This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/577a7b-5dcc-43a7-a89c-e3bc6b499e7b/1/tsaaSiFb3h0yk03chd6vj9nJRHk.mft File: tsaaSiFb3h0yk03chd6vj9nJRHk.mft (raw, json) Hash identifier: /gSHFPDnD9ED1lmJULHySEz2yLKCKEzcoT1p7WrF3xc= Subject key identifier: E5:D2:05:12:9E:35:49:C6:ED:07:B5:DB:B0:73:C8:68:4C:06:C6:A7 Authority key identifier: B6:C6:9A:4A:21:5B:DE:1D:32:93:4D:DC:85:DE:AF:8F:D9:C9:44:79 Certificate issuer: /CN=b6c69a4a215bde1d32934ddc85deaf8fd9c94479 Certificate serial: 019B5DC07493B81A5944ACB8291EA5EC8F5C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tsaaSiFb3h0yk03chd6vj9nJRHk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/577a7b-5dcc-43a7-a89c-e3bc6b499e7b/1/tsaaSiFb3h0yk03chd6vj9nJRHk.mft Manifest number: 0F45 Signing time: Sat 27 Dec 2025 03:00:52 +0000 Manifest this update: Sat 27 Dec 2025 03:00:52 +0000 Manifest next update: Sun 28 Dec 2025 03:00:52 +0000 Files and hashes: 1: tsaaSiFb3h0yk03chd6vj9nJRHk.crl (hash: sSykBkoaIFbaRk/hseRVRDlQYCYfK8C7Xo2alzDhuko=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/577a7b-5dcc-43a7-a89c-e3bc6b499e7b/1/tsaaSiFb3h0yk03chd6vj9nJRHk.crl rsync://rpki.ripe.net/repository/DEFAULT/57/577a7b-5dcc-43a7-a89c-e3bc6b499e7b/1/tsaaSiFb3h0yk03chd6vj9nJRHk.mft rsync://rpki.ripe.net/repository/DEFAULT/tsaaSiFb3h0yk03chd6vj9nJRHk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 20:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5d:c0:74:93:b8:1a:59:44:ac:b8:29:1e:a5:ec:8f:5c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b6c69a4a215bde1d32934ddc85deaf8fd9c94479 Validity Not Before: Dec 27 03:00:52 2025 GMT Not After : Dec 28 03:00:52 2025 GMT Subject: CN=e5d205129e3549c6ed07b5dbb073c8684c06c6a7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:dc:24:c6:ac:1e:77:15:8f:db:63:d7:50:5f: e5:93:5f:6c:33:e4:2c:07:bb:bd:c5:e9:f0:ac:a5: 69:41:d7:17:8a:a5:3e:1c:5b:43:46:d5:c0:29:ac: 65:f1:d9:38:23:40:10:f3:ef:de:d5:6b:be:03:71: b5:38:0c:42:01:56:ed:43:c9:5d:85:53:ff:34:7b: e7:20:c3:dd:d9:c6:7c:b4:81:36:aa:3f:6a:c8:3e: d3:94:90:b8:2a:5c:d9:7c:21:ea:bc:33:ea:64:ce: 4a:54:c3:6d:4b:6f:9f:99:d7:0b:d7:0e:c1:c4:22: f5:e4:13:5d:66:c7:dc:22:01:97:d9:a3:ae:af:7e: 01:a3:59:94:5e:cb:1f:7b:9a:dd:db:99:d2:17:c4: c3:ce:11:ca:1b:a5:43:a9:64:df:96:a8:05:2e:2c: c4:39:c6:b8:bc:15:7a:fc:7f:5e:70:f6:34:c4:76: f6:d1:65:a1:45:87:d4:21:cb:93:f4:ee:fa:95:ab: a9:67:29:2c:f1:76:f0:c7:a1:81:c3:9b:05:ba:e0: d4:61:66:45:d8:e5:52:83:1b:7a:41:67:f1:a3:4c: 15:22:57:a4:92:93:26:56:43:8c:09:07:8a:36:17: ee:64:2a:f0:59:0c:a9:0d:3e:05:2b:4c:9f:06:c8: 02:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E5:D2:05:12:9E:35:49:C6:ED:07:B5:DB:B0:73:C8:68:4C:06:C6:A7 X509v3 Authority Key Identifier: keyid:B6:C6:9A:4A:21:5B:DE:1D:32:93:4D:DC:85:DE:AF:8F:D9:C9:44:79 