This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/225af9-f3f5-49e4-ba10-f5ea012b84fc/1/tFOob9MIG4A-3BDSO77akdeTICU.mft File: tFOob9MIG4A-3BDSO77akdeTICU.mft (raw, json) Hash identifier: D+dmJ4RR0xgKxgNH6QprzCrlJ2CwmJ4jEYlzDaoW4SM= Subject key identifier: 87:F1:EA:CD:28:E9:A3:DC:EB:62:CC:3A:03:D9:47:2C:37:EC:89:5D Authority key identifier: B4:53:A8:6F:D3:08:1B:80:3E:DC:10:D2:3B:BE:DA:91:D7:93:20:25 Certificate issuer: /CN=b453a86fd3081b803edc10d23bbeda91d7932025 Certificate serial: 019B20626F1CB79B4CF99DCFB44DF08DA170 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tFOob9MIG4A-3BDSO77akdeTICU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/225af9-f3f5-49e4-ba10-f5ea012b84fc/1/tFOob9MIG4A-3BDSO77akdeTICU.mft Manifest number: 170D Signing time: Mon 15 Dec 2025 05:01:20 +0000 Manifest this update: Mon 15 Dec 2025 05:01:20 +0000 Manifest next update: Tue 16 Dec 2025 05:01:20 +0000 Files and hashes: 1: 4PFxlTOs-98tpvMHS5yXn75NOOM.roa (hash: NikMUSzzpLJM1+OSBrAyuxchZ1m24pIf1f/fleT58OE=) 2: Z8zKwSwU-_AnJQp6zP0kmhvngxk.roa (hash: DKK2FLL+hiqeGN3n2BFldkSB9QGntlwHo6IOei4/Bt0=) 3: tFOob9MIG4A-3BDSO77akdeTICU.crl (hash: /7m9gqG94N1AzwLEEPrZYLxU6jAfUtNEyoUAyMzgoXY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/225af9-f3f5-49e4-ba10-f5ea012b84fc/1/tFOob9MIG4A-3BDSO77akdeTICU.crl rsync://rpki.ripe.net/repository/DEFAULT/7a/225af9-f3f5-49e4-ba10-f5ea012b84fc/1/tFOob9MIG4A-3BDSO77akdeTICU.mft rsync://rpki.ripe.net/repository/DEFAULT/tFOob9MIG4A-3BDSO77akdeTICU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 05:01:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:20:62:6f:1c:b7:9b:4c:f9:9d:cf:b4:4d:f0:8d:a1:70 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b453a86fd3081b803edc10d23bbeda91d7932025 Validity Not Before: Dec 15 05:01:20 2025 GMT Not After : Dec 16 05:01:20 2025 GMT Subject: CN=87f1eacd28e9a3dceb62cc3a03d9472c37ec895d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ee:20:07:71:80:63:a8:4c:e9:b8:0e:c5:7b:73: ee:f7:77:27:0f:76:21:50:1b:22:98:00:33:bf:4e: 9e:5e:cf:d1:6b:7c:06:1a:12:58:b0:f8:d5:78:e7: b0:e6:61:07:5e:c4:dd:4c:81:eb:03:42:d2:3f:8a: 6e:e5:40:4a:07:dd:68:0c:8f:de:4b:2f:1f:7d:3d: cb:f3:7f:04:24:0b:e5:ae:38:a9:dd:f3:67:6b:8e: ce:9c:a5:7b:4d:57:0d:38:8e:d1:10:17:d7:e0:96: 50:15:3c:ef:86:cd:77:28:3c:e5:cb:c5:50:a1:01: 00:76:62:57:c9:b5:b3:3c:5e:3c:3b:92:c4:b1:e7: e6:10:38:42:b9:51:6e:1a:44:81:0b:9c:d9:78:31: b0:fe:eb:a1:fd:e6:72:49:35:08:ff:45:69:a1:10: 99:8b:e3:ec:d1:03:28:d8:41:49:87:f0:1f:1d:8d: 8c:a8:d4:b5:cc:fa:21:c0:a7:27:e8:70:f9:63:22: 3e:5b:a6:66:d4:46:03:69:69:60:fd:d6:5b:fa:7c: 15:df:99:c1:11:0f:4e:d5:97:8c:c3:a3:f5:63:64: 56:ad:24:d5:12:0d:52:f5:44:c4:d8:aa:49:eb:00: ce:8c:62:a7:f6:05:2e:5a:21:07:22:80:14:71:b8: 33:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:F1:EA:CD:28:E9:A3:DC:EB:62:CC:3A:03:D9:47:2C:37:EC:89:5D X509v3 Authority Key Identifier: