This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/b9a050-7726-4eb5-b403-7bf724056153/1/TyKDTEeXR7CovQphKfn-ZfgwJtA.mft File: TyKDTEeXR7CovQphKfn-ZfgwJtA.mft (raw, json) Hash identifier: xmZYz9LAkeCa2yIHhv9GeAhSA2HIrTMlOL+Dw2Eg+Ug= Subject key identifier: F4:AC:C2:E5:6B:27:5D:37:B2:E2:9F:92:D0:E9:F2:66:D7:BC:EB:71 Authority key identifier: 4F:22:83:4C:47:97:47:B0:A8:BD:0A:61:29:F9:FE:65:F8:30:26:D0 Certificate issuer: /CN=4f22834c479747b0a8bd0a6129f9fe65f83026d0 Certificate serial: 019B3A90CC297BDBEC2C44B03D86ECDBAC4F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TyKDTEeXR7CovQphKfn-ZfgwJtA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/b9a050-7726-4eb5-b403-7bf724056153/1/TyKDTEeXR7CovQphKfn-ZfgwJtA.mft Manifest number: 0572 Signing time: Sat 20 Dec 2025 07:02:06 +0000 Manifest this update: Sat 20 Dec 2025 07:02:06 +0000 Manifest next update: Sun 21 Dec 2025 07:02:06 +0000 Files and hashes: 1: 5_qRdcU_zBI67bUjjCeGmUT4bso.roa (hash: S33Bj4i6cQIjVG+I+Gmo76E+1aI2U06ldTXtc0u4sXQ=) 2: TyKDTEeXR7CovQphKfn-ZfgwJtA.crl (hash: +Vrh/3f6Y5Lj6NP9rr8c5+F3UnZb/sb5HRCsi9tUeTQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/95/b9a050-7726-4eb5-b403-7bf724056153/1/TyKDTEeXR7CovQphKfn-ZfgwJtA.crl rsync://rpki.ripe.net/repository/DEFAULT/95/b9a050-7726-4eb5-b403-7bf724056153/1/TyKDTEeXR7CovQphKfn-ZfgwJtA.mft rsync://rpki.ripe.net/repository/DEFAULT/TyKDTEeXR7CovQphKfn-ZfgwJtA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 07:02:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3a:90:cc:29:7b:db:ec:2c:44:b0:3d:86:ec:db:ac:4f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4f22834c479747b0a8bd0a6129f9fe65f83026d0 Validity Not Before: Dec 20 07:02:06 2025 GMT Not After : Dec 21 07:02:06 2025 GMT Subject: CN=f4acc2e56b275d37b2e29f92d0e9f266d7bceb71 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:2d:15:ed:9d:c2:03:7e:44:67:69:ae:26:27: dd:24:64:64:4f:b0:d0:f5:62:3a:ea:b9:67:48:c4: 27:79:21:eb:ea:e5:d1:6c:c5:6e:77:86:bb:de:d6: dc:17:76:71:f4:94:3d:91:64:bb:32:bc:94:62:ee: 1e:82:b5:fd:94:11:4a:f1:2e:da:2c:d3:f7:72:2e: 29:31:7a:c6:1c:52:15:09:c2:0e:dc:39:13:e4:59: 12:90:a7:b5:73:b7:22:59:14:af:1d:0a:1a:a8:b7: fb:6c:1c:76:b1:56:6e:f9:f9:ad:98:48:ca:e2:25: 07:a1:f5:64:0c:61:bc:d9:2d:8b:d7:f7:e8:21:3a: a6:72:6d:63:34:b0:93:6e:4f:a0:00:54:94:55:8d: a2:a1:6b:0d:fc:b0:2b:83:13:a2:01:99:3b:d5:86: d6:79:61:c9:69:07:17:d7:8a:ea:ad:6f:6f:3c:9d: 4d:9a:1a:6c:d9:ed:e9:e0:14:14:7b:4c:7e:13:3b: e7:66:8c:9b:bd:a8:68:d8:fb:c7:d9:80:c7:39:d9: 53:8d:be:f8:62:33:2b:dc:43:7b:fb:2f:3b:fe:d8: 49:6a:f5:5f:5c:0c:f5:16:a5:b5:29:fa:41:e2:8a: ec:c8:4b:05:10:88:bf:c8:98:5e:f6:64:e1:96:e4: 17:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F4:AC:C2:E5:6B:27:5D:37:B2:E2:9F:92:D0:E9:F2:66:D7:BC:EB:71 X509v3 Authority Key Identifier: