This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/3d046c-1178-46a3-82e0-74d56c441dc1/1/rTzBp4cLYQw1XG7CmbFm7auj3wQ.mft File: rTzBp4cLYQw1XG7CmbFm7auj3wQ.mft (raw, json) Hash identifier: tOfkeXRCfuWKPR9NWA5KtVKwWkelPP142p6zjrHtjzw= Subject key identifier: C6:93:E0:C4:B5:A2:16:8D:8A:95:7D:96:14:5F:15:C8:95:83:3D:FF Authority key identifier: AD:3C:C1:A7:87:0B:61:0C:35:5C:6E:C2:99:B1:66:ED:AB:A3:DF:04 Certificate issuer: /CN=ad3cc1a7870b610c355c6ec299b166edaba3df04 Certificate serial: 019AF50BB97402663BA3775B50A266E08CB1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rTzBp4cLYQw1XG7CmbFm7auj3wQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/3d046c-1178-46a3-82e0-74d56c441dc1/1/rTzBp4cLYQw1XG7CmbFm7auj3wQ.mft Manifest number: 09A8 Signing time: Sat 06 Dec 2025 19:02:57 +0000 Manifest this update: Sat 06 Dec 2025 19:02:57 +0000 Manifest next update: Sun 07 Dec 2025 19:02:57 +0000 Files and hashes: 1: rTzBp4cLYQw1XG7CmbFm7auj3wQ.crl (hash: VIjtZ+9vRwl+e9WXX4ittrcbGmJTZ/Z0PTpM22sZm7w=) 2: tFQcfPCSB6BXqTTZvhFAhl-OS0Y.roa (hash: gDfDS8wP6pJ9Ytao7oOOdrquqvAnErNK/1uv1jTII9w=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7d/3d046c-1178-46a3-82e0-74d56c441dc1/1/rTzBp4cLYQw1XG7CmbFm7auj3wQ.crl rsync://rpki.ripe.net/repository/DEFAULT/7d/3d046c-1178-46a3-82e0-74d56c441dc1/1/rTzBp4cLYQw1XG7CmbFm7auj3wQ.mft rsync://rpki.ripe.net/repository/DEFAULT/rTzBp4cLYQw1XG7CmbFm7auj3wQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 19:02:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:0b:b9:74:02:66:3b:a3:77:5b:50:a2:66:e0:8c:b1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ad3cc1a7870b610c355c6ec299b166edaba3df04 Validity Not Before: Dec 6 19:02:57 2025 GMT Not After : Dec 7 19:02:57 2025 GMT Subject: CN=c693e0c4b5a2168d8a957d96145f15c895833dff Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:4a:0b:84:1e:56:6f:ce:ee:e7:95:01:3d:fe: 29:aa:1b:a0:c3:45:38:47:95:f6:54:15:1c:b7:11: c3:cb:43:ca:9b:35:8b:62:4d:b7:06:09:e4:21:6e: 7a:d1:60:ca:37:d8:8c:22:2b:12:6a:b9:b6:c4:c8: b2:92:84:b3:99:72:36:31:64:90:dc:25:67:1b:25: 95:95:c2:35:21:22:57:a0:1a:c4:ec:49:ca:d1:a0: 96:9f:17:cf:a1:a1:41:7f:1b:df:9d:08:93:b0:22: 73:34:c9:51:53:96:79:10:02:09:d4:ca:59:f2:b0: da:93:d7:53:88:0b:e9:38:40:45:b5:21:ab:6a:9c: 42:ce:67:7e:83:64:ba:da:87:d5:46:9f:09:9c:2f: da:ad:26:2f:00:d1:8e:64:c6:1f:ba:8f:9e:d4:6c: 5f:15:11:ca:f3:27:75:c2:ff:38:34:e9:44:73:1a: 4f:81:38:fc:ad:42:53:7b:60:6b:d8:eb:80:4b:e5: 94:05:83:13:57:13:10:03:4e:5b:ae:43:75:1e:d5: bd:1e:dd:b1:33:07:31:c6:94:55:f7:b5:e8:85:92: 3e:32:03:fc:19:73:bd:6d:e9:87:86:00:9c:d5:e9: e6:34:f9:d5:b5:70:83:3c:f8:67:69:0d:96:6f:c5: 7d:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C6:93:E0:C4:B5:A2:16:8D:8A:95:7D:96:14:5F:15:C8:95:83:3D:FF X509v3 Authority Key Identifier: keyid:AD:3C:C1:A7:87:0B:61:0C:35:5C:6E:C2:99:B1:66:ED:AB:A3:DF:04 