This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/bfb817-7e2d-4458-bab1-d1750020caf5/1/_tdzOdk4vvCHWZKTwgGzufgiNiM.mft File: _tdzOdk4vvCHWZKTwgGzufgiNiM.mft (raw, json) Hash identifier: pskbVjWBjJb219oK850UKYSSvkjA55UOlKzuuZZl6qQ= Subject key identifier: 2B:8E:4A:D2:A2:AB:C4:0E:C7:5A:F7:AC:A0:90:22:BA:7E:7B:1B:8C Authority key identifier: FE:D7:73:39:D9:38:BE:F0:87:59:92:93:C2:01:B3:B9:F8:22:36:23 Certificate issuer: /CN=fed77339d938bef087599293c201b3b9f8223623 Certificate serial: 019B3DC79E4DA75E6CBF9C79D28EDBF30D7C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_tdzOdk4vvCHWZKTwgGzufgiNiM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/bfb817-7e2d-4458-bab1-d1750020caf5/1/_tdzOdk4vvCHWZKTwgGzufgiNiM.mft Manifest number: 171A Signing time: Sat 20 Dec 2025 22:00:50 +0000 Manifest this update: Sat 20 Dec 2025 22:00:50 +0000 Manifest next update: Sun 21 Dec 2025 22:00:50 +0000 Files and hashes: 1: JiqQ-b59vNl0MF5eVXzf0TfeO3c.roa (hash: OKAd29RpT9wnjVFO/8cLOZm/b/ev+jNX/rx5kLKiews=) 2: _tdzOdk4vvCHWZKTwgGzufgiNiM.crl (hash: dGnTNDD2aE8GFB6SbB7wIoTBT8BVgH+8EJBiyRTej2I=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/bfb817-7e2d-4458-bab1-d1750020caf5/1/_tdzOdk4vvCHWZKTwgGzufgiNiM.crl rsync://rpki.ripe.net/repository/DEFAULT/da/bfb817-7e2d-4458-bab1-d1750020caf5/1/_tdzOdk4vvCHWZKTwgGzufgiNiM.mft rsync://rpki.ripe.net/repository/DEFAULT/_tdzOdk4vvCHWZKTwgGzufgiNiM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 19:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3d:c7:9e:4d:a7:5e:6c:bf:9c:79:d2:8e:db:f3:0d:7c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=fed77339d938bef087599293c201b3b9f8223623 Validity Not Before: Dec 20 22:00:50 2025 GMT Not After : Dec 21 22:00:50 2025 GMT Subject: CN=2b8e4ad2a2abc40ec75af7aca09022ba7e7b1b8c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:ed:1f:6c:0e:ad:48:e1:a6:93:72:e6:5f:1a: 09:0e:30:03:b1:ec:32:07:bf:ad:68:10:b1:2f:84: 46:15:49:3c:e9:fe:d7:9c:01:e7:99:8c:44:b9:6a: ec:97:0d:9e:ba:d9:94:e9:cf:4c:4f:6c:b8:49:89: 34:00:0b:9d:80:b0:5b:38:2f:50:37:cb:ec:d0:1e: fe:98:92:1a:45:e6:77:a3:0f:3d:e7:8d:b2:e3:ea: 2b:39:4b:59:70:53:c3:6e:47:94:88:b2:ab:af:41: 0e:90:7b:31:16:54:57:22:9e:d1:e8:06:53:3d:a7: fb:46:c9:1e:fc:8d:22:92:68:ae:4a:02:43:ae:66: f5:65:0c:c6:2b:2d:47:8e:8d:10:0a:ca:64:7d:10: 31:4e:4a:25:6d:82:a5:f1:e8:f6:cd:13:9d:9b:dd: a6:b7:0b:de:41:47:a8:5f:45:6b:cf:25:28:1a:69: 85:e5:6d:6f:db:5e:77:26:2e:99:78:66:64:ec:02: f6:46:a4:0b:61:98:e0:92:6d:ae:89:5e:f7:9c:12: 75:55:c5:9e:54:37:8c:57:b5:c2:d1:e3:ee:8d:f5: b8:6b:2b:ed:3f:81:10:a2:ce:8f:1b:5f:13:5d:d9: df:d1:57:e1:ee:e5:10:cb:7a:f4:8b:c6:e9:32:2f: 5c:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:8E:4A:D2:A2:AB:C4:0E:C7:5A:F7:AC:A0:90:22:BA:7E:7B:1B:8C X509v3 Authority Key Identifier: keyid:FE:D7:73:39:D9:38:BE:F0:87:59:92:93:C2:01:B3:B9:F8:22:36:23 