keyid:B4:53:A8:6F:D3:08:1B:80:3E:DC:10:D2:3B:BE:DA:91:D7:93:20:25 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tFOob9MIG4A-3BDSO77akdeTICU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/225af9-f3f5-49e4-ba10-f5ea012b84fc/1/tFOob9MIG4A-3BDSO77akdeTICU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/225af9-f3f5-49e4-ba10-f5ea012b84fc/1/tFOob9MIG4A-3BDSO77akdeTICU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3c:4a:64:38:3b:23:9b:80:04:8a:13:91:56:9a:e2:ca:f2:33: 8a:0a:4b:91:9d:ab:6e:81:54:ff:18:25:3a:6b:71:4b:b6:c5: 52:e2:27:26:64:27:9c:d8:14:c9:7d:c9:66:4c:31:c8:a8:4a: cb:90:84:8e:ed:e9:70:16:da:57:62:10:af:9d:71:eb:b5:ab: c3:58:b9:a1:12:9f:76:88:90:c6:f4:d1:28:5f:de:c7:c1:80: 3f:7f:47:86:e9:04:5f:1a:73:16:95:c7:32:2b:13:c8:32:e4: 20:38:f7:7b:99:34:3c:7b:0c:79:fd:f6:73:e1:c2:f6:c4:ad: f0:98:01:a2:31:28:54:a5:04:db:11:7a:28:d6:e4:85:aa:c4: 30:ac:fe:60:85:58:de:63:ce:00:25:85:c9:62:75:e6:fa:82: 35:9d:89:02:18:75:20:e6:08:3e:d5:dc:89:b5:75:e6:c1:ff: 40:7b:63:5d:58:f4:b7:5d:a8:76:c5:74:03:7a:b5:2c:77:b4: 49:66:22:7b:60:8e:a4:13:bb:b7:a2:03:57:70:cc:9b:d9:ab: 68:f5:a8:86:ed:df:3e:3a:83:d3:17:32:fd:89:f6:25:2f:27: 39:37:42:80:5a:53:3b:af:fb:25:6a:10:3a:76:e8:78:b2:b1: 1f:aa:e7:2d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsgYm8ct5tM+Z3PtE3wjaFwMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI0NTNhODZmZDMwODFiODAzZWRjMTBkMjNiYmVkYTkxZDc5 MzIwMjUwHhcNMjUxMjE1MDUwMTIwWhcNMjUxMjE2MDUwMTIwWjAzMTEwLwYDVQQD Eyg4N2YxZWFjZDI4ZTlhM2RjZWI2MmNjM2EwM2Q5NDcyYzM3ZWM4OTVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7iAHcYBjqEzpuA7Fe3Pu93cnD3Yh UBsimAAzv06eXs/Ra3wGGhJYsPjVeOew5mEHXsTdTIHrA0LSP4pu5UBKB91oDI/e Sy8ffT3L838EJAvlrjip3fNna47OnKV7TVcNOI7REBfX4JZQFTzvhs13KDzly8VQ oQEAdmJXybWzPF48O5LEsefmEDhCuVFuGkSBC5zZeDGw/uuh/eZySTUI/0VpoRCZ i+Ps0QMo2EFJh/AfHY2MqNS1zPohwKcn6HD5YyI+W6Zm1EYDaWlg/dZb+nwV35nB EQ9O1ZeMw6P1Y2RWrSTVEg1S9UTE2KpJ6wDOjGKn9gUuWiEHIoAUcbgz2QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIfx6s0o6aPc62LMOgPZRyw37IldMB8GA1UdIwQY MBaAFLRTqG/TCBuAPtwQ0ju+2pHXkyAlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdEZPb2I5TUlHNEEtM0JEU083N2FrZGVUSUNVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8yMjVhZjktZjNmNS00OWU0LWJhMTAt ZjVlYTAxMmI4NGZjLzEvdEZPb2I5TUlHNEEtM0JEU083N2FrZGVUSUNVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83YS8yMjVhZjktZjNmNS00OWU0LWJhMTAtZjVlYTAxMmI4NGZj LzEvdEZPb2I5TUlHNEEtM0JEU083N2FrZGVUSUNVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPEpkODsj m4AEihORVpriyvIzigpLkZ2rboFU/xglOmtxS7bFUuInJmQnnNgUyX3JZkwxyKhK y5CEju3pcBbaV2IQr51x67Wrw1i5oRKfdoiQxvTRKF/ex8GAP39HhukEXxpzFpXH MisTyDLkIDj3e5k0PHsMef32c+HC9sSt8JgBojEoVKUE2xF6KNbkharEMKz+YIVY 3mPOACWFyWJ15vqCNZ2JAhh1IOYIPtXcibV15sH/QHtjXVj0t12odsV0A3q1LHe0 SWYie2COpBO7t6IDV3DMm9mraPWohu3fPjqD0xcy/Yn2JS8nOTdCgFpTO6/7JWoQ OnboeLKxH6rnLQ== -----END CERTIFICATE-----Generated at Mon Dec 15 13:23:02 2025 by rpki-client