This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/65bcff-ba01-498c-b54d-84026bc852f0/1/tU3fbwMzHNdzx-ersVQpuo0gvXg.mft File: tU3fbwMzHNdzx-ersVQpuo0gvXg.mft (raw, json) Hash identifier: r32wyULJjSRDdAxPXS0nz7jSi4n2JIKLoO9/i7B2C3s= Subject key identifier: 0B:03:68:9E:02:2E:51:D8:36:E9:6A:8F:61:A4:97:6E:1D:1F:5A:E9 Authority key identifier: B5:4D:DF:6F:03:33:1C:D7:73:C7:E7:AB:B1:54:29:BA:8D:20:BD:78 Certificate issuer: /CN=b54ddf6f03331cd773c7e7abb15429ba8d20bd78 Certificate serial: 019B53AAB08A4C4AD59C3D5B9F0B029FEAAE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tU3fbwMzHNdzx-ersVQpuo0gvXg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/65bcff-ba01-498c-b54d-84026bc852f0/1/tU3fbwMzHNdzx-ersVQpuo0gvXg.mft Manifest number: 08D7 Signing time: Thu 25 Dec 2025 04:00:53 +0000 Manifest this update: Thu 25 Dec 2025 04:00:53 +0000 Manifest next update: Fri 26 Dec 2025 04:00:53 +0000 Files and hashes: 1: 1SqAG3Japdqs2uBvGFHguJLvhqE.roa (hash: tRLIPOPh9GLi7wL54w2K0S63l5p5YYde2YPqeJx3wD8=) 2: tU3fbwMzHNdzx-ersVQpuo0gvXg.crl (hash: WoS8Wz/Z1q8D8s6jywcaaOrdb1uFN9K+zoHnZlUqXzo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/65bcff-ba01-498c-b54d-84026bc852f0/1/tU3fbwMzHNdzx-ersVQpuo0gvXg.crl rsync://rpki.ripe.net/repository/DEFAULT/b4/65bcff-ba01-498c-b54d-84026bc852f0/1/tU3fbwMzHNdzx-ersVQpuo0gvXg.mft rsync://rpki.ripe.net/repository/DEFAULT/tU3fbwMzHNdzx-ersVQpuo0gvXg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 26 Dec 2025 01:21:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:53:aa:b0:8a:4c:4a:d5:9c:3d:5b:9f:0b:02:9f:ea:ae Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b54ddf6f03331cd773c7e7abb15429ba8d20bd78 Validity Not Before: Dec 25 04:00:53 2025 GMT Not After : Dec 26 04:00:53 2025 GMT Subject: CN=0b03689e022e51d836e96a8f61a4976e1d1f5ae9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8a:8a:57:4f:14:72:f7:ce:74:bd:5f:13:e5:ce: 2c:50:0a:bd:ac:47:dc:14:6f:f0:4f:18:20:f2:e3: 87:c1:88:a4:ab:cf:c5:fd:ae:09:06:e5:95:15:64: fa:82:af:a7:de:2f:f4:77:7b:16:62:bd:dc:10:8f: ac:77:7a:55:6d:5f:71:62:30:01:12:02:8e:10:ef: e5:76:5f:d9:fc:13:72:48:35:00:9c:ff:ff:86:1c: 69:09:cc:77:f1:ae:85:58:39:f0:b7:c5:10:3a:ad: 3d:8d:a1:75:d7:dc:77:57:9c:6e:d2:32:f2:9b:95: c1:63:03:3e:14:15:d4:c1:ea:91:9b:ae:dd:cf:c1: 6e:e3:46:ef:51:2e:33:66:a3:b5:7e:0c:d6:e5:69: f6:d6:29:0a:5a:cd:56:13:aa:29:2e:68:07:25:ad: 7a:0b:4d:d8:c6:d2:cb:be:69:1b:7b:86:f2:39:c0: 77:52:b6:4a:25:ed:17:c5:01:f5:f1:de:01:96:21: 17:23:42:0e:c0:8d:7d:a6:50:b5:4d:f1:97:08:78: aa:9c:95:94:47:a9:b0:89:93:b9:ea:df:0f:7d:e1: 33:bf:2c:7e:c1:e0:b4:a8:66:a7:c4:4e:c7:17:62: 7d:82:5b:55:b7:cf:1b:e5:1a:2c:7e:b1:f7:36:00: 70:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0B:03:68:9E:02:2E:51:D8:36:E9:6A:8F:61:A4:97:6E:1D:1F:5A:E9 X509v3 Authority Key Identifier: keyid:B5:4D:DF:6F:03:33:1C:D7:73:C7:E7:AB:B1:54:29:BA:8D:20:BD:78 