This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/dd4148-89ab-48f8-8d6f-33cfa511b0c7/1/tKOpvnfi2f3n_-H1Fin5TpjqPNg.mft File: tKOpvnfi2f3n_-H1Fin5TpjqPNg.mft (raw, json) Hash identifier: LFedcmfUaFbv2OzIgLMhJF0bcEvV3n1ptiFv55xg6Oo= Subject key identifier: 15:89:DE:C2:BA:48:B7:59:57:FA:F2:59:0F:D8:55:4E:71:C7:FC:CB Authority key identifier: B4:A3:A9:BE:77:E2:D9:FD:E7:FF:E1:F5:16:29:F9:4E:98:EA:3C:D8 Certificate issuer: /CN=b4a3a9be77e2d9fde7ffe1f51629f94e98ea3cd8 Certificate serial: 019B1A29D08856991A01F4B9C1F56400ECCC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tKOpvnfi2f3n_-H1Fin5TpjqPNg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/dd4148-89ab-48f8-8d6f-33cfa511b0c7/1/tKOpvnfi2f3n_-H1Fin5TpjqPNg.mft Manifest number: 098B Signing time: Sun 14 Dec 2025 00:01:46 +0000 Manifest this update: Sun 14 Dec 2025 00:01:46 +0000 Manifest next update: Mon 15 Dec 2025 00:01:46 +0000 Files and hashes: 1: tKOpvnfi2f3n_-H1Fin5TpjqPNg.crl (hash: 3S1bYF+SnMlDxVf+IlMD8tb4tSEoeq/jdROTuGR1G0U=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/dd4148-89ab-48f8-8d6f-33cfa511b0c7/1/tKOpvnfi2f3n_-H1Fin5TpjqPNg.crl rsync://rpki.ripe.net/repository/DEFAULT/0c/dd4148-89ab-48f8-8d6f-33cfa511b0c7/1/tKOpvnfi2f3n_-H1Fin5TpjqPNg.mft rsync://rpki.ripe.net/repository/DEFAULT/tKOpvnfi2f3n_-H1Fin5TpjqPNg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 14 Dec 2025 17:47:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:1a:29:d0:88:56:99:1a:01:f4:b9:c1:f5:64:00:ec:cc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b4a3a9be77e2d9fde7ffe1f51629f94e98ea3cd8 Validity Not Before: Dec 14 00:01:46 2025 GMT Not After : Dec 15 00:01:46 2025 GMT Subject: CN=1589dec2ba48b75957faf2590fd8554e71c7fccb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:e8:2a:d4:59:36:5b:da:4d:99:83:55:c1:c4: 3b:cd:6f:b5:99:21:00:1b:16:78:16:ac:18:56:46: d1:f8:d4:20:f6:77:ed:b4:3e:d8:27:0d:39:73:80: be:a8:35:7c:bc:b9:b0:3f:52:d2:24:e9:9e:92:59: 3b:b9:cb:52:04:68:e2:f4:3e:bd:58:7e:78:bb:58: 19:25:70:c9:be:46:6b:bc:aa:9a:8b:3d:69:4d:32: ba:d2:60:4d:e6:db:25:91:c6:cc:07:6a:71:3e:3e: a4:91:e1:98:c1:aa:55:75:50:81:84:41:d5:ab:af: 5c:de:5f:0a:50:1d:cf:5e:02:2c:ac:41:f0:46:17: 9a:c1:15:0e:e3:80:39:a3:4b:6b:5d:e4:ee:b4:af: 0b:df:99:22:e0:87:27:0e:e4:6e:c1:35:fc:a8:c4: de:41:87:d5:3b:bb:60:6e:51:09:cf:cc:e6:57:7d: 85:07:c2:af:b4:3a:8f:f5:cc:3e:45:c9:fd:53:86: 1e:c4:d4:1d:da:8c:98:1b:20:88:16:9d:ac:7b:b0: 28:4c:3d:40:9d:d8:e5:40:e7:db:9e:16:93:ef:c1: a0:71:96:d6:52:3d:cc:c2:2e:86:f0:3d:8c:e1:e4: 1e:8b:7e:e3:9d:57:40:4f:5e:15:80:c6:d4:25:54: fd:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 15:89:DE:C2:BA:48:B7:59:57:FA:F2:59:0F:D8:55:4E:71:C7:FC:CB X509v3 Authority Key Identifier: