This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/2d542d-1ec5-4943-b63e-915120b63093/1/TOCCAEkieEhNbIj1OGuns5aWy5Y.mft File: TOCCAEkieEhNbIj1OGuns5aWy5Y.mft (raw, json) Hash identifier: bImcHvBgkKFSTR8J/WuhiinDU6ZG9DTpuoRIP+Uf6V4= Subject key identifier: D0:35:09:07:88:CA:F3:ED:0B:52:0D:03:53:D9:65:E4:4C:26:00:08 Authority key identifier: 4C:E0:82:00:49:22:78:48:4D:6C:88:F5:38:6B:A7:B3:96:96:CB:96 Certificate issuer: /CN=4ce08200492278484d6c88f5386ba7b39696cb96 Certificate serial: 019B4882CB79A7AE949EFB21CA04C255A6C5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TOCCAEkieEhNbIj1OGuns5aWy5Y.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/2d542d-1ec5-4943-b63e-915120b63093/1/TOCCAEkieEhNbIj1OGuns5aWy5Y.mft Manifest number: 0E61 Signing time: Tue 23 Dec 2025 00:01:29 +0000 Manifest this update: Tue 23 Dec 2025 00:01:29 +0000 Manifest next update: Wed 24 Dec 2025 00:01:29 +0000 Files and hashes: 1: TOCCAEkieEhNbIj1OGuns5aWy5Y.crl (hash: b5aklaJ9Zu0Lmt9orG5bQALtZsEovgaxcxBapLu/+WM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/2d542d-1ec5-4943-b63e-915120b63093/1/TOCCAEkieEhNbIj1OGuns5aWy5Y.crl rsync://rpki.ripe.net/repository/DEFAULT/33/2d542d-1ec5-4943-b63e-915120b63093/1/TOCCAEkieEhNbIj1OGuns5aWy5Y.mft rsync://rpki.ripe.net/repository/DEFAULT/TOCCAEkieEhNbIj1OGuns5aWy5Y.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 23:03:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:48:82:cb:79:a7:ae:94:9e:fb:21:ca:04:c2:55:a6:c5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4ce08200492278484d6c88f5386ba7b39696cb96 Validity Not Before: Dec 23 00:01:29 2025 GMT Not After : Dec 24 00:01:29 2025 GMT Subject: CN=d035090788caf3ed0b520d0353d965e44c260008 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:f0:0c:d0:2c:23:b0:ed:bd:a1:57:9b:01:4a: 77:b9:7b:6c:57:97:5e:be:73:c4:f7:80:01:ed:81: b3:6b:01:f3:48:22:12:e0:19:eb:b6:9e:e6:bc:67: f9:aa:7a:dc:f5:31:8f:1f:0f:b2:f6:ff:9f:bd:13: 9c:fe:1a:75:14:99:6b:cb:f8:98:64:0f:3c:3b:cb: c7:f4:a5:94:6b:8b:aa:75:22:ac:3e:03:36:fb:7f: 5e:a6:21:cc:b8:ed:0d:68:05:99:c9:58:93:a7:c6: ea:4d:67:6e:70:ce:50:64:23:61:78:fa:78:2c:ae: e6:46:a0:14:c2:9d:7c:e4:24:e6:3a:8c:40:96:ab: fa:77:15:04:8b:77:56:5c:32:1f:8a:81:ce:ea:ac: a3:b7:32:02:29:3b:5e:07:d4:6e:16:63:6f:c5:62: e9:a1:6c:c8:2e:b3:39:35:0a:9c:90:3f:22:a4:f1: 21:6a:29:74:1a:68:3b:df:52:ed:fe:a4:17:a2:2f: 41:8b:c2:86:c9:9f:a0:d7:5a:18:cc:09:c0:d5:b5: 69:42:72:4d:0e:90:26:4c:8b:b4:58:24:c4:fa:7c: 68:99:bc:d0:75:ca:0f:5d:a3:30:0f:1f:30:b5:f6: dd:5c:9e:71:48:ab:b8:d3:c2:ae:3b:9c:f7:ff:d1: bc:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D0:35:09:07:88:CA:F3:ED:0B:52:0D:03:53:D9:65:E4:4C:26:00:08 X509v3 Authority Key Identifier: keyid:4C:E0:82:00:49:22:78:48:4D:6C:88:F5:38:6B:A7:B3:96:96:CB:96 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TOCCAEkieEhNbIj1OGuns5aWy5Y.