This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/a36a67-542b-4f8e-81f0-6e2da60e2834/1/tRFbXBJF3DDhIwQHnslKNe1SfGY.mft File: tRFbXBJF3DDhIwQHnslKNe1SfGY.mft (raw, json) Hash identifier: 3PfRpxag70ukpCex+Vbv80344+95Mz4A21tTAudntqk= Subject key identifier: E9:70:D5:44:E1:3A:FF:F8:14:9D:24:CD:EE:9C:86:E9:AA:35:5D:BB Authority key identifier: B5:11:5B:5C:12:45:DC:30:E1:23:04:07:9E:C9:4A:35:ED:52:7C:66 Certificate issuer: /CN=b5115b5c1245dc30e12304079ec94a35ed527c66 Certificate serial: 019B590836885AF41D24BC7D3FF5B92D311A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tRFbXBJF3DDhIwQHnslKNe1SfGY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/a36a67-542b-4f8e-81f0-6e2da60e2834/1/tRFbXBJF3DDhIwQHnslKNe1SfGY.mft Manifest number: 0158 Signing time: Fri 26 Dec 2025 05:01:08 +0000 Manifest this update: Fri 26 Dec 2025 05:01:08 +0000 Manifest next update: Sat 27 Dec 2025 05:01:08 +0000 Files and hashes: 1: tRFbXBJF3DDhIwQHnslKNe1SfGY.crl (hash: o5o8qy4n1/8fyxmgy39IqfSDvE6Tu6BHtX2CRTIFhgE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7c/a36a67-542b-4f8e-81f0-6e2da60e2834/1/tRFbXBJF3DDhIwQHnslKNe1SfGY.crl rsync://rpki.ripe.net/repository/DEFAULT/7c/a36a67-542b-4f8e-81f0-6e2da60e2834/1/tRFbXBJF3DDhIwQHnslKNe1SfGY.mft rsync://rpki.ripe.net/repository/DEFAULT/tRFbXBJF3DDhIwQHnslKNe1SfGY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 05:01:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:08:36:88:5a:f4:1d:24:bc:7d:3f:f5:b9:2d:31:1a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b5115b5c1245dc30e12304079ec94a35ed527c66 Validity Not Before: Dec 26 05:01:08 2025 GMT Not After : Dec 27 05:01:08 2025 GMT Subject: CN=e970d544e13afff8149d24cdee9c86e9aa355dbb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:db:d2:87:b1:89:b1:2a:59:4c:1b:ca:61:fc: b1:38:43:99:72:25:f6:30:42:3b:be:62:a7:79:3c: c5:4a:51:82:00:46:cb:ab:48:35:16:12:b1:71:31: 7f:20:f7:16:8b:ce:ea:d0:0d:3f:31:28:3f:eb:ab: c4:7d:3a:09:13:5d:bb:00:f6:e4:8d:02:40:15:6d: c7:1b:f4:4d:25:93:79:49:ed:03:81:4f:f5:8e:5c: 4d:56:59:6d:f6:d1:7a:f4:15:33:76:7b:65:a1:62: 5a:be:ad:44:93:f1:fb:d4:35:dc:99:c4:96:74:b7: 0b:fc:91:71:06:ec:81:04:0f:3b:a0:99:4e:48:63: 54:38:cd:a7:45:8e:6b:ff:03:13:c1:e4:46:7e:da: d1:7a:3e:70:dd:ed:f3:60:75:ab:11:9e:3d:78:f5: c2:a2:5f:48:d3:0d:1a:fa:7f:29:ae:cc:52:9b:3b: c0:5b:4e:21:0a:f6:cc:f2:df:4f:84:a7:97:18:a2: f7:b6:ed:8c:0e:81:39:60:88:a5:c9:4c:97:fa:3b: 9a:39:61:48:e5:9a:3c:56:ea:e5:42:b9:0b:a5:d7: 61:6e:5a:5b:e7:20:67:67:7a:4d:0c:e5:b3:3d:a4: eb:c1:34:ad:1d:a6:e1:01:9b:31:68:16:5f:94:3b: 9b:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E9:70:D5:44:E1:3A:FF:F8:14:9D:24:CD:EE:9C:86:E9:AA:35:5D:BB X509v3 Authority Key Identifier: keyid:B5:11:5B:5C:12:45:DC:30:E1:23:04:07:9E:C9:4A:35:ED:52:7C:66 