This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/5f5bc8-e5f3-421d-9fa0-fefe8e34006c/1/tOiC9xca9tzczJzXn5jexnV_4Yk.mft File: tOiC9xca9tzczJzXn5jexnV_4Yk.mft (raw, json) Hash identifier: Jyv72q+JwBZaMIxSGXinLmCjuIQfcJQw6vjqhRJkbns= Subject key identifier: 1D:C5:F6:3F:74:AC:20:72:D6:93:2E:2F:C1:A2:44:B8:C6:55:DE:F4 Authority key identifier: B4:E8:82:F7:17:1A:F6:DC:DC:CC:9C:D7:9F:98:DE:C6:75:7F:E1:89 Certificate issuer: /CN=b4e882f7171af6dcdccc9cd79f98dec6757fe189 Certificate serial: 019B52614AE158A8E75C475EBF10A47F8FD4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tOiC9xca9tzczJzXn5jexnV_4Yk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/5f5bc8-e5f3-421d-9fa0-fefe8e34006c/1/tOiC9xca9tzczJzXn5jexnV_4Yk.mft Manifest number: 1791 Signing time: Wed 24 Dec 2025 22:01:06 +0000 Manifest this update: Wed 24 Dec 2025 22:01:06 +0000 Manifest next update: Thu 25 Dec 2025 22:01:06 +0000 Files and hashes: 1: WmxX7pBfpD5c2m2kHOUO4M_bBgA.roa (hash: q0DpW8XtR4IxHRwLJz0IGFkpb8cJ4HYo8d4HsEmNl8o=) 2: tOiC9xca9tzczJzXn5jexnV_4Yk.crl (hash: 0xYIBsV5hbglAEm+CYCXRSQl0abqQxAZy+Z5ocDQHUs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/5f5bc8-e5f3-421d-9fa0-fefe8e34006c/1/tOiC9xca9tzczJzXn5jexnV_4Yk.crl rsync://rpki.ripe.net/repository/DEFAULT/53/5f5bc8-e5f3-421d-9fa0-fefe8e34006c/1/tOiC9xca9tzczJzXn5jexnV_4Yk.mft rsync://rpki.ripe.net/repository/DEFAULT/tOiC9xca9tzczJzXn5jexnV_4Yk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 22:01:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:52:61:4a:e1:58:a8:e7:5c:47:5e:bf:10:a4:7f:8f:d4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b4e882f7171af6dcdccc9cd79f98dec6757fe189 Validity Not Before: Dec 24 22:01:06 2025 GMT Not After : Dec 25 22:01:06 2025 GMT Subject: CN=1dc5f63f74ac2072d6932e2fc1a244b8c655def4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:8f:ba:49:aa:17:e1:65:cf:9f:88:fd:72:3d: 1a:cc:43:ef:7e:29:1b:b7:0d:91:11:1c:01:35:ea: 31:99:99:2a:3d:a9:0c:fd:32:f0:75:71:b1:58:77: a7:22:fa:df:14:1d:bd:3f:ca:46:c4:18:54:48:eb: 4d:c4:4f:65:a8:25:a4:0e:1a:f7:51:ab:4b:3a:e2: 35:65:8e:3a:51:bf:1f:1f:17:4a:64:ff:3f:88:f7: 69:66:ed:3d:19:e5:29:30:ab:86:d4:50:d9:f2:41: 55:a1:19:5c:ae:10:fe:0d:6f:fe:90:f2:51:af:80: 88:6f:da:c1:78:bb:d6:66:4a:ae:dc:75:df:1f:44: ac:5f:81:4d:6c:f2:e3:57:52:e9:a8:8b:10:a5:90: b5:64:b6:e6:03:62:d5:c7:df:d2:9e:a0:dd:1b:5b: 94:40:6f:a7:be:1f:e6:f1:48:41:8a:fa:89:bb:89: e9:8a:7c:a5:fc:c2:d0:b9:01:c2:2d:f4:8d:69:0b: 42:f9:53:f4:5b:b4:14:37:23:3e:47:37:28:cf:dd: 8a:40:bb:fc:e9:24:6b:41:28:a2:9c:6e:3c:0b:9e: 63:c3:4e:ae:a1:dc:4e:7b:c7:ca:7c:f7:c2:61:34: f6:2e:4a:29:27:25:6b:35:c4:cd:87:e1:b4:d0:39: f6:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1D:C5:F6:3F:74:AC:20:72:D6:93:2E:2F:C1:A2:44:B8:C6:55:DE:F4 X509v3 Authority Key Identifier: keyid:B4:E8:82:F7:17:1A:F6:DC:DC:CC:9C:D7:9F:98:DE:C6:75:7F:E1:89 