This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/64ecd9-a2f8-4685-a872-b4056916b18b/1/TwEzP4bKlwcaD5YSa6OOIlLnCjQ.mft File: TwEzP4bKlwcaD5YSa6OOIlLnCjQ.mft (raw, json) Hash identifier: QfoHiyLGOPQwwfT9ISIDen8YRxQE17xnAQmPD4T50d8= Subject key identifier: C3:8D:AF:13:3D:28:6E:4E:7F:0D:44:12:09:38:55:4D:8A:DF:24:89 Authority key identifier: 4F:01:33:3F:86:CA:97:07:1A:0F:96:12:6B:A3:8E:22:52:E7:0A:34 Certificate issuer: /CN=4f01333f86ca97071a0f96126ba38e2252e70a34 Certificate serial: 019B597705680EEC6DED5375704A9AE69E17 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TwEzP4bKlwcaD5YSa6OOIlLnCjQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/64ecd9-a2f8-4685-a872-b4056916b18b/1/TwEzP4bKlwcaD5YSa6OOIlLnCjQ.mft Manifest number: 0A85 Signing time: Fri 26 Dec 2025 07:02:10 +0000 Manifest this update: Fri 26 Dec 2025 07:02:10 +0000 Manifest next update: Sat 27 Dec 2025 07:02:10 +0000 Files and hashes: 1: TwEzP4bKlwcaD5YSa6OOIlLnCjQ.crl (hash: 1Gx/18X6iJ/inps4QTZLzNjERcPgiAlPL3JBrAkZM1A=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/64ecd9-a2f8-4685-a872-b4056916b18b/1/TwEzP4bKlwcaD5YSa6OOIlLnCjQ.crl rsync://rpki.ripe.net/repository/DEFAULT/b1/64ecd9-a2f8-4685-a872-b4056916b18b/1/TwEzP4bKlwcaD5YSa6OOIlLnCjQ.mft rsync://rpki.ripe.net/repository/DEFAULT/TwEzP4bKlwcaD5YSa6OOIlLnCjQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:77:05:68:0e:ec:6d:ed:53:75:70:4a:9a:e6:9e:17 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4f01333f86ca97071a0f96126ba38e2252e70a34 Validity Not Before: Dec 26 07:02:10 2025 GMT Not After : Dec 27 07:02:10 2025 GMT Subject: CN=c38daf133d286e4e7f0d44120938554d8adf2489 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:97:ff:0f:e9:48:d2:23:2b:55:b5:50:e3:99: f1:c6:df:dd:e7:f0:9b:e4:87:a5:6b:4d:f2:10:bc: e9:16:fe:d7:72:0f:43:c0:8d:e3:d9:86:7c:3c:70: 6d:40:70:49:cd:58:43:e0:31:bc:f1:61:9a:99:57: 88:2b:ec:77:22:f9:19:13:8e:cd:fd:28:c5:0c:46: d6:e1:02:68:d2:30:78:af:47:f2:60:2e:50:05:ab: 1a:95:79:ff:b4:fe:bf:c4:a2:a0:bf:b2:3d:c9:51: 30:1e:3a:79:8a:42:4f:59:72:46:f1:bc:f6:de:49: 55:4c:e7:e9:98:05:d7:50:2f:9a:66:62:ec:3f:1e: 82:be:17:63:05:f9:31:32:f7:fc:7d:5a:ee:8d:07: a4:89:ee:15:fb:ce:12:55:ed:2d:5b:5a:ef:10:50: b4:0b:12:5b:ea:59:50:59:25:b3:a0:24:5a:14:41: f6:a5:a0:0f:1c:29:f1:a9:88:ab:a0:fb:8a:92:0b: ff:89:d6:55:c7:88:a5:9c:f9:39:a2:09:92:77:51: d5:34:da:1f:5d:15:60:5f:07:ad:b8:97:ce:bd:55: f2:63:f9:e0:8d:31:21:24:25:d1:44:ae:5a:a9:64: 7e:1b:17:78:dc:37:e5:e3:0d:12:21:36:ae:76:29: 1b:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C3:8D:AF:13:3D:28:6E:4E:7F:0D:44:12:09:38:55:4D:8A:DF:24:89 X509v3 Authority Key Identifier: keyid:4F:01:33:3F:86:CA:97:07:1A:0F:96:12:6B:A3:8E:22:52:E7:0A:34 