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tRFbXBJF3DDhIwQHnslKNe1SfGY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/a36a67-542b-4f8e-81f0-6e2da60e2834/1/tRFbXBJF3DDhIwQHnslKNe1SfGY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/a36a67-542b-4f8e-81f0-6e2da60e2834/1/tRFbXBJF3DDhIwQHnslKNe1SfGY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 05:6e:b7:11:20:59:ed:e1:80:ec:de:f3:5e:95:b2:1d:3f:af: 94:aa:fc:e7:2c:65:62:52:1d:9c:2f:26:36:46:05:58:8c:d7: 68:3f:07:a8:d9:d5:4e:65:a8:6d:ee:ec:8c:56:36:8f:71:4b: 1c:58:5f:ca:ac:45:d3:b3:43:d0:37:27:bd:2d:2c:17:0b:55: 27:fd:32:42:e5:dc:78:68:ff:f0:4f:25:57:bd:a2:80:96:72: 5a:4d:31:ce:f1:f7:87:01:54:4f:46:95:92:35:c3:34:cc:2e: 84:89:b6:4e:6a:7e:ff:e1:fe:24:0a:d1:82:b7:a1:aa:9f:97: eb:9d:9f:2d:be:2a:fe:ad:ca:cc:bc:f2:9c:c0:01:89:6b:92: 66:e9:ff:df:fe:88:7a:21:8f:2f:93:1f:fc:68:a0:7f:70:d1: 15:74:1b:58:08:2c:1c:0f:34:72:c2:bd:f3:54:9a:ac:09:89: 4f:6e:18:fc:bf:cc:04:e0:8b:ee:cf:2a:c1:f1:d4:cc:b4:7b: 54:d0:37:7b:e9:07:45:54:fb:9d:92:c4:47:3e:4d:8a:e3:86: 37:2d:43:d0:b5:12:fd:da:b8:97:38:48:48:80:d5:4e:1e:c8: a3:bd:fb:e6:e1:7b:a0:ae:ef:3b:58:3c:d2:4f:1d:a7:61:2d: 67:db:55:75 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZCDaIWvQdJLx9P/W5LTEaMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI1MTE1YjVjMTI0NWRjMzBlMTIzMDQwNzllYzk0YTM1ZWQ1 MjdjNjYwHhcNMjUxMjI2MDUwMTA4WhcNMjUxMjI3MDUwMTA4WjAzMTEwLwYDVQQD EyhlOTcwZDU0NGUxM2FmZmY4MTQ5ZDI0Y2RlZTljODZlOWFhMzU1ZGJiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmdvSh7GJsSpZTBvKYfyxOEOZciX2 MEI7vmKneTzFSlGCAEbLq0g1FhKxcTF/IPcWi87q0A0/MSg/66vEfToJE127APbk jQJAFW3HG/RNJZN5Se0DgU/1jlxNVllt9tF69BUzdntloWJavq1Ek/H71DXcmcSW dLcL/JFxBuyBBA87oJlOSGNUOM2nRY5r/wMTweRGftrRej5w3e3zYHWrEZ49ePXC ol9I0w0a+n8prsxSmzvAW04hCvbM8t9PhKeXGKL3tu2MDoE5YIilyUyX+juaOWFI 5Zo8VurlQrkLpddhblpb5yBnZ3pNDOWzPaTrwTStHabhAZsxaBZflDubSwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOlw1UThOv/4FJ0kze6chumqNV27MB8GA1UdIwQY MBaAFLURW1wSRdww4SMEB57JSjXtUnxmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdFJGYlhCSkYzRERoSXdRSG5zbEtOZTFTZkdZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy9hMzZhNjctNTQyYi00ZjhlLTgxZjAt NmUyZGE2MGUyODM0LzEvdFJGYlhCSkYzRERoSXdRSG5zbEtOZTFTZkdZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83Yy9hMzZhNjctNTQyYi00ZjhlLTgxZjAtNmUyZGE2MGUyODM0 LzEvdFJGYlhCSkYzRERoSXdRSG5zbEtOZTFTZkdZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABW63ESBZ 7eGA7N7zXpWyHT+vlKr85yxlYlIdnC8mNkYFWIzXaD8HqNnVTmWobe7sjFY2j3FL HFhfyqxF07ND0DcnvS0sFwtVJ/0yQuXceGj/8E8lV72igJZyWk0xzvH3hwFUT0aV kjXDNMwuhIm2Tmp+/+H+JArRgrehqp+X652fLb4q/q3KzLzynMABiWuSZun/3/6I eiGPL5Mf/Gigf3DRFXQbWAgsHA80csK981SarAmJT24Y/L/MBOCL7s8qwfHUzLR7 VNA3e+kHRVT7nZLERz5NiuOGNy1D0LUS/dq4lzhISIDVTh7Io7375uF7oK7vO1g8 0k8dp2EtZ9tVdQ== -----END CERTIFICATE-----Generated at Fri Dec 26 14:19:38 2025 by rpki-client