This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/f0af61-8ccc-4a3b-9010-6910f399d38f/1/tRhBzcn2NZTd3CulmkATMYK1efo.mft File: tRhBzcn2NZTd3CulmkATMYK1efo.mft (raw, json) Hash identifier: vmGl3ARtEQ7TpnTxEm3MkPzUIszoftEiizSE0JiWHdk= Subject key identifier: 78:F5:85:5B:FC:C7:B2:36:51:7C:76:14:23:61:AD:C9:6A:1E:4E:2F Authority key identifier: B5:18:41:CD:C9:F6:35:94:DD:DC:2B:A5:9A:40:13:31:82:B5:79:FA Certificate issuer: /CN=b51841cdc9f63594dddc2ba59a40133182b579fa Certificate serial: 019B2B8A840C2344EAF9F6EFB45501A1FDEB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tRhBzcn2NZTd3CulmkATMYK1efo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/f0af61-8ccc-4a3b-9010-6910f399d38f/1/tRhBzcn2NZTd3CulmkATMYK1efo.mft Manifest number: 1782 Signing time: Wed 17 Dec 2025 09:00:56 +0000 Manifest this update: Wed 17 Dec 2025 09:00:56 +0000 Manifest next update: Thu 18 Dec 2025 09:00:56 +0000 Files and hashes: 1: iQxCTqJc23IztH0qMtXGhii78xc.roa (hash: b/32KuHdgss/tEEpqliyL9nGxIGy3IsYTip4QREYlPc=) 2: tRhBzcn2NZTd3CulmkATMYK1efo.crl (hash: FJ8upYy1H7A24R8gfFTnxN8a5y3g8Nnk7NvpZY5NWOQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/f0af61-8ccc-4a3b-9010-6910f399d38f/1/tRhBzcn2NZTd3CulmkATMYK1efo.crl rsync://rpki.ripe.net/repository/DEFAULT/3a/f0af61-8ccc-4a3b-9010-6910f399d38f/1/tRhBzcn2NZTd3CulmkATMYK1efo.mft rsync://rpki.ripe.net/repository/DEFAULT/tRhBzcn2NZTd3CulmkATMYK1efo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 18 Dec 2025 09:00:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2b:8a:84:0c:23:44:ea:f9:f6:ef:b4:55:01:a1:fd:eb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b51841cdc9f63594dddc2ba59a40133182b579fa Validity Not Before: Dec 17 09:00:56 2025 GMT Not After : Dec 18 09:00:56 2025 GMT Subject: CN=78f5855bfcc7b236517c76142361adc96a1e4e2f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:8a:5e:59:d7:b5:0f:49:0f:ba:dd:17:63:36: 2a:55:22:d3:4c:5f:cc:b7:e6:bb:12:33:66:73:9d: ed:f5:81:e7:73:75:8d:ba:d9:99:18:ca:c6:44:43: a9:ef:a6:ad:14:ac:82:ea:45:33:53:46:5a:2f:9a: 41:59:1e:e2:25:58:9f:c1:de:fc:34:5c:95:8e:d8: 88:82:11:d7:71:bb:51:e7:be:4f:0f:a4:63:c4:1b: bf:9c:b2:d1:bb:4d:00:c6:20:86:83:f7:33:7d:eb: 48:cf:8e:db:11:62:78:5d:51:7d:78:a9:22:3b:11: ff:ab:e8:f0:09:cf:4e:99:c1:f9:fd:8f:b7:8c:45: dd:21:aa:7b:80:7d:39:93:27:9e:1d:63:99:bd:66: 43:47:81:63:c7:b6:59:97:48:9b:0a:1c:e3:a6:e6: 20:1b:96:71:d8:ad:29:7a:52:62:a0:14:e8:3c:b4: f1:a9:fe:e0:78:22:51:40:b1:bc:75:8f:55:87:5e: 53:d5:0a:96:e7:1e:5d:6c:4f:65:23:a9:23:49:c8: 5b:9e:a1:0f:1a:2e:d7:81:84:95:59:22:45:7b:9b: 6a:9a:b8:36:9b:76:d6:67:24:a0:6d:4b:96:70:c7: 50:de:6e:c5:42:02:1b:d2:17:14:8e:ad:aa:3b:35: 16:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 78:F5:85:5B:FC:C7:B2:36:51:7C:76:14:23:61:AD:C9:6A:1E:4E:2F X509v3 Authority Key Identifier: keyid:B5:18:41:CD:C9:F6:35:94:DD:DC:2B:A5:9A:40:13:31:82:B5:79:FA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tRhBzcn2NZTd3CulmkATMYK1efo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/f0af61-8ccc-4a3b-9010-6910f399d38f/1/tRhBzcn2NZTd3CulmkATMYK1efo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/f0af61-8ccc-4a3b-9010-6910f399d38f/1/tRhBzcn2NZTd3CulmkATMYK1efo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 05:9d:ba:ee:57:7a:56:3c:8e:e8:3f:5a:69:61:70:b2:b1:3f: 65:d0:59:df:b8:34:7a:c0:3d:f3:4f:ab:2d:40:f7:1d:60:2f: 11:8a:28:80:af:50:9b:7c:50:b1:4e:c3:80:44:2c:c9:ac:a5: 9d:14:d4:05:c3:60:01:a4:58:51:95:da:c3:74:33:30:d6:8c: d4:11:ab:0b:ce:f1:45:bb:bb:68:33:29:83:b4:78:8c:33:7c: 2a:09:4c:d8:bb:15:3a:a4:04:15:da:f0:37:62:33:1f:9b:61: 83:2b:0f:1c:4b:30:29:8f:d6:1b:b4:31:71:f0:94:3e:f7:99: ab:ab:88:d8:cf:64:ba:b8:d6:be:b6:41:30:c0:eb:0c:c0:c2: 81:9c:18:a4:2e:c6:5f:1e:59:ef:6f:ff:a4:cb:ba:c6:33:43: 72:6c:85:69:3a:ca:4a:3f:fc:da:22:72:66:64:f8:0b:21:4b: c4:a8:9c:7f:ab:4e:bc:92:64:50:51:8b:e8:02:f6:5f:d4:c5: 8a:35:0b:43:e6:36:bb:82:d8:17:37:09:09:02:9a:e4:c4:71: e0:61:d9:e2:ae:8f:7a:e6:1d:90:88:00:ba:d4:45:b6:5e:1b: 72:81:93:40:40:c9:58:8f:8f:9c:ae:e4:b3:d6:4c:1a:9c:99: 2c:59:40:be -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsrioQMI0Tq+fbvtFUBof3rMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI1MTg0MWNkYzlmNjM1OTRkZGRjMmJhNTlhNDAxMzMxODJi NTc5ZmEwHhcNMjUxMjE3MDkwMDU2WhcNMjUxMjE4MDkwMDU2WjAzMTEwLwYDVQQD Eyg3OGY1ODU1YmZjYzdiMjM2NTE3Yzc2MTQyMzYxYWRjOTZhMWU0ZTJmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq4peWde1D0kPut0XYzYqVSLTTF/M t+a7EjNmc53t9YHnc3WNutmZGMrGREOp76atFKyC6kUzU0ZaL5pBWR7iJVifwd78 NFyVjtiIghHXcbtR575PD6RjxBu/nLLRu00AxiCGg/czfetIz47bEWJ4XVF9eKki OxH/q+jwCc9OmcH5/Y+3jEXdIap7gH05kyeeHWOZvWZDR4Fjx7ZZl0ibChzjpuYg G5Zx2K0pelJioBToPLTxqf7geCJRQLG8dY9Vh15T1QqW5x5dbE9lI6kjSchbnqEP Gi7XgYSVWSJFe5tqmrg2m3bWZySgbUuWcMdQ3m7FQgIb0hcUjq2qOzUWGwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHj1hVv8x7I2UXx2FCNhrclqHk4vMB8GA1UdIwQY MBaAFLUYQc3J9jWU3dwrpZpAEzGCtXn6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdFJoQnpjbjJOWlRkM0N1bG1rQVRNWUsxZWZvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9mMGFmNjEtOGNjYy00YTNiLTkwMTAt NjkxMGYzOTlkMzhmLzEvdFJoQnpjbjJOWlRkM0N1bG1rQVRNWUsxZWZvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYS9mMGFmNjEtOGNjYy00YTNiLTkwMTAtNjkxMGYzOTlkMzhm LzEvdFJoQnpjbjJOWlRkM0N1bG1rQVRNWUsxZWZvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABZ267ld6 VjyO6D9aaWFwsrE/ZdBZ37g0esA980+rLUD3HWAvEYoogK9Qm3xQsU7DgEQsyayl nRTUBcNgAaRYUZXaw3QzMNaM1BGrC87xRbu7aDMpg7R4jDN8KglM2LsVOqQEFdrw N2IzH5thgysPHEswKY/WG7QxcfCUPveZq6uI2M9kurjWvrZBMMDrDMDCgZwYpC7G Xx5Z72//pMu6xjNDcmyFaTrKSj/82iJyZmT4CyFLxKicf6tOvJJkUFGL6AL2X9TF ijULQ+Y2u4LYFzcJCQKa5MRx4GHZ4q6PeuYdkIgAutRFtl4bcoGTQEDJWI+PnK7k s9ZMGpyZLFlAvg== -----END CERTIFICATE-----Generated at Wed Dec 17 16:49:57 2025 by rpki-client