This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/b9a050-7726-4eb5-b403-7bf724056153/1/TyKDTEeXR7CovQphKfn-ZfgwJtA.mft File: TyKDTEeXR7CovQphKfn-ZfgwJtA.mft (raw, json) Hash identifier: as4DO+Dw+VAuyTNNh3ev3xrjRVGm6x21S7ItTGW7aVA= Subject key identifier: 74:AC:5C:EC:BB:F8:2F:C7:03:CC:C7:FE:9E:9B:0C:51:86:01:FB:1C Authority key identifier: 4F:22:83:4C:47:97:47:B0:A8:BD:0A:61:29:F9:FE:65:F8:30:26:D0 Certificate issuer: /CN=4f22834c479747b0a8bd0a6129f9fe65f83026d0 Certificate serial: 019AF50A7E6A0B4BFB306A1C6288930A1B8C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TyKDTEeXR7CovQphKfn-ZfgwJtA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/b9a050-7726-4eb5-b403-7bf724056153/1/TyKDTEeXR7CovQphKfn-ZfgwJtA.mft Manifest number: 054E Signing time: Sat 06 Dec 2025 19:01:36 +0000 Manifest this update: Sat 06 Dec 2025 19:01:36 +0000 Manifest next update: Sun 07 Dec 2025 19:01:36 +0000 Files and hashes: 1: 5_qRdcU_zBI67bUjjCeGmUT4bso.roa (hash: S33Bj4i6cQIjVG+I+Gmo76E+1aI2U06ldTXtc0u4sXQ=) 2: TyKDTEeXR7CovQphKfn-ZfgwJtA.crl (hash: 6u/NyBnRvx7uJG0FwJ4djHRVz8wDTosmbK60BPLXQfQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/95/b9a050-7726-4eb5-b403-7bf724056153/1/TyKDTEeXR7CovQphKfn-ZfgwJtA.crl rsync://rpki.ripe.net/repository/DEFAULT/95/b9a050-7726-4eb5-b403-7bf724056153/1/TyKDTEeXR7CovQphKfn-ZfgwJtA.mft rsync://rpki.ripe.net/repository/DEFAULT/TyKDTEeXR7CovQphKfn-ZfgwJtA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 19:01:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:0a:7e:6a:0b:4b:fb:30:6a:1c:62:88:93:0a:1b:8c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4f22834c479747b0a8bd0a6129f9fe65f83026d0 Validity Not Before: Dec 6 19:01:36 2025 GMT Not After : Dec 7 19:01:36 2025 GMT Subject: CN=74ac5cecbbf82fc703ccc7fe9e9b0c518601fb1c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:52:99:12:cb:cf:c2:42:ff:21:04:d4:6e:10: ec:ca:a0:c2:2d:77:cb:61:30:17:92:58:58:6c:f7: 7d:6c:87:40:49:98:3d:c8:75:17:07:6f:f4:3c:b0: e9:a1:15:0f:7f:ac:3d:ee:c5:3f:20:c7:04:9e:04: 98:d4:78:70:d7:e8:6e:a4:31:cf:7d:57:0b:a8:00: 7f:f1:95:c2:63:8b:9d:7e:71:1a:a5:24:7b:04:90: 13:5e:fd:41:29:8d:fb:f4:7a:ff:9a:35:74:56:68: 6b:11:cb:f0:4d:40:ef:f5:5b:41:d8:c2:f7:5a:f6: 8d:c0:97:b0:da:9c:5a:3d:30:a6:3c:ee:80:49:3a: f1:9a:49:22:eb:c1:4e:e9:b9:f6:36:e9:bd:89:10: 7a:ad:3a:06:bf:4f:a9:8d:7e:e0:8b:7c:de:f1:e2: 96:c7:20:bd:32:38:4a:25:57:48:7f:fa:4a:30:f9: 0f:0d:91:53:43:ce:44:f9:9b:f3:b8:03:a7:11:e8: 20:0a:4b:d9:74:08:22:55:24:11:8e:32:fd:24:5b: a2:95:1b:33:92:28:31:ca:f4:91:60:c0:64:ce:dc: e5:b0:ec:37:56:81:8d:64:33:8a:88:c5:e6:46:87: cf:65:cf:31:5b:e5:bc:1d:57:33:55:d9:bc:53:71: f0:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 74:AC:5C:EC:BB:F8:2F:C7:03:CC:C7:FE:9E:9B:0C:51:86:01:FB:1C X509v3 Authority Key Identifier: