This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/f7baf4-d266-4fe5-a6ff-a00667f4cf71/1/TON2ekBU9IaN4L2fsjpcx2kP_tU.mft File: TON2ekBU9IaN4L2fsjpcx2kP_tU.mft (raw, json) Hash identifier: lHrhiKLuXgepaOTZy71byS2t/Zv7spi1hmR0j0B73Cw= Subject key identifier: 8B:CF:90:F9:62:49:05:B2:57:07:47:DB:A2:65:4B:25:5D:43:5D:0B Authority key identifier: 4C:E3:76:7A:40:54:F4:86:8D:E0:BD:9F:B2:3A:5C:C7:69:0F:FE:D5 Certificate issuer: /CN=4ce3767a4054f4868de0bd9fb23a5cc7690ffed5 Certificate serial: 019B4EF26FE8371013669826849C704445C9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TON2ekBU9IaN4L2fsjpcx2kP_tU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/f7baf4-d266-4fe5-a6ff-a00667f4cf71/1/TON2ekBU9IaN4L2fsjpcx2kP_tU.mft Manifest number: 0F30 Signing time: Wed 24 Dec 2025 06:01:09 +0000 Manifest this update: Wed 24 Dec 2025 06:01:09 +0000 Manifest next update: Thu 25 Dec 2025 06:01:09 +0000 Files and hashes: 1: TON2ekBU9IaN4L2fsjpcx2kP_tU.crl (hash: CrtrMx7DWvj154CHwc5w9Kx6GmiifSNwTpBo+28YnOA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e6/f7baf4-d266-4fe5-a6ff-a00667f4cf71/1/TON2ekBU9IaN4L2fsjpcx2kP_tU.crl rsync://rpki.ripe.net/repository/DEFAULT/e6/f7baf4-d266-4fe5-a6ff-a00667f4cf71/1/TON2ekBU9IaN4L2fsjpcx2kP_tU.mft rsync://rpki.ripe.net/repository/DEFAULT/TON2ekBU9IaN4L2fsjpcx2kP_tU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 06:01:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4e:f2:6f:e8:37:10:13:66:98:26:84:9c:70:44:45:c9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4ce3767a4054f4868de0bd9fb23a5cc7690ffed5 Validity Not Before: Dec 24 06:01:09 2025 GMT Not After : Dec 25 06:01:09 2025 GMT Subject: CN=8bcf90f9624905b2570747dba2654b255d435d0b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:a3:78:8e:1b:ac:ae:8e:fe:a8:95:cc:51:99: 9c:32:55:16:35:02:fe:94:4b:39:7c:4e:a2:c3:f3: 70:dd:8f:3e:e8:4b:50:5d:25:84:02:75:27:fe:2c: a4:9a:07:1b:bc:dd:8d:d8:38:c8:83:df:b6:33:7c: 93:94:e7:32:60:3c:4d:53:27:29:fb:35:87:fa:2c: 8b:e0:88:ef:d5:4c:05:1a:60:f4:71:ae:f9:80:f8: 5e:73:ff:49:53:f9:e0:b7:cb:96:36:e8:62:89:80: 08:4f:11:94:9f:cf:b7:84:6b:c6:94:61:be:ce:c2: 4d:9b:78:28:64:97:d1:87:fa:a3:74:72:5e:dc:27: 87:7c:e2:40:c4:c0:15:f7:5f:56:77:c4:80:41:f2: 0d:94:ac:a9:d5:50:4c:1d:c8:a2:0c:9f:24:b0:f6: 33:ce:7c:46:b0:47:f8:dc:13:77:25:c5:d9:0f:97: 70:c5:4e:8e:3c:d4:72:7e:9f:d7:fe:65:0f:a1:b7: b1:5a:35:da:8c:dd:7a:b0:ac:a2:0b:da:64:0d:94: 15:fd:ae:96:0d:56:bf:ec:3b:c4:f5:18:68:fd:df: d6:92:07:05:40:3d:3b:5a:df:88:28:69:bd:b3:54: ec:c5:58:64:2b:21:dc:64:6c:a2:b7:5d:00:73:e1: 7a:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8B:CF:90:F9:62:49:05:B2:57:07:47:DB:A2:65:4B:25:5D:43:5D:0B X509v3 Authority Key Identifier: keyid:4C:E3:76:7A:40:54:F4:86:8D:E0:BD:9F:B2:3A:5C:C7:69:0F:FE:D5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TON2ekBU9IaN4L2fsjpcx2kP_tU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/f7baf4-d266-4fe5-a6ff-a00667f4cf71/1/TON2ekBU9IaN4L2fsjpcx2kP_tU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/f7baf4-d266-4fe5-a6ff-a00667f4cf71/1/TON2ekBU9IaN4L2fsjpcx2kP_tU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 66:6d:fb:b4:d9:1c:93:45:d7:04:e5:3f:d1:ea:35:7c:88:69: 92:c7:af:dc:2b:75:06:99:e3:1e:88:34:fe:bd:39:78:a4:73: 5d:16:e9:af:db:dd:49:b8:b6:13:47:43:27:bd:d3:b9:46:71: 3d:21:f2:b7:47:52:8b:35:fd:a5:fd:34:5e:d1:9c:e9:74:25: b6:3f:a8:09:42:4b:75:11:03:3c:df:73:7d:47:1c:9d:90:e0: 71:ff:03:1c:eb:3c:b8:63:ef:52:9c:69:ba:18:e1:90:70:26: 90:08:0b:6c:63:88:59:5e:b5:19:7b:72:34:d5:56:1a:66:57: f2:a6:29:31:bd:6a:b1:c1:57:cf:30:89:5e:4f:1c:b1:f4:98: 05:24:d0:61:bd:18:28:6b:f4:59:72:f1:4c:85:65:21:86:84: 67:72:ee:c1:2c:58:a9:b4:1d:69:78:4d:94:12:1b:db:11:7b: 41:6a:ca:7a:fd:21:a7:f6:da:73:51:b0:e5:44:bd:c3:cc:50: 32:8c:54:89:f6:b1:5f:5a:2c:a4:9b:d4:cd:eb:0f:cf:8a:43: 34:15:68:fd:6b:60:9d:52:76:3f:7e:32:19:43:52:be:98:64: be:4b:e1:21:14:51:ff:09:e5:fe:3f:cf:4f:72:09:ec:84:e0: 79:d3:99:e6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtO8m/oNxATZpgmhJxwREXJMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRjZTM3NjdhNDA1NGY0ODY4ZGUwYmQ5ZmIyM2E1Y2M3Njkw ZmZlZDUwHhcNMjUxMjI0MDYwMTA5WhcNMjUxMjI1MDYwMTA5WjAzMTEwLwYDVQQD Eyg4YmNmOTBmOTYyNDkwNWIyNTcwNzQ3ZGJhMjY1NGIyNTVkNDM1ZDBiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsqN4jhusro7+qJXMUZmcMlUWNQL+ lEs5fE6iw/Nw3Y8+6EtQXSWEAnUn/iykmgcbvN2N2DjIg9+2M3yTlOcyYDxNUycp +zWH+iyL4Ijv1UwFGmD0ca75gPhec/9JU/ngt8uWNuhiiYAITxGUn8+3hGvGlGG+ zsJNm3goZJfRh/qjdHJe3CeHfOJAxMAV919Wd8SAQfINlKyp1VBMHciiDJ8ksPYz znxGsEf43BN3JcXZD5dwxU6OPNRyfp/X/mUPobexWjXajN16sKyiC9pkDZQV/a6W DVa/7DvE9Rho/d/WkgcFQD07Wt+IKGm9s1TsxVhkKyHcZGyit10Ac+F66QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIvPkPliSQWyVwdH26JlSyVdQ10LMB8GA1UdIwQY MBaAFEzjdnpAVPSGjeC9n7I6XMdpD/7VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVE9OMmVrQlU5SWFONEwyZnNqcGN4MmtQX3RVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9mN2JhZjQtZDI2Ni00ZmU1LWE2ZmYt YTAwNjY3ZjRjZjcxLzEvVE9OMmVrQlU5SWFONEwyZnNqcGN4MmtQX3RVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lNi9mN2JhZjQtZDI2Ni00ZmU1LWE2ZmYtYTAwNjY3ZjRjZjcx LzEvVE9OMmVrQlU5SWFONEwyZnNqcGN4MmtQX3RVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZm37tNkc k0XXBOU/0eo1fIhpksev3Ct1BpnjHog0/r05eKRzXRbpr9vdSbi2E0dDJ73TuUZx PSHyt0dSizX9pf00XtGc6XQltj+oCUJLdREDPN9zfUccnZDgcf8DHOs8uGPvUpxp uhjhkHAmkAgLbGOIWV61GXtyNNVWGmZX8qYpMb1qscFXzzCJXk8csfSYBSTQYb0Y KGv0WXLxTIVlIYaEZ3LuwSxYqbQdaXhNlBIb2xF7QWrKev0hp/bac1Gw5US9w8xQ MoxUifaxX1ospJvUzesPz4pDNBVo/WtgnVJ2P34yGUNSvphkvkvhIRRR/wnl/j/P T3IJ7ITgedOZ5g== -----END CERTIFICATE-----Generated at Wed Dec 24 13:35:45 2025 by rpki-client