This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/ba784d-746e-49e7-a408-4abaf53a50af/1/tczdiD9t0RTs9vcnFqhGNPZ6yXc.mft File: tczdiD9t0RTs9vcnFqhGNPZ6yXc.mft (raw, json) Hash identifier: D8VwW3c0DfzKoySPcaJ9GavW8fv0jHX+tbgWpC5KyF0= Subject key identifier: 3C:F5:5A:16:45:86:92:5A:60:5A:2D:16:98:7B:0D:47:FF:7F:4C:78 Authority key identifier: B5:CC:DD:88:3F:6D:D1:14:EC:F6:F7:27:16:A8:46:34:F6:7A:C9:77 Certificate issuer: /CN=b5ccdd883f6dd114ecf6f72716a84634f67ac977 Certificate serial: 019B59E36E80F73A5753F58B4DFFE124F72F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tczdiD9t0RTs9vcnFqhGNPZ6yXc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/ba784d-746e-49e7-a408-4abaf53a50af/1/tczdiD9t0RTs9vcnFqhGNPZ6yXc.mft Manifest number: 0DC8 Signing time: Fri 26 Dec 2025 09:00:35 +0000 Manifest this update: Fri 26 Dec 2025 09:00:35 +0000 Manifest next update: Sat 27 Dec 2025 09:00:35 +0000 Files and hashes: 1: 6mSAzptlMtavroiRBEbzErufO08.roa (hash: lJ5Bp/WretmXqwZLM24/DP1Oy5iyysz4o7F+olg5yZQ=) 2: tczdiD9t0RTs9vcnFqhGNPZ6yXc.crl (hash: Y0dF8uYpPAXyabroEUPwSYyP9J9a3UiU8QUrh0Cf8SE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/ba784d-746e-49e7-a408-4abaf53a50af/1/tczdiD9t0RTs9vcnFqhGNPZ6yXc.crl rsync://rpki.ripe.net/repository/DEFAULT/ea/ba784d-746e-49e7-a408-4abaf53a50af/1/tczdiD9t0RTs9vcnFqhGNPZ6yXc.mft rsync://rpki.ripe.net/repository/DEFAULT/tczdiD9t0RTs9vcnFqhGNPZ6yXc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:e3:6e:80:f7:3a:57:53:f5:8b:4d:ff:e1:24:f7:2f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b5ccdd883f6dd114ecf6f72716a84634f67ac977 Validity Not Before: Dec 26 09:00:35 2025 GMT Not After : Dec 27 09:00:35 2025 GMT Subject: CN=3cf55a164586925a605a2d16987b0d47ff7f4c78 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8a:e8:08:0f:80:24:8d:cc:08:50:9f:c4:65:6c: df:60:64:25:0c:b0:d8:c1:ed:06:6b:aa:46:95:cf: be:98:98:08:72:8e:60:8b:71:bc:c3:37:88:65:2f: a5:96:92:0f:57:5f:46:6a:47:ee:d3:7c:43:3e:e6: 62:30:67:fb:18:5c:bf:87:4b:8e:d9:45:d8:66:9d: ce:44:ce:34:40:e6:77:40:af:ae:ae:68:81:dc:05: 7f:97:bd:9d:fd:e3:f6:04:59:60:af:f4:75:1a:73: ff:cf:8e:14:cb:08:83:84:a3:b8:57:37:f5:f4:dd: b9:aa:93:57:eb:34:c6:9a:72:ac:f7:da:80:25:1f: 21:5b:77:66:9a:2b:22:e7:93:54:41:ac:25:14:ef: 6e:f3:66:37:7d:18:b5:fc:53:49:90:d1:1b:06:f3: 09:34:e7:5b:5e:a2:b9:36:4c:50:2f:78:a5:c0:35: 1c:c0:ee:55:b7:04:2a:b4:7d:ca:37:86:7d:19:3a: 75:88:54:cd:06:75:4d:e5:ed:66:cb:ce:cc:34:dd: 15:fb:bd:46:d2:56:ea:fa:d7:fc:94:b6:5f:9e:8e: fb:1a:d5:71:c2:ff:d6:a6:4c:a4:77:9a:78:aa:29: 07:31:07:20:a3:11:a7:cc:8c:c9:57:82:d6:1d:bd: d4:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3C:F5:5A:16:45:86:92:5A:60:5A:2D:16:98:7B:0D:47:FF:7F:4C:78 X509v3 Authority Key Identifier: keyid:B5:CC:DD:88:3F:6D:D1:14:EC:F6:F7:27:16:A8:46:34:F6:7A:C9:77 