This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/1TVDIcElQ2AUXq8l9pk4uN80ezE.mft File: 1TVDIcElQ2AUXq8l9pk4uN80ezE.mft (raw, json) Hash identifier: tFHjsPZSOQT4Pj97bV1CH9PoISp+E/Np98i6nHKidPs= Subject key identifier: 61:88:A6:D4:EE:AE:03:BA:1A:30:AF:8D:E7:02:2F:BD:7E:BE:95:E6 Authority key identifier: D5:35:43:21:C1:25:43:60:14:5E:AF:25:F6:99:38:B8:DF:34:7B:31 Certificate issuer: /CN=d5354321c1254360145eaf25f69938b8df347b31 Certificate serial: 019B3B34D7987CB7123637CEF878221B3C6E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1TVDIcElQ2AUXq8l9pk4uN80ezE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/1TVDIcElQ2AUXq8l9pk4uN80ezE.mft Manifest number: 0C87 Signing time: Sat 20 Dec 2025 10:01:17 +0000 Manifest this update: Sat 20 Dec 2025 10:01:17 +0000 Manifest next update: Sun 21 Dec 2025 10:01:17 +0000 Files and hashes: 1: 1TVDIcElQ2AUXq8l9pk4uN80ezE.crl (hash: 5faYbqkRy8die2PSf7oe8PLVCWO0VDy1htShT0iol3Q=) 2: YLggX1zVSuzWscKfrJDHnrsh8ls.roa (hash: 7Jlfup6Pw3zmGnZu3LgfRRcWJ28VWesMcyWjGhyh+m8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/1TVDIcElQ2AUXq8l9pk4uN80ezE.crl rsync://rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/1TVDIcElQ2AUXq8l9pk4uN80ezE.mft rsync://rpki.ripe.net/repository/DEFAULT/1TVDIcElQ2AUXq8l9pk4uN80ezE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 09:56:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3b:34:d7:98:7c:b7:12:36:37:ce:f8:78:22:1b:3c:6e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d5354321c1254360145eaf25f69938b8df347b31 Validity Not Before: Dec 20 10:01:17 2025 GMT Not After : Dec 21 10:01:17 2025 GMT Subject: CN=6188a6d4eeae03ba1a30af8de7022fbd7ebe95e6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:5a:00:fd:b6:c9:07:5b:42:29:bf:40:c7:57: 6f:56:54:a8:d9:63:ff:42:d6:c9:6a:10:1a:20:60: b8:e1:a4:56:51:74:4c:93:d7:84:03:cf:81:d9:71: a8:d7:e7:25:a1:b0:98:1c:0e:64:c3:59:d9:2f:e4: 54:1f:a7:13:8d:93:5a:ce:f5:47:5f:b8:94:ad:84: 1b:0b:b7:8c:3a:35:65:fc:17:47:27:c3:bc:8c:77: 1f:22:f8:98:ff:2a:95:02:49:68:c1:52:1a:82:65: b7:92:9e:69:a6:2a:af:3c:92:6b:42:c6:05:df:9c: da:ed:1d:18:38:75:b9:8f:e5:a5:5a:0b:67:19:94: 36:4a:b9:8c:7d:14:75:b1:fd:76:da:09:4e:a6:21: 86:4f:a6:2d:d9:94:2c:8e:e6:5e:b3:a7:14:ca:cf: 65:a1:30:8f:e1:04:9c:e2:58:e8:6d:b3:2d:8f:30: 73:ec:45:1a:55:94:d3:e6:e7:ee:49:ae:45:3b:c7: 87:c3:6b:81:f6:a9:da:a4:f3:76:02:36:d4:dd:06: 2d:87:d1:fb:89:8f:9f:94:f8:88:b6:d0:99:e6:a0: 83:c1:b9:0c:db:22:91:89:01:60:a3:b6:62:92:8c: 1d:02:9d:80:51:ad:00:6c:59:da:5f:5f:2e:b3:a4: d2:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 61:88:A6:D4:EE:AE:03:BA:1A:30:AF:8D:E7:02:2F:BD:7E:BE:95:E6 X509v3 Authority Key Identifier: keyid:D5:35:43:21:C1:25:43:60:14:5E:AF:25:F6:99:38:B8:DF:34:7B:31 