This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/851902-5050-46b2-b452-0599f0b2b09a/1/tMflb0aH6hstd2PQiI0QUCNbV0s.mft File: tMflb0aH6hstd2PQiI0QUCNbV0s.mft (raw, json) Hash identifier: HKrSyW3dUpGzkXjkN9vznlFoy0r2ZhuXyPr0lHBR44I= Subject key identifier: C7:EF:16:AA:D2:30:DF:B8:AB:BB:9E:89:72:43:D9:DF:F3:A0:D3:DC Authority key identifier: B4:C7:E5:6F:46:87:EA:1B:2D:77:63:D0:88:8D:10:50:23:5B:57:4B Certificate issuer: /CN=b4c7e56f4687ea1b2d7763d0888d1050235b574b Certificate serial: 019B3456956F2784477DBEE4FE3FF12AF06B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tMflb0aH6hstd2PQiI0QUCNbV0s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/851902-5050-46b2-b452-0599f0b2b09a/1/tMflb0aH6hstd2PQiI0QUCNbV0s.mft Manifest number: 1715 Signing time: Fri 19 Dec 2025 02:00:48 +0000 Manifest this update: Fri 19 Dec 2025 02:00:48 +0000 Manifest next update: Sat 20 Dec 2025 02:00:48 +0000 Files and hashes: 1: fVF1mzV7lYVHRMo8LnZ24vMBIsw.roa (hash: xj9vjyKVHbKjwLJzRwcUb2ujBs2KI8YOtyKmg5bMiko=) 2: tMflb0aH6hstd2PQiI0QUCNbV0s.crl (hash: X5hpEDcnE+wtC+W5SegPOpnxLH+UXolicbYlJ2sG8I4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/84/851902-5050-46b2-b452-0599f0b2b09a/1/tMflb0aH6hstd2PQiI0QUCNbV0s.crl rsync://rpki.ripe.net/repository/DEFAULT/84/851902-5050-46b2-b452-0599f0b2b09a/1/tMflb0aH6hstd2PQiI0QUCNbV0s.mft rsync://rpki.ripe.net/repository/DEFAULT/tMflb0aH6hstd2PQiI0QUCNbV0s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 02:00:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:34:56:95:6f:27:84:47:7d:be:e4:fe:3f:f1:2a:f0:6b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b4c7e56f4687ea1b2d7763d0888d1050235b574b Validity Not Before: Dec 19 02:00:48 2025 GMT Not After : Dec 20 02:00:48 2025 GMT Subject: CN=c7ef16aad230dfb8abbb9e897243d9dff3a0d3dc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:08:0e:3e:cd:4c:ab:84:d2:f4:31:ff:47:46: f5:67:e5:92:ed:ce:34:d3:f4:9a:17:50:0a:98:61: 29:bc:c0:97:4a:ae:c0:af:01:fc:39:38:f8:2d:8c: 83:07:95:b5:b6:14:65:99:18:4f:6d:c6:f9:4e:08: 4f:73:06:3a:ae:81:cb:cb:85:a4:a5:f8:9b:a2:48: 4a:29:66:85:23:41:fc:a8:54:30:75:fa:a1:1a:4a: 80:50:aa:fa:1b:bf:53:22:4c:d9:cd:e7:32:e6:5c: ec:7b:d5:f0:4f:a0:1f:f6:57:10:41:6f:c2:15:11: 4d:2a:28:25:ad:43:2f:4d:92:8f:1a:ae:6e:a2:45: c4:c3:6b:1e:b7:06:ec:85:01:f4:34:3c:2c:e4:27: 83:57:0f:69:0a:76:be:1f:43:5c:b6:eb:4f:b0:00: 9e:c6:53:78:32:34:82:5a:7b:b5:d9:de:95:d7:39: ba:06:41:bb:15:42:fa:e3:a3:0a:01:e8:58:10:e5: 9c:cb:62:92:8e:bc:b2:67:d0:e4:db:9a:38:6c:b3: ea:a6:ee:1a:d5:c0:34:11:71:f4:57:c5:85:d0:4b: ae:95:ec:ce:9c:a2:3f:84:6f:a2:01:79:62:56:4b: 15:8d:5e:24:5e:87:c6:dc:82:3c:c5:a7:13:6e:12: f1:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C7:EF:16:AA:D2:30:DF:B8:AB:BB:9E:89:72:43:D9:DF:F3:A0:D3:DC X509v3 Authority Key Identifier: keyid:B4:C7:E5:6F:46:87:EA:1B:2D:77:63:D0:88:8D:10:50:23:5B:57:4B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tMflb0aH6hstd2PQiI0QUCNbV0s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/851902-5050-46b2-b452-0599f0b2b09a/1/tMflb0aH6hstd2PQiI0QUCNbV0s.