This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/171cea-3d78-4513-ad49-5a905af507c3/1/tu2bXLS2SGbDg97kV2v_P_h1JC0.mft File: tu2bXLS2SGbDg97kV2v_P_h1JC0.mft (raw, json) Hash identifier: EWQEnrvR2zfBZ8eT4ITc4d2lDY/s9JvGHEi+LF4BPtI= Subject key identifier: 19:37:22:1A:C3:EC:62:13:BD:87:F4:B4:E2:F2:EA:FC:4D:C3:FB:8A Authority key identifier: B6:ED:9B:5C:B4:B6:48:66:C3:83:DE:E4:57:6B:FF:3F:F8:75:24:2D Certificate issuer: /CN=b6ed9b5cb4b64866c383dee4576bff3ff875242d Certificate serial: 019AF209875296AA2552046C29B9BC841A72 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tu2bXLS2SGbDg97kV2v_P_h1JC0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/171cea-3d78-4513-ad49-5a905af507c3/1/tu2bXLS2SGbDg97kV2v_P_h1JC0.mft Manifest number: 0ED9 Signing time: Sat 06 Dec 2025 05:01:41 +0000 Manifest this update: Sat 06 Dec 2025 05:01:41 +0000 Manifest next update: Sun 07 Dec 2025 05:01:41 +0000 Files and hashes: 1: Cr7WIZXJqqSxx1MgWk3fJvY56gA.roa (hash: W0p2Ng/L4A+CUhGlPSgje47dkJ8+aMEjdUAnh4zo9Rc=) 2: tu2bXLS2SGbDg97kV2v_P_h1JC0.crl (hash: vbnDaDl/GE3Amm5mgzOCQiOGfAZ7gguA+6PnbzTliss=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/171cea-3d78-4513-ad49-5a905af507c3/1/tu2bXLS2SGbDg97kV2v_P_h1JC0.crl rsync://rpki.ripe.net/repository/DEFAULT/14/171cea-3d78-4513-ad49-5a905af507c3/1/tu2bXLS2SGbDg97kV2v_P_h1JC0.mft rsync://rpki.ripe.net/repository/DEFAULT/tu2bXLS2SGbDg97kV2v_P_h1JC0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:09:87:52:96:aa:25:52:04:6c:29:b9:bc:84:1a:72 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b6ed9b5cb4b64866c383dee4576bff3ff875242d Validity Not Before: Dec 6 05:01:41 2025 GMT Not After : Dec 7 05:01:41 2025 GMT Subject: CN=1937221ac3ec6213bd87f4b4e2f2eafc4dc3fb8a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:ba:6a:50:51:17:af:e8:aa:4a:6a:9a:e1:e4: af:85:86:2e:8d:6b:18:13:e2:1d:29:ea:37:ba:b1: 0a:b8:a9:f3:84:46:26:bd:d2:da:32:57:f5:0c:cd: d2:a2:12:ef:a8:a4:11:41:5a:6e:a1:7c:cc:7d:4d: 55:59:99:29:bd:21:67:a7:62:5e:91:81:60:7c:b3: 62:b1:c8:79:e2:4b:72:4b:89:bb:48:7a:cf:86:f3: 3a:39:39:08:dd:b8:15:6a:b0:aa:d8:18:0b:8a:52: 3a:f2:7c:99:07:65:00:fe:a8:0a:4a:9a:0a:9a:2c: fa:68:7d:42:d5:3c:c5:87:ea:5e:17:cc:1f:29:ca: ce:40:f4:b2:1c:63:d4:af:4a:71:d0:9e:00:d0:66: ab:24:79:8d:3c:d4:68:68:11:de:f7:d0:cd:d3:40: 7a:e2:54:8b:b1:4c:69:f8:73:ec:4d:18:36:ae:36: ba:00:c7:f5:80:34:fa:99:98:a7:bf:ea:9f:ad:71: 35:db:ab:d3:29:fa:00:4b:4c:b1:fd:1b:4f:b1:60: e0:9d:24:ee:04:26:88:31:61:b4:3f:53:7e:76:3e: 79:4d:50:a6:0c:38:70:7c:5e:bc:47:15:56:0a:1a: 7f:25:e1:10:74:59:6c:a6:7d:bc:cf:2f:08:4c:b9: 81:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 19:37:22:1A:C3:EC:62:13:BD:87:F4:B4:E2:F2:EA:FC:4D:C3:FB:8A X509v3 Authority Key Identifier: keyid:B6:ED:9B:5C:B4:B6:48:66:C3:83:DE:E4:57:6B:FF:3F:F8:75:24:2D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tu2bXLS2SGbDg97kV2v_P_h1JC0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/171cea-3d78-4513-ad49-5a905af507c3/1/tu2bXLS2SGbDg97kV2v_P_h1JC0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/14/171cea-3d78-4513-ad49-5a905af507c3/1/tu2bXLS2SGbDg97kV2v_P_h1JC0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 43:3b:4f:7a:7b:9a:17:f8:70:5f:55:5b:98:bd:88:97:69:0f: 29:85:c6:9c:25:2d:d6:c0:d7:eb:cf:61:ae:32:56:57:93:7c: c9:bf:5e:35:78:0c:8c:5a:eb:3a:c7:0e:90:e1:24:eb:5e:9e: 13:b6:29:66:c1:b4:05:87:34:8f:3b:af:e5:70:67:be:bf:d2: fe:27:98:13:2a:4a:e9:30:64:84:fb:4c:3f:36:72:a2:57:b9: fc:ed:3b:47:66:fd:1a:03:d0:5f:35:d5:16:1a:1e:8d:1a:34: d1:cc:04:88:df:00:30:a2:2f:37:84:32:36:78:a2:99:c6:6f: 1b:45:39:47:36:40:7c:28:6b:82:d2:4e:29:5d:fe:37:30:7e: fa:48:51:bc:2c:df:61:bc:90:50:d4:95:d5:2a:bc:21:e3:16: 70:af:6f:9a:2b:5b:5c:49:63:d9:1a:f3:19:6f:67:18:b8:0c: b7:5e:c6:94:25:d5:b0:1e:ef:01:1c:f7:19:61:f0:16:b7:92: 16:47:f1:28:f3:51:ed:ef:0b:b1:ac:fe:c5:4f:6c:c4:51:1e: 71:b1:df:70:73:fc:5a:5c:db:3a:42:2a:e5:c7:25:7c:5d:b9: 4d:d7:0a:4d:6a:d4:d4:4e:0f:82:13:25:a4:07:68:8b:aa:b1: 3a:3f:96:09 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryCYdSlqolUgRsKbm8hBpyMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI2ZWQ5YjVjYjRiNjQ4NjZjMzgzZGVlNDU3NmJmZjNmZjg3 NTI0MmQwHhcNMjUxMjA2MDUwMTQxWhcNMjUxMjA3MDUwMTQxWjAzMTEwLwYDVQQD EygxOTM3MjIxYWMzZWM2MjEzYmQ4N2Y0YjRlMmYyZWFmYzRkYzNmYjhhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqLpqUFEXr+iqSmqa4eSvhYYujWsY E+IdKeo3urEKuKnzhEYmvdLaMlf1DM3SohLvqKQRQVpuoXzMfU1VWZkpvSFnp2Je kYFgfLNisch54ktyS4m7SHrPhvM6OTkI3bgVarCq2BgLilI68nyZB2UA/qgKSpoK miz6aH1C1TzFh+peF8wfKcrOQPSyHGPUr0px0J4A0GarJHmNPNRoaBHe99DN00B6 4lSLsUxp+HPsTRg2rja6AMf1gDT6mZinv+qfrXE126vTKfoAS0yx/RtPsWDgnSTu BCaIMWG0P1N+dj55TVCmDDhwfF68RxVWChp/JeEQdFlspn28zy8ITLmBSwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBk3IhrD7GITvYf0tOLy6vxNw/uKMB8GA1UdIwQY MBaAFLbtm1y0tkhmw4Pe5Fdr/z/4dSQtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdHUyYlhMUzJTR2JEZzk3a1Yydl9QX2gxSkMwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xNzFjZWEtM2Q3OC00NTEzLWFkNDkt NWE5MDVhZjUwN2MzLzEvdHUyYlhMUzJTR2JEZzk3a1Yydl9QX2gxSkMwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNC8xNzFjZWEtM2Q3OC00NTEzLWFkNDktNWE5MDVhZjUwN2Mz LzEvdHUyYlhMUzJTR2JEZzk3a1Yydl9QX2gxSkMwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQztPenua F/hwX1VbmL2Il2kPKYXGnCUt1sDX689hrjJWV5N8yb9eNXgMjFrrOscOkOEk616e E7YpZsG0BYc0jzuv5XBnvr/S/ieYEypK6TBkhPtMPzZyole5/O07R2b9GgPQXzXV FhoejRo00cwEiN8AMKIvN4QyNniimcZvG0U5RzZAfChrgtJOKV3+NzB++khRvCzf YbyQUNSV1Sq8IeMWcK9vmitbXElj2RrzGW9nGLgMt17GlCXVsB7vARz3GWHwFreS FkfxKPNR7e8Lsaz+xU9sxFEecbHfcHP8WlzbOkIq5cclfF25TdcKTWrU1E4PghMl pAdoi6qxOj+WCQ== -----END CERTIFICATE-----Generated at Sat Dec 6 09:26:47 2025 by rpki-client