This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/5454ad-6cf3-4ee5-a4b9-0464e945f1cc/1/tDuXodIfY3tUkTDwhXpoHMf2iEw.mft File: tDuXodIfY3tUkTDwhXpoHMf2iEw.mft (raw, json) Hash identifier: m+/5PC+lPWYsfdwhyjY/e1Tkktp7kZcBUohGeLeUVcA= Subject key identifier: 34:19:30:8F:9E:D1:B6:6B:84:01:B8:4D:99:87:82:06:E8:7F:24:93 Authority key identifier: B4:3B:97:A1:D2:1F:63:7B:54:91:30:F0:85:7A:68:1C:C7:F6:88:4C Certificate issuer: /CN=b43b97a1d21f637b549130f0857a681cc7f6884c Certificate serial: 019B78CA4F8C123CD103F392DD169C12579B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDuXodIfY3tUkTDwhXpoHMf2iEw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/5454ad-6cf3-4ee5-a4b9-0464e945f1cc/1/tDuXodIfY3tUkTDwhXpoHMf2iEw.mft Manifest number: 17A8 Signing time: Thu 01 Jan 2026 09:01:23 +0000 Manifest this update: Thu 01 Jan 2026 09:01:23 +0000 Manifest next update: Fri 02 Jan 2026 09:01:23 +0000 Files and hashes: 1: gOrhC3Rs6ZkPUS8bJ0Q8uGllb_s.roa (hash: bYWKYeeXDVqD6ocfaaGfzje6g+DprIe5/dFMotk0P/Q=) 2: tDuXodIfY3tUkTDwhXpoHMf2iEw.crl (hash: s8PftrmZE2KOQ5DZEfRksOKZNYVgwL049iqzzEtneh4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2e/5454ad-6cf3-4ee5-a4b9-0464e945f1cc/1/tDuXodIfY3tUkTDwhXpoHMf2iEw.crl rsync://rpki.ripe.net/repository/DEFAULT/2e/5454ad-6cf3-4ee5-a4b9-0464e945f1cc/1/tDuXodIfY3tUkTDwhXpoHMf2iEw.mft rsync://rpki.ripe.net/repository/DEFAULT/tDuXodIfY3tUkTDwhXpoHMf2iEw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 02 Jan 2026 09:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:ca:4f:8c:12:3c:d1:03:f3:92:dd:16:9c:12:57:9b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b43b97a1d21f637b549130f0857a681cc7f6884c Validity Not Before: Jan 1 09:01:23 2026 GMT Not After : Jan 2 09:01:23 2026 GMT Subject: CN=3419308f9ed1b66b8401b84d99878206e87f2493 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:a7:97:e8:28:ff:8b:6d:7c:17:6b:14:b2:b0: a6:36:a9:1b:fd:32:2d:41:d4:7c:53:c9:9a:c3:92: 53:6b:4c:02:b3:fb:61:a5:d2:ef:c5:be:7a:be:f3: bb:8a:bc:fe:d5:53:96:4a:dc:d2:b8:fe:60:7c:eb: 45:c0:f5:83:1a:5f:c7:f3:06:31:bf:58:df:6e:2a: 65:82:e3:2e:c7:fc:28:99:13:15:ca:3c:f2:78:f8: ca:0a:e1:32:23:be:15:9b:ae:2f:05:12:6f:ba:51: 85:b6:42:b7:88:ee:8b:35:87:94:55:d6:72:2d:9e: 76:34:2a:9a:df:56:09:51:92:d6:bf:9d:7b:c0:57: 83:c3:1c:6e:f4:6c:de:d8:9a:c7:ba:fe:76:02:e1: 02:f6:9d:b9:b7:ce:59:0e:a7:63:1f:79:eb:f5:59: a7:a4:df:54:a3:cc:d9:19:6b:bc:19:d9:4f:7e:6d: 0d:c1:67:c6:e0:28:cd:8d:46:5a:10:f5:33:db:7d: 0e:01:8b:91:c4:93:58:86:a2:48:3f:9e:10:9c:b5: a9:05:69:45:a2:f9:b4:8a:40:32:27:0d:e2:69:5a: 0a:1b:00:13:a1:e0:ad:01:e4:79:8a:d3:c8:85:d8: a3:fc:1f:db:a6:ea:de:a0:4a:77:db:08:4a:95:64: 6a:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 34:19:30:8F:9E:D1:B6:6B:84:01:B8:4D:99:87:82:06:E8:7F:24:93 X509v3 Authority Key Identifier: keyid:B4:3B:97:A1:D2:1F:63:7B:54:91:30:F0:85:7A:68:1C:C7:F6:88:4C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDuXodIfY3tUkTDwhXpoHMf2iEw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/5454ad-6cf3-4ee5-a4b9-0464e945f1cc/1/tDuXodIfY3tUkTDwhXpoHMf2iEw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/5454ad-6cf3-4ee5-a4b9-0464e945f1cc/1/tDuXodIfY3tUkTDwhXpoHMf2iEw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 59:c8:93:fd:98:23:6e:01:3f:96:ed:a0:1b:85:23:a6:1d:e5: 24:d0:df:bc:09:5d:d0:60:6c:51:cf:96:f8:c0:39:f2:32:5f: ea:03:04:b2:0b:d5:52:c3:34:5a:dd:01:73:15:9d:ba:9c:8e: 58:be:c4:f2:e4:18:4c:9b:50:f0:72:d0:88:2c:0e:f2:dd:7d: 7c:7b:ff:3b:c1:f2:2b:37:39:61:da:30:56:64:28:f7:a5:7c: b5:84:5c:c4:df:42:eb:c9:f7:4b:da:9c:ac:c7:f7:ab:9b:64: 9e:57:0a:0e:5a:1c:a7:86:b7:70:e9:1d:50:77:d4:4b:b2:2f: 6c:9a:16:4d:2a:dd:57:b8:e0:49:02:2f:0d:cf:39:0e:79:aa: 63:ee:ff:12:03:80:0a:ff:02:9a:82:dd:9c:ae:f2:4e:54:ac: f5:1d:22:9f:ba:5c:42:4a:35:6c:6f:58:a3:57:df:04:4f:bf: 2f:28:fa:1f:ff:6b:68:be:7d:66:65:95:93:d7:d3:a0:72:e2: f8:be:3c:1d:40:17:9f:ad:e6:03:91:17:3e:52:17:89:9e:79: 5a:0c:40:0a:b8:b7:55:76:85:cc:84:97:34:46:0d:5d:f3:3c: 2d:de:ee:52:55:71:61:98:46:df:2d:b2:94:93:f9:1b:9a:95: 1b:2f:1b:d6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZt4yk+MEjzRA/OS3RacElebMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI0M2I5N2ExZDIxZjYzN2I1NDkxMzBmMDg1N2E2ODFjYzdm Njg4NGMwHhcNMjYwMTAxMDkwMTIzWhcNMjYwMTAyMDkwMTIzWjAzMTEwLwYDVQQD EygzNDE5MzA4ZjllZDFiNjZiODQwMWI4NGQ5OTg3ODIwNmU4N2YyNDkzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu6eX6Cj/i218F2sUsrCmNqkb/TIt QdR8U8maw5JTa0wCs/thpdLvxb56vvO7irz+1VOWStzSuP5gfOtFwPWDGl/H8wYx v1jfbiplguMux/womRMVyjzyePjKCuEyI74Vm64vBRJvulGFtkK3iO6LNYeUVdZy LZ52NCqa31YJUZLWv517wFeDwxxu9Gze2JrHuv52AuEC9p25t85ZDqdjH3nr9Vmn pN9Uo8zZGWu8GdlPfm0NwWfG4CjNjUZaEPUz230OAYuRxJNYhqJIP54QnLWpBWlF ovm0ikAyJw3iaVoKGwAToeCtAeR5itPIhdij/B/bpureoEp32whKlWRqmwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDQZMI+e0bZrhAG4TZmHggbofySTMB8GA1UdIwQY MBaAFLQ7l6HSH2N7VJEw8IV6aBzH9ohMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdER1WG9kSWZZM3RVa1REd2hYcG9ITWYyaUV3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS81NDU0YWQtNmNmMy00ZWU1LWE0Yjkt MDQ2NGU5NDVmMWNjLzEvdER1WG9kSWZZM3RVa1REd2hYcG9ITWYyaUV3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yZS81NDU0YWQtNmNmMy00ZWU1LWE0YjktMDQ2NGU5NDVmMWNj LzEvdER1WG9kSWZZM3RVa1REd2hYcG9ITWYyaUV3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWciT/Zgj bgE/lu2gG4Ujph3lJNDfvAld0GBsUc+W+MA58jJf6gMEsgvVUsM0Wt0BcxWdupyO WL7E8uQYTJtQ8HLQiCwO8t19fHv/O8HyKzc5YdowVmQo96V8tYRcxN9C68n3S9qc rMf3q5tknlcKDlocp4a3cOkdUHfUS7IvbJoWTSrdV7jgSQIvDc85DnmqY+7/EgOA Cv8CmoLdnK7yTlSs9R0in7pcQko1bG9Yo1ffBE+/Lyj6H/9raL59ZmWVk9fToHLi +L48HUAXn63mA5EXPlIXiZ55WgxACri3VXaFzISXNEYNXfM8Ld7uUlVxYZhG3y2y lJP5G5qVGy8b1g== -----END CERTIFICATE-----Generated at Thu Jan 1 15:57:35 2026 by rpki-client