This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/f0af61-8ccc-4a3b-9010-6910f399d38f/1/tRhBzcn2NZTd3CulmkATMYK1efo.mft File: tRhBzcn2NZTd3CulmkATMYK1efo.mft (raw, json) Hash identifier: BU1lpx/SVBijNXd0CfgnihW89Ah2ZL6acs0Hgliy8ek= Subject key identifier: E0:81:C2:05:17:27:47:14:39:B9:92:ED:DE:D9:3D:63:D3:22:76:A1 Authority key identifier: B5:18:41:CD:C9:F6:35:94:DD:DC:2B:A5:9A:40:13:31:82:B5:79:FA Certificate issuer: /CN=b51841cdc9f63594dddc2ba59a40133182b579fa Certificate serial: 019AF19BB986CB8F736D615ED301943597CC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tRhBzcn2NZTd3CulmkATMYK1efo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/f0af61-8ccc-4a3b-9010-6910f399d38f/1/tRhBzcn2NZTd3CulmkATMYK1efo.mft Manifest number: 1764 Signing time: Sat 06 Dec 2025 03:01:45 +0000 Manifest this update: Sat 06 Dec 2025 03:01:45 +0000 Manifest next update: Sun 07 Dec 2025 03:01:45 +0000 Files and hashes: 1: iQxCTqJc23IztH0qMtXGhii78xc.roa (hash: b/32KuHdgss/tEEpqliyL9nGxIGy3IsYTip4QREYlPc=) 2: tRhBzcn2NZTd3CulmkATMYK1efo.crl (hash: mys1cMVihym5ARbQhvdzwo6YRPU47QS9KCl+ajB4G3U=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/f0af61-8ccc-4a3b-9010-6910f399d38f/1/tRhBzcn2NZTd3CulmkATMYK1efo.crl rsync://rpki.ripe.net/repository/DEFAULT/3a/f0af61-8ccc-4a3b-9010-6910f399d38f/1/tRhBzcn2NZTd3CulmkATMYK1efo.mft rsync://rpki.ripe.net/repository/DEFAULT/tRhBzcn2NZTd3CulmkATMYK1efo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:9b:b9:86:cb:8f:73:6d:61:5e:d3:01:94:35:97:cc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b51841cdc9f63594dddc2ba59a40133182b579fa Validity Not Before: Dec 6 03:01:45 2025 GMT Not After : Dec 7 03:01:45 2025 GMT Subject: CN=e081c2051727471439b992edded93d63d32276a1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:db:06:36:81:b8:1c:86:2e:6d:b5:46:2a:ab: e7:ef:78:00:08:0a:9f:8c:f8:7b:7d:e7:bc:8e:51: b1:6f:88:ca:0a:45:4a:a3:05:af:f2:9d:3d:15:ad: a2:67:45:64:a4:14:2f:b5:15:ef:a7:e6:95:16:7f: 1d:6c:84:e8:50:6e:76:7a:c6:a0:c8:4b:f0:86:b5: 1f:b2:2e:a5:37:22:6c:63:3d:0e:bd:a4:4b:f6:3d: fa:3e:63:bf:cb:c6:97:ca:5e:cb:34:f4:d1:79:0a: 5b:c5:d5:2d:32:a2:f8:a1:15:f7:6e:f1:51:fd:17: 1d:2a:ea:05:97:27:7d:f8:fa:25:81:34:bf:ea:17: 10:0e:37:ce:b8:31:d2:7b:9b:e7:20:0d:22:87:fe: 79:bd:5c:71:62:f7:0f:5a:4e:a4:85:f0:a5:cb:d9: 20:9c:f9:32:15:89:1b:80:e6:ce:41:98:9e:dd:b6: 0f:16:f0:a8:92:cc:3e:b1:c1:51:a2:81:3f:54:52: fe:ef:5c:96:43:c5:22:54:4e:37:83:b5:a5:e5:c8: 00:e5:f6:57:a3:1c:28:28:51:ac:6b:37:8d:e0:54: a6:bd:f8:03:c0:4e:d8:a3:fc:09:45:a1:08:03:47: 60:49:bc:69:13:96:c8:0d:bc:8a:74:12:42:c5:35: 94:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E0:81:C2:05:17:27:47:14:39:B9:92:ED:DE:D9:3D:63:D3:22:76:A1 X509v3 Authority Key Identifier: keyid:B5:18:41:CD:C9:F6:35:94:DD:DC:2B:A5:9A:40:13:31:82:B5:79:FA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tRhBzcn2NZTd3CulmkATMYK1efo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/f0af61-8ccc-4a3b-9010-6910f399d38f/1/tRhBzcn2NZTd3CulmkATMYK1efo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/f0af61-8ccc-4a3b-9010-6910f399d38f/1/tRhBzcn2NZTd3CulmkATMYK1efo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 57:85:ae:d6:e9:09:0f:4a:ea:33:69:a7:f2:4a:51:7d:48:3d: 50:db:e0:39:dd:51:be:56:39:3a:45:5a:bd:05:06:e8:4f:eb: af:b1:cc:ad:fe:a4:82:03:a6:fb:ca:a4:07:db:08:61:62:e7: 8a:5f:89:f5:ab:52:75:74:9e:37:6b:13:30:88:f5:ef:09:43: 05:b9:3c:2b:29:f7:92:16:3c:4f:ca:93:63:b9:99:a1:7b:f4: da:59:3b:b4:cd:45:f4:6e:c6:1a:71:47:11:51:1c:d3:e6:5b: 2f:b0:fd:18:f2:a3:51:c0:4a:dd:a2:ea:56:67:e0:3b:d4:77: 60:aa:3e:a2:9e:50:c9:98:39:74:57:94:84:3c:39:fa:c7:d5: 1f:1e:64:1b:e7:49:0e:dd:9b:7e:5d:6c:de:9b:ee:cb:89:df: ec:23:b0:cb:c7:c2:ee:0d:e4:d6:56:9f:89:d4:9d:6b:a9:e4: 29:03:21:c3:e0:c0:e7:ea:e4:0b:2e:e6:04:d4:5a:3a:23:e3: 47:63:65:ad:6e:1a:9b:2f:f2:9e:4a:09:98:0a:7e:bd:0b:3e: e4:de:dd:53:46:ab:27:34:09:f5:f0:db:79:36:c8:b2:2a:3e: 62:05:26:9d:61:6c:f7:f8:c4:bc:2c:84:dc:a7:c7:d7:7e:85: 99:8d:d5:c4 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxm7mGy49zbWFe0wGUNZfMMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI1MTg0MWNkYzlmNjM1OTRkZGRjMmJhNTlhNDAxMzMxODJi NTc5ZmEwHhcNMjUxMjA2MDMwMTQ1WhcNMjUxMjA3MDMwMTQ1WjAzMTEwLwYDVQQD EyhlMDgxYzIwNTE3Mjc0NzE0MzliOTkyZWRkZWQ5M2Q2M2QzMjI3NmExMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl9sGNoG4HIYubbVGKqvn73gACAqf jPh7fee8jlGxb4jKCkVKowWv8p09Fa2iZ0VkpBQvtRXvp+aVFn8dbIToUG52esag yEvwhrUfsi6lNyJsYz0OvaRL9j36PmO/y8aXyl7LNPTReQpbxdUtMqL4oRX3bvFR /RcdKuoFlyd9+PolgTS/6hcQDjfOuDHSe5vnIA0ih/55vVxxYvcPWk6khfCly9kg nPkyFYkbgObOQZie3bYPFvCoksw+scFRooE/VFL+71yWQ8UiVE43g7Wl5cgA5fZX oxwoKFGsazeN4FSmvfgDwE7Yo/wJRaEIA0dgSbxpE5bIDbyKdBJCxTWUmQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOCBwgUXJ0cUObmS7d7ZPWPTInahMB8GA1UdIwQY MBaAFLUYQc3J9jWU3dwrpZpAEzGCtXn6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdFJoQnpjbjJOWlRkM0N1bG1rQVRNWUsxZWZvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9mMGFmNjEtOGNjYy00YTNiLTkwMTAt NjkxMGYzOTlkMzhmLzEvdFJoQnpjbjJOWlRkM0N1bG1rQVRNWUsxZWZvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYS9mMGFmNjEtOGNjYy00YTNiLTkwMTAtNjkxMGYzOTlkMzhm LzEvdFJoQnpjbjJOWlRkM0N1bG1rQVRNWUsxZWZvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAV4Wu1ukJ D0rqM2mn8kpRfUg9UNvgOd1RvlY5OkVavQUG6E/rr7HMrf6kggOm+8qkB9sIYWLn il+J9atSdXSeN2sTMIj17wlDBbk8Kyn3khY8T8qTY7mZoXv02lk7tM1F9G7GGnFH EVEc0+ZbL7D9GPKjUcBK3aLqVmfgO9R3YKo+op5QyZg5dFeUhDw5+sfVHx5kG+dJ Dt2bfl1s3pvuy4nf7COwy8fC7g3k1lafidSda6nkKQMhw+DA5+rkCy7mBNRaOiPj R2NlrW4amy/ynkoJmAp+vQs+5N7dU0arJzQJ9fDbeTbIsio+YgUmnWFs9/jEvCyE 3KfH136FmY3VxA== -----END CERTIFICATE-----Generated at Sat Dec 6 08:27:15 2025 by rpki-client