This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/8aa081-3969-432c-98d0-821936b31518/1/tZTrtnSP3BISfD-Sfn-5sa-JJiw.mft File: tZTrtnSP3BISfD-Sfn-5sa-JJiw.mft (raw, json) Hash identifier: obr5+e5fL5hm1XN++w3Sb1zWuggE2ZIBvACfg6U+184= Subject key identifier: 3A:A0:42:18:D0:7C:57:10:C8:CB:33:FE:7D:18:C8:7A:43:20:49:9A Authority key identifier: B5:94:EB:B6:74:8F:DC:12:12:7C:3F:92:7E:7F:B9:B1:AF:89:26:2C Certificate issuer: /CN=b594ebb6748fdc12127c3f927e7fb9b1af89262c Certificate serial: 019B59770D25D39BEBAC45E3EE3E13328222 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tZTrtnSP3BISfD-Sfn-5sa-JJiw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/8aa081-3969-432c-98d0-821936b31518/1/tZTrtnSP3BISfD-Sfn-5sa-JJiw.mft Manifest number: 1794 Signing time: Fri 26 Dec 2025 07:02:12 +0000 Manifest this update: Fri 26 Dec 2025 07:02:12 +0000 Manifest next update: Sat 27 Dec 2025 07:02:12 +0000 Files and hashes: 1: tZTrtnSP3BISfD-Sfn-5sa-JJiw.crl (hash: V9jOFk5LY06F6u/QVtAKcq7ZesKGCqrGKjWNrA5ykgE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/8aa081-3969-432c-98d0-821936b31518/1/tZTrtnSP3BISfD-Sfn-5sa-JJiw.crl rsync://rpki.ripe.net/repository/DEFAULT/f0/8aa081-3969-432c-98d0-821936b31518/1/tZTrtnSP3BISfD-Sfn-5sa-JJiw.mft rsync://rpki.ripe.net/repository/DEFAULT/tZTrtnSP3BISfD-Sfn-5sa-JJiw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:77:0d:25:d3:9b:eb:ac:45:e3:ee:3e:13:32:82:22 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b594ebb6748fdc12127c3f927e7fb9b1af89262c Validity Not Before: Dec 26 07:02:12 2025 GMT Not After : Dec 27 07:02:12 2025 GMT Subject: CN=3aa04218d07c5710c8cb33fe7d18c87a4320499a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f7:3d:0a:a1:40:76:a2:13:bd:47:a2:2d:5c:a9: 40:0f:4d:c4:39:b8:2b:f0:b9:c3:9e:99:de:0b:84: 1f:04:9c:fa:1a:21:33:e5:aa:37:f2:ab:f0:8b:78: e4:ea:d7:d5:aa:65:93:0f:e8:ad:6d:f9:30:a9:79: 42:dc:ab:6c:b6:32:8f:4c:73:92:af:8d:29:f9:66: d3:5d:b0:bc:1d:e6:81:83:5a:dd:29:21:9a:42:b8: ab:83:29:9d:07:13:33:42:35:43:66:df:d9:e8:43: a0:88:f6:2d:bd:c9:f1:33:e0:74:04:38:c7:32:98: 2d:da:07:bf:10:ac:b3:cb:c1:97:bd:65:56:46:d6: ca:dd:36:2a:e9:56:4b:a6:fa:8b:de:61:32:f8:55: 67:ba:a2:a5:aa:b5:e1:42:fc:07:52:27:ce:99:67: 3d:81:5c:f0:1a:67:9f:be:87:ae:cc:6f:86:2e:af: 8a:c9:8e:5c:39:4a:41:c2:7a:66:3b:fb:fb:cd:24: 44:c7:58:47:ac:ab:d0:c7:1d:6f:65:f4:b1:08:3a: 85:d7:fe:f9:6f:6d:69:18:12:22:ec:4a:b6:6f:b7: d2:3a:67:db:fe:fe:28:27:d3:c0:5a:f7:d2:e7:5c: 60:50:d1:da:70:79:92:2b:80:f2:2a:fb:26:d1:f3: b8:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:A0:42:18:D0:7C:57:10:C8:CB:33:FE:7D:18:C8:7A:43:20:49:9A X509v3 Authority Key Identifier: keyid:B5:94:EB:B6:74:8F:DC:12:12:7C:3F:92:7E:7F:B9:B1:AF:89:26:2C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tZTrtnSP3BISfD-Sfn-5sa-JJiw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/8aa081-3969-432c-98d0-821936b31518/1/tZTrtnSP3BISfD-Sfn-5sa-JJiw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/8aa081-3969-432c-98d0-821936b31518/1/tZTrtnSP3BISfD-Sfn-5sa-JJiw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 37:6f:b5:1e:cd:1e:84:ed:eb:48:47:21:f1:7e:72:16:6b:26: 0c:14:0b:6c:5a:fb:0a:e9:95:d2:a7:14:f3:54:2d:d7:57:7a: 84:59:4e:18:b6:03:d4:f9:09:77:00:7f:54:41:ae:67:6a:70: 0f:08:fc:52:4d:d8:30:ca:22:8c:80:05:a7:e1:07:fd:6f:2d: 9e:aa:92:ff:85:77:9b:ee:2d:69:85:d5:ab:f6:36:41:85:09: ff:66:f8:82:44:b5:75:6e:a7:f3:7c:c0:45:ac:b7:cf:a2:51: b1:4e:73:88:86:44:b8:cd:da:d2:73:29:95:9c:21:96:b8:42: 0a:3b:a8:a1:7c:b2:eb:90:a8:0a:fc:c7:f6:5f:d7:73:9f:58: 94:9c:a1:09:76:d2:7e:43:44:7e:fd:3e:58:f7:00:d3:c4:67: 61:71:44:ce:4d:68:a6:36:b3:e0:63:6d:9b:1a:08:36:b0:ed: a4:95:b8:c2:f1:8e:65:5f:5a:74:70:a7:7f:3c:06:1b:02:e4: d6:47:07:ee:2e:77:6d:29:04:66:39:f9:ea:f7:dd:44:1b:0f: b0:8a:17:1c:53:29:c4:11:29:d5:26:97:1d:58:e5:6a:1b:f4: 4e:cd:25:21:25:8c:64:2b:a6:f5:56:a8:f5:31:84:8e:5a:da: 0d:3d:43:2a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZdw0l05vrrEXj7j4TMoIiMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI1OTRlYmI2NzQ4ZmRjMTIxMjdjM2Y5MjdlN2ZiOWIxYWY4 OTI2MmMwHhcNMjUxMjI2MDcwMjEyWhcNMjUxMjI3MDcwMjEyWjAzMTEwLwYDVQQD EygzYWEwNDIxOGQwN2M1NzEwYzhjYjMzZmU3ZDE4Yzg3YTQzMjA0OTlhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9z0KoUB2ohO9R6ItXKlAD03EObgr 8LnDnpneC4QfBJz6GiEz5ao38qvwi3jk6tfVqmWTD+itbfkwqXlC3KtstjKPTHOS r40p+WbTXbC8HeaBg1rdKSGaQrirgymdBxMzQjVDZt/Z6EOgiPYtvcnxM+B0BDjH Mpgt2ge/EKyzy8GXvWVWRtbK3TYq6VZLpvqL3mEy+FVnuqKlqrXhQvwHUifOmWc9 gVzwGmefvoeuzG+GLq+KyY5cOUpBwnpmO/v7zSREx1hHrKvQxx1vZfSxCDqF1/75 b21pGBIi7Eq2b7fSOmfb/v4oJ9PAWvfS51xgUNHacHmSK4DyKvsm0fO4RwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDqgQhjQfFcQyMsz/n0YyHpDIEmaMB8GA1UdIwQY MBaAFLWU67Z0j9wSEnw/kn5/ubGviSYsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdFpUcnRuU1AzQklTZkQtU2ZuLTVzYS1KSml3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC84YWEwODEtMzk2OS00MzJjLTk4ZDAt ODIxOTM2YjMxNTE4LzEvdFpUcnRuU1AzQklTZkQtU2ZuLTVzYS1KSml3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mMC84YWEwODEtMzk2OS00MzJjLTk4ZDAtODIxOTM2YjMxNTE4 LzEvdFpUcnRuU1AzQklTZkQtU2ZuLTVzYS1KSml3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAN2+1Hs0e hO3rSEch8X5yFmsmDBQLbFr7CumV0qcU81Qt11d6hFlOGLYD1PkJdwB/VEGuZ2pw Dwj8Uk3YMMoijIAFp+EH/W8tnqqS/4V3m+4taYXVq/Y2QYUJ/2b4gkS1dW6n83zA Ray3z6JRsU5ziIZEuM3a0nMplZwhlrhCCjuooXyy65CoCvzH9l/Xc59YlJyhCXbS fkNEfv0+WPcA08RnYXFEzk1opjaz4GNtmxoINrDtpJW4wvGOZV9adHCnfzwGGwLk 1kcH7i53bSkEZjn56vfdRBsPsIoXHFMpxBEp1SaXHVjlahv0Ts0lISWMZCum9Vao 9TGEjlraDT1DKg== -----END CERTIFICATE-----Generated at Fri Dec 26 16:03:46 2025 by rpki-client