This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/bfb817-7e2d-4458-bab1-d1750020caf5/1/_tdzOdk4vvCHWZKTwgGzufgiNiM.mft File: _tdzOdk4vvCHWZKTwgGzufgiNiM.mft (raw, json) Hash identifier: wytgmoU71gW47ueyk50MS8v52LAj+ftxxotDGZ7Yeb4= Subject key identifier: 5A:C8:3F:9A:24:58:C5:47:B0:77:DB:E2:04:C2:11:78:49:C1:9A:16 Authority key identifier: FE:D7:73:39:D9:38:BE:F0:87:59:92:93:C2:01:B3:B9:F8:22:36:23 Certificate issuer: /CN=fed77339d938bef087599293c201b3b9f8223623 Certificate serial: 019B41A4EBEE77C7BC9ADF6B7C7D38AAF9D7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_tdzOdk4vvCHWZKTwgGzufgiNiM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/bfb817-7e2d-4458-bab1-d1750020caf5/1/_tdzOdk4vvCHWZKTwgGzufgiNiM.mft Manifest number: 171C Signing time: Sun 21 Dec 2025 16:01:25 +0000 Manifest this update: Sun 21 Dec 2025 16:01:25 +0000 Manifest next update: Mon 22 Dec 2025 16:01:25 +0000 Files and hashes: 1: JiqQ-b59vNl0MF5eVXzf0TfeO3c.roa (hash: OKAd29RpT9wnjVFO/8cLOZm/b/ev+jNX/rx5kLKiews=) 2: _tdzOdk4vvCHWZKTwgGzufgiNiM.crl (hash: hI4sXdIF/xpH7UvghxhVqjsDELGW/4O/Obq1NwWiKLs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/bfb817-7e2d-4458-bab1-d1750020caf5/1/_tdzOdk4vvCHWZKTwgGzufgiNiM.crl rsync://rpki.ripe.net/repository/DEFAULT/da/bfb817-7e2d-4458-bab1-d1750020caf5/1/_tdzOdk4vvCHWZKTwgGzufgiNiM.mft rsync://rpki.ripe.net/repository/DEFAULT/_tdzOdk4vvCHWZKTwgGzufgiNiM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 13:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:41:a4:eb:ee:77:c7:bc:9a:df:6b:7c:7d:38:aa:f9:d7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=fed77339d938bef087599293c201b3b9f8223623 Validity Not Before: Dec 21 16:01:25 2025 GMT Not After : Dec 22 16:01:25 2025 GMT Subject: CN=5ac83f9a2458c547b077dbe204c2117849c19a16 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:ed:05:e9:63:f8:b2:a7:41:d2:b5:d8:38:e3: ce:a6:92:63:ef:01:c7:59:93:73:54:92:68:a2:31: f8:29:f0:28:67:31:90:a2:68:56:b6:0b:e2:66:74: 70:1f:79:ab:58:3a:ae:4a:1f:09:1e:ec:1e:28:51: bb:07:2e:ee:9d:5b:40:14:e9:be:15:d9:37:5d:05: c9:69:28:88:a6:11:9d:72:ff:5b:66:2e:e9:ef:f6: 4c:5f:2e:99:95:ca:71:85:fc:77:e3:bc:91:ed:c8: 59:54:31:fa:4c:5a:f7:7d:33:52:23:1c:4b:44:a3: 43:31:68:cf:3e:a2:64:44:30:6c:79:35:e7:8f:7d: cd:6c:5c:34:cf:c6:36:80:ec:04:be:db:c4:8c:45: 7a:41:74:0d:47:37:51:84:0f:52:74:95:98:1e:80: b7:5a:fd:56:7b:99:c6:b0:00:92:a0:68:93:f1:ab: 88:9d:fd:cd:8a:a1:a5:f2:9e:72:c7:07:d7:5f:d4: bf:20:d1:4e:f5:24:66:99:41:0f:35:73:80:66:d6: 46:ab:69:8c:f4:ca:7f:8b:c6:dd:b0:a3:b1:77:86: 3a:68:fc:56:ab:d2:eb:d1:90:d5:82:23:cf:59:66: 4f:8b:d4:55:06:5d:a1:94:8f:97:e2:c1:2d:7c:f1: 23:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5A:C8:3F:9A:24:58:C5:47:B0:77:DB:E2:04:C2:11:78:49:C1:9A:16 X509v3 Authority Key Identifier: keyid:FE:D7:73:39:D9:38:BE:F0:87:59:92:93:C2:01:B3:B9:F8:22:36:23 