This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/bfb817-7e2d-4458-bab1-d1750020caf5/1/_tdzOdk4vvCHWZKTwgGzufgiNiM.mft File: _tdzOdk4vvCHWZKTwgGzufgiNiM.mft (raw, json) Hash identifier: 1FHLNPjJpeYGNe7ycfp//4AVl1ols6N/l6lQQ0oQL9Y= Subject key identifier: B3:97:39:65:FC:90:77:9C:9D:F8:57:3B:3D:FF:9B:C7:76:E4:D8:33 Authority key identifier: FE:D7:73:39:D9:38:BE:F0:87:59:92:93:C2:01:B3:B9:F8:22:36:23 Certificate issuer: /CN=fed77339d938bef087599293c201b3b9f8223623 Certificate serial: 019B47700E9B7D683A3A6BA0A12EE5DF220D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_tdzOdk4vvCHWZKTwgGzufgiNiM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/bfb817-7e2d-4458-bab1-d1750020caf5/1/_tdzOdk4vvCHWZKTwgGzufgiNiM.mft Manifest number: 171F Signing time: Mon 22 Dec 2025 19:01:24 +0000 Manifest this update: Mon 22 Dec 2025 19:01:24 +0000 Manifest next update: Tue 23 Dec 2025 19:01:24 +0000 Files and hashes: 1: JiqQ-b59vNl0MF5eVXzf0TfeO3c.roa (hash: OKAd29RpT9wnjVFO/8cLOZm/b/ev+jNX/rx5kLKiews=) 2: _tdzOdk4vvCHWZKTwgGzufgiNiM.crl (hash: fc0CLdLoEivHqFAFC0GgXOd9/LJRyqF7TGsYCc1k10E=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/bfb817-7e2d-4458-bab1-d1750020caf5/1/_tdzOdk4vvCHWZKTwgGzufgiNiM.crl rsync://rpki.ripe.net/repository/DEFAULT/da/bfb817-7e2d-4458-bab1-d1750020caf5/1/_tdzOdk4vvCHWZKTwgGzufgiNiM.mft rsync://rpki.ripe.net/repository/DEFAULT/_tdzOdk4vvCHWZKTwgGzufgiNiM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 15:30:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:47:70:0e:9b:7d:68:3a:3a:6b:a0:a1:2e:e5:df:22:0d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=fed77339d938bef087599293c201b3b9f8223623 Validity Not Before: Dec 22 19:01:24 2025 GMT Not After : Dec 23 19:01:24 2025 GMT Subject: CN=b3973965fc90779c9df8573b3dff9bc776e4d833 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:f6:45:cf:0b:ef:f2:37:bf:e6:fe:a7:cb:f1: bb:b1:68:b9:ad:6f:d9:3e:de:ad:e9:3d:c7:48:99: c9:76:6a:e2:9d:68:f6:bb:22:78:21:71:3e:99:f8: 47:9d:be:78:0c:cf:b0:36:d2:40:17:f4:47:e0:0a: f6:35:05:e9:77:51:5d:e9:81:9d:3b:32:52:6e:c2: 80:89:2b:27:52:99:cb:a4:72:10:19:ed:f6:28:0b: 88:39:3f:66:5b:5c:b5:3f:c5:78:17:57:21:ea:42: 05:40:95:53:76:ae:9a:f4:b8:a7:c6:df:5e:b4:ce: bd:55:de:38:dc:7d:cd:db:36:82:ac:e2:49:04:10: 65:63:51:41:dd:1c:28:06:db:ae:bd:9e:51:f3:c7: a1:9a:3b:b5:3e:d6:01:45:38:57:72:b0:f8:18:6f: e8:4e:ca:6f:ca:70:5b:03:c2:d3:aa:1d:c3:17:79: d3:e0:a2:ee:17:98:e2:b1:56:3d:4a:36:61:a7:b2: 47:2e:37:34:64:60:6d:ea:89:a2:8b:b9:f2:9e:42: f5:86:d9:49:53:5a:c5:20:d9:68:51:fa:c5:55:73: 6e:2e:f5:13:74:6c:17:2b:64:aa:35:65:28:59:eb: ce:8b:1c:bb:ea:0f:77:ab:90:14:c1:7e:33:12:df: e0:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B3:97:39:65:FC:90:77:9C:9D:F8:57:3B:3D:FF:9B:C7:76:E4:D8:33 X509v3 Authority Key Identifier: keyid:FE:D7:73:39:D9:38:BE:F0:87:59:92:93:C2:01:B3:B9:F8:22:36:23 