keyid:4F:22:83:4C:47:97:47:B0:A8:BD:0A:61:29:F9:FE:65:F8:30:26:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TyKDTEeXR7CovQphKfn-ZfgwJtA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/b9a050-7726-4eb5-b403-7bf724056153/1/TyKDTEeXR7CovQphKfn-ZfgwJtA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/95/b9a050-7726-4eb5-b403-7bf724056153/1/TyKDTEeXR7CovQphKfn-ZfgwJtA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9d:dd:89:7c:54:8c:bf:f9:39:1e:0a:cd:80:27:5e:f3:db:4b: a9:25:7d:06:83:05:3f:af:6f:3e:a0:88:71:49:47:65:f9:9b: ad:57:ce:c7:c5:bc:3a:50:6b:15:1c:31:7e:34:0f:9f:42:3d: 1b:c9:4e:68:9f:fb:cc:51:f5:3b:c9:66:a7:13:09:27:ff:44: 90:c4:dd:cd:e4:cc:d6:d3:18:65:57:32:f3:19:03:7f:4e:fa: 1d:90:c3:05:21:27:a7:4d:94:de:59:e4:50:5d:79:15:43:ee: 01:47:ca:8d:12:0a:18:1e:53:00:9e:d7:56:18:64:f6:8e:f5: 8b:d3:d4:d1:86:ac:3a:3d:93:93:a5:a7:b0:cc:b2:f9:aa:f4: 5f:a9:6d:df:7f:af:31:51:c7:06:cc:f4:ed:b6:3b:95:b2:6b: b5:56:16:7a:c6:a1:8c:6a:d4:3e:c3:c7:b3:9a:b9:3b:ce:b6: 10:b4:8b:33:76:3c:f9:1d:4f:2b:31:1e:f2:20:30:5e:c5:d9: 78:b5:e2:a2:1a:d5:f2:84:cd:d3:7c:5e:f3:40:b2:cb:cc:90: d1:12:5c:cd:c3:c9:91:bb:2d:47:4b:11:e4:c6:c1:97:f1:34: 97:06:22:f8:0a:a9:74:0a:4f:01:ee:2b:11:fa:c4:c3:5e:ea: a2:a2:b4:bd -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs6kMwpe9vsLESwPYbs26xPMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRmMjI4MzRjNDc5NzQ3YjBhOGJkMGE2MTI5ZjlmZTY1Zjgz MDI2ZDAwHhcNMjUxMjIwMDcwMjA2WhcNMjUxMjIxMDcwMjA2WjAzMTEwLwYDVQQD EyhmNGFjYzJlNTZiMjc1ZDM3YjJlMjlmOTJkMGU5ZjI2NmQ3YmNlYjcxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0i0V7Z3CA35EZ2muJifdJGRkT7DQ 9WI66rlnSMQneSHr6uXRbMVud4a73tbcF3Zx9JQ9kWS7MryUYu4egrX9lBFK8S7a LNP3ci4pMXrGHFIVCcIO3DkT5FkSkKe1c7ciWRSvHQoaqLf7bBx2sVZu+fmtmEjK 4iUHofVkDGG82S2L1/foITqmcm1jNLCTbk+gAFSUVY2ioWsN/LArgxOiAZk71YbW eWHJaQcX14rqrW9vPJ1Nmhps2e3p4BQUe0x+EzvnZoybvaho2PvH2YDHOdlTjb74 YjMr3EN7+y87/thJavVfXAz1FqW1KfpB4orsyEsFEIi/yJhe9mThluQX3wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPSswuVrJ103suKfktDp8mbXvOtxMB8GA1UdIwQY MBaAFE8ig0xHl0ewqL0KYSn5/mX4MCbQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVHlLRFRFZVhSN0NvdlFwaEtmbi1aZmd3SnRBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS9iOWEwNTAtNzcyNi00ZWI1LWI0MDMt N2JmNzI0MDU2MTUzLzEvVHlLRFRFZVhSN0NvdlFwaEtmbi1aZmd3SnRBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85NS9iOWEwNTAtNzcyNi00ZWI1LWI0MDMtN2JmNzI0MDU2MTUz LzEvVHlLRFRFZVhSN0NvdlFwaEtmbi1aZmd3SnRBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnd2JfFSM v/k5HgrNgCde89tLqSV9BoMFP69vPqCIcUlHZfmbrVfOx8W8OlBrFRwxfjQPn0I9 G8lOaJ/7zFH1O8lmpxMJJ/9EkMTdzeTM1tMYZVcy8xkDf076HZDDBSEnp02U3lnk UF15FUPuAUfKjRIKGB5TAJ7XVhhk9o71i9PU0YasOj2Tk6WnsMyy+ar0X6lt33+v MVHHBsz07bY7lbJrtVYWesahjGrUPsPHs5q5O862ELSLM3Y8+R1PKzEe8iAwXsXZ eLXiohrV8oTN03xe80Cyy8yQ0RJczcPJkbstR0sR5MbBl/E0lwYi+AqpdApPAe4r EfrEw17qoqK0vQ== -----END CERTIFICATE-----Generated at Sat Dec 20 11:46:20 2025 by rpki-client