This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/1e1ac6-fcd6-4ae8-ad77-51e4bba6bf5b/1/Ty87yZp5UD4JdXR36O9kPhGIbIs.mft File: Ty87yZp5UD4JdXR36O9kPhGIbIs.mft (raw, json) Hash identifier: tXeHaUtJxzawiDh9A7Ps9SzOcrRK3TkXxtdfbzRUKzg= Subject key identifier: 2A:14:86:8E:69:52:F7:F5:4C:14:2A:E6:8B:55:6C:0E:9F:12:CC:8A Authority key identifier: 4F:2F:3B:C9:9A:79:50:3E:09:75:74:77:E8:EF:64:3E:11:88:6C:8B Certificate issuer: /CN=4f2f3bc99a79503e09757477e8ef643e11886c8b Certificate serial: 019B44387917EAA6073A63D2E4DDA569E3A3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ty87yZp5UD4JdXR36O9kPhGIbIs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/1e1ac6-fcd6-4ae8-ad77-51e4bba6bf5b/1/Ty87yZp5UD4JdXR36O9kPhGIbIs.mft Manifest number: 163D Signing time: Mon 22 Dec 2025 04:01:50 +0000 Manifest this update: Mon 22 Dec 2025 04:01:50 +0000 Manifest next update: Tue 23 Dec 2025 04:01:50 +0000 Files and hashes: 1: DmY4OlpSGtRwQGNkVI6pwwKmQOM.roa (hash: QsmPHxvFnUbBb8Hdz5mPLnRJfO8cxjGYjuC9mmKC/hY=) 2: Ty87yZp5UD4JdXR36O9kPhGIbIs.crl (hash: qDJg6odRWWROAWMDX/Qpeq1EYV9zcKXUdcBtfAL5O+g=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/1e1ac6-fcd6-4ae8-ad77-51e4bba6bf5b/1/Ty87yZp5UD4JdXR36O9kPhGIbIs.crl rsync://rpki.ripe.net/repository/DEFAULT/bc/1e1ac6-fcd6-4ae8-ad77-51e4bba6bf5b/1/Ty87yZp5UD4JdXR36O9kPhGIbIs.mft rsync://rpki.ripe.net/repository/DEFAULT/Ty87yZp5UD4JdXR36O9kPhGIbIs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 04:01:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:44:38:79:17:ea:a6:07:3a:63:d2:e4:dd:a5:69:e3:a3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4f2f3bc99a79503e09757477e8ef643e11886c8b Validity Not Before: Dec 22 04:01:50 2025 GMT Not After : Dec 23 04:01:50 2025 GMT Subject: CN=2a14868e6952f7f54c142ae68b556c0e9f12cc8a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:d0:dc:c7:37:63:18:27:e4:70:93:35:bb:48: 9a:9d:e9:ee:a1:1d:1f:1d:9c:61:c4:fd:00:0d:7c: d2:4a:52:31:99:20:9c:a0:5a:9c:57:72:bd:83:60: 05:d6:56:f1:e0:81:31:01:15:4c:46:8a:6b:ce:34: 5e:36:11:4e:00:e3:1c:b0:a5:d8:93:07:fb:31:e5: 69:e9:07:8f:22:7a:7c:3a:a6:20:3b:4e:09:cf:23: c9:46:2e:fb:4c:7f:c6:6d:4c:ea:1a:b8:81:c2:24: 65:71:fb:f1:02:09:c0:5a:59:9b:3d:4d:a0:d7:96: fc:cc:94:5b:23:d0:12:cc:75:92:a3:42:ad:e3:cd: 4c:3a:f2:00:d9:3e:be:dc:21:0d:ed:39:b2:51:8b: c4:cc:87:96:b6:48:b7:02:2f:4e:8b:59:dd:cc:fb: 7e:6e:8f:96:98:31:13:b9:18:71:4f:d8:55:80:47: 1e:5a:05:74:e6:97:ac:c3:29:d1:94:d1:a9:9c:de: 9c:7f:0e:c1:a5:ae:c3:15:55:9a:c5:a5:63:65:91: b9:c5:a5:a2:8b:d4:2b:05:a5:61:f3:55:93:80:89: 10:60:89:e1:b4:4c:d6:91:c5:b9:ab:78:0c:c3:37: 72:b3:39:b9:a9:bb:48:94:c1:9b:10:28:a4:83:ff: 17:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:14:86:8E:69:52:F7:F5:4C:14:2A:E6:8B:55:6C:0E:9F:12:CC:8A X509v3 Authority Key Identifier: keyid:4F:2F:3B:C9:9A:79:50:3E:09:75:74:77:E8:EF:64:3E:11:88:6C:8B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ty87yZp5UD4JdXR36O9kPhGIbIs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/1e1ac6-fcd6-4ae8-ad77-51e4bba6bf5b/1/Ty87yZp5UD4JdXR36O9kPhGIbIs.