This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/2575fe-a526-4195-9745-fa96bdd2ffa3/1/T03F1MB2_YQmOrcubxe1_0rLhEg.mft File: T03F1MB2_YQmOrcubxe1_0rLhEg.mft (raw, json) Hash identifier: FxcuQ7mtg37eY+g2pkayH9+Q1Tb4FO/VeXViHGWUv70= Subject key identifier: 8F:EA:83:90:E8:B6:7C:7D:30:C0:71:3E:DF:BA:19:62:66:08:1C:A5 Authority key identifier: 4F:4D:C5:D4:C0:76:FD:84:26:3A:B7:2E:6F:17:B5:FF:4A:CB:84:48 Certificate issuer: /CN=4f4dc5d4c076fd84263ab72e6f17b5ff4acb8448 Certificate serial: 019B575089E50B7D543130ECE10E5135CF73 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T03F1MB2_YQmOrcubxe1_0rLhEg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/2575fe-a526-4195-9745-fa96bdd2ffa3/1/T03F1MB2_YQmOrcubxe1_0rLhEg.mft Manifest number: 0AB3 Signing time: Thu 25 Dec 2025 21:00:54 +0000 Manifest this update: Thu 25 Dec 2025 21:00:54 +0000 Manifest next update: Fri 26 Dec 2025 21:00:54 +0000 Files and hashes: 1: T03F1MB2_YQmOrcubxe1_0rLhEg.crl (hash: tklPEi334a17uRUFt6DiECLD1ADxSATsHhlvSaoXeJI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/2575fe-a526-4195-9745-fa96bdd2ffa3/1/T03F1MB2_YQmOrcubxe1_0rLhEg.crl rsync://rpki.ripe.net/repository/DEFAULT/3a/2575fe-a526-4195-9745-fa96bdd2ffa3/1/T03F1MB2_YQmOrcubxe1_0rLhEg.mft rsync://rpki.ripe.net/repository/DEFAULT/T03F1MB2_YQmOrcubxe1_0rLhEg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 26 Dec 2025 19:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:57:50:89:e5:0b:7d:54:31:30:ec:e1:0e:51:35:cf:73 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4f4dc5d4c076fd84263ab72e6f17b5ff4acb8448 Validity Not Before: Dec 25 21:00:54 2025 GMT Not After : Dec 26 21:00:54 2025 GMT Subject: CN=8fea8390e8b67c7d30c0713edfba196266081ca5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:3d:e5:ff:04:7d:9d:5a:4d:0c:aa:e0:0f:5d: b1:70:e2:20:be:6f:12:ba:f7:a8:eb:c9:e4:62:23: b4:37:f7:ef:e7:47:53:18:b0:2f:09:8e:b9:a2:51: 59:a8:ba:35:82:06:49:c0:c4:c3:2e:44:79:3d:79: 7b:b7:ed:75:50:70:d3:d6:b7:8d:3e:b4:f4:d5:6d: aa:5f:86:aa:a3:d9:e0:c4:28:a9:17:7a:ea:1f:8f: 28:07:0d:b3:e8:7a:9c:e3:e1:8c:28:df:90:72:c9: c4:61:f7:33:87:b3:a9:54:ae:e3:3a:c6:92:a2:e9: f8:6f:4e:4b:07:d4:8a:59:79:5a:5a:8f:67:29:d0: 0f:3c:08:48:37:2d:58:f3:8b:f0:b4:20:38:d7:54: fa:29:2c:c5:73:66:29:ba:b7:65:29:25:04:15:11: 98:67:99:d2:81:f1:08:63:5c:16:be:12:e8:0f:9b: 1f:80:16:c2:62:a2:08:53:16:5e:ba:ed:37:0a:5d: e9:9a:8b:bc:3c:4f:1c:88:84:2f:86:21:d5:61:8e: 8d:7c:1d:3a:34:9e:71:5f:6f:1a:11:4a:e4:5e:0f: b4:67:bf:ab:30:0f:b4:a1:5a:2b:29:00:77:35:33: 2d:bc:1e:0c:51:e7:56:79:d8:95:53:37:62:86:66: 0f:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8F:EA:83:90:E8:B6:7C:7D:30:C0:71:3E:DF:BA:19:62:66:08:1C:A5 X509v3 Authority Key Identifier: keyid:4F:4D:C5:D4:C0:76:FD:84:26:3A:B7:2E:6F:17:B5:FF:4A:CB:84:48 