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_tdzOdk4vvCHWZKTwgGzufgiNiM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/bfb817-7e2d-4458-bab1-d1750020caf5/1/_tdzOdk4vvCHWZKTwgGzufgiNiM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/da/bfb817-7e2d-4458-bab1-d1750020caf5/1/_tdzOdk4vvCHWZKTwgGzufgiNiM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 35:63:fd:e3:ac:57:3e:86:4e:50:04:24:d3:ab:33:a4:32:05: 79:00:30:6c:0a:32:f5:f3:7b:c2:95:52:7c:3b:5d:47:a3:c6: 4b:b2:52:a1:df:88:e0:ef:fb:69:01:60:5d:17:c8:96:17:cf: 7e:25:ee:ba:cf:f2:15:d2:49:cf:6b:87:80:3c:0f:11:bb:25: 71:12:20:87:97:4f:22:89:f9:b4:ed:44:0c:95:b4:93:d2:6b: 85:ab:36:15:5d:9b:e9:b0:ca:85:75:fc:7d:83:48:9e:14:df: fb:cc:f4:8e:a1:32:b1:15:18:5e:4c:a6:c6:ec:0d:b1:d7:05: f4:8c:d6:03:2d:e6:64:07:2d:85:93:69:38:c9:2e:f9:cc:bd: 30:76:1e:8b:1f:93:a5:eb:89:fb:c2:e9:b8:03:15:df:a9:af: c4:18:fa:2b:8f:cb:00:79:f7:24:d2:07:fe:53:03:7b:1d:a5: 69:7e:1f:9f:74:d9:b3:13:96:fb:40:9b:41:b5:16:68:a2:fb: 30:d4:d8:d2:11:8b:fe:25:bd:62:66:d7:af:50:95:c2:dc:8e: c2:ee:00:13:60:58:56:87:65:36:55:7c:d7:d0:1d:6c:c6:2b: 39:7a:ef:a7:aa:ab:2c:27:60:72:18:d8:3f:4d:3c:f0:94:5e: 9f:df:d9:be -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs9x55Np15sv5x50o7b8w18MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGZlZDc3MzM5ZDkzOGJlZjA4NzU5OTI5M2MyMDFiM2I5Zjgy MjM2MjMwHhcNMjUxMjIwMjIwMDUwWhcNMjUxMjIxMjIwMDUwWjAzMTEwLwYDVQQD EygyYjhlNGFkMmEyYWJjNDBlYzc1YWY3YWNhMDkwMjJiYTdlN2IxYjhjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz+0fbA6tSOGmk3LmXxoJDjADsewy B7+taBCxL4RGFUk86f7XnAHnmYxEuWrslw2eutmU6c9MT2y4SYk0AAudgLBbOC9Q N8vs0B7+mJIaReZ3ow89542y4+orOUtZcFPDbkeUiLKrr0EOkHsxFlRXIp7R6AZT Paf7Rske/I0ikmiuSgJDrmb1ZQzGKy1Hjo0QCspkfRAxTkolbYKl8ej2zROdm92m twveQUeoX0VrzyUoGmmF5W1v2153Ji6ZeGZk7AL2RqQLYZjgkm2uiV73nBJ1VcWe VDeMV7XC0ePujfW4ayvtP4EQos6PG18TXdnf0Vfh7uUQy3r0i8bpMi9c7QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCuOStKiq8QOx1r3rKCQIrp+exuMMB8GA1UdIwQY MBaAFP7XcznZOL7wh1mSk8IBs7n4IjYjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvX3Rkek9kazR2dkNIV1pLVHdnR3p1ZmdpTmlNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9iZmI4MTctN2UyZC00NDU4LWJhYjEt ZDE3NTAwMjBjYWY1LzEvX3Rkek9kazR2dkNIV1pLVHdnR3p1ZmdpTmlNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kYS9iZmI4MTctN2UyZC00NDU4LWJhYjEtZDE3NTAwMjBjYWY1 LzEvX3Rkek9kazR2dkNIV1pLVHdnR3p1ZmdpTmlNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANWP946xX PoZOUAQk06szpDIFeQAwbAoy9fN7wpVSfDtdR6PGS7JSod+I4O/7aQFgXRfIlhfP fiXuus/yFdJJz2uHgDwPEbslcRIgh5dPIon5tO1EDJW0k9Jrhas2FV2b6bDKhXX8 fYNInhTf+8z0jqEysRUYXkymxuwNsdcF9IzWAy3mZActhZNpOMku+cy9MHYeix+T peuJ+8LpuAMV36mvxBj6K4/LAHn3JNIH/lMDex2laX4fn3TZsxOW+0CbQbUWaKL7 MNTY0hGL/iW9YmbXr1CVwtyOwu4AE2BYVodlNlV819AdbMYrOXrvp6qrLCdgchjY P0088JRen9/Zvg== -----END CERTIFICATE-----Generated at Sun Dec 21 02:09:26 2025 by rpki-client