This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/1TVDIcElQ2AUXq8l9pk4uN80ezE.mft File: 1TVDIcElQ2AUXq8l9pk4uN80ezE.mft (raw, json) Hash identifier: lQCMtI+voBqwTKLZZmRbJiZtXgXjuZXZHaR/ouYztng= Subject key identifier: AF:45:C1:E4:C6:DF:75:A7:19:49:80:26:EC:09:2F:8B:AD:CB:AB:20 Authority key identifier: D5:35:43:21:C1:25:43:60:14:5E:AF:25:F6:99:38:B8:DF:34:7B:31 Certificate issuer: /CN=d5354321c1254360145eaf25f69938b8df347b31 Certificate serial: 019B25F664FE3310BF6F54F881D2FBFD9F58 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1TVDIcElQ2AUXq8l9pk4uN80ezE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/1TVDIcElQ2AUXq8l9pk4uN80ezE.mft Manifest number: 0C7C Signing time: Tue 16 Dec 2025 07:01:03 +0000 Manifest this update: Tue 16 Dec 2025 07:01:03 +0000 Manifest next update: Wed 17 Dec 2025 07:01:03 +0000 Files and hashes: 1: 1TVDIcElQ2AUXq8l9pk4uN80ezE.crl (hash: OvEGKQUjR9KaNFqzTVn1fhUmWRbnrBEQH2B0rR7AL24=) 2: YLggX1zVSuzWscKfrJDHnrsh8ls.roa (hash: 7Jlfup6Pw3zmGnZu3LgfRRcWJ28VWesMcyWjGhyh+m8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/1TVDIcElQ2AUXq8l9pk4uN80ezE.crl rsync://rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/1TVDIcElQ2AUXq8l9pk4uN80ezE.mft rsync://rpki.ripe.net/repository/DEFAULT/1TVDIcElQ2AUXq8l9pk4uN80ezE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 17 Dec 2025 07:01:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:25:f6:64:fe:33:10:bf:6f:54:f8:81:d2:fb:fd:9f:58 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d5354321c1254360145eaf25f69938b8df347b31 Validity Not Before: Dec 16 07:01:03 2025 GMT Not After : Dec 17 07:01:03 2025 GMT Subject: CN=af45c1e4c6df75a719498026ec092f8badcbab20 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:84:7f:39:64:83:2e:da:48:1c:6e:d7:35:35: 4d:c0:4c:d6:43:da:4a:91:c1:18:fb:b3:2a:e1:99: a1:fb:e5:c2:f3:35:92:11:59:20:c0:c7:7e:0b:b6: bc:4c:c3:54:45:af:41:4f:d4:e9:2c:a1:a4:cf:df: d2:91:cf:7e:23:0a:56:15:c8:45:32:34:bd:20:bd: 98:ef:f5:01:28:49:ab:bd:cf:6a:1c:cc:9e:95:08: ac:2e:e5:dc:9b:f7:79:1d:e4:4b:1a:76:af:ad:b4: 94:4e:de:d6:a7:77:d7:b1:7c:e1:5b:e9:b1:29:81: 09:64:0e:b4:11:16:3f:e2:98:e0:1a:8b:ee:d9:35: 94:a7:c7:6d:f8:d2:6b:f1:42:86:87:a2:cc:ac:e5: 9a:9a:dd:16:63:c7:3f:bc:cb:f5:e1:df:79:2c:92: 9d:40:f8:8f:ef:86:d1:fc:a8:37:11:66:7c:de:57: e3:0c:12:5e:56:19:8d:34:cc:fb:07:d7:c5:35:e4: 29:86:17:11:f7:9e:1e:c1:ae:9a:df:e1:6c:00:e2: 6e:ea:1e:11:65:73:c5:45:02:51:33:2f:06:20:44: 10:6f:37:41:80:23:85:6e:96:6a:b6:29:d3:6b:26: b7:9c:23:90:4d:26:e2:06:d6:f8:61:69:e5:48:b4: df:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AF:45:C1:E4:C6:DF:75:A7:19:49:80:26:EC:09:2F:8B:AD:CB:AB:20 X509v3 Authority Key Identifier: keyid:D5:35:43:21:C1:25:43:60:14:5E:AF:25:F6:99:38:B8:DF:34:7B:31 