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T03F1MB2_YQmOrcubxe1_0rLhEg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/2575fe-a526-4195-9745-fa96bdd2ffa3/1/T03F1MB2_YQmOrcubxe1_0rLhEg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/2575fe-a526-4195-9745-fa96bdd2ffa3/1/T03F1MB2_YQmOrcubxe1_0rLhEg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7b:da:6b:db:17:8d:42:3c:36:12:19:96:d0:9b:26:e6:f5:c7: e3:c5:28:4a:67:0b:9f:3a:b1:4f:6f:3d:5c:ae:f0:8a:84:a1: f7:c5:08:29:cb:8e:96:77:18:33:9e:41:39:b3:6c:b2:07:f3: 80:f6:cc:b6:e8:6f:a7:0b:8c:0d:2a:29:73:34:49:3e:77:10: b9:e5:a2:dd:42:de:6a:fb:a2:a8:87:08:94:fd:9d:8b:3a:79: 6a:7f:83:8a:5d:b6:4e:8c:97:f7:3c:8a:0c:e4:55:24:b5:d6: 06:f4:34:d8:7e:ba:57:59:e3:52:9c:d6:1c:4a:08:ce:b2:92: 8b:71:e0:b7:e4:96:a5:11:85:8a:35:fa:aa:e1:1e:39:cb:64: d7:6d:b0:d6:9a:ea:e6:f2:35:a3:7d:df:22:68:dc:dc:bb:61: 27:18:2a:bb:ce:ba:74:8f:0c:48:ef:29:ea:86:00:fa:11:76: d5:8a:af:bf:4e:77:c0:33:05:1e:9f:b1:76:f6:d1:be:c5:ee: da:c6:f8:62:00:c3:8b:14:af:bd:d0:82:80:9b:e9:07:be:06: 9b:57:30:77:d7:b9:85:14:24:d4:85:49:15:cc:db:f2:3f:38: 62:78:7e:67:26:31:d8:29:6c:d7:6c:9b:6d:7e:ef:4d:6f:29: 03:2e:5c:21 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtXUInlC31UMTDs4Q5RNc9zMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRmNGRjNWQ0YzA3NmZkODQyNjNhYjcyZTZmMTdiNWZmNGFj Yjg0NDgwHhcNMjUxMjI1MjEwMDU0WhcNMjUxMjI2MjEwMDU0WjAzMTEwLwYDVQQD Eyg4ZmVhODM5MGU4YjY3YzdkMzBjMDcxM2VkZmJhMTk2MjY2MDgxY2E1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxD3l/wR9nVpNDKrgD12xcOIgvm8S uveo68nkYiO0N/fv50dTGLAvCY65olFZqLo1ggZJwMTDLkR5PXl7t+11UHDT1reN PrT01W2qX4aqo9ngxCipF3rqH48oBw2z6Hqc4+GMKN+QcsnEYfczh7OpVK7jOsaS oun4b05LB9SKWXlaWo9nKdAPPAhINy1Y84vwtCA411T6KSzFc2YpurdlKSUEFRGY Z5nSgfEIY1wWvhLoD5sfgBbCYqIIUxZeuu03Cl3pmou8PE8ciIQvhiHVYY6NfB06 NJ5xX28aEUrkXg+0Z7+rMA+0oVorKQB3NTMtvB4MUedWediVUzdihmYPwQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFI/qg5Dotnx9MMBxPt+6GWJmCBylMB8GA1UdIwQY MBaAFE9NxdTAdv2EJjq3Lm8Xtf9Ky4RIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVDAzRjFNQjJfWVFtT3JjdWJ4ZTFfMHJMaEVnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS8yNTc1ZmUtYTUyNi00MTk1LTk3NDUt ZmE5NmJkZDJmZmEzLzEvVDAzRjFNQjJfWVFtT3JjdWJ4ZTFfMHJMaEVnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYS8yNTc1ZmUtYTUyNi00MTk1LTk3NDUtZmE5NmJkZDJmZmEz LzEvVDAzRjFNQjJfWVFtT3JjdWJ4ZTFfMHJMaEVnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAe9pr2xeN Qjw2EhmW0Jsm5vXH48UoSmcLnzqxT289XK7wioSh98UIKcuOlncYM55BObNssgfz gPbMtuhvpwuMDSopczRJPncQueWi3ULeavuiqIcIlP2dizp5an+Dil22ToyX9zyK DORVJLXWBvQ02H66V1njUpzWHEoIzrKSi3Hgt+SWpRGFijX6quEeOctk122w1prq 5vI1o33fImjc3LthJxgqu866dI8MSO8p6oYA+hF21Yqvv053wDMFHp+xdvbRvsXu 2sb4YgDDixSvvdCCgJvpB74Gm1cwd9e5hRQk1IVJFczb8j84Ynh+ZyYx2Cls12yb bX7vTW8pAy5cIQ== -----END CERTIFICATE-----Generated at Thu Dec 25 22:47:46 2025 by rpki-client