This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/db66ab-70ac-41ad-9958-dd8b5afcee3b/1/tDbA8OyLvt8PYIRN_k_pOTaaS0A.mft File: tDbA8OyLvt8PYIRN_k_pOTaaS0A.mft (raw, json) Hash identifier: /ZALpTkSiDb6v8aIfea/Kg8RsskovdLr9WEuD5WUYKE= Subject key identifier: 5A:77:8B:B3:96:8B:3D:E7:7E:50:55:FC:CC:0A:46:B8:36:61:89:7E Authority key identifier: B4:36:C0:F0:EC:8B:BE:DF:0F:60:84:4D:FE:4F:E9:39:36:9A:4B:40 Certificate issuer: /CN=b436c0f0ec8bbedf0f60844dfe4fe939369a4b40 Certificate serial: 019B5A51CE6C1B7CD686246FDD5DC2C947CD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDbA8OyLvt8PYIRN_k_pOTaaS0A.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/db66ab-70ac-41ad-9958-dd8b5afcee3b/1/tDbA8OyLvt8PYIRN_k_pOTaaS0A.mft Manifest number: 04C8 Signing time: Fri 26 Dec 2025 11:01:09 +0000 Manifest this update: Fri 26 Dec 2025 11:01:09 +0000 Manifest next update: Sat 27 Dec 2025 11:01:09 +0000 Files and hashes: 1: kdQZ4QS0sUqXnywKZ8M79hUmfTA.roa (hash: xGG3G4XfdVhcDuFzw8EOPzLUi5vn/b3D8pkyEY9PSkc=) 2: tDbA8OyLvt8PYIRN_k_pOTaaS0A.crl (hash: xs6U5XeK7x8T2tBd7ZcmcW3FrtiwiuF3RzCjZEyYBPU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/db66ab-70ac-41ad-9958-dd8b5afcee3b/1/tDbA8OyLvt8PYIRN_k_pOTaaS0A.crl rsync://rpki.ripe.net/repository/DEFAULT/a2/db66ab-70ac-41ad-9958-dd8b5afcee3b/1/tDbA8OyLvt8PYIRN_k_pOTaaS0A.mft rsync://rpki.ripe.net/repository/DEFAULT/tDbA8OyLvt8PYIRN_k_pOTaaS0A.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:51:ce:6c:1b:7c:d6:86:24:6f:dd:5d:c2:c9:47:cd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b436c0f0ec8bbedf0f60844dfe4fe939369a4b40 Validity Not Before: Dec 26 11:01:09 2025 GMT Not After : Dec 27 11:01:09 2025 GMT Subject: CN=5a778bb3968b3de77e5055fccc0a46b83661897e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:83:1d:a5:27:fd:d1:91:0a:5f:12:21:c1:5e: 90:9f:d6:80:3b:de:71:18:77:10:96:62:3b:8f:f3: c9:18:05:a7:a5:0b:57:09:15:f4:f9:d0:23:6d:44: 46:79:f3:03:c8:45:b2:ac:5a:09:5b:3d:d1:5a:58: 5f:b0:06:c0:db:ee:82:f0:77:87:86:ad:38:9e:c2: 3f:0e:90:1f:8f:19:9c:1b:99:86:00:f8:52:24:59: 5a:68:02:bf:04:d4:39:db:ce:e9:d2:70:7c:8f:51: ff:a2:72:95:09:fc:6b:d1:70:7d:0a:62:83:dd:3b: 59:0e:e2:7f:a5:6a:2c:a0:40:a2:73:53:e4:6f:1a: 37:1d:66:2c:1f:5a:51:71:c8:b0:69:63:8c:eb:49: e7:08:72:a2:88:1f:67:cf:21:4c:c6:bd:61:67:a4: 45:f3:76:2f:6a:ff:32:c2:4d:48:f1:27:a2:17:8d: 07:6e:e1:08:97:40:99:4d:8f:ae:3c:60:73:d9:31: fe:98:f9:91:37:86:24:ef:cf:1d:4f:1a:92:a9:c2: f9:a8:b2:b9:a0:b8:4c:54:7a:1a:3e:b3:5c:05:1f: 50:e1:a9:a1:67:eb:cd:c3:10:0f:ea:13:c4:59:7f: 84:38:bc:e2:32:2b:5b:c2:57:4f:d1:2c:c5:11:5c: 57:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5A:77:8B:B3:96:8B:3D:E7:7E:50:55:FC:CC:0A:46:B8:36:61:89:7E X509v3 Authority Key Identifier: keyid:B4:36:C0:F0:EC:8B:BE:DF:0F:60:84:4D:FE:4F:E9:39:36:9A:4B:40 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDbA8OyLvt8PYIRN_k_pOTaaS0A.