This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/5b788e-f847-4df9-9334-964cca722f73/1/TK0YVBTBauXSKaiqK_oV_vxxoiI.mft File: TK0YVBTBauXSKaiqK_oV_vxxoiI.mft (raw, json) Hash identifier: GuHxeRZUZCfNveasR8WtQQjb40rqbx9+qCwyAGBvmJQ= Subject key identifier: 6E:A7:5D:3B:5A:EE:30:AD:AB:7B:5B:3D:4D:5A:C6:97:AE:87:DB:84 Authority key identifier: 4C:AD:18:54:14:C1:6A:E5:D2:29:A8:AA:2B:FA:15:FE:FC:71:A2:22 Certificate issuer: /CN=4cad185414c16ae5d229a8aa2bfa15fefc71a222 Certificate serial: 019B39B460F69401086CFD65CF85E09D0C2A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TK0YVBTBauXSKaiqK_oV_vxxoiI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/5b788e-f847-4df9-9334-964cca722f73/1/TK0YVBTBauXSKaiqK_oV_vxxoiI.mft Manifest number: 171A Signing time: Sat 20 Dec 2025 03:01:21 +0000 Manifest this update: Sat 20 Dec 2025 03:01:21 +0000 Manifest next update: Sun 21 Dec 2025 03:01:21 +0000 Files and hashes: 1: TK0YVBTBauXSKaiqK_oV_vxxoiI.crl (hash: EKOjDtI7hEO17yTdyoENvlhCpwpJ4NcFlzgS2MAxhf0=) 2: dxfaqcbOBYRpYzoiD3a-nfzNgyI.roa (hash: 9S4UtPoorxm2Y5jeo5Ht7EgjOkb+pCS05uOlyENLKPI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/5b788e-f847-4df9-9334-964cca722f73/1/TK0YVBTBauXSKaiqK_oV_vxxoiI.crl rsync://rpki.ripe.net/repository/DEFAULT/d5/5b788e-f847-4df9-9334-964cca722f73/1/TK0YVBTBauXSKaiqK_oV_vxxoiI.mft rsync://rpki.ripe.net/repository/DEFAULT/TK0YVBTBauXSKaiqK_oV_vxxoiI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 03:01:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:39:b4:60:f6:94:01:08:6c:fd:65:cf:85:e0:9d:0c:2a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4cad185414c16ae5d229a8aa2bfa15fefc71a222 Validity Not Before: Dec 20 03:01:21 2025 GMT Not After : Dec 21 03:01:21 2025 GMT Subject: CN=6ea75d3b5aee30adab7b5b3d4d5ac697ae87db84 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:fe:2d:65:c7:54:d1:27:99:40:48:08:10:85: 62:55:b1:2e:36:76:74:17:6a:06:ba:48:71:b9:a1: a0:fe:6e:35:cc:67:44:40:e9:17:4a:1f:60:92:d3: b0:e5:ac:19:df:18:4f:73:13:8a:be:f2:ba:25:fb: 0d:2a:36:87:e6:bb:9b:d7:50:02:e9:46:b2:c5:73: 08:2d:3d:11:31:7b:21:0a:26:8b:9d:3f:0c:64:67: fa:8c:88:8c:96:4b:cd:e3:da:09:ca:a8:73:c9:4a: c8:b7:98:1a:87:64:aa:41:49:ba:2c:5d:ba:0a:eb: 52:f0:f8:73:6f:99:88:1e:35:fb:31:34:6f:48:62: 1c:c5:0c:d3:37:3f:51:4a:2d:61:be:a9:a6:46:b5: 6f:14:14:6b:3f:db:0a:a6:7f:b0:15:e5:96:bd:01: a6:88:a6:d2:b6:24:26:c5:32:39:f6:27:5c:7d:80: a4:0b:b8:89:97:1c:94:fb:d5:20:96:ba:36:79:f4: 6e:65:fc:36:74:62:bd:a1:16:9a:ff:f2:9c:14:11: 5c:71:10:b3:34:2d:56:f9:d4:86:dc:c6:1f:81:27: a8:ff:02:93:ae:29:5b:cf:bd:f3:3d:23:e4:2f:b9: 11:e6:4b:71:8a:51:5d:9b:c6:8b:b6:43:b3:c9:ce: be:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6E:A7:5D:3B:5A:EE:30:AD:AB:7B:5B:3D:4D:5A:C6:97:AE:87:DB:84 X509v3 Authority Key Identifier: keyid:4C:AD:18:54:14:C1:6A:E5:D2:29:A8:AA:2B:FA:15:FE:FC:71:A2:22 