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rTzBp4cLYQw1XG7CmbFm7auj3wQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/3d046c-1178-46a3-82e0-74d56c441dc1/1/rTzBp4cLYQw1XG7CmbFm7auj3wQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/3d046c-1178-46a3-82e0-74d56c441dc1/1/rTzBp4cLYQw1XG7CmbFm7auj3wQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0a:42:18:d2:83:36:d8:1e:94:ba:a5:4d:3b:81:83:18:bc:76: a4:74:4e:1e:91:32:6c:a9:6a:a7:96:4e:a3:d7:2e:18:f5:f4: 55:66:55:d9:6f:fb:af:a1:59:93:65:40:a8:d3:32:1f:f6:ec: 52:9a:42:44:f4:66:c1:80:e7:46:2e:c5:d3:63:91:c7:4e:c7: 69:2c:81:58:ed:57:68:74:72:48:f1:29:54:09:67:ae:a4:3d: dc:7a:e1:52:9d:04:50:24:22:46:b3:c5:d7:08:11:7b:f4:67: d0:b3:c4:63:04:27:3d:38:47:80:62:c1:81:25:44:97:b8:f1: 93:a6:11:05:e5:33:bc:0f:36:78:b0:44:d6:dc:11:26:86:34: b8:ae:5a:59:3f:ba:c6:d9:33:84:be:cc:4b:ba:09:0f:23:e0: 09:46:16:83:2b:a2:c1:aa:08:29:d0:bd:02:4c:6e:bd:aa:72: 77:eb:c3:5b:42:f7:16:db:46:b0:d6:5e:f8:81:80:64:7e:36: 9e:6b:f2:5b:55:e5:32:b8:8c:40:f6:0e:9a:82:75:9a:ea:54: 68:c4:b2:0b:b3:38:d0:67:82:b7:80:b9:45:1b:22:a2:47:ab: f3:f9:7c:f8:c1:00:eb:96:35:ce:fa:19:5d:b6:ca:b6:1a:77: f2:5e:ea:1a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr1C7l0AmY7o3dbUKJm4IyxMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFkM2NjMWE3ODcwYjYxMGMzNTVjNmVjMjk5YjE2NmVkYWJh M2RmMDQwHhcNMjUxMjA2MTkwMjU3WhcNMjUxMjA3MTkwMjU3WjAzMTEwLwYDVQQD EyhjNjkzZTBjNGI1YTIxNjhkOGE5NTdkOTYxNDVmMTVjODk1ODMzZGZmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAukoLhB5Wb87u55UBPf4pqhugw0U4 R5X2VBUctxHDy0PKmzWLYk23BgnkIW560WDKN9iMIisSarm2xMiykoSzmXI2MWSQ 3CVnGyWVlcI1ISJXoBrE7EnK0aCWnxfPoaFBfxvfnQiTsCJzNMlRU5Z5EAIJ1MpZ 8rDak9dTiAvpOEBFtSGrapxCzmd+g2S62ofVRp8JnC/arSYvANGOZMYfuo+e1Gxf FRHK8yd1wv84NOlEcxpPgTj8rUJTe2Br2OuAS+WUBYMTVxMQA05brkN1HtW9Ht2x MwcxxpRV97XohZI+MgP8GXO9bemHhgCc1enmNPnVtXCDPPhnaQ2Wb8V9HwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMaT4MS1ohaNipV9lhRfFciVgz3/MB8GA1UdIwQY MBaAFK08waeHC2EMNVxuwpmxZu2ro98EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvclR6QnA0Y0xZUXcxWEc3Q21iRm03YXVqM3dRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC8zZDA0NmMtMTE3OC00NmEzLTgyZTAt NzRkNTZjNDQxZGMxLzEvclR6QnA0Y0xZUXcxWEc3Q21iRm03YXVqM3dRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83ZC8zZDA0NmMtMTE3OC00NmEzLTgyZTAtNzRkNTZjNDQxZGMx LzEvclR6QnA0Y0xZUXcxWEc3Q21iRm03YXVqM3dRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACkIY0oM2 2B6UuqVNO4GDGLx2pHROHpEybKlqp5ZOo9cuGPX0VWZV2W/7r6FZk2VAqNMyH/bs UppCRPRmwYDnRi7F02ORx07HaSyBWO1XaHRySPEpVAlnrqQ93HrhUp0EUCQiRrPF 1wgRe/Rn0LPEYwQnPThHgGLBgSVEl7jxk6YRBeUzvA82eLBE1twRJoY0uK5aWT+6 xtkzhL7MS7oJDyPgCUYWgyuiwaoIKdC9Akxuvapyd+vDW0L3FttGsNZe+IGAZH42 nmvyW1XlMriMQPYOmoJ1mupUaMSyC7M40GeCt4C5RRsioker8/l8+MEA65Y1zvoZ XbbKthp38l7qGg== -----END CERTIFICATE-----Generated at Sun Dec 7 01:51:50 2025 by rpki-client