This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.mft File: tNkMTfZ2phH1alrtWAmwV-msV5E.mft (raw, json) Hash identifier: CyAuI7pNaVnZkDWLyJkz94iTgfbgaSE0KnKs5BnTjiQ= Subject key identifier: B2:29:C3:37:AE:6A:FF:E7:96:F6:2C:A4:6B:EF:42:92:B0:A9:C3:CD Authority key identifier: B4:D9:0C:4D:F6:76:A6:11:F5:6A:5A:ED:58:09:B0:57:E9:AC:57:91 Certificate issuer: /CN=b4d90c4df676a611f56a5aed5809b057e9ac5791 Certificate serial: 019B2B541EB96B168DB1491E28CAFA2E235E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tNkMTfZ2phH1alrtWAmwV-msV5E.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.mft Manifest number: 0A06 Signing time: Wed 17 Dec 2025 08:01:31 +0000 Manifest this update: Wed 17 Dec 2025 08:01:31 +0000 Manifest next update: Thu 18 Dec 2025 08:01:31 +0000 Files and hashes: 1: tNkMTfZ2phH1alrtWAmwV-msV5E.crl (hash: WFmkfUU1Z7HoKRDS+RdmcSxqBd9oPskj7M7WPaEBY0Q=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.crl rsync://rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.mft rsync://rpki.ripe.net/repository/DEFAULT/tNkMTfZ2phH1alrtWAmwV-msV5E.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 18 Dec 2025 08:01:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2b:54:1e:b9:6b:16:8d:b1:49:1e:28:ca:fa:2e:23:5e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b4d90c4df676a611f56a5aed5809b057e9ac5791 Validity Not Before: Dec 17 08:01:31 2025 GMT Not After : Dec 18 08:01:31 2025 GMT Subject: CN=b229c337ae6affe796f62ca46bef4292b0a9c3cd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:e9:a5:80:7c:4c:3b:9b:36:10:b7:fb:24:c2: 06:13:44:65:2d:43:d2:b0:84:7a:94:d7:0b:ed:ca: 93:0e:1d:8c:3c:16:4e:1b:ed:40:c0:e9:10:83:12: 43:9d:43:3b:bd:48:18:36:d5:9b:9f:45:48:30:98: 0d:08:e2:f0:c4:ff:f5:81:c5:da:67:c1:5e:16:5d: 1d:e2:f9:b0:af:11:23:3b:ab:ad:ae:dd:27:22:40: 64:5b:84:b4:6f:7a:72:ca:7a:f5:5a:65:d1:c9:57: 3e:1b:2f:ee:fc:f1:35:94:03:06:25:5b:3b:19:46: 91:61:bb:46:4f:22:19:71:f7:c0:d3:87:ee:13:e8: 37:73:5a:82:c4:85:a4:25:fe:c9:66:0e:ab:7a:50: c8:08:aa:e4:c8:6f:72:85:22:31:7f:05:52:70:cc: fd:cf:88:51:b0:0e:8b:ea:47:93:30:0b:5e:be:64: 1b:ef:a5:bc:31:28:0a:d5:61:0f:f9:86:69:92:5e: df:99:35:98:4d:0c:77:4d:1d:09:03:da:0d:e3:fc: 6a:07:ba:7c:c6:d1:fa:eb:0f:39:b5:28:26:23:bb: a8:e2:eb:a7:d3:a4:57:45:a8:83:4f:3b:97:53:a5: 79:ad:fb:bc:06:11:c1:57:8a:9a:7d:ba:b1:3d:cf: 1a:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B2:29:C3:37:AE:6A:FF:E7:96:F6:2C:A4:6B:EF:42:92:B0:A9:C3:CD X509v3 Authority Key Identifier: keyid:B4:D9:0C:4D:F6:76:A6:11:F5:6A:5A:ED:58:09:B0:57:E9:AC:57:91 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tNkMTfZ2phH1alrtWAmwV-msV5E.