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tOiC9xca9tzczJzXn5jexnV_4Yk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/5f5bc8-e5f3-421d-9fa0-fefe8e34006c/1/tOiC9xca9tzczJzXn5jexnV_4Yk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/53/5f5bc8-e5f3-421d-9fa0-fefe8e34006c/1/tOiC9xca9tzczJzXn5jexnV_4Yk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 41:39:f5:a7:99:b7:3d:19:bb:3b:19:94:08:44:ab:8f:b8:bd: 56:75:41:13:82:4f:be:04:85:a4:3b:69:19:77:8e:c6:77:58: 60:15:58:7c:4d:87:6b:9d:e1:c3:28:68:9c:53:c9:92:82:4a: 9c:41:c7:56:0d:e8:14:3c:5e:5b:d5:61:54:0c:dc:96:96:3a: 2d:c8:df:8b:ea:56:22:ad:a8:3b:e5:1d:04:f8:5c:50:e7:d9: b7:41:0d:62:a3:5a:de:7c:e8:59:9d:5f:91:69:ee:73:68:c5: dc:42:51:e8:33:a7:71:7f:57:fb:ac:58:c2:a2:d6:da:5f:57: 66:10:ca:2e:2b:fd:a2:28:7a:d9:81:f3:27:86:d1:9d:61:48: d3:a4:28:a0:ca:43:72:d9:11:74:f2:0f:03:1a:ba:f1:a2:5d: 13:28:85:0d:4b:74:01:d9:9b:a2:01:da:0d:51:0e:a4:51:5e: cc:f5:b3:96:2e:1c:74:69:3f:59:92:93:75:ca:68:d4:a0:eb: 5b:d6:ff:3e:25:d2:3c:72:da:4c:88:b5:eb:b2:9e:40:76:66: d7:6c:ad:07:f4:7b:56:77:ca:44:1c:ac:e4:2d:9e:fe:ba:24: 97:1d:4a:2e:5a:65:a5:a4:4c:96:0f:86:7a:56:c9:bc:57:67: 2e:87:15:86 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtSYUrhWKjnXEdevxCkf4/UMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI0ZTg4MmY3MTcxYWY2ZGNkY2NjOWNkNzlmOThkZWM2NzU3 ZmUxODkwHhcNMjUxMjI0MjIwMTA2WhcNMjUxMjI1MjIwMTA2WjAzMTEwLwYDVQQD EygxZGM1ZjYzZjc0YWMyMDcyZDY5MzJlMmZjMWEyNDRiOGM2NTVkZWY0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Y+6SaoX4WXPn4j9cj0azEPvfikb tw2RERwBNeoxmZkqPakM/TLwdXGxWHenIvrfFB29P8pGxBhUSOtNxE9lqCWkDhr3 UatLOuI1ZY46Ub8fHxdKZP8/iPdpZu09GeUpMKuG1FDZ8kFVoRlcrhD+DW/+kPJR r4CIb9rBeLvWZkqu3HXfH0SsX4FNbPLjV1LpqIsQpZC1ZLbmA2LVx9/SnqDdG1uU QG+nvh/m8UhBivqJu4npinyl/MLQuQHCLfSNaQtC+VP0W7QUNyM+Rzcoz92KQLv8 6SRrQSiinG48C55jw06uodxOe8fKfPfCYTT2LkopJyVrNcTNh+G00Dn2ZQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFB3F9j90rCBy1pMuL8GiRLjGVd70MB8GA1UdIwQY MBaAFLTogvcXGvbc3Myc15+Y3sZ1f+GJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdE9pQzl4Y2E5dHpjekp6WG41amV4blZfNFlrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My81ZjViYzgtZTVmMy00MjFkLTlmYTAt ZmVmZThlMzQwMDZjLzEvdE9pQzl4Y2E5dHpjekp6WG41amV4blZfNFlrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81My81ZjViYzgtZTVmMy00MjFkLTlmYTAtZmVmZThlMzQwMDZj LzEvdE9pQzl4Y2E5dHpjekp6WG41amV4blZfNFlrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQTn1p5m3 PRm7OxmUCESrj7i9VnVBE4JPvgSFpDtpGXeOxndYYBVYfE2Ha53hwyhonFPJkoJK nEHHVg3oFDxeW9VhVAzclpY6Lcjfi+pWIq2oO+UdBPhcUOfZt0ENYqNa3nzoWZ1f kWnuc2jF3EJR6DOncX9X+6xYwqLW2l9XZhDKLiv9oih62YHzJ4bRnWFI06QooMpD ctkRdPIPAxq68aJdEyiFDUt0AdmbogHaDVEOpFFezPWzli4cdGk/WZKTdcpo1KDr W9b/PiXSPHLaTIi167KeQHZm12ytB/R7VnfKRBys5C2e/roklx1KLlplpaRMlg+G elbJvFdnLocVhg== -----END CERTIFICATE-----Generated at Thu Dec 25 07:11:46 2025 by rpki-client