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/2d542d-1ec5-4943-b63e-915120b63093/1/TOCCAEkieEhNbIj1OGuns5aWy5Y.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/33/2d542d-1ec5-4943-b63e-915120b63093/1/TOCCAEkieEhNbIj1OGuns5aWy5Y.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a0:b5:95:a5:21:c1:f2:31:cb:3a:37:4e:82:79:07:79:5d:46: e5:3c:49:b5:43:24:2f:17:11:e3:0d:46:90:cf:d8:0b:3f:3b: b7:da:03:1b:e1:60:08:92:76:8f:b9:5d:a9:fa:a0:f5:d3:f0: 69:40:77:d8:9c:03:6d:1d:62:8f:f5:00:bc:55:9b:6a:f8:1c: e5:fb:01:71:9d:05:52:d0:6c:5a:d3:40:46:fa:df:76:4a:f1: fe:22:e6:26:ed:86:38:0f:f5:bf:75:6f:28:fc:87:33:dc:51: f4:77:33:c8:49:5a:2b:98:b7:f0:0e:34:5e:32:d2:9a:2a:b4: e0:b4:86:b4:32:42:6c:44:aa:16:1a:f5:48:64:89:88:cd:4b: d7:19:f6:c6:da:ef:90:d7:c0:dd:da:e0:a9:0d:ed:c5:4d:36: eb:68:8f:ee:32:66:0e:c6:2a:b6:ee:cb:6b:54:46:e7:8f:3a: 1d:8d:2c:c2:a3:70:e7:ad:63:73:4c:2a:7f:f5:eb:ea:df:af: d7:a9:5b:8c:6d:08:d9:49:df:6e:c7:88:6b:08:1b:24:fd:0f: f8:04:fd:76:24:67:8b:8f:7e:69:cf:b2:5d:d7:4c:f2:bd:2a: c9:81:2b:64:3e:64:72:29:c7:ce:40:b7:9e:3c:03:87:13:8c: 25:fa:19:ac -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtIgst5p66UnvshygTCVabFMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRjZTA4MjAwNDkyMjc4NDg0ZDZjODhmNTM4NmJhN2IzOTY5 NmNiOTYwHhcNMjUxMjIzMDAwMTI5WhcNMjUxMjI0MDAwMTI5WjAzMTEwLwYDVQQD EyhkMDM1MDkwNzg4Y2FmM2VkMGI1MjBkMDM1M2Q5NjVlNDRjMjYwMDA4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/AM0CwjsO29oVebAUp3uXtsV5de vnPE94AB7YGzawHzSCIS4Bnrtp7mvGf5qnrc9TGPHw+y9v+fvROc/hp1FJlry/iY ZA88O8vH9KWUa4uqdSKsPgM2+39epiHMuO0NaAWZyViTp8bqTWducM5QZCNhePp4 LK7mRqAUwp185CTmOoxAlqv6dxUEi3dWXDIfioHO6qyjtzICKTteB9RuFmNvxWLp oWzILrM5NQqckD8ipPEhail0Gmg731Lt/qQXoi9Bi8KGyZ+g11oYzAnA1bVpQnJN DpAmTIu0WCTE+nxombzQdcoPXaMwDx8wtfbdXJ5xSKu408KuO5z3/9G81QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNA1CQeIyvPtC1INA1PZZeRMJgAIMB8GA1UdIwQY MBaAFEzgggBJInhITWyI9Thrp7OWlsuWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVE9DQ0FFa2llRWhOYklqMU9HdW5zNWFXeTVZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8yZDU0MmQtMWVjNS00OTQzLWI2M2Ut OTE1MTIwYjYzMDkzLzEvVE9DQ0FFa2llRWhOYklqMU9HdW5zNWFXeTVZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMy8yZDU0MmQtMWVjNS00OTQzLWI2M2UtOTE1MTIwYjYzMDkz LzEvVE9DQ0FFa2llRWhOYklqMU9HdW5zNWFXeTVZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoLWVpSHB 8jHLOjdOgnkHeV1G5TxJtUMkLxcR4w1GkM/YCz87t9oDG+FgCJJ2j7ldqfqg9dPw aUB32JwDbR1ij/UAvFWbavgc5fsBcZ0FUtBsWtNARvrfdkrx/iLmJu2GOA/1v3Vv KPyHM9xR9HczyElaK5i38A40XjLSmiq04LSGtDJCbESqFhr1SGSJiM1L1xn2xtrv kNfA3drgqQ3txU0262iP7jJmDsYqtu7La1RG5486HY0swqNw561jc0wqf/Xr6t+v 16lbjG0I2UnfbseIawgbJP0P+AT9diRni49+ac+yXddM8r0qyYErZD5kcinHzkC3 njwDhxOMJfoZrA== -----END CERTIFICATE-----Generated at Tue Dec 23 03:16:28 2025 by rpki-client