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/84/851902-5050-46b2-b452-0599f0b2b09a/1/tMflb0aH6hstd2PQiI0QUCNbV0s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 92:46:1b:b5:2e:85:bd:fe:4f:49:fd:79:f1:cd:13:e7:48:d1: f6:7b:64:24:07:85:99:cd:50:e2:d0:cd:76:de:ce:a5:7f:5e: 32:ed:c0:59:59:af:e7:83:8c:63:b9:d0:a3:1e:48:bb:71:97: 83:db:0e:78:97:be:06:1b:79:d9:82:06:64:ce:fc:6f:d7:63: 24:67:05:12:c8:f5:18:b5:1e:a1:94:cf:34:ac:60:91:ef:f8: 1c:55:30:a9:17:e9:e5:8b:e0:bd:da:dd:c8:6e:31:cb:99:59: 62:3b:42:f1:03:60:ee:53:a3:dc:a1:8d:1a:d2:f7:3b:6d:c3: be:df:b0:89:f2:f1:43:de:41:ff:2d:b9:82:70:50:7c:b3:37: ec:3c:5a:56:a9:d8:49:2c:a8:e8:39:42:8d:9c:33:97:d5:2f: bc:5c:8f:6c:a1:1a:d7:de:88:46:d4:ed:6e:ae:fd:6b:ea:7c: 6b:11:0b:a9:e4:84:4b:a3:8a:d1:c1:b1:a9:04:17:59:9f:1b: 8a:29:ee:62:95:07:1a:61:65:51:d3:d2:b6:d0:52:ab:68:ab: bf:8e:74:e0:de:d7:b4:68:08:05:cc:75:0f:4a:b1:f9:04:07: b9:a0:24:63:a1:c7:1a:a5:51:86:0d:97:61:52:5a:82:47:0e: 23:24:3c:52 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs0VpVvJ4RHfb7k/j/xKvBrMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI0YzdlNTZmNDY4N2VhMWIyZDc3NjNkMDg4OGQxMDUwMjM1 YjU3NGIwHhcNMjUxMjE5MDIwMDQ4WhcNMjUxMjIwMDIwMDQ4WjAzMTEwLwYDVQQD EyhjN2VmMTZhYWQyMzBkZmI4YWJiYjllODk3MjQzZDlkZmYzYTBkM2RjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6AgOPs1Mq4TS9DH/R0b1Z+WS7c40 0/SaF1AKmGEpvMCXSq7ArwH8OTj4LYyDB5W1thRlmRhPbcb5TghPcwY6roHLy4Wk pfibokhKKWaFI0H8qFQwdfqhGkqAUKr6G79TIkzZzecy5lzse9XwT6Af9lcQQW/C FRFNKiglrUMvTZKPGq5uokXEw2setwbshQH0NDws5CeDVw9pCna+H0NctutPsACe xlN4MjSCWnu12d6V1zm6BkG7FUL646MKAehYEOWcy2KSjryyZ9Dk25o4bLPqpu4a 1cA0EXH0V8WF0EuulezOnKI/hG+iAXliVksVjV4kXofG3II8xacTbhLxxQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMfvFqrSMN+4q7ueiXJD2d/zoNPcMB8GA1UdIwQY MBaAFLTH5W9Gh+obLXdj0IiNEFAjW1dLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdE1mbGIwYUg2aHN0ZDJQUWlJMFFVQ05iVjBzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC84NTE5MDItNTA1MC00NmIyLWI0NTIt MDU5OWYwYjJiMDlhLzEvdE1mbGIwYUg2aHN0ZDJQUWlJMFFVQ05iVjBzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84NC84NTE5MDItNTA1MC00NmIyLWI0NTItMDU5OWYwYjJiMDlh LzEvdE1mbGIwYUg2aHN0ZDJQUWlJMFFVQ05iVjBzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkkYbtS6F vf5PSf158c0T50jR9ntkJAeFmc1Q4tDNdt7OpX9eMu3AWVmv54OMY7nQox5Iu3GX g9sOeJe+Bht52YIGZM78b9djJGcFEsj1GLUeoZTPNKxgke/4HFUwqRfp5Yvgvdrd yG4xy5lZYjtC8QNg7lOj3KGNGtL3O23Dvt+wifLxQ95B/y25gnBQfLM37DxaVqnY SSyo6DlCjZwzl9UvvFyPbKEa196IRtTtbq79a+p8axELqeSES6OK0cGxqQQXWZ8b iinuYpUHGmFlUdPSttBSq2irv4504N7XtGgIBcx1D0qx+QQHuaAkY6HHGqVRhg2X YVJagkcOIyQ8Ug== -----END CERTIFICATE-----Generated at Fri Dec 19 10:22:37 2025 by rpki-client