This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/a75e63-8149-49c6-939f-c6bf2ffb7253/1/TzLUClO7YLhnWebsClIHMAtBr3A.mft File: TzLUClO7YLhnWebsClIHMAtBr3A.mft (raw, json) Hash identifier: gKcOYN6tpcWTCDRGLBQQ3blLQxXX3LQ/2aZuMEWc5bE= Subject key identifier: EA:91:91:0F:18:F9:F3:20:47:EC:5E:0A:C1:BF:B3:9E:9D:AD:D6:3B Authority key identifier: 4F:32:D4:0A:53:BB:60:B8:67:59:E6:EC:0A:52:07:30:0B:41:AF:70 Certificate issuer: /CN=4f32d40a53bb60b86759e6ec0a5207300b41af70 Certificate serial: 019B2B8A470C2715A35AE5F7AB0271D39EE1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TzLUClO7YLhnWebsClIHMAtBr3A.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/a75e63-8149-49c6-939f-c6bf2ffb7253/1/TzLUClO7YLhnWebsClIHMAtBr3A.mft Manifest number: 177E Signing time: Wed 17 Dec 2025 09:00:40 +0000 Manifest this update: Wed 17 Dec 2025 09:00:40 +0000 Manifest next update: Thu 18 Dec 2025 09:00:40 +0000 Files and hashes: 1: Nqz1k5s0ZYXUy72rKBWz32fxVTU.roa (hash: GqKVrf//VPwumSGJonfvQyImnL7BKWccqvqBla5y7po=) 2: TzLUClO7YLhnWebsClIHMAtBr3A.crl (hash: mQX+kmBASqSNhmKf5qPHRgHw1Z3kAxgJIpU6PZSHtd0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f3/a75e63-8149-49c6-939f-c6bf2ffb7253/1/TzLUClO7YLhnWebsClIHMAtBr3A.crl rsync://rpki.ripe.net/repository/DEFAULT/f3/a75e63-8149-49c6-939f-c6bf2ffb7253/1/TzLUClO7YLhnWebsClIHMAtBr3A.mft rsync://rpki.ripe.net/repository/DEFAULT/TzLUClO7YLhnWebsClIHMAtBr3A.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 18 Dec 2025 09:00:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2b:8a:47:0c:27:15:a3:5a:e5:f7:ab:02:71:d3:9e:e1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4f32d40a53bb60b86759e6ec0a5207300b41af70 Validity Not Before: Dec 17 09:00:40 2025 GMT Not After : Dec 18 09:00:40 2025 GMT Subject: CN=ea91910f18f9f32047ec5e0ac1bfb39e9dadd63b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:fe:8e:00:32:93:bf:0d:39:90:4a:44:a1:05: 44:fc:3f:57:0d:12:a3:b1:fe:8f:8c:a4:94:e0:fa: 74:c0:45:12:30:27:9b:02:7d:06:79:9f:b3:7f:ac: e2:8d:67:db:52:5f:16:32:05:09:cf:8b:e0:e1:cf: d9:bc:f2:fe:2d:22:4e:79:85:63:36:14:a0:36:4f: 7a:1c:8a:6d:4e:13:79:26:b9:d2:19:a9:45:44:a2: 13:fe:92:95:7d:a9:6e:25:07:ec:39:43:0d:d3:82: aa:59:c2:cb:eb:e9:f7:b4:4d:0a:ee:50:9b:d7:86: 83:3c:e6:6b:63:c1:6d:26:8d:52:63:3e:76:14:ab: 22:5c:10:5b:fa:ce:95:08:fc:bf:bd:b0:80:b5:f5: 55:5c:0a:4f:c0:17:86:9d:82:8e:9d:81:10:cf:3c: e3:7b:72:a2:4f:4c:96:7a:56:0f:f7:60:b4:d6:08: bc:4b:ef:d5:2e:47:9c:3c:d0:0b:7a:b8:00:fe:e9: d7:70:db:3f:3a:75:79:11:64:b9:0f:c2:08:22:22: 02:4d:07:89:29:96:fc:25:06:21:70:c8:c4:96:0e: fe:8c:4b:29:a9:fd:ba:1d:9b:d3:91:8d:e3:f9:a7: 80:f5:8f:40:04:db:68:07:1a:b5:58:22:b8:c5:f9: cd:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EA:91:91:0F:18:F9:F3:20:47:EC:5E:0A:C1:BF:B3:9E:9D:AD:D6:3B X509v3 Authority Key Identifier: keyid:4F:32:D4:0A:53:BB:60:B8:67:59:E6:EC:0A:52:07:30:0B:41:AF:70 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TzLUClO7YLhnWebsClIHMAtBr3A.