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tsaaSiFb3h0yk03chd6vj9nJRHk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/577a7b-5dcc-43a7-a89c-e3bc6b499e7b/1/tsaaSiFb3h0yk03chd6vj9nJRHk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/57/577a7b-5dcc-43a7-a89c-e3bc6b499e7b/1/tsaaSiFb3h0yk03chd6vj9nJRHk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 56:19:e6:57:bb:4f:01:38:a5:11:5f:36:7f:92:7b:9f:d0:4e: 13:14:aa:36:ec:4d:f1:60:84:24:2f:54:f7:f3:ca:52:67:c4: 94:a7:31:28:c6:c5:fa:fc:7b:4b:17:39:d4:ff:4f:7e:c3:7a: 46:26:f7:8a:48:6b:6a:d9:d6:7c:98:4b:8f:3b:d7:5e:5e:25: 40:ad:2f:7a:ea:37:f5:52:b2:c8:c0:34:0f:89:f1:d7:51:b2: 32:91:4a:7f:73:d0:28:0f:ad:ed:42:52:d4:af:11:5a:01:d5: 13:85:ec:91:ae:c5:91:37:d7:cb:ce:5b:54:71:df:56:ee:50: 25:f2:a5:69:79:01:d1:67:19:e7:38:f7:58:ff:39:d6:f5:e6: 5e:a8:6b:51:2b:2c:7c:f9:3f:04:cb:90:29:79:1c:57:89:a8: 23:eb:92:82:51:5c:8e:3f:8e:d3:c4:9d:5a:ef:2d:e6:c1:c4: 90:3e:2a:af:c2:9b:c3:a9:3b:2d:1e:e1:ec:8d:49:65:81:eb: 49:26:15:03:5d:fa:54:e8:68:d4:25:bf:f9:29:76:26:fe:38: 93:58:00:81:54:bc:12:d7:50:18:ee:28:35:04:f6:aa:5d:87: d2:43:e0:9e:3e:0a:b4:25:37:df:7a:8c:ad:6d:71:c4:d2:ab: 52:58:95:7b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtdwHSTuBpZRKy4KR6l7I9cMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI2YzY5YTRhMjE1YmRlMWQzMjkzNGRkYzg1ZGVhZjhmZDlj OTQ0NzkwHhcNMjUxMjI3MDMwMDUyWhcNMjUxMjI4MDMwMDUyWjAzMTEwLwYDVQQD EyhlNWQyMDUxMjllMzU0OWM2ZWQwN2I1ZGJiMDczYzg2ODRjMDZjNmE3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmtwkxqwedxWP22PXUF/lk19sM+Qs B7u9xenwrKVpQdcXiqU+HFtDRtXAKaxl8dk4I0AQ8+/e1Wu+A3G1OAxCAVbtQ8ld hVP/NHvnIMPd2cZ8tIE2qj9qyD7TlJC4KlzZfCHqvDPqZM5KVMNtS2+fmdcL1w7B xCL15BNdZsfcIgGX2aOur34Bo1mUXssfe5rd25nSF8TDzhHKG6VDqWTflqgFLizE Oca4vBV6/H9ecPY0xHb20WWhRYfUIcuT9O76laupZyks8Xbwx6GBw5sFuuDUYWZF 2OVSgxt6QWfxo0wVIlekkpMmVkOMCQeKNhfuZCrwWQypDT4FK0yfBsgCBQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOXSBRKeNUnG7Qe127BzyGhMBsanMB8GA1UdIwQY MBaAFLbGmkohW94dMpNN3IXer4/ZyUR5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdHNhYVNpRmIzaDB5azAzY2hkNnZqOW5KUkhrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny81NzdhN2ItNWRjYy00M2E3LWE4OWMt ZTNiYzZiNDk5ZTdiLzEvdHNhYVNpRmIzaDB5azAzY2hkNnZqOW5KUkhrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Ny81NzdhN2ItNWRjYy00M2E3LWE4OWMtZTNiYzZiNDk5ZTdi LzEvdHNhYVNpRmIzaDB5azAzY2hkNnZqOW5KUkhrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVhnmV7tP ATilEV82f5J7n9BOExSqNuxN8WCEJC9U9/PKUmfElKcxKMbF+vx7Sxc51P9PfsN6 Rib3ikhratnWfJhLjzvXXl4lQK0veuo39VKyyMA0D4nx11GyMpFKf3PQKA+t7UJS 1K8RWgHVE4Xska7FkTfXy85bVHHfVu5QJfKlaXkB0WcZ5zj3WP851vXmXqhrUSss fPk/BMuQKXkcV4moI+uSglFcjj+O08SdWu8t5sHEkD4qr8Kbw6k7LR7h7I1JZYHr SSYVA136VOho1CW/+Sl2Jv44k1gAgVS8EtdQGO4oNQT2ql2H0kPgnj4KtCU333qM rW1xxNKrUliVew== -----END CERTIFICATE-----Generated at Sat Dec 27 05:37:09 2025 by rpki-client