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/1e1ac6-fcd6-4ae8-ad77-51e4bba6bf5b/1/Ty87yZp5UD4JdXR36O9kPhGIbIs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption ca:24:9d:fd:46:62:d4:78:88:cd:2a:01:2c:68:0a:dc:c8:22: be:e8:e3:61:45:83:25:1c:b3:3b:d4:4e:4d:6d:2b:4c:d4:1a: ef:ee:d0:07:16:fb:d0:b1:15:1a:f5:04:50:35:35:98:cd:03: 19:90:76:c6:16:3a:b6:65:a7:67:f7:33:70:10:92:99:19:2c: fa:04:c1:4e:6a:1c:9d:94:db:01:eb:10:b1:48:2a:c6:e8:79: 27:32:16:26:a3:ad:7a:bf:5b:24:df:27:5f:39:5a:f5:0b:34: e8:8e:56:a0:95:db:d3:0b:d2:8c:a7:25:00:7c:31:24:f7:00: 7c:73:56:3f:61:e6:d5:b2:9f:b4:72:51:26:02:8d:a7:64:12: 58:8f:e7:3e:ea:da:9c:4f:a6:83:61:15:d4:ef:49:eb:d1:71: a7:44:d1:66:a9:07:76:2f:53:84:e9:02:5f:5e:a3:23:60:05: 3f:0e:2b:c7:e5:27:89:11:2d:96:33:58:92:d8:61:66:dd:e8: db:60:10:71:90:cf:35:c4:29:30:07:3d:66:c8:f7:ee:5a:9d: 2b:10:93:f4:3f:ea:ae:6a:e1:97:e7:1e:f8:61:a5:d8:ca:8a: ba:7b:32:ca:ec:70:69:43:3e:33:38:37:4a:18:88:b4:19:86: 5a:4d:f4:ec -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtEOHkX6qYHOmPS5N2laeOjMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRmMmYzYmM5OWE3OTUwM2UwOTc1NzQ3N2U4ZWY2NDNlMTE4 ODZjOGIwHhcNMjUxMjIyMDQwMTUwWhcNMjUxMjIzMDQwMTUwWjAzMTEwLwYDVQQD EygyYTE0ODY4ZTY5NTJmN2Y1NGMxNDJhZTY4YjU1NmMwZTlmMTJjYzhhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwNDcxzdjGCfkcJM1u0ianenuoR0f HZxhxP0ADXzSSlIxmSCcoFqcV3K9g2AF1lbx4IExARVMRoprzjReNhFOAOMcsKXY kwf7MeVp6QePInp8OqYgO04JzyPJRi77TH/GbUzqGriBwiRlcfvxAgnAWlmbPU2g 15b8zJRbI9ASzHWSo0Kt481MOvIA2T6+3CEN7TmyUYvEzIeWtki3Ai9Oi1ndzPt+ bo+WmDETuRhxT9hVgEceWgV05peswynRlNGpnN6cfw7Bpa7DFVWaxaVjZZG5xaWi i9QrBaVh81WTgIkQYInhtEzWkcW5q3gMwzdyszm5qbtIlMGbECikg/8X1wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCoUho5pUvf1TBQq5otVbA6fEsyKMB8GA1UdIwQY MBaAFE8vO8maeVA+CXV0d+jvZD4RiGyLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVHk4N3lacDVVRDRKZFhSMzZPOWtQaEdJYklzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy8xZTFhYzYtZmNkNi00YWU4LWFkNzct NTFlNGJiYTZiZjViLzEvVHk4N3lacDVVRDRKZFhSMzZPOWtQaEdJYklzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYy8xZTFhYzYtZmNkNi00YWU4LWFkNzctNTFlNGJiYTZiZjVi LzEvVHk4N3lacDVVRDRKZFhSMzZPOWtQaEdJYklzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAyiSd/UZi 1HiIzSoBLGgK3MgivujjYUWDJRyzO9ROTW0rTNQa7+7QBxb70LEVGvUEUDU1mM0D GZB2xhY6tmWnZ/czcBCSmRks+gTBTmocnZTbAesQsUgqxuh5JzIWJqOter9bJN8n Xzla9Qs06I5WoJXb0wvSjKclAHwxJPcAfHNWP2Hm1bKftHJRJgKNp2QSWI/nPura nE+mg2EV1O9J69Fxp0TRZqkHdi9ThOkCX16jI2AFPw4rx+UniREtljNYkthhZt3o 22AQcZDPNcQpMAc9Zsj37lqdKxCT9D/qrmrhl+ce+GGl2MqKunsyyuxwaUM+Mzg3 ShiItBmGWk307A== -----END CERTIFICATE-----Generated at Mon Dec 22 11:44:46 2025 by rpki-client