This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/82098b-0c53-4df2-8a32-fbc1e3f7e92b/1/tSU8JVLUQD9DuDwl52IjjfEtroE.mft File: tSU8JVLUQD9DuDwl52IjjfEtroE.mft (raw, json) Hash identifier: DL9CY6Zt24mcuLbdL8VQ9JiNFciSdQW4ex5kg3thqWk= Subject key identifier: C7:03:84:63:C6:46:CB:6D:C0:E8:17:59:0A:AE:01:DE:F0:D4:AB:26 Authority key identifier: B5:25:3C:25:52:D4:40:3F:43:B8:3C:25:E7:62:23:8D:F1:2D:AE:81 Certificate issuer: /CN=b5253c2552d4403f43b83c25e762238df12dae81 Certificate serial: 019B6D6A2E1F270200D0BCD4DDF0E9B235C0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tSU8JVLUQD9DuDwl52IjjfEtroE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/82098b-0c53-4df2-8a32-fbc1e3f7e92b/1/tSU8JVLUQD9DuDwl52IjjfEtroE.mft Manifest number: 0885 Signing time: Tue 30 Dec 2025 04:00:33 +0000 Manifest this update: Tue 30 Dec 2025 04:00:33 +0000 Manifest next update: Wed 31 Dec 2025 04:00:33 +0000 Files and hashes: 1: 6BgZvuvQdTTnHkpFXfURizE8XGQ.roa (hash: 78Xx7tAnFjhWDtWYiSHC9JJs2O6w1we6/J46orAWVbc=) 2: tSU8JVLUQD9DuDwl52IjjfEtroE.crl (hash: HSWIYRWFzhbJH9UXzUHrw2Kuqrw0BS8V6+bKuKhzzNc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/82098b-0c53-4df2-8a32-fbc1e3f7e92b/1/tSU8JVLUQD9DuDwl52IjjfEtroE.crl rsync://rpki.ripe.net/repository/DEFAULT/aa/82098b-0c53-4df2-8a32-fbc1e3f7e92b/1/tSU8JVLUQD9DuDwl52IjjfEtroE.mft rsync://rpki.ripe.net/repository/DEFAULT/tSU8JVLUQD9DuDwl52IjjfEtroE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 31 Dec 2025 00:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:6d:6a:2e:1f:27:02:00:d0:bc:d4:dd:f0:e9:b2:35:c0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b5253c2552d4403f43b83c25e762238df12dae81 Validity Not Before: Dec 30 04:00:33 2025 GMT Not After : Dec 31 04:00:33 2025 GMT Subject: CN=c7038463c646cb6dc0e817590aae01def0d4ab26 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:ed:a3:fc:65:5b:ee:73:ca:c0:e3:3b:ce:7c: a0:86:12:ee:95:69:1b:22:d8:91:25:c6:ec:3a:0e: ff:99:d7:e2:3e:a2:94:8b:c3:63:54:39:6b:2f:e4: 95:9a:83:32:0d:f2:e5:1e:77:4b:f8:a0:ec:23:67: 18:8f:5d:f1:7d:ea:91:3b:ac:5a:be:69:0e:29:59: c3:48:dd:25:01:9c:73:77:f7:11:b0:de:83:50:c2: 5b:e1:71:87:67:99:28:3b:7e:ca:77:1b:cd:b7:64: 73:9b:52:cb:78:ed:bd:d3:6f:7c:8c:22:34:1b:8f: 1e:f8:99:18:74:ad:e6:6d:b3:14:23:48:f0:be:4e: d8:24:b4:c1:22:42:da:f4:02:c3:95:ef:2a:22:ac: 70:f7:46:06:17:c9:98:54:5c:89:d4:26:15:32:a4: 4e:35:a3:7b:a6:4d:e5:e8:78:54:bf:fa:79:6f:05: 2a:bd:c7:05:22:0d:6d:27:90:d2:65:2b:6b:24:18: fb:02:0e:e9:af:49:19:d2:9b:58:38:08:a1:d0:31: b2:75:ce:5f:1e:19:50:19:0f:c2:27:67:be:b5:96: da:7c:b0:10:42:ad:e7:91:19:d4:72:58:b3:f3:2d: 99:d8:ca:7a:ba:3f:ec:77:e0:a5:8e:95:48:91:1f: a1:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C7:03:84:63:C6:46:CB:6D:C0:E8:17:59:0A:AE:01:DE:F0:D4:AB:26 X509v3 Authority Key Identifier: keyid:B5:25:3C:25:52:D4:40:3F:43:B8:3C:25:E7:62:23:8D:F1:2D:AE:81 