This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/1e5c88-c3fc-4e76-bc65-391fec267dae/1/tDlfbOqaAYpMyEgY5qo1INMiIYs.mft File: tDlfbOqaAYpMyEgY5qo1INMiIYs.mft (raw, json) Hash identifier: OEQnbjFFOnNhdS9M3N41DFX6fMJ6nflQJSlgb5XznXQ= Subject key identifier: 17:E6:8A:E3:53:54:A5:8B:2B:48:16:CE:75:7E:75:00:8B:0F:BD:B3 Authority key identifier: B4:39:5F:6C:EA:9A:01:8A:4C:C8:48:18:E6:AA:35:20:D3:22:21:8B Certificate issuer: /CN=b4395f6cea9a018a4cc84818e6aa3520d322218b Certificate serial: 019B5976CFFC723F7840F29C604FC0108A84 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDlfbOqaAYpMyEgY5qo1INMiIYs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/1e5c88-c3fc-4e76-bc65-391fec267dae/1/tDlfbOqaAYpMyEgY5qo1INMiIYs.mft Manifest number: 0E19 Signing time: Fri 26 Dec 2025 07:01:57 +0000 Manifest this update: Fri 26 Dec 2025 07:01:57 +0000 Manifest next update: Sat 27 Dec 2025 07:01:57 +0000 Files and hashes: 1: UoFhfe1D4fv5504pD16hAMtOHqM.roa (hash: f5OjLqYpJfmM6P+Sc+etueFJmxpiBV6zei8gZZWeXpE=) 2: tDlfbOqaAYpMyEgY5qo1INMiIYs.crl (hash: MJ1/L+XuvBkDE2PaCyZJaha+tRrG1SzNKugKTNNJynM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/1e5c88-c3fc-4e76-bc65-391fec267dae/1/tDlfbOqaAYpMyEgY5qo1INMiIYs.crl rsync://rpki.ripe.net/repository/DEFAULT/a3/1e5c88-c3fc-4e76-bc65-391fec267dae/1/tDlfbOqaAYpMyEgY5qo1INMiIYs.mft rsync://rpki.ripe.net/repository/DEFAULT/tDlfbOqaAYpMyEgY5qo1INMiIYs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:76:cf:fc:72:3f:78:40:f2:9c:60:4f:c0:10:8a:84 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b4395f6cea9a018a4cc84818e6aa3520d322218b Validity Not Before: Dec 26 07:01:57 2025 GMT Not After : Dec 27 07:01:57 2025 GMT Subject: CN=17e68ae35354a58b2b4816ce757e75008b0fbdb3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:60:c6:b1:f4:87:dc:52:ca:6a:f0:07:15:cd: 90:07:e9:2f:ab:fc:dc:31:b1:ac:74:87:06:52:2b: 43:b7:fb:a9:3b:c4:3e:24:93:9e:29:b5:02:0f:37: 21:4e:ae:8d:30:d8:d4:8e:3d:99:4f:d9:4b:1d:09: 18:cb:22:c3:ba:bd:68:e9:82:34:82:52:4c:e4:44: 35:de:a8:64:d0:9e:2a:ed:97:1a:3c:1b:90:6b:9b: b0:84:b4:6d:59:3e:8c:c2:99:14:68:e7:b9:8e:14: eb:f6:6d:f6:e4:f0:fb:ea:a7:5c:70:ba:7e:1d:fc: 0d:aa:fa:4e:e1:f0:f0:9e:bd:2c:70:c5:5c:02:1c: e5:cd:55:cc:81:da:c3:24:bc:00:9e:31:74:a0:72: 32:00:3e:2a:b8:c6:4b:c2:44:9d:0a:ec:e8:a0:86: 33:12:2e:f1:e9:20:20:c1:8f:41:5f:ea:50:c1:ae: 08:6b:72:01:ef:67:84:f1:60:c2:ba:2c:9e:56:57: fa:1e:d9:78:74:ee:85:50:bf:84:94:db:44:de:40: ec:06:c5:f7:dd:48:17:06:7c:82:bb:54:82:b8:c9: a9:ae:a5:cc:c4:f5:f7:50:f4:a4:5f:a0:02:ac:fb: 01:82:70:99:21:a7:16:73:a6:c1:cf:e6:f6:97:ff: 11:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 17:E6:8A:E3:53:54:A5:8B:2B:48:16:CE:75:7E:75:00:8B:0F:BD:B3 X509v3 Authority Key Identifier: keyid:B4:39:5F:6C:EA:9A:01:8A:4C:C8:48:18:E6:AA:35:20:D3:22:21:8B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDlfbOqaAYpMyEgY5qo1INMiIYs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/1e5c88-c3fc-4e76-bc65-391fec267dae/1/tDlfbOqaAYpMyEgY5qo1INMiIYs.