This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/1TVDIcElQ2AUXq8l9pk4uN80ezE.mft File: 1TVDIcElQ2AUXq8l9pk4uN80ezE.mft (raw, json) Hash identifier: A74KFEgRkU52AyiKq6zNDSAPh0a7qtzFVwsOBYRkFAs= Subject key identifier: 68:F3:8C:17:E8:F5:88:22:6B:93:A0:E0:DC:35:F5:CA:EC:7B:F2:E3 Authority key identifier: D5:35:43:21:C1:25:43:60:14:5E:AF:25:F6:99:38:B8:DF:34:7B:31 Certificate issuer: /CN=d5354321c1254360145eaf25f69938b8df347b31 Certificate serial: 019B71473CCD0189552BB1733021668F19D3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1TVDIcElQ2AUXq8l9pk4uN80ezE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/1TVDIcElQ2AUXq8l9pk4uN80ezE.mft Manifest number: 0CA3 Signing time: Tue 30 Dec 2025 22:00:52 +0000 Manifest this update: Tue 30 Dec 2025 22:00:52 +0000 Manifest next update: Wed 31 Dec 2025 22:00:52 +0000 Files and hashes: 1: 1TVDIcElQ2AUXq8l9pk4uN80ezE.crl (hash: vKh+sigxDoFZ3wO0T1eSiE9NvEM1So2UVNCd2vt6ZPo=) 2: YLggX1zVSuzWscKfrJDHnrsh8ls.roa (hash: 7Jlfup6Pw3zmGnZu3LgfRRcWJ28VWesMcyWjGhyh+m8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/1TVDIcElQ2AUXq8l9pk4uN80ezE.crl rsync://rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/1TVDIcElQ2AUXq8l9pk4uN80ezE.mft rsync://rpki.ripe.net/repository/DEFAULT/1TVDIcElQ2AUXq8l9pk4uN80ezE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 31 Dec 2025 22:00:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:71:47:3c:cd:01:89:55:2b:b1:73:30:21:66:8f:19:d3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d5354321c1254360145eaf25f69938b8df347b31 Validity Not Before: Dec 30 22:00:52 2025 GMT Not After : Dec 31 22:00:52 2025 GMT Subject: CN=68f38c17e8f588226b93a0e0dc35f5caec7bf2e3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:1b:a8:75:3b:d5:89:39:79:2b:5b:7e:00:d9: 3a:9d:e7:3a:bf:7c:21:f7:b2:0c:43:c1:19:f3:68: f3:a4:72:3a:f3:bd:1f:bf:fc:a6:d5:95:46:bd:b6: b0:31:85:06:ca:74:09:bf:ff:4b:b4:9a:77:64:10: 27:18:28:56:83:91:32:d5:e0:d1:b7:c4:e3:c3:8f: cb:d7:16:a3:56:3d:9f:56:f9:e6:51:8f:e0:4d:15: d8:a0:76:f0:b7:f0:55:42:d3:ce:7e:d0:26:91:37: 87:f6:14:10:ee:1a:5b:5a:a4:1f:38:f3:cb:22:29: 37:5e:08:8a:c6:9c:5f:51:30:b5:a1:a2:9c:4b:eb: 9d:04:50:3d:c6:31:b4:27:d2:12:89:1c:e1:85:8c: 97:36:21:76:af:15:34:1f:b0:4f:49:a6:cc:d6:4d: d2:4c:b3:9b:bd:c3:ea:bb:eb:ef:b9:7c:68:d6:d5: a6:5f:62:a6:d3:39:0e:e6:1b:47:75:d0:14:5e:51: 16:0e:66:26:e4:a7:b1:88:49:73:ce:bb:e0:bd:9c: 1c:27:d5:fe:6b:d5:10:d6:ac:e4:0a:c6:88:b8:5a: de:68:79:31:61:f8:36:e7:be:cc:fc:1f:45:8c:15: 5d:d3:0e:91:dc:18:87:f4:c5:52:b9:78:96:51:d7: 30:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:F3:8C:17:E8:F5:88:22:6B:93:A0:E0:DC:35:F5:CA:EC:7B:F2:E3 X509v3 Authority Key Identifier: keyid:D5:35:43:21:C1:25:43:60:14:5E:AF:25:F6:99:38:B8:DF:34:7B:31 