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tSU8JVLUQD9DuDwl52IjjfEtroE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/82098b-0c53-4df2-8a32-fbc1e3f7e92b/1/tSU8JVLUQD9DuDwl52IjjfEtroE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/82098b-0c53-4df2-8a32-fbc1e3f7e92b/1/tSU8JVLUQD9DuDwl52IjjfEtroE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 35:69:ba:74:fa:88:5b:04:cd:49:14:f0:73:38:22:fe:d9:9b: 6a:e1:ec:62:2c:7f:9d:40:0f:18:32:e8:93:fa:97:ee:26:98: f2:ce:4a:96:8e:33:28:62:ca:4e:3d:10:fe:3a:97:6d:f3:d6: dc:19:35:2c:b6:1e:fb:c9:f3:e0:4d:a3:e4:61:e4:06:8c:2f: 35:90:03:49:43:d7:be:bd:b9:7e:10:bc:ad:fa:b8:11:95:8d: 79:39:f4:33:0f:aa:96:08:01:cf:b4:22:c4:27:50:7d:b6:e2: 3c:9d:8f:88:26:7b:47:f0:7d:36:b1:29:4d:ff:4b:b3:95:0a: 35:4f:1e:fb:49:1e:ce:62:67:35:e7:aa:e3:87:99:7c:dc:51: ba:1d:ca:8b:fe:ea:07:03:f7:cc:86:a3:6f:2b:2e:74:ce:a6: a1:fc:25:d2:b7:80:f6:e4:f9:13:8f:db:68:53:15:48:99:b1: 06:38:2f:9e:8e:22:fc:ba:c2:52:66:59:6f:d4:98:ae:50:e0: a1:d2:9e:e3:a5:94:68:e9:15:73:83:dc:a7:16:07:60:c5:b7: b5:6e:72:a0:7b:22:34:25:a6:a0:dc:20:4c:c7:b5:22:31:92: 9f:75:35:d8:d7:26:00:92:ba:01:fc:b9:db:a3:4b:ae:d2:f9: a3:a7:59:ac -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZttai4fJwIA0LzU3fDpsjXAMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI1MjUzYzI1NTJkNDQwM2Y0M2I4M2MyNWU3NjIyMzhkZjEy ZGFlODEwHhcNMjUxMjMwMDQwMDMzWhcNMjUxMjMxMDQwMDMzWjAzMTEwLwYDVQQD EyhjNzAzODQ2M2M2NDZjYjZkYzBlODE3NTkwYWFlMDFkZWYwZDRhYjI2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtO2j/GVb7nPKwOM7znyghhLulWkb ItiRJcbsOg7/mdfiPqKUi8NjVDlrL+SVmoMyDfLlHndL+KDsI2cYj13xfeqRO6xa vmkOKVnDSN0lAZxzd/cRsN6DUMJb4XGHZ5koO37KdxvNt2Rzm1LLeO290298jCI0 G48e+JkYdK3mbbMUI0jwvk7YJLTBIkLa9ALDle8qIqxw90YGF8mYVFyJ1CYVMqRO NaN7pk3l6HhUv/p5bwUqvccFIg1tJ5DSZStrJBj7Ag7pr0kZ0ptYOAih0DGydc5f HhlQGQ/CJ2e+tZbafLAQQq3nkRnUcliz8y2Z2Mp6uj/sd+CljpVIkR+h7wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMcDhGPGRsttwOgXWQquAd7w1KsmMB8GA1UdIwQY MBaAFLUlPCVS1EA/Q7g8JediI43xLa6BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdFNVOEpWTFVRRDlEdUR3bDUySWpqZkV0cm9FLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS84MjA5OGItMGM1My00ZGYyLThhMzIt ZmJjMWUzZjdlOTJiLzEvdFNVOEpWTFVRRDlEdUR3bDUySWpqZkV0cm9FLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hYS84MjA5OGItMGM1My00ZGYyLThhMzItZmJjMWUzZjdlOTJi LzEvdFNVOEpWTFVRRDlEdUR3bDUySWpqZkV0cm9FLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANWm6dPqI WwTNSRTwczgi/tmbauHsYix/nUAPGDLok/qX7iaY8s5Klo4zKGLKTj0Q/jqXbfPW 3Bk1LLYe+8nz4E2j5GHkBowvNZADSUPXvr25fhC8rfq4EZWNeTn0Mw+qlggBz7Qi xCdQfbbiPJ2PiCZ7R/B9NrEpTf9Ls5UKNU8e+0kezmJnNeeq44eZfNxRuh3Ki/7q BwP3zIajbysudM6mofwl0reA9uT5E4/baFMVSJmxBjgvno4i/LrCUmZZb9SYrlDg odKe46WUaOkVc4PcpxYHYMW3tW5yoHsiNCWmoNwgTMe1IjGSn3U12NcmAJK6Afy5 26NLrtL5o6dZrA== -----END CERTIFICATE-----Generated at Tue Dec 30 10:33:14 2025 by rpki-client