This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/bf748d-c4ca-4fd1-a59d-4060f211f3c3/1/tFOis_uD2Gx4BswGYNgpEZ2TdbQ.mft File: tFOis_uD2Gx4BswGYNgpEZ2TdbQ.mft (raw, json) Hash identifier: R+iiZ9Ro5Ki3Ceu1kNjjZjaDS/u/xDb9tkmwbg2kT7E= Subject key identifier: 1D:9A:0F:D1:17:9B:28:E4:84:A5:39:8C:72:1E:F9:BA:6F:DA:3C:3C Authority key identifier: B4:53:A2:B3:FB:83:D8:6C:78:06:CC:06:60:D8:29:11:9D:93:75:B4 Certificate issuer: /CN=b453a2b3fb83d86c7806cc0660d829119d9375b4 Certificate serial: 019B10131027E34A2D5B853099B50306113D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tFOis_uD2Gx4BswGYNgpEZ2TdbQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/bf748d-c4ca-4fd1-a59d-4060f211f3c3/1/tFOis_uD2Gx4BswGYNgpEZ2TdbQ.mft Manifest number: 0848 Signing time: Fri 12 Dec 2025 01:00:43 +0000 Manifest this update: Fri 12 Dec 2025 01:00:43 +0000 Manifest next update: Sat 13 Dec 2025 01:00:43 +0000 Files and hashes: 1: G4FFwIyiIU29W95QZk9-MWiLljM.roa (hash: iDaSzS67wgh1om9NMNs4mTJZEfMH7AGf6ifeuTsPDRg=) 2: tFOis_uD2Gx4BswGYNgpEZ2TdbQ.crl (hash: WkGIy1pBQNv22u0HAR7RUQ5Fl3XY0IC/yg7ktZZrChY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/bf748d-c4ca-4fd1-a59d-4060f211f3c3/1/tFOis_uD2Gx4BswGYNgpEZ2TdbQ.crl rsync://rpki.ripe.net/repository/DEFAULT/42/bf748d-c4ca-4fd1-a59d-4060f211f3c3/1/tFOis_uD2Gx4BswGYNgpEZ2TdbQ.mft rsync://rpki.ripe.net/repository/DEFAULT/tFOis_uD2Gx4BswGYNgpEZ2TdbQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 12 Dec 2025 23:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:10:13:10:27:e3:4a:2d:5b:85:30:99:b5:03:06:11:3d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b453a2b3fb83d86c7806cc0660d829119d9375b4 Validity Not Before: Dec 12 01:00:43 2025 GMT Not After : Dec 13 01:00:43 2025 GMT Subject: CN=1d9a0fd1179b28e484a5398c721ef9ba6fda3c3c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:37:9a:5f:9d:75:52:7d:90:50:c5:15:e7:93: 98:27:84:11:f1:62:f7:31:86:97:f6:a3:28:ce:2f: 4a:e5:fe:23:7f:07:b0:19:f9:ca:dc:9f:b2:1f:ac: 2d:a9:8d:81:ee:cf:04:2a:a5:9d:bb:d4:51:3b:55: 25:0e:14:e5:00:34:26:8a:c7:cb:ac:73:24:75:39: a0:60:bf:72:ad:eb:ed:60:f0:ea:08:ce:63:7e:d3: b3:af:a1:78:a9:9a:e7:1b:dc:dd:6b:e5:43:df:dc: c5:cd:34:7f:2e:a4:09:b2:88:ff:e9:5d:4f:33:9f: 27:99:cb:2a:0f:a9:28:ee:5f:07:ec:1a:a4:ed:72: 45:cd:d8:b5:cb:ce:e4:a7:6d:1a:36:5d:65:11:4f: ef:73:b6:9a:94:f5:d2:ef:34:e3:71:d8:dd:06:44: 29:79:36:5f:46:48:85:ea:53:d9:ee:ce:28:bd:a2: b4:9e:a0:e7:e6:7d:96:6a:8c:0a:e2:ef:22:c4:fc: c0:dd:2c:bd:1b:7d:92:48:a1:1e:40:70:a1:a1:3c: e2:2a:e6:a5:ff:2a:49:66:ea:95:ab:07:fe:7e:e3: 99:98:00:8a:98:b1:de:2f:c9:9f:32:fd:ad:e2:c1: 4a:89:a4:60:d6:6c:e1:87:27:11:32:78:19:9b:84: e8:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1D:9A:0F:D1:17:9B:28:E4:84:A5:39:8C:72:1E:F9:BA:6F:DA:3C:3C X509v3 Authority Key Identifier: keyid:B4:53:A2:B3:FB:83:D8:6C:78:06:CC:06:60:D8:29:11:9D:93:75:B4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tFOis_uD2Gx4BswGYNgpEZ2TdbQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/bf748d-c4ca-4fd1-a59d-4060f211f3c3/1/tFOis_uD2Gx4BswGYNgpEZ2TdbQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/42/bf748d-c4ca-4fd1-a59d-4060f211f3c3/1/tFOis_uD2Gx4BswGYNgpEZ2TdbQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 50:93:4f:69:24:1d:d1:9c:e6:b7:ea:19:6d:4b:ac:c8:31:6a: 6d:7e:1b:0b:87:be:d1:4a:7d:db:35:73:99:cc:bd:58:21:27: fc:ee:4a:dc:cb:19:de:7c:4e:fd:02:e7:99:8a:87:57:e2:ee: c8:cc:d9:b6:e8:76:4d:ce:e9:e5:8b:71:95:72:d3:f7:ec:eb: 0c:58:aa:c7:7f:d0:e9:99:48:61:29:87:03:ba:ac:d1:3c:5f: 64:1e:98:8a:50:4b:ec:df:b8:e7:cc:7d:6e:26:48:2b:0f:6d: e0:8b:c4:0c:81:0c:fa:29:da:69:21:c6:a0:dc:9a:13:2b:ac: 83:e6:4a:6b:1d:b0:28:55:ad:c5:4c:7e:bc:e7:35:55:38:ff: 7e:1e:7c:c7:95:a9:43:35:51:d1:3f:a3:8c:66:46:2d:11:c4: f4:96:df:9c:4d:11:33:2d:9c:ed:34:e2:66:12:c8:a1:94:88: 72:1a:3f:34:b3:8f:01:c7:35:65:d2:9b:23:98:0a:4a:17:21: 8b:65:24:ce:70:6c:a3:40:65:29:05:cf:18:5d:de:29:af:c3: 5e:65:92:3f:18:12:f8:c0:d2:e0:37:42:17:de:79:ce:bb:1a: 04:54:15:0b:da:1f:54:08:a2:38:84:3b:50:82:f8:42:70:77: cf:b8:33:ef -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsQExAn40otW4UwmbUDBhE9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI0NTNhMmIzZmI4M2Q4NmM3ODA2Y2MwNjYwZDgyOTExOWQ5 Mzc1YjQwHhcNMjUxMjEyMDEwMDQzWhcNMjUxMjEzMDEwMDQzWjAzMTEwLwYDVQQD EygxZDlhMGZkMTE3OWIyOGU0ODRhNTM5OGM3MjFlZjliYTZmZGEzYzNjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxzeaX511Un2QUMUV55OYJ4QR8WL3 MYaX9qMozi9K5f4jfwewGfnK3J+yH6wtqY2B7s8EKqWdu9RRO1UlDhTlADQmisfL rHMkdTmgYL9yrevtYPDqCM5jftOzr6F4qZrnG9zda+VD39zFzTR/LqQJsoj/6V1P M58nmcsqD6ko7l8H7Bqk7XJFzdi1y87kp20aNl1lEU/vc7aalPXS7zTjcdjdBkQp eTZfRkiF6lPZ7s4ovaK0nqDn5n2WaowK4u8ixPzA3Sy9G32SSKEeQHChoTziKual /ypJZuqVqwf+fuOZmACKmLHeL8mfMv2t4sFKiaRg1mzhhycRMngZm4ToMwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFB2aD9EXmyjkhKU5jHIe+bpv2jw8MB8GA1UdIwQY MBaAFLRTorP7g9hseAbMBmDYKRGdk3W0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdEZPaXNfdUQyR3g0QnN3R1lOZ3BFWjJUZGJRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9iZjc0OGQtYzRjYS00ZmQxLWE1OWQt NDA2MGYyMTFmM2MzLzEvdEZPaXNfdUQyR3g0QnN3R1lOZ3BFWjJUZGJRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Mi9iZjc0OGQtYzRjYS00ZmQxLWE1OWQtNDA2MGYyMTFmM2Mz LzEvdEZPaXNfdUQyR3g0QnN3R1lOZ3BFWjJUZGJRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUJNPaSQd 0Zzmt+oZbUusyDFqbX4bC4e+0Up92zVzmcy9WCEn/O5K3MsZ3nxO/QLnmYqHV+Lu yMzZtuh2Tc7p5YtxlXLT9+zrDFiqx3/Q6ZlIYSmHA7qs0TxfZB6YilBL7N+458x9 biZIKw9t4IvEDIEM+inaaSHGoNyaEyusg+ZKax2wKFWtxUx+vOc1VTj/fh58x5Wp QzVR0T+jjGZGLRHE9JbfnE0RMy2c7TTiZhLIoZSIcho/NLOPAcc1ZdKbI5gKShch i2UkznBso0BlKQXPGF3eKa/DXmWSPxgS+MDS4DdCF955zrsaBFQVC9ofVAiiOIQ7 UIL4QnB3z7gz7w== -----END CERTIFICATE-----Generated at Fri Dec 12 08:02:25 2025 by rpki-client