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/1e5c88-c3fc-4e76-bc65-391fec267dae/1/tDlfbOqaAYpMyEgY5qo1INMiIYs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5f:6b:b4:d5:ca:7a:d3:70:f8:41:7b:36:ff:6a:e9:00:5b:91: c7:1b:fe:bf:2e:65:d9:62:6a:10:5f:7d:09:f4:1b:44:a7:82: 81:d5:6e:03:6a:a3:5a:2e:50:99:a4:0b:ce:0f:5b:22:4e:e1: 81:b7:57:cf:d2:ab:28:48:fc:b0:2e:d0:79:4c:9d:81:4a:dc: e9:31:6e:a8:ab:dd:85:d2:d3:c0:c4:33:7e:8f:17:00:fe:01: 36:9a:ed:73:ef:77:fa:b0:fe:1e:e3:f0:a0:f0:8f:cd:2d:c1: bb:7d:d4:68:ca:9b:82:14:40:2a:e7:7d:b6:be:10:06:18:41: 53:8c:aa:41:33:35:ae:f6:4d:c9:3b:25:73:76:65:e6:7b:f8: 1a:f8:83:13:d7:64:e2:a9:fa:58:ee:94:ef:3c:ca:dc:a2:b2: 1e:99:64:a4:68:3f:5f:33:6d:1f:4e:6c:a4:43:d5:d0:ee:be: e2:ce:de:54:e5:a8:82:df:db:79:25:78:9b:25:16:95:e1:0b: 2a:74:ff:66:78:c3:ef:fe:f1:0a:4c:a8:59:a5:d5:97:89:b0: 1b:46:39:2f:09:7b:67:03:9a:22:83:5f:92:74:04:c4:b1:5a: bc:cf:51:30:84:41:73:44:7e:77:a0:90:15:87:92:dd:e7:bf: b2:5b:c5:98 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZds/8cj94QPKcYE/AEIqEMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI0Mzk1ZjZjZWE5YTAxOGE0Y2M4NDgxOGU2YWEzNTIwZDMy MjIxOGIwHhcNMjUxMjI2MDcwMTU3WhcNMjUxMjI3MDcwMTU3WjAzMTEwLwYDVQQD EygxN2U2OGFlMzUzNTRhNThiMmI0ODE2Y2U3NTdlNzUwMDhiMGZiZGIzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5WDGsfSH3FLKavAHFc2QB+kvq/zc MbGsdIcGUitDt/upO8Q+JJOeKbUCDzchTq6NMNjUjj2ZT9lLHQkYyyLDur1o6YI0 glJM5EQ13qhk0J4q7ZcaPBuQa5uwhLRtWT6MwpkUaOe5jhTr9m325PD76qdccLp+ HfwNqvpO4fDwnr0scMVcAhzlzVXMgdrDJLwAnjF0oHIyAD4quMZLwkSdCuzooIYz Ei7x6SAgwY9BX+pQwa4Ia3IB72eE8WDCuiyeVlf6Htl4dO6FUL+ElNtE3kDsBsX3 3UgXBnyCu1SCuMmprqXMxPX3UPSkX6ACrPsBgnCZIacWc6bBz+b2l/8R4QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBfmiuNTVKWLK0gWznV+dQCLD72zMB8GA1UdIwQY MBaAFLQ5X2zqmgGKTMhIGOaqNSDTIiGLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdERsZmJPcWFBWXBNeUVnWTVxbzFJTk1pSVlzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy8xZTVjODgtYzNmYy00ZTc2LWJjNjUt MzkxZmVjMjY3ZGFlLzEvdERsZmJPcWFBWXBNeUVnWTVxbzFJTk1pSVlzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMy8xZTVjODgtYzNmYy00ZTc2LWJjNjUtMzkxZmVjMjY3ZGFl LzEvdERsZmJPcWFBWXBNeUVnWTVxbzFJTk1pSVlzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX2u01cp6 03D4QXs2/2rpAFuRxxv+vy5l2WJqEF99CfQbRKeCgdVuA2qjWi5QmaQLzg9bIk7h gbdXz9KrKEj8sC7QeUydgUrc6TFuqKvdhdLTwMQzfo8XAP4BNprtc+93+rD+HuPw oPCPzS3Bu33UaMqbghRAKud9tr4QBhhBU4yqQTM1rvZNyTslc3Zl5nv4GviDE9dk 4qn6WO6U7zzK3KKyHplkpGg/XzNtH05spEPV0O6+4s7eVOWogt/beSV4myUWleEL KnT/ZnjD7/7xCkyoWaXVl4mwG0Y5Lwl7ZwOaIoNfknQExLFavM9RMIRBc0R+d6CQ FYeS3ee/slvFmA== -----END CERTIFICATE-----Generated at Fri Dec 26 14:16:03 2025 by rpki-client