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1TVDIcElQ2AUXq8l9pk4uN80ezE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/1TVDIcElQ2AUXq8l9pk4uN80ezE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/d9f9a8-da01-4d35-8284-b64eb8d83658/1/1TVDIcElQ2AUXq8l9pk4uN80ezE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1d:ba:69:b6:23:42:ea:37:ee:d8:e6:13:97:2d:0e:27:51:4c: 99:21:aa:3c:f9:fc:a6:6e:55:1a:b6:b0:30:27:89:23:3d:ad: e6:45:db:c6:06:37:5a:76:65:fc:56:f1:77:cb:d5:41:cd:d3: e7:57:95:ed:b9:5e:d7:e3:91:b0:59:1e:2b:e6:41:0d:b3:ea: e5:0b:96:f6:27:52:ea:53:a1:d6:bf:24:5e:46:fc:71:ba:d2: 89:d1:c0:b0:96:95:6e:24:33:be:8b:a4:f4:4c:a9:3a:2d:8d: a6:17:d9:b5:48:aa:ac:13:eb:e2:48:b0:6f:8e:b5:ce:a9:59: af:f7:1d:db:70:6b:f1:cc:b0:4a:ed:d9:c8:95:4a:03:21:3c: 53:51:e8:65:33:bc:90:f0:db:ac:1d:df:18:0c:e2:1f:6f:fc: 12:29:56:de:fe:5c:13:42:65:26:e6:62:03:42:86:9f:f3:0e: a5:c8:e7:cd:11:0c:12:13:1f:70:86:44:80:d7:7d:3d:65:13: 13:14:46:67:c2:50:8c:cf:9d:f7:fb:b0:3e:79:d4:12:33:da: 43:08:64:f5:58:c5:de:1c:05:d2:f9:b4:e2:57:34:f1:af:bf: 08:03:30:81:30:6d:96:d2:cb:2b:2e:b3:47:94:c6:38:83:6c: ab:df:33:f9 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsl9mT+MxC/b1T4gdL7/Z9YMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ1MzU0MzIxYzEyNTQzNjAxNDVlYWYyNWY2OTkzOGI4ZGYz NDdiMzEwHhcNMjUxMjE2MDcwMTAzWhcNMjUxMjE3MDcwMTAzWjAzMTEwLwYDVQQD EyhhZjQ1YzFlNGM2ZGY3NWE3MTk0OTgwMjZlYzA5MmY4YmFkY2JhYjIwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0IR/OWSDLtpIHG7XNTVNwEzWQ9pK kcEY+7Mq4Zmh++XC8zWSEVkgwMd+C7a8TMNURa9BT9TpLKGkz9/Skc9+IwpWFchF MjS9IL2Y7/UBKEmrvc9qHMyelQisLuXcm/d5HeRLGnavrbSUTt7Wp3fXsXzhW+mx KYEJZA60ERY/4pjgGovu2TWUp8dt+NJr8UKGh6LMrOWamt0WY8c/vMv14d95LJKd QPiP74bR/Kg3EWZ83lfjDBJeVhmNNMz7B9fFNeQphhcR954ewa6a3+FsAOJu6h4R ZXPFRQJRMy8GIEQQbzdBgCOFbpZqtinTaya3nCOQTSbiBtb4YWnlSLTf/wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFK9FweTG33WnGUmAJuwJL4uty6sgMB8GA1UdIwQY MBaAFNU1QyHBJUNgFF6vJfaZOLjfNHsxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMVRWREljRWxRMkFVWHE4bDlwazR1TjgwZXpFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9kOWY5YTgtZGEwMS00ZDM1LTgyODQt YjY0ZWI4ZDgzNjU4LzEvMVRWREljRWxRMkFVWHE4bDlwazR1TjgwZXpFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lYS9kOWY5YTgtZGEwMS00ZDM1LTgyODQtYjY0ZWI4ZDgzNjU4 LzEvMVRWREljRWxRMkFVWHE4bDlwazR1TjgwZXpFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHbpptiNC 6jfu2OYTly0OJ1FMmSGqPPn8pm5VGrawMCeJIz2t5kXbxgY3WnZl/Fbxd8vVQc3T 51eV7ble1+ORsFkeK+ZBDbPq5QuW9idS6lOh1r8kXkb8cbrSidHAsJaVbiQzvouk 9EypOi2NphfZtUiqrBPr4kiwb461zqlZr/cd23Br8cywSu3ZyJVKAyE8U1HoZTO8 kPDbrB3fGAziH2/8EilW3v5cE0JlJuZiA0KGn/MOpcjnzREMEhMfcIZEgNd9PWUT ExRGZ8JQjM+d9/uwPnnUEjPaQwhk9VjF3hwF0vm04lc08a+/CAMwgTBtltLLKy6z R5TGOINsq98z+Q== -----END CERTIFICATE-----Generated at Tue Dec 16 11:51:00 2025 by rpki-client