This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/19c93b-c9a1-494b-9bc0-0f2b540eca08/1/tz2I10aK9gGvFMXh7ZA8TzbK9fo.mft File: tz2I10aK9gGvFMXh7ZA8TzbK9fo.mft (raw, json) Hash identifier: SHp00Uhn/yB57RSv1nsqeWtHY6tn++VpEvf/AzGbAMg= Subject key identifier: C0:8D:DE:E3:A8:B5:B5:EB:50:F1:AB:40:F0:AE:D6:6E:8A:25:4D:DC Authority key identifier: B7:3D:88:D7:46:8A:F6:01:AF:14:C5:E1:ED:90:3C:4F:36:CA:F5:FA Certificate issuer: /CN=b73d88d7468af601af14c5e1ed903c4f36caf5fa Certificate serial: 019AF31B2CDF6C5B9B8D36BFB0F93B29E014 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tz2I10aK9gGvFMXh7ZA8TzbK9fo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/19c93b-c9a1-494b-9bc0-0f2b540eca08/1/tz2I10aK9gGvFMXh7ZA8TzbK9fo.mft Manifest number: 175E Signing time: Sat 06 Dec 2025 10:00:35 +0000 Manifest this update: Sat 06 Dec 2025 10:00:35 +0000 Manifest next update: Sun 07 Dec 2025 10:00:35 +0000 Files and hashes: 1: tz2I10aK9gGvFMXh7ZA8TzbK9fo.crl (hash: y7mbK8IRd92ztHzXbW+aLMSGftelcAYotwk6Q1goQZY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/19c93b-c9a1-494b-9bc0-0f2b540eca08/1/tz2I10aK9gGvFMXh7ZA8TzbK9fo.crl rsync://rpki.ripe.net/repository/DEFAULT/65/19c93b-c9a1-494b-9bc0-0f2b540eca08/1/tz2I10aK9gGvFMXh7ZA8TzbK9fo.mft rsync://rpki.ripe.net/repository/DEFAULT/tz2I10aK9gGvFMXh7ZA8TzbK9fo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1b:2c:df:6c:5b:9b:8d:36:bf:b0:f9:3b:29:e0:14 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b73d88d7468af601af14c5e1ed903c4f36caf5fa Validity Not Before: Dec 6 10:00:35 2025 GMT Not After : Dec 7 10:00:35 2025 GMT Subject: CN=c08ddee3a8b5b5eb50f1ab40f0aed66e8a254ddc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:bc:d0:8c:55:cf:b5:ea:b8:d2:e9:ab:48:86: dd:f3:d7:1c:11:37:b6:20:a9:34:ee:8b:db:d3:85: 61:c1:69:dc:f8:7e:ca:ec:5d:17:40:36:d4:c4:e8: 3a:64:6d:30:da:51:25:9d:71:f2:4c:02:61:e3:60: c9:bf:27:17:98:0e:f3:e8:dd:7b:8b:d3:09:42:f1: c5:6d:10:6a:e1:2c:73:df:54:c0:72:b3:0d:c6:d6: 7a:a3:69:b2:f8:f6:7f:0e:b4:c2:c6:90:e2:d3:53: bc:d0:20:fe:93:cd:a7:97:c3:f1:6a:23:ae:41:12: 30:91:31:72:ed:23:80:de:6e:ae:09:fe:f1:8f:4d: 9b:e1:2a:5e:78:79:a4:53:ec:73:9b:2f:20:b4:15: 5a:a0:9e:20:b4:8c:da:05:82:ec:1b:94:8d:ef:3b: cc:33:41:54:8e:5d:af:45:77:20:66:c2:fd:30:77: e5:f8:ea:c6:62:dc:ca:31:91:45:b5:c9:4b:13:f9: e0:9d:0d:fe:8a:7e:ec:0c:89:8a:76:dc:64:7c:ec: 6e:01:1e:92:56:a4:7b:34:fc:3a:b7:64:d8:23:1f: c5:f5:86:3c:a0:79:2a:87:cb:6c:62:a1:fd:5c:48: 34:2c:de:17:77:cd:93:57:7a:1e:a8:e3:16:37:63: 1b:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C0:8D:DE:E3:A8:B5:B5:EB:50:F1:AB:40:F0:AE:D6:6E:8A:25:4D:DC X509v3 Authority Key Identifier: