This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/20ccac-33ee-45dc-bc9c-4499e3239f1f/1/tYaoZDYz6YdBEai881GKCQXyhgk.mft File: tYaoZDYz6YdBEai881GKCQXyhgk.mft (raw, json) Hash identifier: eWY798T79427oc3bqz889qOHAxL/hzYx4LqISlfbvJE= Subject key identifier: 8D:22:E4:EE:D6:FD:5D:F2:D6:6E:86:A2:7C:3C:FD:2A:E2:24:95:1E Authority key identifier: B5:86:A8:64:36:33:E9:87:41:11:A8:BC:F3:51:8A:09:05:F2:86:09 Certificate issuer: /CN=b586a8643633e9874111a8bcf3518a0905f28609 Certificate serial: 019B4DDF9B951D94DD58817EC600DFE56FF1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tYaoZDYz6YdBEai881GKCQXyhgk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/20ccac-33ee-45dc-bc9c-4499e3239f1f/1/tYaoZDYz6YdBEai881GKCQXyhgk.mft Manifest number: 133A Signing time: Wed 24 Dec 2025 01:00:58 +0000 Manifest this update: Wed 24 Dec 2025 01:00:58 +0000 Manifest next update: Thu 25 Dec 2025 01:00:58 +0000 Files and hashes: 1: M5OG91JsCAL60eSIC9Ad8J1tKCQ.roa (hash: 1YIYjfLNUonn/y5DvRwWqNtN3UGauHay3fPvlHRKB78=) 2: NLZJeEG7B459T5HRjzbaryRo4U4.roa (hash: D+Zc3p+KtPQCrkhD8NK/RsRz3Ozk8j3l3fx+in8YU8k=) 3: SX0Et8xCJ-oQPSZhA1vLwpgECss.roa (hash: GtBoUqmPl7+e01rEjLRBIu11uahmgFfyYOp4+G1ts2k=) 4: g3mWLx3QHER7jvUWO9_K86XjFvg.roa (hash: CQjC54kUHdxygPOZtU3D7Ni2Q4FQ2f8Z6SwCWy0D9f0=) 5: hvqfOijr6dDuZ5bH5DmTLJBSNC0.roa (hash: wnrweN82zW3L/i2kjShP1DGJ6lX6f745nj23KDLcERg=) 6: pkTSWC0kyyJmikpwefrKy0hYNBc.roa (hash: uJAe5aUPI71DUshehwa1+fSKLZdP9CODCdcESePQJgY=) 7: tYaoZDYz6YdBEai881GKCQXyhgk.crl (hash: W2Qk+2Ib/ppnsnNpqixbjoYuAuGYBvM9MZr8nccchi0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d6/20ccac-33ee-45dc-bc9c-4499e3239f1f/1/tYaoZDYz6YdBEai881GKCQXyhgk.crl rsync://rpki.ripe.net/repository/DEFAULT/d6/20ccac-33ee-45dc-bc9c-4499e3239f1f/1/tYaoZDYz6YdBEai881GKCQXyhgk.mft rsync://rpki.ripe.net/repository/DEFAULT/tYaoZDYz6YdBEai881GKCQXyhgk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 24 Dec 2025 19:01:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4d:df:9b:95:1d:94:dd:58:81:7e:c6:00:df:e5:6f:f1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b586a8643633e9874111a8bcf3518a0905f28609 Validity Not Before: Dec 24 01:00:58 2025 GMT Not After : Dec 25 01:00:58 2025 GMT Subject: CN=8d22e4eed6fd5df2d66e86a27c3cfd2ae224951e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:4b:f9:d1:09:3b:9c:20:55:6d:2c:88:14:43: 78:0e:ef:b9:0d:61:4f:3b:4d:df:10:1f:db:e1:18: 16:c5:22:85:37:74:87:42:75:8b:fb:66:d0:5f:e8: e9:d3:e1:b9:44:a5:11:8b:ba:b5:67:de:c9:4c:4f: ae:63:98:7f:0a:81:c2:df:04:53:e9:16:1c:ef:17: 61:6b:5f:22:c1:9b:02:a5:a5:62:3b:8c:60:ee:af: c8:2f:1f:b9:4d:af:26:81:85:d3:a0:4b:0c:cb:af: d4:7b:8a:74:80:2d:f8:31:ba:64:e9:ff:e6:41:08: 9a:a6:48:de:f5:ee:b3:28:1b:c3:40:51:df:b9:af: 53:dc:ff:8d:ae:c3:05:eb:da:37:32:2f:66:26:ba: 50:8f:84:b6:4c:03:0c:1b:87:61:ab:0c:ec:84:bd: 43:bc:b6:1e:08:e5:d7:0e:86:f6:bd:0f:ca:b4:32: d7:9b:2b:4b:6c:54:dc:80:06:c5:8b:70:12:e9:93: bc:a5:c6:f7:d6:2e:fa:c1:eb:c8:4c:ee:21:f8:79: 9d:3d:79:ac:6c:b0:c8:c7:f6:38:c7:99:5c:9e:ca: 36:33:d3:35:6d:d3:f0:7e:84:88:37:bd:5d:ba:e1: 47:4b:b0:49:b7:d0:93:d5:4b:3b:67:12:5f:1e:2a: d4:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8D:22:E4:EE:D6:FD:5D:F2:D6:6E:86:A2:7C:3C:FD:2A:E2:24:95:1E X509v3 Authority Key Identifier: keyid:B5:86:A8:64:36:33:E9:87:41:11:A8:BC:F3:51:8A:09:05:F2:86:09 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tYaoZDYz6YdBEai881GKCQXyhgk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/20ccac-33ee-45dc-bc9c-4499e3239f1f/1/tYaoZDYz6YdBEai881GKCQXyhgk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/20ccac-33ee-45dc-bc9c-4499e3239f1f/1/tYaoZDYz6YdBEai881GKCQXyhgk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a9:43:19:75:03:7f:e4:43:5f:86:be:b4:3d:c2:7c:de:63:84: 13:40:25:d9:72:88:03:48:b9:10:a3:2c:15:9d:70:e0:8f:17: 75:30:67:90:b8:25:6b:bc:bb:dd:55:8d:44:aa:22:f7:aa:08: d0:93:24:50:aa:b5:70:0e:7a:d7:2a:50:4b:82:de:dc:4a:e9: 94:0b:83:aa:f6:82:13:a9:5a:dc:ae:4f:a5:d7:fa:77:e6:26: 3e:81:b3:30:45:2f:26:92:d2:82:8b:d1:a6:ed:30:74:74:f6: 19:8b:79:77:b0:26:c7:92:65:7e:56:1f:f6:da:70:b7:71:02: c9:46:4c:3c:8f:83:64:ac:37:d6:0e:49:97:76:1f:b1:49:57: ba:3c:75:59:65:c2:b4:96:9a:44:93:8e:ef:02:92:28:08:25: 40:a3:8b:7b:61:b5:e2:26:ff:38:aa:41:f7:97:4e:12:b7:a9: 13:08:8e:6b:18:fd:ef:b0:42:78:92:75:7c:93:ad:c9:46:27: 23:6f:c8:47:8e:8e:fb:fd:28:ba:91:ce:c8:d2:c4:69:99:09: 7d:48:a5:59:78:99:7a:5e:be:af:ca:49:48:ae:08:48:54:6e: 5c:d6:b1:48:b6:e8:8c:31:f8:02:0f:d3:4c:77:2a:9f:e6:a7: cf:bf:fe:8b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtN35uVHZTdWIF+xgDf5W/xMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI1ODZhODY0MzYzM2U5ODc0MTExYThiY2YzNTE4YTA5MDVm Mjg2MDkwHhcNMjUxMjI0MDEwMDU4WhcNMjUxMjI1MDEwMDU4WjAzMTEwLwYDVQQD Eyg4ZDIyZTRlZWQ2ZmQ1ZGYyZDY2ZTg2YTI3YzNjZmQyYWUyMjQ5NTFlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAokv50Qk7nCBVbSyIFEN4Du+5DWFP O03fEB/b4RgWxSKFN3SHQnWL+2bQX+jp0+G5RKURi7q1Z97JTE+uY5h/CoHC3wRT 6RYc7xdha18iwZsCpaViO4xg7q/ILx+5Ta8mgYXToEsMy6/Ue4p0gC34Mbpk6f/m QQiapkje9e6zKBvDQFHfua9T3P+NrsMF69o3Mi9mJrpQj4S2TAMMG4dhqwzshL1D vLYeCOXXDob2vQ/KtDLXmytLbFTcgAbFi3AS6ZO8pcb31i76wevITO4h+HmdPXms bLDIx/Y4x5lcnso2M9M1bdPwfoSIN71duuFHS7BJt9CT1Us7ZxJfHirUAQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFI0i5O7W/V3y1m6Gonw8/SriJJUeMB8GA1UdIwQY MBaAFLWGqGQ2M+mHQRGovPNRigkF8oYJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdFlhb1pEWXo2WWRCRWFpODgxR0tDUVh5aGdrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi8yMGNjYWMtMzNlZS00NWRjLWJjOWMt NDQ5OWUzMjM5ZjFmLzEvdFlhb1pEWXo2WWRCRWFpODgxR0tDUVh5aGdrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kNi8yMGNjYWMtMzNlZS00NWRjLWJjOWMtNDQ5OWUzMjM5ZjFm LzEvdFlhb1pEWXo2WWRCRWFpODgxR0tDUVh5aGdrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqUMZdQN/ 5ENfhr60PcJ83mOEE0Al2XKIA0i5EKMsFZ1w4I8XdTBnkLgla7y73VWNRKoi96oI 0JMkUKq1cA561ypQS4Le3ErplAuDqvaCE6la3K5Ppdf6d+YmPoGzMEUvJpLSgovR pu0wdHT2GYt5d7Amx5JlflYf9tpwt3ECyUZMPI+DZKw31g5Jl3YfsUlXujx1WWXC tJaaRJOO7wKSKAglQKOLe2G14ib/OKpB95dOErepEwiOaxj977BCeJJ1fJOtyUYn I2/IR46O+/0oupHOyNLEaZkJfUilWXiZel6+r8pJSK4ISFRuXNaxSLbojDH4Ag/T THcqn+anz7/+iw== -----END CERTIFICATE-----Generated at Wed Dec 24 03:38:25 2025 by rpki-client