This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/d9a672-26c3-4ab4-b53b-099fd2101385/1/tPszH6QvtFHkVRxvkcu5wZ7jek4.mft File: tPszH6QvtFHkVRxvkcu5wZ7jek4.mft (raw, json) Hash identifier: L6kSatUlXu1sZz3tNCR1tux8+a5ZQw+l4oPJmtNPTzE= Subject key identifier: 5A:E2:2B:B2:B8:87:40:28:7A:4A:53:81:E6:C3:30:BB:D7:80:4D:E4 Authority key identifier: B4:FB:33:1F:A4:2F:B4:51:E4:55:1C:6F:91:CB:B9:C1:9E:E3:7A:4E Certificate issuer: /CN=b4fb331fa42fb451e4551c6f91cbb9c19ee37a4e Certificate serial: 019B416D74B73C33F9FBA1632B83BEBBB6F0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPszH6QvtFHkVRxvkcu5wZ7jek4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/d9a672-26c3-4ab4-b53b-099fd2101385/1/tPszH6QvtFHkVRxvkcu5wZ7jek4.mft Manifest number: 178B Signing time: Sun 21 Dec 2025 15:00:50 +0000 Manifest this update: Sun 21 Dec 2025 15:00:50 +0000 Manifest next update: Mon 22 Dec 2025 15:00:50 +0000 Files and hashes: 1: DvRXNlTCR35yGxJPggKI6LQ1TXY.roa (hash: uCs5edSvBBj2KY6s6HL8wAMD7pMX49G3e3NvxavAQGo=) 2: tPszH6QvtFHkVRxvkcu5wZ7jek4.crl (hash: xAU8WhFy5cNx8A0wQe63YX/4i8X3VXCdRioIurcnzQ8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/d9a672-26c3-4ab4-b53b-099fd2101385/1/tPszH6QvtFHkVRxvkcu5wZ7jek4.crl rsync://rpki.ripe.net/repository/DEFAULT/29/d9a672-26c3-4ab4-b53b-099fd2101385/1/tPszH6QvtFHkVRxvkcu5wZ7jek4.mft rsync://rpki.ripe.net/repository/DEFAULT/tPszH6QvtFHkVRxvkcu5wZ7jek4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 13:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:41:6d:74:b7:3c:33:f9:fb:a1:63:2b:83:be:bb:b6:f0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b4fb331fa42fb451e4551c6f91cbb9c19ee37a4e Validity Not Before: Dec 21 15:00:50 2025 GMT Not After : Dec 22 15:00:50 2025 GMT Subject: CN=5ae22bb2b88740287a4a5381e6c330bbd7804de4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8e:7a:cf:c3:7f:95:d4:3a:ab:46:7f:bf:68:24: 90:db:a7:b7:1d:e9:dc:f3:99:6f:1d:b9:ad:e8:82: ab:42:a4:75:91:85:58:e0:5c:90:1d:37:60:b9:79: 99:13:aa:3a:fc:45:52:59:c1:85:c8:52:e5:0f:83: 23:1b:08:08:2a:f1:54:bd:55:40:76:4d:e2:a1:58: 1c:37:31:a0:c6:95:d2:66:25:25:af:50:d8:ab:1a: 20:0a:bb:98:0f:53:9b:23:55:81:05:a9:14:59:2c: c6:3d:22:c1:66:c1:87:75:4f:07:83:2e:95:a4:b5: ff:2d:18:18:4d:3c:f7:cc:a4:20:12:84:95:41:70: 2b:0b:6f:f4:13:e3:c8:89:35:9c:b5:d3:2c:eb:fc: 92:4d:83:45:7a:04:3b:52:de:df:e9:e4:97:a8:02: 30:f0:99:6a:51:81:a8:58:e2:43:21:80:b6:c9:41: df:a9:f5:99:6f:d4:32:f0:25:d0:b4:1e:3c:35:c2: f6:6f:8e:12:3d:4f:41:98:b1:04:fa:a4:80:7f:05: e2:df:bc:4f:08:eb:c0:6f:dc:1f:cd:57:01:b0:ec: 9e:b3:33:52:9b:43:89:f9:04:a2:31:9c:b6:f9:43: 50:a3:c3:8a:d8:5d:fc:5d:d4:d3:6e:6d:34:52:8c: 0a:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5A:E2:2B:B2:B8:87:40:28:7A:4A:53:81:E6:C3:30:BB:D7:80:4D:E4 X509v3 Authority Key Identifier: keyid:B4:FB:33:1F:A4:2F:B4:51:E4:55:1C:6F:91:CB:B9:C1:9E:E3:7A:4E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPszH6QvtFHkVRxvkcu5wZ7jek4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/d9a672-26c3-4ab4-b53b-099fd2101385/1/tPszH6QvtFHkVRxvkcu5wZ7jek4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/29/d9a672-26c3-4ab4-b53b-099fd2101385/1/tPszH6QvtFHkVRxvkcu5wZ7jek4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 17:20:d3:30:7c:7e:a8:35:4c:06:96:7e:a2:80:ab:57:b3:f1: d3:67:cf:38:d4:93:0e:21:32:3c:c9:3a:8a:11:43:69:4b:7a: 71:70:b7:6b:8a:ef:ec:8f:f0:bf:f7:71:de:4e:99:40:ed:5d: 39:9b:52:b7:63:45:62:12:22:69:07:f1:06:07:7c:59:72:64: 42:98:38:f5:c8:0e:72:43:e4:ce:ce:b4:7e:ab:94:78:d6:8b: 8b:de:05:b4:ce:ce:eb:ec:4d:75:a1:0e:6d:c9:2b:c1:21:29: 73:3a:2a:12:78:0f:ee:0b:0c:ae:cf:8f:0f:e4:cd:17:15:66: aa:e8:b4:39:57:ec:15:0c:f8:c1:2f:f6:46:c7:09:5d:7d:73: 66:21:87:4f:b2:f0:9f:c7:5b:fe:32:61:9d:ab:55:fe:65:3c: 43:fe:ed:e8:3e:71:57:91:4a:44:0a:67:d2:0c:30:e4:14:35: 63:cf:dc:87:1b:1d:7d:73:18:5c:e8:bf:8b:e1:07:1e:2e:a7: 68:fc:f8:d1:8f:b8:09:49:b7:84:f1:ad:f4:79:9c:fb:2c:bd: 42:5e:d7:39:f5:93:ff:42:3f:bc:ee:81:55:c7:8c:8d:73:c1: 1f:79:fa:50:ea:77:bd:8d:bc:06:9a:47:94:b6:c2:18:bd:82: 2a:db:a1:16 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtBbXS3PDP5+6FjK4O+u7bwMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI0ZmIzMzFmYTQyZmI0NTFlNDU1MWM2ZjkxY2JiOWMxOWVl MzdhNGUwHhcNMjUxMjIxMTUwMDUwWhcNMjUxMjIyMTUwMDUwWjAzMTEwLwYDVQQD Eyg1YWUyMmJiMmI4ODc0MDI4N2E0YTUzODFlNmMzMzBiYmQ3ODA0ZGU0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjnrPw3+V1DqrRn+/aCSQ26e3Henc 85lvHbmt6IKrQqR1kYVY4FyQHTdguXmZE6o6/EVSWcGFyFLlD4MjGwgIKvFUvVVA dk3ioVgcNzGgxpXSZiUlr1DYqxogCruYD1ObI1WBBakUWSzGPSLBZsGHdU8Hgy6V pLX/LRgYTTz3zKQgEoSVQXArC2/0E+PIiTWctdMs6/ySTYNFegQ7Ut7f6eSXqAIw 8JlqUYGoWOJDIYC2yUHfqfWZb9Qy8CXQtB48NcL2b44SPU9BmLEE+qSAfwXi37xP COvAb9wfzVcBsOyeszNSm0OJ+QSiMZy2+UNQo8OK2F38XdTTbm00UowKTwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFriK7K4h0AoekpTgebDMLvXgE3kMB8GA1UdIwQY MBaAFLT7Mx+kL7RR5FUcb5HLucGe43pOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdFBzekg2UXZ0RkhrVlJ4dmtjdTV3WjdqZWs0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9kOWE2NzItMjZjMy00YWI0LWI1M2It MDk5ZmQyMTAxMzg1LzEvdFBzekg2UXZ0RkhrVlJ4dmtjdTV3WjdqZWs0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yOS9kOWE2NzItMjZjMy00YWI0LWI1M2ItMDk5ZmQyMTAxMzg1 LzEvdFBzekg2UXZ0RkhrVlJ4dmtjdTV3WjdqZWs0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFyDTMHx+ qDVMBpZ+ooCrV7Px02fPONSTDiEyPMk6ihFDaUt6cXC3a4rv7I/wv/dx3k6ZQO1d OZtSt2NFYhIiaQfxBgd8WXJkQpg49cgOckPkzs60fquUeNaLi94FtM7O6+xNdaEO bckrwSEpczoqEngP7gsMrs+PD+TNFxVmqui0OVfsFQz4wS/2RscJXX1zZiGHT7Lw n8db/jJhnatV/mU8Q/7t6D5xV5FKRApn0gww5BQ1Y8/chxsdfXMYXOi/i+EHHi6n aPz40Y+4CUm3hPGt9Hmc+yy9Ql7XOfWT/0I/vO6BVceMjXPBH3n6UOp3vY28BppH lLbCGL2CKtuhFg== -----END CERTIFICATE-----Generated at Sun Dec 21 17:26:23 2025 by rpki-client