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_tdzOdk4vvCHWZKTwgGzufgiNiM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/bfb817-7e2d-4458-bab1-d1750020caf5/1/_tdzOdk4vvCHWZKTwgGzufgiNiM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/da/bfb817-7e2d-4458-bab1-d1750020caf5/1/_tdzOdk4vvCHWZKTwgGzufgiNiM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1e:7a:c0:04:d7:8f:e4:7d:ee:12:59:22:a3:36:29:83:19:e5: 89:ab:44:e2:fa:9d:6e:33:af:a7:fa:f2:8a:d4:ef:f0:6f:62: 80:d6:e0:cd:95:b0:0d:59:46:6b:cc:fc:1a:7c:e7:bb:96:b4: 13:47:0b:62:b8:f3:cf:d1:0e:5a:d3:08:75:ea:09:ff:c0:c9: f8:60:09:0c:c3:83:de:41:02:3b:72:d6:40:29:51:9c:b1:ea: 50:b6:d3:02:61:57:1d:10:56:09:bb:13:5f:22:8d:82:60:6f: 22:31:13:0c:7b:65:ce:3e:b5:14:7e:22:e2:27:df:e0:55:7a: 0c:80:d4:8c:60:15:76:40:5e:20:4e:d2:69:12:fa:6b:39:bc: 12:dd:ae:4a:79:47:81:12:64:b7:4a:f1:34:d3:90:6a:28:7f: 00:92:6d:e1:70:c8:8d:8e:4b:16:28:ab:58:0b:8d:02:ea:d6: fc:17:01:df:87:c7:ff:44:15:72:c4:f6:3d:d2:cc:06:df:53: 17:b2:ca:f9:8e:72:4f:d3:b8:56:f6:b6:a4:50:4e:ca:91:87: 46:5e:31:5c:11:9e:f1:ed:c6:f9:2a:6c:76:18:9d:f1:a2:68: d6:a9:2a:3c:fe:27:f1:7b:9c:c5:a6:a8:51:20:29:66:02:58: 8f:08:36:64 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtBpOvud8e8mt9rfH04qvnXMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGZlZDc3MzM5ZDkzOGJlZjA4NzU5OTI5M2MyMDFiM2I5Zjgy MjM2MjMwHhcNMjUxMjIxMTYwMTI1WhcNMjUxMjIyMTYwMTI1WjAzMTEwLwYDVQQD Eyg1YWM4M2Y5YTI0NThjNTQ3YjA3N2RiZTIwNGMyMTE3ODQ5YzE5YTE2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5O0F6WP4sqdB0rXYOOPOppJj7wHH WZNzVJJoojH4KfAoZzGQomhWtgviZnRwH3mrWDquSh8JHuweKFG7By7unVtAFOm+ Fdk3XQXJaSiIphGdcv9bZi7p7/ZMXy6Zlcpxhfx347yR7chZVDH6TFr3fTNSIxxL RKNDMWjPPqJkRDBseTXnj33NbFw0z8Y2gOwEvtvEjEV6QXQNRzdRhA9SdJWYHoC3 Wv1We5nGsACSoGiT8auInf3NiqGl8p5yxwfXX9S/INFO9SRmmUEPNXOAZtZGq2mM 9Mp/i8bdsKOxd4Y6aPxWq9Lr0ZDVgiPPWWZPi9RVBl2hlI+X4sEtfPEjCwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFrIP5okWMVHsHfb4gTCEXhJwZoWMB8GA1UdIwQY MBaAFP7XcznZOL7wh1mSk8IBs7n4IjYjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvX3Rkek9kazR2dkNIV1pLVHdnR3p1ZmdpTmlNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9iZmI4MTctN2UyZC00NDU4LWJhYjEt ZDE3NTAwMjBjYWY1LzEvX3Rkek9kazR2dkNIV1pLVHdnR3p1ZmdpTmlNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kYS9iZmI4MTctN2UyZC00NDU4LWJhYjEtZDE3NTAwMjBjYWY1 LzEvX3Rkek9kazR2dkNIV1pLVHdnR3p1ZmdpTmlNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHnrABNeP 5H3uElkiozYpgxnliatE4vqdbjOvp/ryitTv8G9igNbgzZWwDVlGa8z8Gnznu5a0 E0cLYrjzz9EOWtMIdeoJ/8DJ+GAJDMOD3kECO3LWQClRnLHqULbTAmFXHRBWCbsT XyKNgmBvIjETDHtlzj61FH4i4iff4FV6DIDUjGAVdkBeIE7SaRL6azm8Et2uSnlH gRJkt0rxNNOQaih/AJJt4XDIjY5LFiirWAuNAurW/BcB34fH/0QVcsT2PdLMBt9T F7LK+Y5yT9O4Vva2pFBOypGHRl4xXBGe8e3G+Spsdhid8aJo1qkqPP4n8Xucxaao USApZgJYjwg2ZA== -----END CERTIFICATE-----Generated at Sun Dec 21 21:16:08 2025 by rpki-client