This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/fe276f-946a-446b-8453-170eb1c9fec8/1/tKW-MwcSDmXjxBZcnI50jBwSp6I.mft File: tKW-MwcSDmXjxBZcnI50jBwSp6I.mft (raw, json) Hash identifier: 6JkEUiZN7xRZybBdjBfGa/gLZ8+RAZpqHfiAbBbk+sg= Subject key identifier: 2A:AA:F9:5B:1E:5C:BF:57:C3:28:4E:3A:A0:2E:5C:2D:3C:38:97:2C Authority key identifier: B4:A5:BE:33:07:12:0E:65:E3:C4:16:5C:9C:8E:74:8C:1C:12:A7:A2 Certificate issuer: /CN=b4a5be3307120e65e3c4165c9c8e748c1c12a7a2 Certificate serial: 019AF12DAD6EBBE053DE4E87406B9DC550E1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tKW-MwcSDmXjxBZcnI50jBwSp6I.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/fe276f-946a-446b-8453-170eb1c9fec8/1/tKW-MwcSDmXjxBZcnI50jBwSp6I.mft Manifest number: 06B1 Signing time: Sat 06 Dec 2025 01:01:33 +0000 Manifest this update: Sat 06 Dec 2025 01:01:33 +0000 Manifest next update: Sun 07 Dec 2025 01:01:33 +0000 Files and hashes: 1: pHJ5oRo1kF5oiX8KeKirS42gdJI.roa (hash: pWmX7zoUYI3ChoG1HELYfAkOPLPYyR79PMNSLK6H1B0=) 2: tKW-MwcSDmXjxBZcnI50jBwSp6I.crl (hash: 5E4ocxG1EPR7yZTrf/u+jt9eEbtXUjclUOC8JWPnM/g=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7d/fe276f-946a-446b-8453-170eb1c9fec8/1/tKW-MwcSDmXjxBZcnI50jBwSp6I.crl rsync://rpki.ripe.net/repository/DEFAULT/7d/fe276f-946a-446b-8453-170eb1c9fec8/1/tKW-MwcSDmXjxBZcnI50jBwSp6I.mft rsync://rpki.ripe.net/repository/DEFAULT/tKW-MwcSDmXjxBZcnI50jBwSp6I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:01:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2d:ad:6e:bb:e0:53:de:4e:87:40:6b:9d:c5:50:e1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b4a5be3307120e65e3c4165c9c8e748c1c12a7a2 Validity Not Before: Dec 6 01:01:33 2025 GMT Not After : Dec 7 01:01:33 2025 GMT Subject: CN=2aaaf95b1e5cbf57c3284e3aa02e5c2d3c38972c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:c9:8b:08:50:f4:f0:b3:9c:fe:76:8f:10:0f: 54:84:14:45:d6:c3:2d:6d:64:b2:2a:1d:fb:04:21: 6d:20:d9:5f:0b:0d:7f:36:20:ff:b9:de:87:2a:52: c5:3b:3a:9a:74:0e:24:82:e9:1e:73:b1:dc:cc:43: d8:76:fd:2e:78:67:97:88:09:20:d4:36:e8:18:f8: 23:33:4b:bb:15:09:14:9c:22:ac:c1:15:9e:b7:7d: 75:25:4d:b3:c2:18:12:f8:aa:79:e9:6f:7c:13:0a: fe:f5:ef:96:bb:3b:77:d3:6c:23:52:3d:92:a9:91: 38:d0:41:0f:98:d4:8e:0f:20:82:d1:2f:4c:d7:8d: ae:ea:9e:3f:cf:36:51:4f:0c:6c:4c:d1:5b:eb:09: 11:65:e9:84:e6:a6:24:c4:08:d2:2c:47:08:13:f9: 80:23:63:2e:42:37:3d:3c:fc:13:56:40:a4:dd:58: 9d:30:23:3f:5d:c5:8c:d9:4b:e6:cc:e6:1c:b7:a6: 17:6a:02:f6:06:4f:f5:be:33:8e:9b:3a:d4:07:45: 7d:6f:4a:15:3b:b3:87:23:ed:07:f5:c5:30:d3:a3: eb:e9:71:a9:72:22:d5:13:58:2d:eb:82:bf:30:11: d6:af:bf:98:26:e2:09:b5:bf:af:af:27:6f:4e:d7: ad:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:AA:F9:5B:1E:5C:BF:57:C3:28:4E:3A:A0:2E:5C:2D:3C:38:97:2C X509v3 Authority Key Identifier: keyid:B4:A5:BE:33:07:12:0E:65:E3:C4:16:5C:9C:8E:74:8C:1C:12:A7:A2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tKW-MwcSDmXjxBZcnI50jBwSp6I.