This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9bacf8-146c-4b63-9d36-8200b86603b1/1/TOkDeb2NBDdLOt7wYNUa4hVxCTU.mft File: TOkDeb2NBDdLOt7wYNUa4hVxCTU.mft (raw, json) Hash identifier: fgn/jlkIi+uNgUi3Gm8Oa4C8nWcPubzf05zZ2NHN5go= Subject key identifier: 74:C1:B8:77:3B:EB:A1:DA:F2:6C:BE:19:89:6C:02:19:A3:03:13:FB Authority key identifier: 4C:E9:03:79:BD:8D:04:37:4B:3A:DE:F0:60:D5:1A:E2:15:71:09:35 Certificate issuer: /CN=4ce90379bd8d04374b3adef060d51ae215710935 Certificate serial: 019B3E6D95E432A5A8EEBD4CCBA5679D36D6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TOkDeb2NBDdLOt7wYNUa4hVxCTU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/9bacf8-146c-4b63-9d36-8200b86603b1/1/TOkDeb2NBDdLOt7wYNUa4hVxCTU.mft Manifest number: 0171 Signing time: Sun 21 Dec 2025 01:02:07 +0000 Manifest this update: Sun 21 Dec 2025 01:02:07 +0000 Manifest next update: Mon 22 Dec 2025 01:02:07 +0000 Files and hashes: 1: 1-78e97Jrk9Uh_jE37kqFne1h0ac.roa (hash: z20HWJG9MeJX/qHD5qtfUrm0n+lWcEMp1qD7mshzZJo=) 2: 1zKIP7xP-3mviAaLxu-Q9kO8TDw.roa (hash: i+hbxTxfZVrUKiiV4ml6H+EfTXIaAVLa/rzpycnZQE0=) 3: TOkDeb2NBDdLOt7wYNUa4hVxCTU.crl (hash: oBpb+TTCKLhbOoQ/x1B0Yt90b31+ID5Go2h4QY6qy/s=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/9bacf8-146c-4b63-9d36-8200b86603b1/1/TOkDeb2NBDdLOt7wYNUa4hVxCTU.crl rsync://rpki.ripe.net/repository/DEFAULT/86/9bacf8-146c-4b63-9d36-8200b86603b1/1/TOkDeb2NBDdLOt7wYNUa4hVxCTU.mft rsync://rpki.ripe.net/repository/DEFAULT/TOkDeb2NBDdLOt7wYNUa4hVxCTU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3e:6d:95:e4:32:a5:a8:ee:bd:4c:cb:a5:67:9d:36:d6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4ce90379bd8d04374b3adef060d51ae215710935 Validity Not Before: Dec 21 01:02:07 2025 GMT Not After : Dec 22 01:02:07 2025 GMT Subject: CN=74c1b8773beba1daf26cbe19896c0219a30313fb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:4c:83:c6:ed:0d:4e:76:69:9b:64:a5:61:f3: 99:6c:7e:9a:88:87:aa:fa:07:c0:23:74:cf:18:15: c9:86:5e:31:5b:6a:7b:fd:0f:10:3a:28:07:ec:e5: 5f:56:fe:19:b8:4f:bd:c4:6b:0e:0e:95:61:d6:f6: 10:cb:3c:73:21:8a:8d:89:47:28:27:e5:87:0c:94: 86:0d:4a:30:8d:52:fe:64:70:5d:02:49:11:b1:4c: d3:ec:fb:0c:0e:e8:ca:7a:1a:e0:cb:aa:f4:27:12: 61:7f:a4:d7:98:e4:02:13:a6:8b:30:97:25:0a:82: 8e:8a:02:f7:e9:46:30:75:72:e0:83:7f:45:b3:39: fd:01:86:e3:00:73:eb:09:1c:0d:ed:f7:ea:6f:3e: 41:9b:49:ff:fb:80:f3:2e:22:a1:ba:42:0e:57:30: 79:47:d7:a4:f1:62:cc:8a:df:ae:2c:79:99:74:0d: 00:8e:3b:22:9a:be:fb:b3:b2:a1:89:3d:af:2b:de: 0b:b9:84:e4:bf:50:d6:1c:3d:bc:56:ad:0f:fe:c5: 4a:ac:4b:0e:a7:aa:33:a2:d1:95:ac:e5:e9:af:7f: 49:a2:b7:39:67:fa:18:9f:a9:dc:a0:70:84:12:86: d5:43:71:c8:fb:f5:d7:98:d0:1c:ad:d4:cb:d7:55: 8d:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 74:C1:B8:77:3B:EB:A1:DA:F2:6C:BE:19:89:6C:02:19:A3:03:13:FB X509v3 Authority Key Identifier: keyid:4C:E9:03:79:BD:8D:04:37:4B:3A:DE:F0:60:D5:1A:E2:15:71:09:35 