This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/1TVDIcElQ2AUXq8l9pk4uN80ezE.mft File: 1TVDIcElQ2AUXq8l9pk4uN80ezE.mft (raw, json) Hash identifier: zGwNNvF0PATVqm2XqEGIMUyGkxmrxswZhOy8towFEUI= Subject key identifier: 47:DF:6C:91:4E:6C:8B:08:4C:D4:1D:C5:2E:B0:AA:AC:B1:D2:8C:FF Authority key identifier: D5:35:43:21:C1:25:43:60:14:5E:AF:25:F6:99:38:B8:DF:34:7B:31 Certificate issuer: /CN=d5354321c1254360145eaf25f69938b8df347b31 Certificate serial: 019B42EEA9E93F10BB6D873444F0530F9D85 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1TVDIcElQ2AUXq8l9pk4uN80ezE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/1TVDIcElQ2AUXq8l9pk4uN80ezE.mft Manifest number: 0C8B Signing time: Sun 21 Dec 2025 22:01:35 +0000 Manifest this update: Sun 21 Dec 2025 22:01:35 +0000 Manifest next update: Mon 22 Dec 2025 22:01:35 +0000 Files and hashes: 1: 1TVDIcElQ2AUXq8l9pk4uN80ezE.crl (hash: pOo43whO0b3rHv8WMu3rD0yRlnBepAzrjcowC5lEkPU=) 2: YLggX1zVSuzWscKfrJDHnrsh8ls.roa (hash: 7Jlfup6Pw3zmGnZu3LgfRRcWJ28VWesMcyWjGhyh+m8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/1TVDIcElQ2AUXq8l9pk4uN80ezE.crl rsync://rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/1TVDIcElQ2AUXq8l9pk4uN80ezE.mft rsync://rpki.ripe.net/repository/DEFAULT/1TVDIcElQ2AUXq8l9pk4uN80ezE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:42:ee:a9:e9:3f:10:bb:6d:87:34:44:f0:53:0f:9d:85 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d5354321c1254360145eaf25f69938b8df347b31 Validity Not Before: Dec 21 22:01:35 2025 GMT Not After : Dec 22 22:01:35 2025 GMT Subject: CN=47df6c914e6c8b084cd41dc52eb0aaacb1d28cff Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:56:dc:a0:f3:72:8c:b5:d4:8f:64:44:64:2b: f9:bb:da:d2:f2:a5:7d:be:c2:fc:9b:9e:bb:b8:d2: 45:cf:c3:f6:06:9d:86:30:52:4f:f7:50:33:45:47: f7:3b:c7:97:ef:dc:2b:a4:f0:54:fe:c9:51:a3:7d: f2:3d:b9:4b:ea:a4:f7:fb:12:51:07:b0:a5:8a:61: 7b:fb:98:b9:97:b2:4f:0b:64:3b:6e:90:a1:cb:f5: ef:3e:37:b0:eb:a3:9a:bf:86:96:2b:f2:b4:e6:7e: 59:4f:64:1d:24:cb:df:ea:18:c9:b5:26:0b:24:c5: 76:e2:c5:14:dd:8e:60:a8:cf:dc:5b:55:a5:b5:6e: 18:7b:38:5c:4a:51:08:07:a4:2b:af:2e:70:90:88: 11:61:18:8b:87:a1:76:9e:53:7c:e9:fe:c3:a0:1e: 02:2d:a1:b4:b5:2e:cb:36:d9:8a:cf:02:24:65:c5: 18:c4:5f:4c:35:91:f9:8d:c2:4d:08:7e:1f:b6:de: dc:8b:3f:af:10:8c:dd:81:8a:45:9a:2b:b0:d6:69: d8:21:6e:70:bd:45:f8:d7:f4:09:07:c3:41:da:b0: ef:f0:67:ca:b7:b8:95:bb:a7:05:29:cb:5a:15:2d: b5:39:2f:64:3b:b5:f9:37:3c:93:f8:39:93:7e:c6: f0:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 47:DF:6C:91:4E:6C:8B:08:4C:D4:1D:C5:2E:B0:AA:AC:B1:D2:8C:FF X509v3 Authority Key Identifier: keyid:D5:35:43:21:C1:25:43:60:14:5E:AF:25:F6:99:38:B8:DF:34:7B:31 