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1TVDIcElQ2AUXq8l9pk4uN80ezE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/1TVDIcElQ2AUXq8l9pk4uN80ezE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/1TVDIcElQ2AUXq8l9pk4uN80ezE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 45:d8:d8:49:a8:46:b0:1d:22:3a:31:93:9e:64:26:63:eb:fa: 51:71:2b:c7:bf:3a:d0:ee:4c:aa:76:fa:d8:5e:05:59:2a:50: 74:d9:48:0f:2d:a7:67:29:1a:c9:98:9a:f6:c7:f0:56:15:99: 58:19:f1:b1:b5:86:0f:e7:a0:6a:43:94:28:5a:fd:bb:c3:bb: 48:77:bc:e1:48:a8:2a:fa:c8:81:8d:c9:1f:27:b5:68:6b:c4: 01:1d:10:1f:b4:c2:36:3d:b5:75:90:7c:1f:67:91:15:d6:38: 89:84:96:8c:94:cf:4c:0c:43:7a:81:b2:91:c3:91:44:51:4b: d7:4e:3f:5e:42:50:87:58:28:e7:e6:16:70:09:5c:d2:0d:79: 25:00:8a:c6:56:5a:0d:95:4e:1c:72:51:0d:71:f8:1a:cd:f7: 80:eb:d2:0b:ce:a1:08:2b:63:13:ab:5b:a7:69:b4:30:31:45: d6:65:26:1b:9d:c6:6c:56:ea:d1:ab:c8:e5:cf:d7:39:b7:c0: 44:11:9a:1d:08:91:f4:ef:56:53:e4:22:9f:af:b7:a5:1d:e0: ed:81:8a:25:35:a1:6c:6c:5a:69:51:33:4e:b5:3f:55:1e:3f: bc:03:20:8c:bf:e9:32:a2:04:25:0d:9a:71:6d:ae:a9:5f:33: 8b:67:83:12 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtxRzzNAYlVK7FzMCFmjxnTMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ1MzU0MzIxYzEyNTQzNjAxNDVlYWYyNWY2OTkzOGI4ZGYz NDdiMzEwHhcNMjUxMjMwMjIwMDUyWhcNMjUxMjMxMjIwMDUyWjAzMTEwLwYDVQQD Eyg2OGYzOGMxN2U4ZjU4ODIyNmI5M2EwZTBkYzM1ZjVjYWVjN2JmMmUzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvhuodTvViTl5K1t+ANk6nec6v3wh 97IMQ8EZ82jzpHI6870fv/ym1ZVGvbawMYUGynQJv/9LtJp3ZBAnGChWg5Ey1eDR t8Tjw4/L1xajVj2fVvnmUY/gTRXYoHbwt/BVQtPOftAmkTeH9hQQ7hpbWqQfOPPL Iik3XgiKxpxfUTC1oaKcS+udBFA9xjG0J9ISiRzhhYyXNiF2rxU0H7BPSabM1k3S TLObvcPqu+vvuXxo1tWmX2Km0zkO5htHddAUXlEWDmYm5KexiElzzrvgvZwcJ9X+ a9UQ1qzkCsaIuFreaHkxYfg2577M/B9FjBVd0w6R3BiH9MVSuXiWUdcwHwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGjzjBfo9Ygia5Og4Nw19crse/LjMB8GA1UdIwQY MBaAFNU1QyHBJUNgFF6vJfaZOLjfNHsxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMVRWREljRWxRMkFVWHE4bDlwazR1TjgwZXpFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9kOWY5YTgtZGEwMS00ZDM1LTgyODQt YjY0ZWI4ZDgzNjU4LzEvMVRWREljRWxRMkFVWHE4bDlwazR1TjgwZXpFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lYS9kOWY5YTgtZGEwMS00ZDM1LTgyODQtYjY0ZWI4ZDgzNjU4 LzEvMVRWREljRWxRMkFVWHE4bDlwazR1TjgwZXpFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARdjYSahG sB0iOjGTnmQmY+v6UXErx7860O5Mqnb62F4FWSpQdNlIDy2nZykayZia9sfwVhWZ WBnxsbWGD+egakOUKFr9u8O7SHe84UioKvrIgY3JHye1aGvEAR0QH7TCNj21dZB8 H2eRFdY4iYSWjJTPTAxDeoGykcORRFFL104/XkJQh1go5+YWcAlc0g15JQCKxlZa DZVOHHJRDXH4Gs33gOvSC86hCCtjE6tbp2m0MDFF1mUmG53GbFbq0avI5c/XObfA RBGaHQiR9O9WU+Qin6+3pR3g7YGKJTWhbGxaaVEzTrU/VR4/vAMgjL/pMqIEJQ2a cW2uqV8zi2eDEg== -----END CERTIFICATE-----Generated at Wed Dec 31 03:42:39 2025 by rpki-client