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tU3fbwMzHNdzx-ersVQpuo0gvXg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/65bcff-ba01-498c-b54d-84026bc852f0/1/tU3fbwMzHNdzx-ersVQpuo0gvXg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/65bcff-ba01-498c-b54d-84026bc852f0/1/tU3fbwMzHNdzx-ersVQpuo0gvXg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 87:1c:8e:2a:d5:65:f0:6c:31:ac:59:61:4f:bd:40:42:27:e5: 6f:de:f2:ca:6e:24:49:77:9b:86:f0:8f:85:3a:c1:a0:36:ce: e0:27:cb:66:97:2b:79:57:37:dd:bd:04:fa:e0:73:f1:61:d0: 00:45:b4:f3:e5:19:f1:02:4b:b0:5d:eb:a7:5a:1b:5f:b0:d5: c7:19:66:7f:e8:51:04:d5:9c:9f:3b:81:c3:a5:89:d7:bf:36: c2:17:fa:fe:d8:46:e2:f6:9d:5e:15:a7:f1:65:1a:92:fd:ea: a4:91:c7:3f:e0:41:43:00:ff:c3:5a:12:87:61:fb:fd:1d:7b: d8:23:02:f1:e4:57:a1:a3:79:c3:c8:48:0c:c3:d8:89:f5:ff: cf:b6:0f:3e:55:9d:00:0e:44:94:aa:01:a5:b5:5c:f2:3e:d8: 90:c4:06:0e:e8:81:bc:a7:d5:32:d2:81:af:67:01:d0:f8:00: 99:ac:3b:c1:65:04:6a:78:40:a6:8c:a2:1f:b1:6b:cb:69:1c: 41:f3:1c:c6:3d:f0:51:96:b8:59:e9:32:b4:bb:d7:fa:b0:ed: 9e:00:c7:77:47:cd:5d:52:30:71:b7:ea:dc:6a:98:69:8a:ef: cf:74:3d:95:77:d3:26:25:62:4c:c9:40:25:9f:82:10:cb:3c: 9c:3e:a2:9e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtTqrCKTErVnD1bnwsCn+quMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI1NGRkZjZmMDMzMzFjZDc3M2M3ZTdhYmIxNTQyOWJhOGQy MGJkNzgwHhcNMjUxMjI1MDQwMDUzWhcNMjUxMjI2MDQwMDUzWjAzMTEwLwYDVQQD EygwYjAzNjg5ZTAyMmU1MWQ4MzZlOTZhOGY2MWE0OTc2ZTFkMWY1YWU5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiopXTxRy9850vV8T5c4sUAq9rEfc FG/wTxgg8uOHwYikq8/F/a4JBuWVFWT6gq+n3i/0d3sWYr3cEI+sd3pVbV9xYjAB EgKOEO/ldl/Z/BNySDUAnP//hhxpCcx38a6FWDnwt8UQOq09jaF119x3V5xu0jLy m5XBYwM+FBXUweqRm67dz8Fu40bvUS4zZqO1fgzW5Wn21ikKWs1WE6opLmgHJa16 C03YxtLLvmkbe4byOcB3UrZKJe0XxQH18d4BliEXI0IOwI19plC1TfGXCHiqnJWU R6mwiZO56t8PfeEzvyx+weC0qGanxE7HF2J9gltVt88b5RosfrH3NgBwywIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAsDaJ4CLlHYNulqj2Gkl24dH1rpMB8GA1UdIwQY MBaAFLVN328DMxzXc8fnq7FUKbqNIL14MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdFUzZmJ3TXpITmR6eC1lcnNWUXB1bzBndlhnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC82NWJjZmYtYmEwMS00OThjLWI1NGQt ODQwMjZiYzg1MmYwLzEvdFUzZmJ3TXpITmR6eC1lcnNWUXB1bzBndlhnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNC82NWJjZmYtYmEwMS00OThjLWI1NGQtODQwMjZiYzg1MmYw LzEvdFUzZmJ3TXpITmR6eC1lcnNWUXB1bzBndlhnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhxyOKtVl 8GwxrFlhT71AQiflb97yym4kSXebhvCPhTrBoDbO4CfLZpcreVc33b0E+uBz8WHQ AEW08+UZ8QJLsF3rp1obX7DVxxlmf+hRBNWcnzuBw6WJ1782whf6/thG4vadXhWn 8WUakv3qpJHHP+BBQwD/w1oSh2H7/R172CMC8eRXoaN5w8hIDMPYifX/z7YPPlWd AA5ElKoBpbVc8j7YkMQGDuiBvKfVMtKBr2cB0PgAmaw7wWUEanhApoyiH7Fry2kc QfMcxj3wUZa4WekytLvX+rDtngDHd0fNXVIwcbfq3GqYaYrvz3Q9lXfTJiViTMlA JZ+CEMs8nD6ing== -----END CERTIFICATE-----Generated at Thu Dec 25 06:30:58 2025 by rpki-client