keyid:B4:A3:A9:BE:77:E2:D9:FD:E7:FF:E1:F5:16:29:F9:4E:98:EA:3C:D8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tKOpvnfi2f3n_-H1Fin5TpjqPNg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/dd4148-89ab-48f8-8d6f-33cfa511b0c7/1/tKOpvnfi2f3n_-H1Fin5TpjqPNg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/dd4148-89ab-48f8-8d6f-33cfa511b0c7/1/tKOpvnfi2f3n_-H1Fin5TpjqPNg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 47:cd:9d:dd:d7:cf:07:71:c2:2c:d2:c3:dc:af:bd:54:ad:2c: 01:88:eb:0e:3b:59:67:9f:c3:69:88:19:e7:a7:6f:ab:82:d4: 7b:b5:43:94:f5:d5:b7:95:03:83:d5:70:6e:82:13:30:46:75: 2b:17:05:89:be:c9:81:53:10:a4:37:1d:fe:7e:96:57:0f:26: c8:f4:f1:63:2b:ba:cf:e2:86:b1:08:86:ed:2b:ef:2e:26:4e: 32:7b:1e:84:e3:04:a4:5f:df:2b:31:fe:bf:68:ca:81:68:36: 14:9c:34:a5:b9:54:63:94:6e:f4:6d:b3:e2:9e:11:1e:f6:99: 91:4a:cc:1c:a5:ac:94:22:93:4b:ad:34:9c:2e:0c:b9:f3:7c: 45:ff:15:20:94:41:5a:7e:98:76:93:53:dc:fd:80:a9:1a:5d: 8b:af:84:9d:d6:ae:e1:dc:82:f8:7d:ff:ce:79:6a:53:80:cd: 4a:99:0b:14:35:e7:fb:c6:6d:93:d2:f9:79:b4:98:77:1a:fa: 7b:6f:1c:bf:11:9a:9a:ab:8c:7d:a9:22:b4:26:e8:e2:15:42: 81:d3:af:98:f2:24:21:8d:01:90:ac:0f:48:95:21:fb:54:d0: 85:df:67:92:2e:6c:47:e4:f3:08:d5:85:ed:01:ad:74:cf:5d: 48:7f:f5:66 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsaKdCIVpkaAfS5wfVkAOzMMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI0YTNhOWJlNzdlMmQ5ZmRlN2ZmZTFmNTE2MjlmOTRlOThl YTNjZDgwHhcNMjUxMjE0MDAwMTQ2WhcNMjUxMjE1MDAwMTQ2WjAzMTEwLwYDVQQD EygxNTg5ZGVjMmJhNDhiNzU5NTdmYWYyNTkwZmQ4NTU0ZTcxYzdmY2NiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmOgq1Fk2W9pNmYNVwcQ7zW+1mSEA GxZ4FqwYVkbR+NQg9nfttD7YJw05c4C+qDV8vLmwP1LSJOmeklk7uctSBGji9D69 WH54u1gZJXDJvkZrvKqaiz1pTTK60mBN5tslkcbMB2pxPj6kkeGYwapVdVCBhEHV q69c3l8KUB3PXgIsrEHwRheawRUO44A5o0trXeTutK8L35ki4IcnDuRuwTX8qMTe QYfVO7tgblEJz8zmV32FB8KvtDqP9cw+Rcn9U4YexNQd2oyYGyCIFp2se7AoTD1A ndjlQOfbnhaT78GgcZbWUj3Mwi6G8D2M4eQei37jnVdAT14VgMbUJVT9YwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBWJ3sK6SLdZV/ryWQ/YVU5xx/zLMB8GA1UdIwQY MBaAFLSjqb534tn95//h9RYp+U6Y6jzYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdEtPcHZuZmkyZjNuXy1IMUZpbjVUcGpxUE5nLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9kZDQxNDgtODlhYi00OGY4LThkNmYt MzNjZmE1MTFiMGM3LzEvdEtPcHZuZmkyZjNuXy1IMUZpbjVUcGpxUE5nLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wYy9kZDQxNDgtODlhYi00OGY4LThkNmYtMzNjZmE1MTFiMGM3 LzEvdEtPcHZuZmkyZjNuXy1IMUZpbjVUcGpxUE5nLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAR82d3dfP B3HCLNLD3K+9VK0sAYjrDjtZZ5/DaYgZ56dvq4LUe7VDlPXVt5UDg9VwboITMEZ1 KxcFib7JgVMQpDcd/n6WVw8myPTxYyu6z+KGsQiG7SvvLiZOMnsehOMEpF/fKzH+ v2jKgWg2FJw0pblUY5Ru9G2z4p4RHvaZkUrMHKWslCKTS600nC4MufN8Rf8VIJRB Wn6YdpNT3P2AqRpdi6+Endau4dyC+H3/znlqU4DNSpkLFDXn+8Ztk9L5ebSYdxr6 e28cvxGamquMfakitCbo4hVCgdOvmPIkIY0BkKwPSJUh+1TQhd9nki5sR+TzCNWF 7QGtdM9dSH/1Zg== -----END CERTIFICATE-----Generated at Sun Dec 14 01:54:52 2025 by rpki-client