keyid:B7:3D:88:D7:46:8A:F6:01:AF:14:C5:E1:ED:90:3C:4F:36:CA:F5:FA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tz2I10aK9gGvFMXh7ZA8TzbK9fo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/19c93b-c9a1-494b-9bc0-0f2b540eca08/1/tz2I10aK9gGvFMXh7ZA8TzbK9fo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/65/19c93b-c9a1-494b-9bc0-0f2b540eca08/1/tz2I10aK9gGvFMXh7ZA8TzbK9fo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a3:b2:fb:16:78:ca:a3:8b:d1:85:03:63:97:57:18:0a:34:63: 8e:2b:8c:0a:4d:c1:b4:d0:15:94:91:2c:61:a2:49:25:0c:10: 33:bb:5f:bc:0d:40:b0:d9:ab:1a:93:7f:f5:7b:98:38:b8:65: 43:92:5c:43:10:ac:47:7c:6c:a8:e7:02:41:44:01:40:40:34: 55:8e:a3:e4:90:06:0d:a5:d5:05:c8:5a:07:07:c7:95:f5:d2: 86:69:6b:69:76:91:cb:c2:ad:a5:ad:86:93:c1:6c:dc:d6:ab: 72:c7:ed:ca:6a:50:90:89:f7:01:ca:d7:3e:3c:55:a4:f6:64: e0:12:c0:f6:0b:24:c3:48:49:47:cf:95:a3:f4:2b:d1:bc:24: ed:89:ae:67:eb:f0:57:e6:fc:23:5b:aa:77:da:8e:b9:09:36: 61:65:ea:91:a2:48:0c:b2:c0:c6:e8:2e:bd:d7:eb:a6:d4:f5: 73:f1:4e:f7:eb:c0:7a:69:69:a9:33:53:a1:70:28:c7:e3:13: 2f:3f:4c:48:93:7f:98:00:a6:79:03:1f:c7:f9:8f:64:65:d1: e2:99:09:97:13:56:e9:c3:bc:3c:ce:5e:f4:18:94:bd:0e:f1: fb:b2:e1:c6:2c:65:6a:2b:77:54:5b:4f:4d:f3:97:d1:56:ad: f6:c3:5e:1a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzGyzfbFubjTa/sPk7KeAUMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI3M2Q4OGQ3NDY4YWY2MDFhZjE0YzVlMWVkOTAzYzRmMzZj YWY1ZmEwHhcNMjUxMjA2MTAwMDM1WhcNMjUxMjA3MTAwMDM1WjAzMTEwLwYDVQQD EyhjMDhkZGVlM2E4YjViNWViNTBmMWFiNDBmMGFlZDY2ZThhMjU0ZGRjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlbzQjFXPteq40umrSIbd89ccETe2 IKk07ovb04VhwWnc+H7K7F0XQDbUxOg6ZG0w2lElnXHyTAJh42DJvycXmA7z6N17 i9MJQvHFbRBq4Sxz31TAcrMNxtZ6o2my+PZ/DrTCxpDi01O80CD+k82nl8PxaiOu QRIwkTFy7SOA3m6uCf7xj02b4SpeeHmkU+xzmy8gtBVaoJ4gtIzaBYLsG5SN7zvM M0FUjl2vRXcgZsL9MHfl+OrGYtzKMZFFtclLE/ngnQ3+in7sDImKdtxkfOxuAR6S VqR7NPw6t2TYIx/F9YY8oHkqh8tsYqH9XEg0LN4Xd82TV3oeqOMWN2MbVwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMCN3uOotbXrUPGrQPCu1m6KJU3cMB8GA1UdIwQY MBaAFLc9iNdGivYBrxTF4e2QPE82yvX6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdHoySTEwYUs5Z0d2Rk1YaDdaQThUemJLOWZvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8xOWM5M2ItYzlhMS00OTRiLTliYzAt MGYyYjU0MGVjYTA4LzEvdHoySTEwYUs5Z0d2Rk1YaDdaQThUemJLOWZvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82NS8xOWM5M2ItYzlhMS00OTRiLTliYzAtMGYyYjU0MGVjYTA4 LzEvdHoySTEwYUs5Z0d2Rk1YaDdaQThUemJLOWZvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAo7L7FnjK o4vRhQNjl1cYCjRjjiuMCk3BtNAVlJEsYaJJJQwQM7tfvA1AsNmrGpN/9XuYOLhl Q5JcQxCsR3xsqOcCQUQBQEA0VY6j5JAGDaXVBchaBwfHlfXShmlraXaRy8Ktpa2G k8Fs3NarcsftympQkIn3AcrXPjxVpPZk4BLA9gskw0hJR8+Vo/Qr0bwk7YmuZ+vw V+b8I1uqd9qOuQk2YWXqkaJIDLLAxuguvdfrptT1c/FO9+vAemlpqTNToXAox+MT Lz9MSJN/mACmeQMfx/mPZGXR4pkJlxNW6cO8PM5e9BiUvQ7x+7Lhxixlait3VFtP TfOX0Vat9sNeGg== -----END CERTIFICATE-----Generated at Sat Dec 6 13:24:09 2025 by rpki-client