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TOkDeb2NBDdLOt7wYNUa4hVxCTU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9bacf8-146c-4b63-9d36-8200b86603b1/1/TOkDeb2NBDdLOt7wYNUa4hVxCTU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9bacf8-146c-4b63-9d36-8200b86603b1/1/TOkDeb2NBDdLOt7wYNUa4hVxCTU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 07:7b:ac:62:d9:a0:74:9e:68:53:4a:78:29:6e:4b:5b:a9:cf: 55:41:fc:95:be:fd:33:34:50:37:04:32:c4:0c:b8:35:bc:14: ea:48:b9:7b:30:b1:be:77:25:07:2a:c3:a5:6a:02:7f:af:3c: cf:70:27:7c:e3:d6:ae:85:ea:dd:09:48:c3:60:b9:41:48:97: 87:14:81:2a:4a:db:25:2a:64:88:7a:6e:a4:12:f2:67:c7:33: bc:cc:e0:f6:cf:c9:1d:ba:81:eb:1b:6f:31:8e:aa:45:62:f2: 5c:92:7a:57:2f:5e:02:b7:b0:17:69:16:78:96:0d:13:2e:25: a7:59:3b:23:3b:c5:53:3f:99:5e:1d:5a:ac:f1:3c:7c:ee:ec: 96:7a:a6:c3:1b:ff:ed:23:0d:cf:0b:ef:bf:7c:f5:5d:a3:b4: c2:cc:75:fc:fc:25:54:bf:06:a0:2d:58:89:18:3b:88:dc:37: 3c:2f:b6:b2:12:b1:b7:55:93:f2:ee:44:d9:a1:83:67:50:7c: b4:5b:2d:ae:19:ec:f5:79:c7:5e:da:51:d6:a5:33:de:4d:f1: f7:30:94:3c:70:a7:65:07:27:01:03:77:d6:21:54:03:5d:2a: 0c:3f:4f:8d:3a:7a:d1:9c:52:df:67:60:00:72:a9:75:02:7e: 9d:23:75:12 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs+bZXkMqWo7r1My6VnnTbWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRjZTkwMzc5YmQ4ZDA0Mzc0YjNhZGVmMDYwZDUxYWUyMTU3 MTA5MzUwHhcNMjUxMjIxMDEwMjA3WhcNMjUxMjIyMDEwMjA3WjAzMTEwLwYDVQQD Eyg3NGMxYjg3NzNiZWJhMWRhZjI2Y2JlMTk4OTZjMDIxOWEzMDMxM2ZiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlkyDxu0NTnZpm2SlYfOZbH6aiIeq +gfAI3TPGBXJhl4xW2p7/Q8QOigH7OVfVv4ZuE+9xGsODpVh1vYQyzxzIYqNiUco J+WHDJSGDUowjVL+ZHBdAkkRsUzT7PsMDujKehrgy6r0JxJhf6TXmOQCE6aLMJcl CoKOigL36UYwdXLgg39Fszn9AYbjAHPrCRwN7ffqbz5Bm0n/+4DzLiKhukIOVzB5 R9ek8WLMit+uLHmZdA0Ajjsimr77s7KhiT2vK94LuYTkv1DWHD28Vq0P/sVKrEsO p6ozotGVrOXpr39Jorc5Z/oYn6ncoHCEEobVQ3HI+/XXmNAcrdTL11WN0wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHTBuHc766Ha8my+GYlsAhmjAxP7MB8GA1UdIwQY MBaAFEzpA3m9jQQ3Szre8GDVGuIVcQk1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVE9rRGViMk5CRGRMT3Q3d1lOVWE0aFZ4Q1RVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85YmFjZjgtMTQ2Yy00YjYzLTlkMzYt ODIwMGI4NjYwM2IxLzEvVE9rRGViMk5CRGRMT3Q3d1lOVWE0aFZ4Q1RVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Ni85YmFjZjgtMTQ2Yy00YjYzLTlkMzYtODIwMGI4NjYwM2Ix LzEvVE9rRGViMk5CRGRMT3Q3d1lOVWE0aFZ4Q1RVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAB3usYtmg dJ5oU0p4KW5LW6nPVUH8lb79MzRQNwQyxAy4NbwU6ki5ezCxvnclByrDpWoCf688 z3AnfOPWroXq3QlIw2C5QUiXhxSBKkrbJSpkiHpupBLyZ8czvMzg9s/JHbqB6xtv MY6qRWLyXJJ6Vy9eArewF2kWeJYNEy4lp1k7IzvFUz+ZXh1arPE8fO7slnqmwxv/ 7SMNzwvvv3z1XaO0wsx1/PwlVL8GoC1YiRg7iNw3PC+2shKxt1WT8u5E2aGDZ1B8 tFstrhns9XnHXtpR1qUz3k3x9zCUPHCnZQcnAQN31iFUA10qDD9PjTp60ZxS32dg AHKpdQJ+nSN1Eg== -----END CERTIFICATE-----Generated at Sun Dec 21 09:32:28 2025 by rpki-client