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/a75e63-8149-49c6-939f-c6bf2ffb7253/1/TzLUClO7YLhnWebsClIHMAtBr3A.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/a75e63-8149-49c6-939f-c6bf2ffb7253/1/TzLUClO7YLhnWebsClIHMAtBr3A.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2b:d2:91:3f:70:41:ea:5a:7b:cc:33:9d:59:2c:4a:46:2a:ff: 89:fe:92:27:74:26:7b:96:87:da:ff:58:ac:65:e3:75:47:69: f4:8d:41:e5:0b:cb:ba:c0:6a:b9:00:fd:db:69:90:55:38:40: 3c:8c:fb:f1:8c:6b:2c:60:19:1f:bc:6a:84:c0:8c:03:f7:e4: 27:16:2c:2a:02:b3:e9:18:b7:ca:78:52:83:35:37:f7:aa:f1: d1:60:e9:71:43:3b:07:c2:b5:b1:01:d2:86:27:0c:db:b1:c6: 6a:8e:9b:98:f9:4a:14:6e:f2:6e:22:97:19:8f:76:19:86:f7: 65:86:d9:0e:ce:19:2f:1f:05:82:24:0a:40:33:ae:da:ac:06: 97:af:8a:ae:e2:eb:4e:3a:b9:64:41:c4:3e:a4:ec:02:a6:31: f6:45:42:6b:6c:05:64:98:df:34:69:7e:f6:a7:e7:67:38:46: 20:7d:53:f0:55:b7:d1:9c:6f:23:74:2d:be:13:bb:da:4f:81: 16:f5:34:6d:a1:1d:75:90:85:31:32:36:c5:28:de:02:b0:f0: 81:d6:69:cb:20:42:04:66:bd:a7:ee:89:a0:c8:ca:a3:a5:da: 31:b1:f7:c7:9b:13:b0:33:2b:6c:cc:cd:c9:b3:08:45:84:a8: 86:41:45:e6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsrikcMJxWjWuX3qwJx057hMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRmMzJkNDBhNTNiYjYwYjg2NzU5ZTZlYzBhNTIwNzMwMGI0 MWFmNzAwHhcNMjUxMjE3MDkwMDQwWhcNMjUxMjE4MDkwMDQwWjAzMTEwLwYDVQQD EyhlYTkxOTEwZjE4ZjlmMzIwNDdlYzVlMGFjMWJmYjM5ZTlkYWRkNjNiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsv6OADKTvw05kEpEoQVE/D9XDRKj sf6PjKSU4Pp0wEUSMCebAn0GeZ+zf6zijWfbUl8WMgUJz4vg4c/ZvPL+LSJOeYVj NhSgNk96HIptThN5JrnSGalFRKIT/pKVfaluJQfsOUMN04KqWcLL6+n3tE0K7lCb 14aDPOZrY8FtJo1SYz52FKsiXBBb+s6VCPy/vbCAtfVVXApPwBeGnYKOnYEQzzzj e3KiT0yWelYP92C01gi8S+/VLkecPNALergA/unXcNs/OnV5EWS5D8IIIiICTQeJ KZb8JQYhcMjElg7+jEspqf26HZvTkY3j+aeA9Y9ABNtoBxq1WCK4xfnNdwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOqRkQ8Y+fMgR+xeCsG/s56drdY7MB8GA1UdIwQY MBaAFE8y1ApTu2C4Z1nm7ApSBzALQa9wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVHpMVUNsTzdZTGhuV2Vic0NsSUhNQXRCcjNBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9hNzVlNjMtODE0OS00OWM2LTkzOWYt YzZiZjJmZmI3MjUzLzEvVHpMVUNsTzdZTGhuV2Vic0NsSUhNQXRCcjNBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mMy9hNzVlNjMtODE0OS00OWM2LTkzOWYtYzZiZjJmZmI3MjUz LzEvVHpMVUNsTzdZTGhuV2Vic0NsSUhNQXRCcjNBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAK9KRP3BB 6lp7zDOdWSxKRir/if6SJ3Qme5aH2v9YrGXjdUdp9I1B5QvLusBquQD922mQVThA PIz78YxrLGAZH7xqhMCMA/fkJxYsKgKz6Ri3ynhSgzU396rx0WDpcUM7B8K1sQHS hicM27HGao6bmPlKFG7ybiKXGY92GYb3ZYbZDs4ZLx8FgiQKQDOu2qwGl6+KruLr Tjq5ZEHEPqTsAqYx9kVCa2wFZJjfNGl+9qfnZzhGIH1T8FW30ZxvI3QtvhO72k+B FvU0baEddZCFMTI2xSjeArDwgdZpyyBCBGa9p+6JoMjKo6XaMbH3x5sTsDMrbMzN ybMIRYSohkFF5g== -----END CERTIFICATE-----Generated at Wed Dec 17 13:26:11 2025 by rpki-client