This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/a34fb9-f64e-4291-9291-60b4ace004b5/1/tZXiFxdovJspQknw46U1kBecUu4.mft File: tZXiFxdovJspQknw46U1kBecUu4.mft (raw, json) Hash identifier: mcNmo/90eXUyMLN9sVmc5MjhPLA541KnzcUmQclFPII= Subject key identifier: E7:46:6A:33:CD:1D:A1:2B:8F:E9:3E:A0:DB:D1:B8:94:6F:DF:E1:AF Authority key identifier: B5:95:E2:17:17:68:BC:9B:29:42:49:F0:E3:A5:35:90:17:9C:52:EE Certificate issuer: /CN=b595e2171768bc9b294249f0e3a53590179c52ee Certificate serial: 019B6AD8AD707AA3598DD433E58743714DBD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tZXiFxdovJspQknw46U1kBecUu4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/a34fb9-f64e-4291-9291-60b4ace004b5/1/tZXiFxdovJspQknw46U1kBecUu4.mft Manifest number: 17A1 Signing time: Mon 29 Dec 2025 16:02:23 +0000 Manifest this update: Mon 29 Dec 2025 16:02:23 +0000 Manifest next update: Tue 30 Dec 2025 16:02:23 +0000 Files and hashes: 1: tZXiFxdovJspQknw46U1kBecUu4.crl (hash: 8ZCvQZFscGX8Zy8/nx3laRAyxJV7fz1hGLC2KFWeM44=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/50/a34fb9-f64e-4291-9291-60b4ace004b5/1/tZXiFxdovJspQknw46U1kBecUu4.crl rsync://rpki.ripe.net/repository/DEFAULT/50/a34fb9-f64e-4291-9291-60b4ace004b5/1/tZXiFxdovJspQknw46U1kBecUu4.mft rsync://rpki.ripe.net/repository/DEFAULT/tZXiFxdovJspQknw46U1kBecUu4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 30 Dec 2025 15:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:6a:d8:ad:70:7a:a3:59:8d:d4:33:e5:87:43:71:4d:bd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b595e2171768bc9b294249f0e3a53590179c52ee Validity Not Before: Dec 29 16:02:23 2025 GMT Not After : Dec 30 16:02:23 2025 GMT Subject: CN=e7466a33cd1da12b8fe93ea0dbd1b8946fdfe1af Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:ec:68:27:6e:1b:4c:2e:62:ca:92:ee:32:79: 67:6c:65:ce:17:c6:9c:81:e0:30:d0:b0:38:29:90: 20:a9:cb:52:a3:26:70:3a:a5:43:eb:e9:14:c0:a6: 87:2e:3f:cf:cc:25:a1:93:41:46:c7:43:ff:15:97: f5:4b:63:ec:2b:c2:98:9b:9c:3c:19:44:e6:78:f8: ee:ec:b2:59:c2:2b:3e:be:14:03:d9:0e:b5:81:08: 9a:7c:80:2d:98:db:a7:24:48:c6:fd:b2:19:cb:df: 1c:80:10:6a:d5:91:9d:ea:89:bd:60:0f:65:39:5c: 75:7c:55:cd:72:12:fa:5d:4f:e3:6c:c8:43:fd:c2: aa:69:35:d9:4d:a2:63:8c:9b:f7:e7:d8:e6:21:bd: 86:d5:b3:88:ea:d0:02:31:56:22:7d:0e:a9:0e:92: 25:e5:65:4c:22:59:4a:fd:1b:52:cc:a6:52:d7:f9: da:f8:11:87:c3:6e:6a:92:4e:8f:83:87:fe:f5:55: fc:1c:8e:66:99:80:a9:21:f4:e1:7e:9f:30:24:e3: 35:16:f1:f6:85:a8:4f:1b:b0:a8:21:b7:ac:b5:12: ea:cd:d0:78:28:9f:a4:bb:31:ad:77:fd:41:01:27: 2e:54:2a:e4:6b:7d:13:91:91:6c:3a:a5:d9:9f:79: 21:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E7:46:6A:33:CD:1D:A1:2B:8F:E9:3E:A0:DB:D1:B8:94:6F:DF:E1:AF X509v3 Authority Key Identifier: keyid:B5:95:E2:17:17:68:BC:9B:29:42:49:F0:E3:A5:35:90:17:9C:52:EE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tZXiFxdovJspQknw46U1kBecUu4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/a34fb9-f64e-4291-9291-60b4ace004b5/1/tZXiFxdovJspQknw46U1kBecUu4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/50/a34fb9-f64e-4291-9291-60b4ace004b5/1/tZXiFxdovJspQknw46U1kBecUu4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 80:71:c4:e0:7d:c7:fd:1e:9e:96:68:fb:aa:bc:d5:27:91:de: aa:e2:9c:e0:54:ad:1c:a2:4e:a5:04:d5:a6:83:5a:f8:1f:77: c9:83:e4:50:5d:b7:65:fe:dd:b7:75:be:d6:cb:77:03:e7:ce: 15:60:36:39:93:65:cc:e9:21:f1:52:74:9b:a6:52:69:b9:34: 52:20:88:7d:cf:4b:9b:45:e1:e9:37:b6:d5:c0:fb:b2:42:da: 98:d8:73:a1:ca:12:6b:9e:c7:ff:24:cd:83:da:e3:a3:14:79: 4a:94:f4:52:7d:0c:de:a9:e4:c5:16:9a:ac:01:6d:eb:63:55: 08:de:02:4c:7f:ab:e6:3c:eb:69:10:d6:73:1c:f6:f1:a1:e7: 8c:e4:3c:29:16:88:f4:e7:98:cb:12:e7:a1:67:5a:bf:37:97: 66:20:10:95:3d:ff:35:bb:d1:fd:48:76:13:3a:e1:03:19:f2: 49:e2:55:af:cc:44:14:4e:50:f9:08:6f:fa:66:1b:2a:49:1c: f3:63:16:9a:72:09:5d:30:84:23:19:08:98:38:f9:cd:2e:d7: fb:d6:f1:e9:1f:ca:15:09:47:ba:9d:59:b9:a8:f1:36:21:35: 43:79:34:6b:99:96:91:34:7d:bb:94:ed:be:fa:44:82:ac:61: 68:98:da:b5 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtq2K1weqNZjdQz5YdDcU29MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI1OTVlMjE3MTc2OGJjOWIyOTQyNDlmMGUzYTUzNTkwMTc5 YzUyZWUwHhcNMjUxMjI5MTYwMjIzWhcNMjUxMjMwMTYwMjIzWjAzMTEwLwYDVQQD EyhlNzQ2NmEzM2NkMWRhMTJiOGZlOTNlYTBkYmQxYjg5NDZmZGZlMWFmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2OxoJ24bTC5iypLuMnlnbGXOF8ac geAw0LA4KZAgqctSoyZwOqVD6+kUwKaHLj/PzCWhk0FGx0P/FZf1S2PsK8KYm5w8 GUTmePju7LJZwis+vhQD2Q61gQiafIAtmNunJEjG/bIZy98cgBBq1ZGd6om9YA9l OVx1fFXNchL6XU/jbMhD/cKqaTXZTaJjjJv359jmIb2G1bOI6tACMVYifQ6pDpIl 5WVMIllK/RtSzKZS1/na+BGHw25qkk6Pg4f+9VX8HI5mmYCpIfThfp8wJOM1FvH2 hahPG7CoIbestRLqzdB4KJ+kuzGtd/1BAScuVCrka30TkZFsOqXZn3khGwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOdGajPNHaErj+k+oNvRuJRv3+GvMB8GA1UdIwQY MBaAFLWV4hcXaLybKUJJ8OOlNZAXnFLuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdFpYaUZ4ZG92SnNwUWtudzQ2VTFrQmVjVXU0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9hMzRmYjktZjY0ZS00MjkxLTkyOTEt NjBiNGFjZTAwNGI1LzEvdFpYaUZ4ZG92SnNwUWtudzQ2VTFrQmVjVXU0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81MC9hMzRmYjktZjY0ZS00MjkxLTkyOTEtNjBiNGFjZTAwNGI1 LzEvdFpYaUZ4ZG92SnNwUWtudzQ2VTFrQmVjVXU0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgHHE4H3H /R6elmj7qrzVJ5HequKc4FStHKJOpQTVpoNa+B93yYPkUF23Zf7dt3W+1st3A+fO FWA2OZNlzOkh8VJ0m6ZSabk0UiCIfc9Lm0Xh6Te21cD7skLamNhzocoSa57H/yTN g9rjoxR5SpT0Un0M3qnkxRaarAFt62NVCN4CTH+r5jzraRDWcxz28aHnjOQ8KRaI 9OeYyxLnoWdavzeXZiAQlT3/NbvR/Uh2EzrhAxnySeJVr8xEFE5Q+Qhv+mYbKkkc 82MWmnIJXTCEIxkImDj5zS7X+9bx6R/KFQlHup1ZuajxNiE1Q3k0a5mWkTR9u5Tt vvpEgqxhaJjatQ== -----END CERTIFICATE-----Generated at Tue Dec 30 00:23:38 2025 by rpki-client