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/fe276f-946a-446b-8453-170eb1c9fec8/1/tKW-MwcSDmXjxBZcnI50jBwSp6I.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/fe276f-946a-446b-8453-170eb1c9fec8/1/tKW-MwcSDmXjxBZcnI50jBwSp6I.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 93:f5:26:7c:9a:82:a4:3c:e8:5b:14:8c:03:32:99:82:15:97: a5:a5:7b:6c:77:12:f2:96:eb:df:9f:64:41:84:66:27:6f:a6: 2b:dd:58:a5:06:c9:d1:ec:f0:96:10:ba:e6:71:bc:95:2f:1a: c3:50:49:9d:04:98:d2:3b:3e:56:49:be:36:76:a5:cd:7c:0c: 36:01:f3:b9:02:60:6e:26:81:ee:cf:71:8d:74:1d:3e:66:20: c7:54:f4:82:5e:9c:62:26:cc:45:31:30:c0:2f:9b:b5:58:f3: 4c:24:5e:9c:0a:80:6c:d4:b5:9c:15:91:fd:db:98:b4:7d:92: ce:2b:bf:88:5e:42:1f:2b:7e:e3:b7:20:0a:8b:e0:ab:2b:60: 4b:86:0e:dc:cf:b8:f6:c6:89:d9:74:67:80:7c:f2:9c:88:62: 3f:a7:b3:d5:05:51:5a:34:c7:1d:9e:31:c9:72:42:3a:fb:a5: 9c:5d:53:ff:73:37:a4:14:54:d7:24:d2:9f:4f:44:a4:d9:e2: 3b:26:72:60:0e:7e:33:1e:fb:12:b3:d3:17:e0:be:2b:8b:93: e0:40:58:78:a4:36:b8:f0:ec:57:97:67:72:21:ab:76:a8:cc: 9c:00:2a:dc:04:4b:68:0c:7e:60:01:13:d2:2a:ae:4e:85:c8: 3d:90:11:54 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLa1uu+BT3k6HQGudxVDhMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI0YTViZTMzMDcxMjBlNjVlM2M0MTY1YzljOGU3NDhjMWMx MmE3YTIwHhcNMjUxMjA2MDEwMTMzWhcNMjUxMjA3MDEwMTMzWjAzMTEwLwYDVQQD EygyYWFhZjk1YjFlNWNiZjU3YzMyODRlM2FhMDJlNWMyZDNjMzg5NzJjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt8mLCFD08LOc/naPEA9UhBRF1sMt bWSyKh37BCFtINlfCw1/NiD/ud6HKlLFOzqadA4kgukec7HczEPYdv0ueGeXiAkg 1DboGPgjM0u7FQkUnCKswRWet311JU2zwhgS+Kp56W98Ewr+9e+Wuzt302wjUj2S qZE40EEPmNSODyCC0S9M142u6p4/zzZRTwxsTNFb6wkRZemE5qYkxAjSLEcIE/mA I2MuQjc9PPwTVkCk3VidMCM/XcWM2UvmzOYct6YXagL2Bk/1vjOOmzrUB0V9b0oV O7OHI+0H9cUw06Pr6XGpciLVE1gt64K/MBHWr7+YJuIJtb+vrydvTtet3QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCqq+VseXL9XwyhOOqAuXC08OJcsMB8GA1UdIwQY MBaAFLSlvjMHEg5l48QWXJyOdIwcEqeiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdEtXLU13Y1NEbVhqeEJaY25JNTBqQndTcDZJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC9mZTI3NmYtOTQ2YS00NDZiLTg0NTMt MTcwZWIxYzlmZWM4LzEvdEtXLU13Y1NEbVhqeEJaY25JNTBqQndTcDZJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83ZC9mZTI3NmYtOTQ2YS00NDZiLTg0NTMtMTcwZWIxYzlmZWM4 LzEvdEtXLU13Y1NEbVhqeEJaY25JNTBqQndTcDZJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAk/UmfJqC pDzoWxSMAzKZghWXpaV7bHcS8pbr359kQYRmJ2+mK91YpQbJ0ezwlhC65nG8lS8a w1BJnQSY0js+Vkm+NnalzXwMNgHzuQJgbiaB7s9xjXQdPmYgx1T0gl6cYibMRTEw wC+btVjzTCRenAqAbNS1nBWR/duYtH2Sziu/iF5CHyt+47cgCovgqytgS4YO3M+4 9saJ2XRngHzynIhiP6ez1QVRWjTHHZ4xyXJCOvulnF1T/3M3pBRU1yTSn09EpNni OyZyYA5+Mx77ErPTF+C+K4uT4EBYeKQ2uPDsV5dnciGrdqjMnAAq3ARLaAx+YAET 0iquToXIPZARVA== -----END CERTIFICATE-----Generated at Sat Dec 6 10:32:32 2025 by rpki-client