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1TVDIcElQ2AUXq8l9pk4uN80ezE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/1TVDIcElQ2AUXq8l9pk4uN80ezE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/1TVDIcElQ2AUXq8l9pk4uN80ezE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 24:9d:05:a7:68:c4:11:84:9f:3c:e6:32:7d:3a:63:63:4e:41: b7:a0:2b:76:30:fc:77:de:6e:19:c6:e4:f6:32:b5:b7:30:28: af:35:32:58:58:79:ac:5c:8a:e6:47:f8:05:c7:df:d5:3b:69: bb:b6:42:ad:8b:34:cf:77:4d:f1:4c:19:36:9d:91:a0:6b:f7: 4d:9a:a8:7f:1b:7e:d3:b5:3f:fc:30:b5:d5:b3:36:e4:a0:17: 73:cc:4f:2c:db:d9:e4:45:8b:98:9e:ca:70:2a:38:84:65:b5: 0f:d1:81:0e:42:bc:fa:86:01:c8:ef:21:86:22:66:09:bf:b4: 6c:92:89:4d:6e:52:64:c2:14:ca:e9:e7:53:bc:48:f1:c9:60: 86:a8:40:c3:47:d8:0c:1d:ac:db:d9:34:2a:88:f0:62:de:9f: 61:4f:dd:0b:08:c0:7a:04:52:4d:e2:37:bd:05:43:b9:51:1b: 33:cd:fa:77:14:cb:c8:25:ce:c7:2b:95:34:7f:0e:25:11:5a: ef:ac:22:a0:1f:a6:a3:72:6f:83:fa:7e:44:ba:3f:94:c2:b1: 30:ee:f2:0e:3f:38:6c:aa:21:45:1a:9c:f0:bc:9f:85:a3:57: d1:a8:df:0b:df:6d:96:09:5c:6c:34:d6:5e:12:7e:ef:a8:91: 96:ed:cb:17 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs7NNeYfLcSNjfO+HgiGzxuMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ1MzU0MzIxYzEyNTQzNjAxNDVlYWYyNWY2OTkzOGI4ZGYz NDdiMzEwHhcNMjUxMjIwMTAwMTE3WhcNMjUxMjIxMTAwMTE3WjAzMTEwLwYDVQQD Eyg2MTg4YTZkNGVlYWUwM2JhMWEzMGFmOGRlNzAyMmZiZDdlYmU5NWU2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1loA/bbJB1tCKb9Ax1dvVlSo2WP/ QtbJahAaIGC44aRWUXRMk9eEA8+B2XGo1+clobCYHA5kw1nZL+RUH6cTjZNazvVH X7iUrYQbC7eMOjVl/BdHJ8O8jHcfIviY/yqVAklowVIagmW3kp5ppiqvPJJrQsYF 35za7R0YOHW5j+WlWgtnGZQ2SrmMfRR1sf122glOpiGGT6Yt2ZQsjuZes6cUys9l oTCP4QSc4ljobbMtjzBz7EUaVZTT5ufuSa5FO8eHw2uB9qnapPN2AjbU3QYth9H7 iY+flPiIttCZ5qCDwbkM2yKRiQFgo7ZikowdAp2AUa0AbFnaX18us6TS0wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGGIptTurgO6GjCvjecCL71+vpXmMB8GA1UdIwQY MBaAFNU1QyHBJUNgFF6vJfaZOLjfNHsxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMVRWREljRWxRMkFVWHE4bDlwazR1TjgwZXpFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9kOWY5YTgtZGEwMS00ZDM1LTgyODQt YjY0ZWI4ZDgzNjU4LzEvMVRWREljRWxRMkFVWHE4bDlwazR1TjgwZXpFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lYS9kOWY5YTgtZGEwMS00ZDM1LTgyODQtYjY0ZWI4ZDgzNjU4 LzEvMVRWREljRWxRMkFVWHE4bDlwazR1TjgwZXpFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJJ0Fp2jE EYSfPOYyfTpjY05Bt6ArdjD8d95uGcbk9jK1tzAorzUyWFh5rFyK5kf4Bcff1Ttp u7ZCrYs0z3dN8UwZNp2RoGv3TZqofxt+07U//DC11bM25KAXc8xPLNvZ5EWLmJ7K cCo4hGW1D9GBDkK8+oYByO8hhiJmCb+0bJKJTW5SZMIUyunnU7xI8clghqhAw0fY DB2s29k0KojwYt6fYU/dCwjAegRSTeI3vQVDuVEbM836dxTLyCXOxyuVNH8OJRFa 76wioB+mo3Jvg/p+RLo/lMKxMO7yDj84bKohRRqc8LyfhaNX0ajfC99tlglcbDTW XhJ+76iRlu3LFw== -----END CERTIFICATE-----Generated at Sat Dec 20 11:36:28 2025 by rpki-client