This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/38449c-aad8-405a-b7f7-6d9f384d2bc3/1/TvMzZvDPXk-oBO730eKSlO6lFIw.mft File: TvMzZvDPXk-oBO730eKSlO6lFIw.mft (raw, json) Hash identifier: ozWyJdLrEExDcijliW8VkC+33tPn5QjTJardnFfu3gk= Subject key identifier: 7B:6D:6A:DC:21:B2:1C:51:38:B5:D3:1D:25:17:8F:7A:5E:9D:E6:BE Authority key identifier: 4E:F3:33:66:F0:CF:5E:4F:A8:04:EE:F7:D1:E2:92:94:EE:A5:14:8C Certificate issuer: /CN=4ef33366f0cf5e4fa804eef7d1e29294eea5148c Certificate serial: 019B4B82F426E02B2677D5EF60433CEC2E51 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TvMzZvDPXk-oBO730eKSlO6lFIw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/38449c-aad8-405a-b7f7-6d9f384d2bc3/1/TvMzZvDPXk-oBO730eKSlO6lFIw.mft Manifest number: 0429 Signing time: Tue 23 Dec 2025 14:00:31 +0000 Manifest this update: Tue 23 Dec 2025 14:00:31 +0000 Manifest next update: Wed 24 Dec 2025 14:00:31 +0000 Files and hashes: 1: TvMzZvDPXk-oBO730eKSlO6lFIw.crl (hash: rDxBcOM2R9bW5ZPdqzIAKUcFCi18N9XP9lD/bXQzaCQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/38449c-aad8-405a-b7f7-6d9f384d2bc3/1/TvMzZvDPXk-oBO730eKSlO6lFIw.crl rsync://rpki.ripe.net/repository/DEFAULT/df/38449c-aad8-405a-b7f7-6d9f384d2bc3/1/TvMzZvDPXk-oBO730eKSlO6lFIw.mft rsync://rpki.ripe.net/repository/DEFAULT/TvMzZvDPXk-oBO730eKSlO6lFIw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 24 Dec 2025 14:00:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4b:82:f4:26:e0:2b:26:77:d5:ef:60:43:3c:ec:2e:51 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4ef33366f0cf5e4fa804eef7d1e29294eea5148c Validity Not Before: Dec 23 14:00:31 2025 GMT Not After : Dec 24 14:00:31 2025 GMT Subject: CN=7b6d6adc21b21c5138b5d31d25178f7a5e9de6be Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:fd:d6:8a:80:de:7f:38:bb:e7:85:df:c9:1e: 66:b5:90:ce:1a:0f:51:77:87:c2:72:c9:b6:88:47: b6:11:b2:89:85:2e:b2:c0:fc:71:08:77:b4:37:79: 0c:76:b5:68:39:68:34:25:b1:9b:e9:da:96:9c:05: 57:07:12:ea:77:28:c9:d8:4c:e6:9b:65:b8:3f:9c: 8c:f0:fc:b8:97:b7:25:97:06:f2:ff:e4:ce:78:f0: c7:1f:b7:68:c8:8d:72:34:5e:ed:ba:6f:02:aa:c7: 0d:d0:42:d2:17:fd:36:a5:ac:77:ed:70:84:d0:3d: 20:1e:7f:e0:47:6a:fa:ba:f7:2c:ad:03:e1:d2:cb: 03:0c:20:68:34:2a:ae:21:e0:f7:ac:d8:e1:b3:41: e6:87:58:ea:87:1f:5e:bf:ef:b1:9c:e5:ea:d1:e1: 36:7a:40:8f:39:3f:93:ef:f7:b5:13:40:91:b9:6c: 79:94:46:ee:70:9b:d4:76:f6:bd:08:89:ba:c1:cc: a8:9e:13:b4:b3:b1:1d:61:71:b5:2c:5d:bd:f9:d1: d5:b2:05:60:75:df:32:8f:db:e7:bb:f1:d9:4b:77: 4b:06:ef:72:dd:4d:35:7e:70:f2:66:2e:c8:f9:0a: 57:ef:80:2b:2c:d1:ba:81:31:26:58:66:21:72:9f: a3:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7B:6D:6A:DC:21:B2:1C:51:38:B5:D3:1D:25:17:8F:7A:5E:9D:E6:BE X509v3 Authority Key Identifier: keyid:4E:F3:33:66:F0:CF:5E:4F:A8:04:EE:F7:D1:E2:92:94:EE:A5:14:8C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TvMzZvDPXk-oBO730eKSlO6lFIw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/38449c-aad8-405a-b7f7-6d9f384d2bc3/1/TvMzZvDPXk-oBO730eKSlO6lFIw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/df/38449c-aad8-405a-b7f7-6d9f384d2bc3/1/TvMzZvDPXk-oBO730eKSlO6lFIw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 63:51:4b:db:cd:a0:fc:1f:27:2e:b1:1d:c4:a8:17:e3:c3:59: f1:b5:ab:b4:05:ce:59:ee:a2:26:30:da:2e:88:37:ad:44:de: b8:78:f8:7d:bd:52:a6:ad:83:ee:39:30:0d:ba:bc:f6:bb:86: 18:04:90:03:4c:4b:54:3d:9b:4e:47:4d:b8:59:3e:76:06:9d: 3c:4e:2d:ad:a4:a6:3d:17:a9:ec:26:44:5f:dc:45:a2:e8:cd: 37:e0:4d:66:29:e0:c3:74:c4:f3:88:e1:3e:40:8c:43:8f:31: 70:16:69:f0:3d:53:6e:a7:ba:d7:e9:91:80:64:d5:0e:40:76: 9d:cd:77:4a:ed:52:44:5d:43:35:d3:a7:a9:fe:11:8d:0b:e6: 9f:66:d1:c5:fc:18:14:51:a4:1a:63:f5:f8:68:44:1b:f9:2c: f2:96:f0:bd:54:db:c5:3f:b2:70:37:42:44:25:e7:7f:e0:e5: 56:0e:69:f1:a5:4c:74:8d:34:85:2e:00:57:ad:25:fe:06:50: 30:a5:94:3a:fb:c2:6a:8c:98:2d:1a:c1:88:f5:ef:5c:e0:48: fa:93:dd:b8:77:8e:99:ef:c7:16:c9:a4:50:2c:a9:b2:47:09: 36:05:35:d4:8d:35:d7:16:43:c4:2d:76:f4:4e:49:37:33:c7: 0a:1f:35:11 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtLgvQm4Csmd9XvYEM87C5RMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRlZjMzMzY2ZjBjZjVlNGZhODA0ZWVmN2QxZTI5Mjk0ZWVh NTE0OGMwHhcNMjUxMjIzMTQwMDMxWhcNMjUxMjI0MTQwMDMxWjAzMTEwLwYDVQQD Eyg3YjZkNmFkYzIxYjIxYzUxMzhiNWQzMWQyNTE3OGY3YTVlOWRlNmJlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr/3WioDefzi754XfyR5mtZDOGg9R d4fCcsm2iEe2EbKJhS6ywPxxCHe0N3kMdrVoOWg0JbGb6dqWnAVXBxLqdyjJ2Ezm m2W4P5yM8Py4l7cllwby/+TOePDHH7doyI1yNF7tum8CqscN0ELSF/02pax37XCE 0D0gHn/gR2r6uvcsrQPh0ssDDCBoNCquIeD3rNjhs0Hmh1jqhx9ev++xnOXq0eE2 ekCPOT+T7/e1E0CRuWx5lEbucJvUdva9CIm6wcyonhO0s7EdYXG1LF29+dHVsgVg dd8yj9vnu/HZS3dLBu9y3U01fnDyZi7I+QpX74ArLNG6gTEmWGYhcp+jewIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHttatwhshxROLXTHSUXj3penea+MB8GA1UdIwQY MBaAFE7zM2bwz15PqATu99HikpTupRSMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVHZNelp2RFBYay1vQk83MzBlS1NsTzZsRkl3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8zODQ0OWMtYWFkOC00MDVhLWI3Zjct NmQ5ZjM4NGQyYmMzLzEvVHZNelp2RFBYay1vQk83MzBlS1NsTzZsRkl3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZi8zODQ0OWMtYWFkOC00MDVhLWI3ZjctNmQ5ZjM4NGQyYmMz LzEvVHZNelp2RFBYay1vQk83MzBlS1NsTzZsRkl3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAY1FL282g /B8nLrEdxKgX48NZ8bWrtAXOWe6iJjDaLog3rUTeuHj4fb1Spq2D7jkwDbq89ruG GASQA0xLVD2bTkdNuFk+dgadPE4traSmPRep7CZEX9xFoujNN+BNZingw3TE84jh PkCMQ48xcBZp8D1Tbqe61+mRgGTVDkB2nc13Su1SRF1DNdOnqf4RjQvmn2bRxfwY FFGkGmP1+GhEG/ks8pbwvVTbxT+ycDdCRCXnf+DlVg5p8aVMdI00hS4AV60l/gZQ MKWUOvvCaoyYLRrBiPXvXOBI+pPduHeOme/HFsmkUCypskcJNgU11I011xZDxC12 9E5JNzPHCh81EQ== -----END CERTIFICATE-----Generated at Tue Dec 23 16:51:39 2025 by rpki-client