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_tdzOdk4vvCHWZKTwgGzufgiNiM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/bfb817-7e2d-4458-bab1-d1750020caf5/1/_tdzOdk4vvCHWZKTwgGzufgiNiM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/da/bfb817-7e2d-4458-bab1-d1750020caf5/1/_tdzOdk4vvCHWZKTwgGzufgiNiM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a0:0f:db:a0:90:45:cd:69:f0:fc:64:5d:ca:79:c0:bf:fc:74: aa:19:8a:3a:59:eb:8a:f0:e4:de:a3:fa:7f:99:62:79:8a:96: 7c:dc:7d:55:72:f2:c0:d8:e3:99:6c:d6:1e:c3:06:8d:00:30: 3a:ea:55:2e:cd:7b:7f:b0:b5:d4:8a:aa:c0:e0:c0:f2:9c:3b: 05:40:33:18:ad:75:48:9d:fe:da:2e:b8:cc:56:16:4b:9c:87: c0:07:3e:bc:ff:3a:cc:de:fa:ac:a8:3b:59:57:85:66:eb:8f: 98:fc:fd:d6:b7:db:e1:4d:77:4d:7c:11:00:9f:6a:08:0c:f0: 51:50:ad:bc:f6:19:55:d4:f6:69:58:a3:52:db:14:79:84:99: 89:7f:8e:d9:b3:a2:69:f2:46:7a:56:ad:4d:05:57:8c:db:71: 8d:33:d8:93:c0:3f:2d:60:5d:21:c4:05:f0:f1:2c:52:3c:20: e3:3e:87:cd:3e:aa:69:41:ee:65:65:88:fd:78:c3:82:00:53: 5b:75:76:f9:44:92:a7:44:69:ee:24:60:ca:d4:60:43:85:cc: b9:e6:42:1b:b0:fe:a9:b0:60:1a:ab:87:42:09:d6:e8:b6:99: 63:3b:4a:74:3a:22:2c:14:64:54:09:91:1f:8e:a3:31:a1:6a: 47:c8:7f:cb -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtHcA6bfWg6OmugoS7l3yINMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGZlZDc3MzM5ZDkzOGJlZjA4NzU5OTI5M2MyMDFiM2I5Zjgy MjM2MjMwHhcNMjUxMjIyMTkwMTI0WhcNMjUxMjIzMTkwMTI0WjAzMTEwLwYDVQQD EyhiMzk3Mzk2NWZjOTA3NzljOWRmODU3M2IzZGZmOWJjNzc2ZTRkODMzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqPZFzwvv8je/5v6ny/G7sWi5rW/Z Pt6t6T3HSJnJdmrinWj2uyJ4IXE+mfhHnb54DM+wNtJAF/RH4Ar2NQXpd1Fd6YGd OzJSbsKAiSsnUpnLpHIQGe32KAuIOT9mW1y1P8V4F1ch6kIFQJVTdq6a9Linxt9e tM69Vd443H3N2zaCrOJJBBBlY1FB3RwoBtuuvZ5R88ehmju1PtYBRThXcrD4GG/o TspvynBbA8LTqh3DF3nT4KLuF5jisVY9SjZhp7JHLjc0ZGBt6omii7nynkL1htlJ U1rFINloUfrFVXNuLvUTdGwXK2SqNWUoWevOixy76g93q5AUwX4zEt/gGQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLOXOWX8kHecnfhXOz3/m8d25NgzMB8GA1UdIwQY MBaAFP7XcznZOL7wh1mSk8IBs7n4IjYjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvX3Rkek9kazR2dkNIV1pLVHdnR3p1ZmdpTmlNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9iZmI4MTctN2UyZC00NDU4LWJhYjEt ZDE3NTAwMjBjYWY1LzEvX3Rkek9kazR2dkNIV1pLVHdnR3p1ZmdpTmlNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kYS9iZmI4MTctN2UyZC00NDU4LWJhYjEtZDE3NTAwMjBjYWY1 LzEvX3Rkek9kazR2dkNIV1pLVHdnR3p1ZmdpTmlNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoA/boJBF zWnw/GRdynnAv/x0qhmKOlnrivDk3qP6f5lieYqWfNx9VXLywNjjmWzWHsMGjQAw OupVLs17f7C11IqqwODA8pw7BUAzGK11SJ3+2i64zFYWS5yHwAc+vP86zN76rKg7 WVeFZuuPmPz91rfb4U13TXwRAJ9qCAzwUVCtvPYZVdT2aVijUtsUeYSZiX+O2bOi afJGelatTQVXjNtxjTPYk8A/LWBdIcQF8PEsUjwg4z6HzT6qaUHuZWWI/XjDggBT W3V2+USSp0Rp7iRgytRgQ4XMueZCG7D+qbBgGquHQgnW6LaZYztKdDoiLBRkVAmR H46jMaFqR8h/yw== -----END CERTIFICATE-----Generated at Mon Dec 22 20:28:07 2025 by rpki-client