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5e:d5:ed:b7:3e:41:4d:b0:7a:29:69:d2:ce:c6:8a:3f:2b:68: bd:13:41:10:e5:df:00:cd:52:fb:d9:12:0d:42:25:79:ca:11: 97:19:13:1d:7c:5c:02:74:7e:6b:cb:f9:f3:07:12:eb:b0:0a: e9:3b:84:01:04:85:b3:b0:b3:2f:e5:ec:fb:cb:67:1e:cd:12: 3a:32:51:ec:56:d0:ff:84:a3:17:7a:e3:1f:79:b7:16:d4:15: 84:86:e5:5e:c6:57:9f:0f:78:2d:22:7b:fb:df:98:3c:fe:a1: 6f:21:43:6e:c9:93:f9:22:bd:16:ab:b4:2b:e3:e3:1a:e3:71: 00:18:7c:92:3c:8e:90:de:3b:b7:c0:32:b2:80:02:4c:bb:ad: bc:e3:e2:a5:c3:56:ce:ca:6e:87:cc:2f:c0:91:95:a3:44:06: 0e:3d:b6:11:b4:f5:bc:ee:57:8e:ac:bb:57:47:51:d7:1b:96: 00:d4:db:a1:17:ed:51:aa:7a:69:b5:98:b1:58:6d:0a:6d:2c: e9:84:51:f7:66:03:a3:65:87:d5:e5:c5:cc:47:88:f0:db:e1: db:58:65:3f:0d:56:da:bd:1c:71:f6:ec:18:6d:6e:30:47:0a: 47:8b:79:6c:33:a8:3b:f3:24:58:9f:8b:89:ab:0c:8c:48:0d: 8e:bc:b9:52 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsrVB65axaNsUkeKMr6LiNeMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI0ZDkwYzRkZjY3NmE2MTFmNTZhNWFlZDU4MDliMDU3ZTlh YzU3OTEwHhcNMjUxMjE3MDgwMTMxWhcNMjUxMjE4MDgwMTMxWjAzMTEwLwYDVQQD EyhiMjI5YzMzN2FlNmFmZmU3OTZmNjJjYTQ2YmVmNDI5MmIwYTljM2NkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+mlgHxMO5s2ELf7JMIGE0RlLUPS sIR6lNcL7cqTDh2MPBZOG+1AwOkQgxJDnUM7vUgYNtWbn0VIMJgNCOLwxP/1gcXa Z8FeFl0d4vmwrxEjO6utrt0nIkBkW4S0b3pyynr1WmXRyVc+Gy/u/PE1lAMGJVs7 GUaRYbtGTyIZcffA04fuE+g3c1qCxIWkJf7JZg6relDICKrkyG9yhSIxfwVScMz9 z4hRsA6L6keTMAtevmQb76W8MSgK1WEP+YZpkl7fmTWYTQx3TR0JA9oN4/xqB7p8 xtH66w85tSgmI7uo4uun06RXRaiDTzuXU6V5rfu8BhHBV4qafbqxPc8a3wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLIpwzeuav/nlvYspGvvQpKwqcPNMB8GA1UdIwQY MBaAFLTZDE32dqYR9Wpa7VgJsFfprFeRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdE5rTVRmWjJwaEgxYWxydFdBbXdWLW1zVjVFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC8yYWFmNGEtZTAzZi00ZDYxLWI2NTIt NDM1ZTU3ZmNjZGM5LzEvdE5rTVRmWjJwaEgxYWxydFdBbXdWLW1zVjVFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82MC8yYWFmNGEtZTAzZi00ZDYxLWI2NTItNDM1ZTU3ZmNjZGM5 LzEvdE5rTVRmWjJwaEgxYWxydFdBbXdWLW1zVjVFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXtXttz5B TbB6KWnSzsaKPytovRNBEOXfAM1S+9kSDUIlecoRlxkTHXxcAnR+a8v58wcS67AK 6TuEAQSFs7CzL+Xs+8tnHs0SOjJR7FbQ/4SjF3rjH3m3FtQVhIblXsZXnw94LSJ7 +9+YPP6hbyFDbsmT+SK9Fqu0K+PjGuNxABh8kjyOkN47t8AysoACTLutvOPipcNW zspuh8wvwJGVo0QGDj22EbT1vO5Xjqy7V0dR1xuWANTboRftUap6abWYsVhtCm0s 6YRR92YDo2WH1eXFzEeI8Nvh21hlPw1W2r0ccfbsGG1uMEcKR4t5bDOoO/MkWJ+L iasMjEgNjry5Ug== -----END CERTIFICATE-----Generated at Wed Dec 17 12:56:18 2025 by rpki-client