 11:40:8b:40:1c:c8:c1:d3:6f:7e:2d:e8:07:d8:3d: 3c:e2:20:5f:e2:4d:4d:50:e6:2f:d7:89:4b:46:56: 32:90:2c:54:a2:a2:be:94:ba:d1:0d:6f:af:59:40: e4:04:1b:8f:0c:55:98:36:4d:7e:e4:f1:16:2c:6a: 54:b1:52:76:d5:da:f6:17:19:34:10:bb:f7:aa:86: 91:b7:2d:85:60:a0:66:66:b4:90:4f:bf:e7:7e:aa: a4:81:bd:f2:2f:d4:0f:b2:49:71:1f:48:fc:ec:e6: ea:2f:48:4d:6b:ce:23:8c:1f:72:5e:66:d6:8f:95: cb:f9:6e:63:cd:be:5c:b7:77:4f:96:2d:7a:6c:dc: 11:23:c9:62:68:6d:fe:10:4c:48:1d:07:bb:74:de: 57:96:2f:ca:38:c2:60:c6:5e:ed:f0:25:03:ca:dd: be:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B0:44:D3:AE:8B:08:EE:F0:03:46:CA:39:62:91:32:01:9E:6F:13:EE X509v3 Authority Key Identifier: keyid:B4:FB:33:1F:A4:2F:B4:51:E4:55:1C:6F:91:CB:B9:C1:9E:E3:7A:4E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPszH6QvtFHkVRxvkcu5wZ7jek4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/d9a672-26c3-4ab4-b53b-099fd2101385/1/tPszH6QvtFHkVRxvkcu5wZ7jek4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/29/d9a672-26c3-4ab4-b53b-099fd2101385/1/tPszH6QvtFHkVRxvkcu5wZ7jek4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 34:9c:b6:8d:d3:9d:90:34:db:af:ee:46:f4:20:2c:de:fd:3f: 04:06:4e:0a:e9:ea:eb:c6:e6:20:f7:52:c9:4a:12:55:9e:19: 90:41:b1:61:04:a5:a8:6d:d7:c1:06:bb:6b:ec:18:91:6d:b8: 1a:3b:93:56:3b:7c:5b:58:68:d7:af:f0:a3:e7:a7:df:bf:6d: 9c:da:b9:34:b9:fb:8a:77:39:ca:60:2b:c5:06:8a:91:77:be: da:d0:d8:8f:a4:1d:f7:60:74:89:5b:64:66:d0:29:95:e1:a5: 59:8e:c5:85:73:1a:67:4a:f4:67:4a:f0:ee:36:e5:30:62:3d: 1f:7e:5f:5b:d6:61:e6:75:91:34:76:6d:43:bc:80:89:cb:4b: 84:2c:a6:a8:ab:0c:65:59:4e:e1:9a:e6:b1:14:fd:08:a1:58: 46:fd:27:1d:c4:58:1b:ec:c6:8d:82:25:be:88:92:91:2a:3e: d8:b5:d3:9a:85:9b:a9:f7:99:ed:78:b1:4e:a0:ff:7d:27:9b: 8a:07:f3:7b:69:80:27:29:7b:39:f1:7d:1a:2d:f6:ed:fe:1d: 55:55:d8:89:00:56:cd:56:10:7e:5b:ee:9f:e7:c5:93:0f:b8: 9f:f3:22:38:d8:dd:63:0f:0d:ea:a4:1d:fe:f3:e0:33:67:62: eb:a5:68:e2 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtt2CUzkSyOVOYnibBruxujMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI0ZmIzMzFmYTQyZmI0NTFlNDU1MWM2ZjkxY2JiOWMxOWVl MzdhNGUwHhcNMjUxMjMwMDYwMDQwWhcNMjUxMjMxMDYwMDQwWjAzMTEwLwYDVQQD EyhiMDQ0ZDNhZThiMDhlZWYwMDM0NmNhMzk2MjkxMzIwMTllNmYxM2VlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxGyiYrtZt1I1rTg+drrOi5OUhwlA Isa/Q4se6nSZEHqn3mpsRXd2w0g8ZBInwbr9rqGxmHZ9vvE//vryA/110wyVVFw+ ftVSnr+HVlU9KtJJPc+wiJZcCD4RQItAHMjB029+LegH2D084iBf4k1NUOYv14lL RlYykCxUoqK+lLrRDW+vWUDkBBuPDFWYNk1+5PEWLGpUsVJ21dr2Fxk0ELv3qoaR ty2FYKBmZrSQT7/nfqqkgb3yL9QPsklxH0j87ObqL0hNa84jjB9yXmbWj5XL+W5j zb5ct3dPli16bNwRI8liaG3+EExIHQe7dN5Xli/KOMJgxl7t8CUDyt2+qQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLBE066LCO7wA0bKOWKRMgGebxPuMB8GA1UdIwQY MBaAFLT7Mx+kL7RR5FUcb5HLucGe43pOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdFBzekg2UXZ0RkhrVlJ4dmtjdTV3WjdqZWs0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9kOWE2NzItMjZjMy00YWI0LWI1M2It MDk5ZmQyMTAxMzg1LzEvdFBzekg2UXZ0RkhrVlJ4dmtjdTV3WjdqZWs0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yOS9kOWE2NzItMjZjMy00YWI0LWI1M2ItMDk5ZmQyMTAxMzg1 LzEvdFBzekg2UXZ0RkhrVlJ4dmtjdTV3WjdqZWs0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANJy2jdOd kDTbr+5G9CAs3v0/BAZOCunq68bmIPdSyUoSVZ4ZkEGxYQSlqG3XwQa7a+wYkW24 GjuTVjt8W1ho16/wo+en379tnNq5NLn7inc5ymArxQaKkXe+2tDYj6Qd92B0iVtk ZtApleGlWY7FhXMaZ0r0Z0rw7jblMGI9H35fW9Zh5nWRNHZtQ7yAictLhCymqKsM ZVlO4ZrmsRT9CKFYRv0nHcRYG+zGjYIlvoiSkSo+2LXTmoWbqfeZ7XixTqD/fSeb igfze2mAJyl7OfF9Gi327f4dVVXYiQBWzVYQflvun+fFkw+4n/MiONjdYw8N6qQd /vPgM2di66Vo4g== -----END CERTIFICATE-----Generated at Tue Dec 30 08:53:53 2025 by rpki-client