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tczdiD9t0RTs9vcnFqhGNPZ6yXc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/ba784d-746e-49e7-a408-4abaf53a50af/1/tczdiD9t0RTs9vcnFqhGNPZ6yXc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/ba784d-746e-49e7-a408-4abaf53a50af/1/tczdiD9t0RTs9vcnFqhGNPZ6yXc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9d:47:d9:05:9f:58:6b:4b:70:ba:b2:f7:bc:01:ae:e8:19:18: b9:80:64:d1:83:5c:d9:50:32:0d:a6:d5:93:37:29:13:db:2a: 99:e8:a4:b5:2c:bd:40:8a:62:4b:cc:ac:50:6d:9c:81:97:ff: 6d:45:54:32:b3:2f:8a:7b:1f:06:c4:df:a9:fb:7f:62:c0:0f: 6d:a5:64:5d:00:5a:81:85:62:6f:df:1c:a1:f3:21:db:16:d0: e9:a5:40:af:fe:93:5d:09:ca:c8:bf:0c:d8:fa:6c:87:87:ff: e5:ce:50:41:c1:d9:ce:f5:e0:6b:51:78:50:bb:cf:53:7a:88: 01:2c:4f:95:fe:4e:2b:3f:8b:bc:0b:a9:48:82:17:76:b4:41: a2:38:ea:dd:06:5d:43:75:e2:ab:e8:5b:12:bc:2b:26:d9:e4: 03:d5:66:3e:61:77:b0:a7:81:52:00:1c:b3:3b:b3:d8:23:57: 02:c2:c2:9e:f9:f7:9a:a9:d9:2e:57:db:35:ac:de:58:8d:1e: 58:22:74:10:31:f5:0a:87:95:d9:87:ee:a4:75:56:f7:a3:5f: 20:fe:cd:28:30:6e:dd:ef:7e:92:aa:93:d7:04:49:8d:8e:e2: 22:e2:be:ce:9f:57:84:63:bc:1d:b5:c5:c5:e3:5f:02:e1:78: 1b:ac:60:49 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZ426A9zpXU/WLTf/hJPcvMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI1Y2NkZDg4M2Y2ZGQxMTRlY2Y2ZjcyNzE2YTg0NjM0ZjY3 YWM5NzcwHhcNMjUxMjI2MDkwMDM1WhcNMjUxMjI3MDkwMDM1WjAzMTEwLwYDVQQD EygzY2Y1NWExNjQ1ODY5MjVhNjA1YTJkMTY5ODdiMGQ0N2ZmN2Y0Yzc4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiugID4AkjcwIUJ/EZWzfYGQlDLDY we0Ga6pGlc++mJgIco5gi3G8wzeIZS+llpIPV19Gakfu03xDPuZiMGf7GFy/h0uO 2UXYZp3ORM40QOZ3QK+urmiB3AV/l72d/eP2BFlgr/R1GnP/z44UywiDhKO4Vzf1 9N25qpNX6zTGmnKs99qAJR8hW3dmmisi55NUQawlFO9u82Y3fRi1/FNJkNEbBvMJ NOdbXqK5NkxQL3ilwDUcwO5VtwQqtH3KN4Z9GTp1iFTNBnVN5e1my87MNN0V+71G 0lbq+tf8lLZfno77GtVxwv/Wpkykd5p4qikHMQcgoxGnzIzJV4LWHb3UJwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDz1WhZFhpJaYFotFph7DUf/f0x4MB8GA1UdIwQY MBaAFLXM3Yg/bdEU7Pb3JxaoRjT2esl3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdGN6ZGlEOXQwUlRzOXZjbkZxaEdOUFo2eVhjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9iYTc4NGQtNzQ2ZS00OWU3LWE0MDgt NGFiYWY1M2E1MGFmLzEvdGN6ZGlEOXQwUlRzOXZjbkZxaEdOUFo2eVhjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lYS9iYTc4NGQtNzQ2ZS00OWU3LWE0MDgtNGFiYWY1M2E1MGFm LzEvdGN6ZGlEOXQwUlRzOXZjbkZxaEdOUFo2eVhjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnUfZBZ9Y a0twurL3vAGu6BkYuYBk0YNc2VAyDabVkzcpE9sqmeiktSy9QIpiS8ysUG2cgZf/ bUVUMrMvinsfBsTfqft/YsAPbaVkXQBagYVib98cofMh2xbQ6aVAr/6TXQnKyL8M 2Ppsh4f/5c5QQcHZzvXga1F4ULvPU3qIASxPlf5OKz+LvAupSIIXdrRBojjq3QZd Q3Xiq+hbErwrJtnkA9VmPmF3sKeBUgAcszuz2CNXAsLCnvn3mqnZLlfbNazeWI0e WCJ0EDH1CoeV2YfupHVW96NfIP7NKDBu3e9+kqqT1wRJjY7iIuK+zp9XhGO8HbXF xeNfAuF4G6xgSQ== -----END CERTIFICATE-----Generated at Fri Dec 26 14:17:21 2025 by rpki-client