keyid:4F:22:83:4C:47:97:47:B0:A8:BD:0A:61:29:F9:FE:65:F8:30:26:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TyKDTEeXR7CovQphKfn-ZfgwJtA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/b9a050-7726-4eb5-b403-7bf724056153/1/TyKDTEeXR7CovQphKfn-ZfgwJtA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/95/b9a050-7726-4eb5-b403-7bf724056153/1/TyKDTEeXR7CovQphKfn-ZfgwJtA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 02:0d:9b:bb:28:60:5b:f2:f6:66:24:6f:fe:ba:f9:39:e3:a1: 8a:b8:5c:cf:27:e7:c5:03:33:63:64:4e:65:83:c7:8c:57:2c: 63:1c:23:64:c4:ad:5f:e1:ed:b2:a6:14:dc:7d:0b:ac:2e:b2: 47:66:b6:d6:3c:e1:fe:c4:05:72:72:e4:db:cb:38:7d:c8:5a: a2:fc:f4:fa:2a:f0:ca:0d:30:f8:7e:39:56:a1:0c:4c:9e:1b: 7d:35:d9:1b:d9:f9:2a:46:e0:46:ec:61:c2:42:57:25:0f:55: 8d:02:a6:f8:07:c8:94:8b:a8:20:41:14:68:55:35:82:c9:db: 92:a4:f0:79:46:4a:55:05:12:0d:fe:91:1f:f8:4d:b2:bd:6e: 58:bf:2a:e8:19:e9:e6:c3:db:93:25:6a:a4:97:58:8f:ef:42: c9:1d:6e:f8:c3:1c:08:48:07:54:66:92:9f:3b:8f:22:98:94: 3b:f8:4c:89:9a:fa:87:bb:6e:74:10:19:52:12:27:e7:b3:7a: 2d:74:da:fb:d9:2a:53:af:cc:c6:ef:2f:4a:da:2d:be:a3:49: 1d:1c:97:2c:d8:52:43:a7:33:ec:4f:6c:a4:5a:f2:94:5d:5b: a4:ad:ce:66:81:ab:8c:a4:0b:af:05:91:25:a0:ff:da:6b:02: bb:f0:35:58 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr1Cn5qC0v7MGocYoiTChuMMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRmMjI4MzRjNDc5NzQ3YjBhOGJkMGE2MTI5ZjlmZTY1Zjgz MDI2ZDAwHhcNMjUxMjA2MTkwMTM2WhcNMjUxMjA3MTkwMTM2WjAzMTEwLwYDVQQD Eyg3NGFjNWNlY2JiZjgyZmM3MDNjY2M3ZmU5ZTliMGM1MTg2MDFmYjFjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqlKZEsvPwkL/IQTUbhDsyqDCLXfL YTAXklhYbPd9bIdASZg9yHUXB2/0PLDpoRUPf6w97sU/IMcEngSY1Hhw1+hupDHP fVcLqAB/8ZXCY4udfnEapSR7BJATXv1BKY379Hr/mjV0VmhrEcvwTUDv9VtB2ML3 WvaNwJew2pxaPTCmPO6ASTrxmkki68FO6bn2Num9iRB6rToGv0+pjX7gi3ze8eKW xyC9MjhKJVdIf/pKMPkPDZFTQ85E+ZvzuAOnEeggCkvZdAgiVSQRjjL9JFuilRsz kigxyvSRYMBkztzlsOw3VoGNZDOKiMXmRofPZc8xW+W8HVczVdm8U3HwtQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHSsXOy7+C/HA8zH/p6bDFGGAfscMB8GA1UdIwQY MBaAFE8ig0xHl0ewqL0KYSn5/mX4MCbQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVHlLRFRFZVhSN0NvdlFwaEtmbi1aZmd3SnRBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS9iOWEwNTAtNzcyNi00ZWI1LWI0MDMt N2JmNzI0MDU2MTUzLzEvVHlLRFRFZVhSN0NvdlFwaEtmbi1aZmd3SnRBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85NS9iOWEwNTAtNzcyNi00ZWI1LWI0MDMtN2JmNzI0MDU2MTUz LzEvVHlLRFRFZVhSN0NvdlFwaEtmbi1aZmd3SnRBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAg2buyhg W/L2ZiRv/rr5OeOhirhczyfnxQMzY2ROZYPHjFcsYxwjZMStX+HtsqYU3H0LrC6y R2a21jzh/sQFcnLk28s4fchaovz0+irwyg0w+H45VqEMTJ4bfTXZG9n5KkbgRuxh wkJXJQ9VjQKm+AfIlIuoIEEUaFU1gsnbkqTweUZKVQUSDf6RH/hNsr1uWL8q6Bnp 5sPbkyVqpJdYj+9CyR1u+MMcCEgHVGaSnzuPIpiUO/hMiZr6h7tudBAZUhIn57N6 LXTa+9kqU6/Mxu8vStotvqNJHRyXLNhSQ6cz7E9spFrylF1bpK3OZoGrjKQLrwWR JaD/2msCu/A1WA== -----END CERTIFICATE-----Generated at Sun Dec 7 00:58:58 2025 by rpki-client