This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/a34fb9-f64e-4291-9291-60b4ace004b5/1/tZXiFxdovJspQknw46U1kBecUu4.mft File: tZXiFxdovJspQknw46U1kBecUu4.mft (raw, json) Hash identifier: ndPyK7pR1UvqXBi+VKPBdvcZZFttTELlf9kwdfTCvUA= Subject key identifier: 07:51:B3:08:56:FB:F2:4D:05:87:A5:F1:1A:7D:D2:B8:5C:17:EF:5B Authority key identifier: B5:95:E2:17:17:68:BC:9B:29:42:49:F0:E3:A5:35:90:17:9C:52:EE Certificate issuer: /CN=b595e2171768bc9b294249f0e3a53590179c52ee Certificate serial: 019B3C7F7FE8D8CF244CD231AAF22E410439 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tZXiFxdovJspQknw46U1kBecUu4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/a34fb9-f64e-4291-9291-60b4ace004b5/1/tZXiFxdovJspQknw46U1kBecUu4.mft Manifest number: 1789 Signing time: Sat 20 Dec 2025 16:02:27 +0000 Manifest this update: Sat 20 Dec 2025 16:02:27 +0000 Manifest next update: Sun 21 Dec 2025 16:02:27 +0000 Files and hashes: 1: tZXiFxdovJspQknw46U1kBecUu4.crl (hash: vQqWjAa0nI2dIldXMJDI6gIVmdRaddgxuky9hlS5PpM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/50/a34fb9-f64e-4291-9291-60b4ace004b5/1/tZXiFxdovJspQknw46U1kBecUu4.crl rsync://rpki.ripe.net/repository/DEFAULT/50/a34fb9-f64e-4291-9291-60b4ace004b5/1/tZXiFxdovJspQknw46U1kBecUu4.mft rsync://rpki.ripe.net/repository/DEFAULT/tZXiFxdovJspQknw46U1kBecUu4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 10:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3c:7f:7f:e8:d8:cf:24:4c:d2:31:aa:f2:2e:41:04:39 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b595e2171768bc9b294249f0e3a53590179c52ee Validity Not Before: Dec 20 16:02:27 2025 GMT Not After : Dec 21 16:02:27 2025 GMT Subject: CN=0751b30856fbf24d0587a5f11a7dd2b85c17ef5b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:c8:b2:26:43:23:09:4b:d9:07:46:67:9c:6f: a0:f5:dd:e2:be:b0:c9:54:14:d6:52:1a:1b:58:5d: 4a:25:45:29:ba:fd:35:35:49:c1:fc:a6:37:bb:2a: 1c:cb:df:db:c3:6b:1d:6a:59:8a:18:db:03:2e:1d: c6:41:f9:a4:d4:b8:18:45:d8:3c:01:59:25:ed:b4: 61:ef:6d:22:aa:0c:02:41:98:3d:a5:92:f4:ca:fc: ef:48:4a:d2:16:1c:a8:a6:24:e4:9c:0e:a2:67:86: 9b:81:28:d8:a5:11:54:78:9f:d0:38:d9:ac:03:ed: 38:86:0b:23:11:e5:91:d2:2b:64:35:79:ea:e2:32: be:bd:6f:2c:bd:96:b2:10:36:96:6a:59:6c:85:6b: 40:c6:12:c9:86:9c:8c:3b:47:18:7e:d1:be:a4:28: 8d:46:ef:1f:29:5b:14:42:31:18:f0:d4:23:60:16: 29:08:c9:75:22:8a:f0:da:4e:78:a0:d7:df:5a:04: 00:c7:4e:bd:3b:f3:bb:a3:d5:0c:08:dc:de:fb:29: ba:b9:90:02:55:6a:d1:cd:9d:04:74:02:5d:78:09: d0:46:5c:13:2d:2b:84:1b:4c:34:a7:29:89:c9:49: 0d:19:d4:a1:71:37:c0:2e:07:66:d5:c8:9c:31:40: d7:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 07:51:B3:08:56:FB:F2:4D:05:87:A5:F1:1A:7D:D2:B8:5C:17:EF:5B X509v3 Authority Key Identifier: keyid:B5:95:E2:17:17:68:BC:9B:29:42:49:F0:E3:A5:35:90:17:9C:52:EE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tZXiFxdovJspQknw46U1kBecUu4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/a34fb9-f64e-4291-9291-60b4ace004b5/1/tZXiFxdovJspQknw46U1kBecUu4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/50/a34fb9-f64e-4291-9291-60b4ace004b5/1/tZXiFxdovJspQknw46U1kBecUu4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6c:c3:1e:99:b2:df:a2:6e:30:43:80:c5:b3:f2:b3:36:e2:23: 01:82:11:dc:73:b4:c7:b2:a3:1b:10:5a:2f:74:fb:67:79:95: 09:9f:b1:5d:a7:9e:56:4d:3a:3e:2f:fe:76:77:6b:0b:c3:f0: dd:46:5c:a0:52:59:69:69:40:7c:ed:6d:df:f7:6d:5c:6c:54: da:ad:33:7a:11:cc:56:46:25:27:2b:30:0b:85:5b:e2:b4:26: 3b:7d:2d:72:e5:2c:1a:c3:e9:8e:d5:40:89:fe:ae:83:2c:a4: c1:16:f0:37:2f:21:57:48:91:8a:0a:e9:16:79:13:90:8a:54: 44:17:dd:1c:e7:d1:26:53:e6:56:64:53:ea:a0:f6:65:0c:c4: ed:63:f7:e3:10:99:79:4b:66:b3:5a:0a:88:c1:e2:af:5c:95: 95:5d:85:ab:42:7c:a4:ac:d4:c1:78:07:f8:65:15:01:06:b4: e2:71:d1:2a:75:8f:30:b8:ff:0f:5e:70:67:21:f1:2e:43:5d: 48:4b:82:90:d5:a1:19:cd:34:89:5f:f5:40:e4:09:af:9d:4a: 0c:e7:09:6b:60:3d:22:a1:e6:69:4d:99:a2:13:76:e8:3e:43: bc:69:e0:7a:45:21:ce:b2:1a:74:46:19:e2:4d:de:cd:22:7d: d7:4c:2a:7c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs8f3/o2M8kTNIxqvIuQQQ5MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI1OTVlMjE3MTc2OGJjOWIyOTQyNDlmMGUzYTUzNTkwMTc5 YzUyZWUwHhcNMjUxMjIwMTYwMjI3WhcNMjUxMjIxMTYwMjI3WjAzMTEwLwYDVQQD EygwNzUxYjMwODU2ZmJmMjRkMDU4N2E1ZjExYTdkZDJiODVjMTdlZjViMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwsiyJkMjCUvZB0ZnnG+g9d3ivrDJ VBTWUhobWF1KJUUpuv01NUnB/KY3uyocy9/bw2sdalmKGNsDLh3GQfmk1LgYRdg8 AVkl7bRh720iqgwCQZg9pZL0yvzvSErSFhyopiTknA6iZ4abgSjYpRFUeJ/QONms A+04hgsjEeWR0itkNXnq4jK+vW8svZayEDaWallshWtAxhLJhpyMO0cYftG+pCiN Ru8fKVsUQjEY8NQjYBYpCMl1Iorw2k54oNffWgQAx069O/O7o9UMCNze+ym6uZAC VWrRzZ0EdAJdeAnQRlwTLSuEG0w0pymJyUkNGdShcTfALgdm1cicMUDXZQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAdRswhW+/JNBYel8Rp90rhcF+9bMB8GA1UdIwQY MBaAFLWV4hcXaLybKUJJ8OOlNZAXnFLuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdFpYaUZ4ZG92SnNwUWtudzQ2VTFrQmVjVXU0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9hMzRmYjktZjY0ZS00MjkxLTkyOTEt NjBiNGFjZTAwNGI1LzEvdFpYaUZ4ZG92SnNwUWtudzQ2VTFrQmVjVXU0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81MC9hMzRmYjktZjY0ZS00MjkxLTkyOTEtNjBiNGFjZTAwNGI1 LzEvdFpYaUZ4ZG92SnNwUWtudzQ2VTFrQmVjVXU0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbMMembLf om4wQ4DFs/KzNuIjAYIR3HO0x7KjGxBaL3T7Z3mVCZ+xXaeeVk06Pi/+dndrC8Pw 3UZcoFJZaWlAfO1t3/dtXGxU2q0zehHMVkYlJyswC4Vb4rQmO30tcuUsGsPpjtVA if6ugyykwRbwNy8hV0iRigrpFnkTkIpURBfdHOfRJlPmVmRT6qD2ZQzE7WP34xCZ eUtms1oKiMHir1yVlV2Fq0J8pKzUwXgH+GUVAQa04nHRKnWPMLj/D15wZyHxLkNd SEuCkNWhGc00iV/1QOQJr51KDOcJa2A9IqHmaU2ZohN26D5DvGngekUhzrIadEYZ 4k3ezSJ910wqfA== -----END CERTIFICATE-----Generated at Sat Dec 20 18:09:18 2025 by rpki-client