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/db66ab-70ac-41ad-9958-dd8b5afcee3b/1/tDbA8OyLvt8PYIRN_k_pOTaaS0A.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/db66ab-70ac-41ad-9958-dd8b5afcee3b/1/tDbA8OyLvt8PYIRN_k_pOTaaS0A.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8a:f9:76:67:e0:98:d6:09:4e:4f:b1:ff:e6:9d:d0:e4:6e:e2: ff:f8:f0:a4:23:54:a9:cb:48:5b:4e:e1:20:f0:1d:6a:59:f8: 5d:80:d1:79:fd:23:eb:c5:e7:61:2d:39:47:50:ff:30:9d:3e: d3:ea:62:49:ff:3e:4e:63:ca:9b:1d:d2:6a:1b:28:ac:13:61: 94:2d:24:a6:9e:dd:6d:d4:7b:88:2b:35:92:6a:44:8a:3a:68: f4:33:af:ac:05:11:b5:ea:4d:4b:ac:c4:fa:cf:ac:9c:75:d6: 89:2a:93:f7:64:3f:85:ce:e0:d3:f1:ad:48:c2:86:3a:35:e4: b0:0e:bf:40:68:b4:d8:c8:4b:00:41:d3:5a:4a:f8:97:64:46: be:a2:e5:eb:f8:63:bb:08:7d:c6:54:55:90:21:2b:90:a8:46: cc:f8:aa:b7:6e:35:b1:8d:d3:03:3d:3c:60:33:e3:1f:40:12: 64:67:ad:05:0f:01:27:ca:15:6f:b9:1b:1d:ee:da:9b:20:8e: 16:b6:ca:cc:f7:0b:25:d9:0b:d4:a0:b6:f1:d2:08:71:f2:46: 3f:b5:9d:4a:9d:de:50:24:a5:9a:92:e0:ff:76:ed:7b:a2:b1: 42:24:89:31:a8:2e:7a:e9:b8:74:69:04:48:0a:33:e6:66:c8: 2f:cc:28:1c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtaUc5sG3zWhiRv3V3CyUfNMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI0MzZjMGYwZWM4YmJlZGYwZjYwODQ0ZGZlNGZlOTM5MzY5 YTRiNDAwHhcNMjUxMjI2MTEwMTA5WhcNMjUxMjI3MTEwMTA5WjAzMTEwLwYDVQQD Eyg1YTc3OGJiMzk2OGIzZGU3N2U1MDU1ZmNjYzBhNDZiODM2NjE4OTdlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp4MdpSf90ZEKXxIhwV6Qn9aAO95x GHcQlmI7j/PJGAWnpQtXCRX0+dAjbURGefMDyEWyrFoJWz3RWlhfsAbA2+6C8HeH hq04nsI/DpAfjxmcG5mGAPhSJFlaaAK/BNQ5287p0nB8j1H/onKVCfxr0XB9CmKD 3TtZDuJ/pWosoECic1Pkbxo3HWYsH1pRcciwaWOM60nnCHKiiB9nzyFMxr1hZ6RF 83Yvav8ywk1I8SeiF40HbuEIl0CZTY+uPGBz2TH+mPmRN4Yk788dTxqSqcL5qLK5 oLhMVHoaPrNcBR9Q4amhZ+vNwxAP6hPEWX+EOLziMitbwldP0SzFEVxXnQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFp3i7OWiz3nflBV/MwKRrg2YYl+MB8GA1UdIwQY MBaAFLQ2wPDsi77fD2CETf5P6Tk2mktAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdERiQThPeUx2dDhQWUlSTl9rX3BPVGFhUzBBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9kYjY2YWItNzBhYy00MWFkLTk5NTgt ZGQ4YjVhZmNlZTNiLzEvdERiQThPeUx2dDhQWUlSTl9rX3BPVGFhUzBBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMi9kYjY2YWItNzBhYy00MWFkLTk5NTgtZGQ4YjVhZmNlZTNi LzEvdERiQThPeUx2dDhQWUlSTl9rX3BPVGFhUzBBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAivl2Z+CY 1glOT7H/5p3Q5G7i//jwpCNUqctIW07hIPAdaln4XYDRef0j68XnYS05R1D/MJ0+ 0+piSf8+TmPKmx3SahsorBNhlC0kpp7dbdR7iCs1kmpEijpo9DOvrAURtepNS6zE +s+snHXWiSqT92Q/hc7g0/GtSMKGOjXksA6/QGi02MhLAEHTWkr4l2RGvqLl6/hj uwh9xlRVkCErkKhGzPiqt241sY3TAz08YDPjH0ASZGetBQ8BJ8oVb7kbHe7amyCO FrbKzPcLJdkL1KC28dIIcfJGP7WdSp3eUCSlmpLg/3bte6KxQiSJMagueum4dGkE SAoz5mbIL8woHA== -----END CERTIFICATE-----Generated at Fri Dec 26 14:17:06 2025 by rpki-client