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TK0YVBTBauXSKaiqK_oV_vxxoiI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/5b788e-f847-4df9-9334-964cca722f73/1/TK0YVBTBauXSKaiqK_oV_vxxoiI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/5b788e-f847-4df9-9334-964cca722f73/1/TK0YVBTBauXSKaiqK_oV_vxxoiI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 24:37:fb:88:8d:a8:2a:9d:c1:c2:a9:4b:7a:50:ae:43:29:90: 60:50:0e:0e:5a:e3:28:d3:8d:05:44:c8:7e:6e:0f:23:63:24: 1c:9b:48:53:09:62:9c:0e:fe:ce:2a:fc:9f:e3:7c:d4:ae:3f: 40:f1:64:fe:cb:50:2c:d8:b4:15:57:a2:45:96:c7:00:27:0d: bf:23:b8:91:36:a3:60:3b:d2:32:be:a0:b0:f6:de:3f:26:85: e6:d2:5b:1a:8e:ea:89:ee:de:6a:b2:f2:58:27:47:ae:83:ab: 01:54:d8:c3:31:e0:f4:2b:5f:e5:d1:a7:08:4d:6e:76:fb:4a: 98:cf:20:8d:a5:06:6e:20:32:a9:22:53:9d:f4:cc:f5:0c:7e: 9c:0f:83:95:b5:97:2d:ef:8e:6a:17:e0:f1:fa:d4:12:5f:6f: 7e:86:21:fd:7e:54:30:38:ca:04:5b:d9:5c:60:ee:63:c9:b6: d6:81:42:c6:93:d3:ff:40:a0:41:66:ff:67:c6:f1:09:30:b9: 7b:8c:c8:9d:4d:97:c9:5e:17:74:3c:5f:80:fd:68:2c:0b:48: 50:63:3e:e7:26:0c:62:a7:42:7a:ff:83:15:fc:b1:a4:91:60: 39:2b:e2:77:7d:95:30:f8:2e:55:d4:10:3e:07:16:34:74:c5: 0c:0f:78:63 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs5tGD2lAEIbP1lz4XgnQwqMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRjYWQxODU0MTRjMTZhZTVkMjI5YThhYTJiZmExNWZlZmM3 MWEyMjIwHhcNMjUxMjIwMDMwMTIxWhcNMjUxMjIxMDMwMTIxWjAzMTEwLwYDVQQD Eyg2ZWE3NWQzYjVhZWUzMGFkYWI3YjViM2Q0ZDVhYzY5N2FlODdkYjg0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtf4tZcdU0SeZQEgIEIViVbEuNnZ0 F2oGukhxuaGg/m41zGdEQOkXSh9gktOw5awZ3xhPcxOKvvK6JfsNKjaH5rub11AC 6UayxXMILT0RMXshCiaLnT8MZGf6jIiMlkvN49oJyqhzyUrIt5gah2SqQUm6LF26 CutS8Phzb5mIHjX7MTRvSGIcxQzTNz9RSi1hvqmmRrVvFBRrP9sKpn+wFeWWvQGm iKbStiQmxTI59idcfYCkC7iJlxyU+9Uglro2efRuZfw2dGK9oRaa//KcFBFccRCz NC1W+dSG3MYfgSeo/wKTrilbz73zPSPkL7kR5ktxilFdm8aLtkOzyc6+RwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFG6nXTta7jCtq3tbPU1axpeuh9uEMB8GA1UdIwQY MBaAFEytGFQUwWrl0imoqiv6Ff78caIiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVEswWVZCVEJhdVhTS2FpcUtfb1Zfdnh4b2lJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS81Yjc4OGUtZjg0Ny00ZGY5LTkzMzQt OTY0Y2NhNzIyZjczLzEvVEswWVZCVEJhdVhTS2FpcUtfb1Zfdnh4b2lJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kNS81Yjc4OGUtZjg0Ny00ZGY5LTkzMzQtOTY0Y2NhNzIyZjcz LzEvVEswWVZCVEJhdVhTS2FpcUtfb1Zfdnh4b2lJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJDf7iI2o Kp3BwqlLelCuQymQYFAODlrjKNONBUTIfm4PI2MkHJtIUwlinA7+zir8n+N81K4/ QPFk/stQLNi0FVeiRZbHACcNvyO4kTajYDvSMr6gsPbePyaF5tJbGo7qie7earLy WCdHroOrAVTYwzHg9Ctf5dGnCE1udvtKmM8gjaUGbiAyqSJTnfTM9Qx+nA+DlbWX Le+Oahfg8frUEl9vfoYh/X5UMDjKBFvZXGDuY8m21oFCxpPT/0CgQWb/Z8bxCTC5 e4zInU2XyV4XdDxfgP1oLAtIUGM+5yYMYqdCev+DFfyxpJFgOSvid32VMPguVdQQ PgcWNHTFDA94Yw== -----END CERTIFICATE-----Generated at Sat Dec 20 13:06:42 2025 by rpki-client