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TwEzP4bKlwcaD5YSa6OOIlLnCjQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/64ecd9-a2f8-4685-a872-b4056916b18b/1/TwEzP4bKlwcaD5YSa6OOIlLnCjQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/64ecd9-a2f8-4685-a872-b4056916b18b/1/TwEzP4bKlwcaD5YSa6OOIlLnCjQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b8:d6:d7:2f:55:57:55:02:36:8d:a3:aa:b8:3d:f8:48:ef:9b: 6c:34:5d:9e:2d:f4:49:33:d9:7e:b9:ba:e8:0f:81:20:46:c0: d9:9f:2c:6d:98:9e:4e:08:4c:69:4d:05:63:19:bc:f3:3c:b4: 92:0f:fd:4a:d1:8c:c8:03:97:83:5b:c1:be:92:78:4c:2f:86: e7:19:6d:f9:b8:f1:01:bb:ae:d7:e5:b6:2c:22:bc:e4:88:b5: 63:a2:43:30:e1:04:06:0c:ab:2c:0f:0b:03:57:5d:46:6d:0c: 5f:2a:ed:ab:d4:81:da:c6:bd:57:ec:db:d8:99:c1:62:c7:d1: c5:59:cc:01:2d:58:a6:59:24:82:df:81:5b:7a:30:7b:f1:06: 5b:27:81:28:36:ae:40:e3:02:d0:cf:53:f2:df:98:95:03:a7: a1:61:89:0d:4d:19:1f:f0:9b:aa:33:7b:62:11:17:ea:23:74: 13:e9:8e:dd:33:3a:85:59:21:28:94:df:82:3f:fe:c1:35:42: 4f:bb:74:37:54:62:28:14:74:59:f4:53:98:c8:9f:89:08:bc: 3a:04:cc:16:67:67:0c:d7:d7:4d:56:5a:1e:ba:f1:8b:88:a0: b5:60:96:f4:e4:dd:59:2c:dd:11:97:2b:c0:a0:ad:d0:c1:a4: bb:9b:fe:39 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZdwVoDuxt7VN1cEqa5p4XMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRmMDEzMzNmODZjYTk3MDcxYTBmOTYxMjZiYTM4ZTIyNTJl NzBhMzQwHhcNMjUxMjI2MDcwMjEwWhcNMjUxMjI3MDcwMjEwWjAzMTEwLwYDVQQD EyhjMzhkYWYxMzNkMjg2ZTRlN2YwZDQ0MTIwOTM4NTU0ZDhhZGYyNDg5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnpf/D+lI0iMrVbVQ45nxxt/d5/Cb 5Iela03yELzpFv7Xcg9DwI3j2YZ8PHBtQHBJzVhD4DG88WGamVeIK+x3IvkZE47N /SjFDEbW4QJo0jB4r0fyYC5QBasalXn/tP6/xKKgv7I9yVEwHjp5ikJPWXJG8bz2 3klVTOfpmAXXUC+aZmLsPx6CvhdjBfkxMvf8fVrujQekie4V+84SVe0tW1rvEFC0 CxJb6llQWSWzoCRaFEH2paAPHCnxqYiroPuKkgv/idZVx4ilnPk5ogmSd1HVNNof XRVgXwetuJfOvVXyY/ngjTEhJCXRRK5aqWR+Gxd43Dfl4w0SITaudikbjQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMONrxM9KG5Ofw1EEgk4VU2K3ySJMB8GA1UdIwQY MBaAFE8BMz+GypcHGg+WEmujjiJS5wo0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVHdFelA0Yktsd2NhRDVZU2E2T09JbExuQ2pRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS82NGVjZDktYTJmOC00Njg1LWE4NzIt YjQwNTY5MTZiMThiLzEvVHdFelA0Yktsd2NhRDVZU2E2T09JbExuQ2pRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMS82NGVjZDktYTJmOC00Njg1LWE4NzItYjQwNTY5MTZiMThi LzEvVHdFelA0Yktsd2NhRDVZU2E2T09JbExuQ2pRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuNbXL1VX VQI2jaOquD34SO+bbDRdni30STPZfrm66A+BIEbA2Z8sbZieTghMaU0FYxm88zy0 kg/9StGMyAOXg1vBvpJ4TC+G5xlt+bjxAbuu1+W2LCK85Ii1Y6JDMOEEBgyrLA8L A1ddRm0MXyrtq9SB2sa9V+zb2JnBYsfRxVnMAS1Yplkkgt+BW3owe/EGWyeBKDau QOMC0M9T8t+YlQOnoWGJDU0ZH/CbqjN7YhEX6iN0E+mO3TM6hVkhKJTfgj/+wTVC T7t0N1RiKBR0WfRTmMifiQi8OgTMFmdnDNfXTVZaHrrxi4igtWCW9OTdWSzdEZcr wKCt0MGku5v+OQ== -----END CERTIFICATE-----Generated at Fri Dec 26 14:17:24 2025 by rpki-client