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1TVDIcElQ2AUXq8l9pk4uN80ezE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/1TVDIcElQ2AUXq8l9pk4uN80ezE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/1TVDIcElQ2AUXq8l9pk4uN80ezE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1c:a2:e0:1f:ee:10:14:e6:9d:cb:f9:5f:85:82:45:b8:60:28: 69:7d:75:10:e6:91:25:ce:0a:43:5b:67:43:bb:43:8c:30:b4: fc:14:63:bc:70:24:b7:2d:09:20:15:72:ec:4b:3e:06:11:aa: 78:b0:2a:ce:0c:02:c5:8a:28:86:55:35:62:44:df:13:a7:3b: 6b:22:33:8b:e9:5e:05:76:99:ee:a5:f3:05:34:0b:26:ce:d8: fc:3b:52:52:e7:8f:74:43:30:c4:c5:f5:c2:e6:af:23:f2:76: 55:a4:52:fb:ce:2f:60:33:ee:26:57:86:c7:e7:48:ee:8c:bc: cd:b8:29:b4:9a:74:4d:8d:ed:59:73:a1:ee:ef:e2:73:4f:f9: 55:26:1f:3f:f6:f8:de:6c:04:55:0c:6b:6d:b8:4b:70:e2:93: d0:a0:50:52:bf:c0:d2:8b:dc:40:1f:3a:ab:13:7d:f0:7f:94: 6a:ce:29:e6:57:e0:c3:73:6b:cb:7c:e4:ff:3e:a5:f9:07:38: 86:8b:0a:db:bd:33:c9:1c:30:f0:c4:3b:32:8c:f9:40:7c:2a: 91:b7:3b:9c:10:d8:33:7d:6e:5c:ca:5a:d1:ee:f3:19:00:a8: 13:38:a7:a9:9b:c6:88:b4:9f:ca:3a:83:be:fb:0d:0f:bb:18: 15:02:79:36 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtC7qnpPxC7bYc0RPBTD52FMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ1MzU0MzIxYzEyNTQzNjAxNDVlYWYyNWY2OTkzOGI4ZGYz NDdiMzEwHhcNMjUxMjIxMjIwMTM1WhcNMjUxMjIyMjIwMTM1WjAzMTEwLwYDVQQD Eyg0N2RmNmM5MTRlNmM4YjA4NGNkNDFkYzUyZWIwYWFhY2IxZDI4Y2ZmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3FbcoPNyjLXUj2REZCv5u9rS8qV9 vsL8m567uNJFz8P2Bp2GMFJP91AzRUf3O8eX79wrpPBU/slRo33yPblL6qT3+xJR B7ClimF7+5i5l7JPC2Q7bpChy/XvPjew66Oav4aWK/K05n5ZT2QdJMvf6hjJtSYL JMV24sUU3Y5gqM/cW1WltW4YezhcSlEIB6Qrry5wkIgRYRiLh6F2nlN86f7DoB4C LaG0tS7LNtmKzwIkZcUYxF9MNZH5jcJNCH4ftt7ciz+vEIzdgYpFmiuw1mnYIW5w vUX41/QJB8NB2rDv8GfKt7iVu6cFKctaFS21OS9kO7X5NzyT+DmTfsbwOwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEffbJFObIsITNQdxS6wqqyx0oz/MB8GA1UdIwQY MBaAFNU1QyHBJUNgFF6vJfaZOLjfNHsxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMVRWREljRWxRMkFVWHE4bDlwazR1TjgwZXpFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9kOWY5YTgtZGEwMS00ZDM1LTgyODQt YjY0ZWI4ZDgzNjU4LzEvMVRWREljRWxRMkFVWHE4bDlwazR1TjgwZXpFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lYS9kOWY5YTgtZGEwMS00ZDM1LTgyODQtYjY0ZWI4ZDgzNjU4 LzEvMVRWREljRWxRMkFVWHE4bDlwazR1TjgwZXpFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHKLgH+4Q FOady/lfhYJFuGAoaX11EOaRJc4KQ1tnQ7tDjDC0/BRjvHAkty0JIBVy7Es+BhGq eLAqzgwCxYoohlU1YkTfE6c7ayIzi+leBXaZ7qXzBTQLJs7Y/DtSUuePdEMwxMX1 wuavI/J2VaRS+84vYDPuJleGx+dI7oy8zbgptJp0TY3tWXOh7u/ic0/5VSYfP/b4 3mwEVQxrbbhLcOKT0KBQUr/A0ovcQB86qxN98H+Uas4p5lfgw3Nry3zk/z6l+Qc4 hosK270zyRww8MQ7Moz5QHwqkbc7nBDYM31uXMpa0e7zGQCoEzinqZvGiLSfyjqD vvsND7sYFQJ5Ng== -----END CERTIFICATE-----Generated at Mon Dec 22 05:49:52 2025 by rpki-client