This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/570d93-696d-47eb-93b1-77836e2fcbdd/1/TOpmrdqd-WJaPXjWKPsF4khN2Hg.mft File: TOpmrdqd-WJaPXjWKPsF4khN2Hg.mft (raw, json) Hash identifier: t/EqeBGoQEH1VlO6OfvscD8C9fUREr1Uuc3DXmiEdws= Subject key identifier: 28:BB:9E:D8:29:28:BF:C6:B6:05:F6:5D:41:03:A2:D6:AD:80:4A:5D Authority key identifier: 4C:EA:66:AD:DA:9D:F9:62:5A:3D:78:D6:28:FB:05:E2:48:4D:D8:78 Certificate issuer: /CN=4cea66adda9df9625a3d78d628fb05e2484dd878 Certificate serial: 019B26D282C495134AD9A36EE0DD67F23B21 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TOpmrdqd-WJaPXjWKPsF4khN2Hg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/570d93-696d-47eb-93b1-77836e2fcbdd/1/TOpmrdqd-WJaPXjWKPsF4khN2Hg.mft Manifest number: 0425 Signing time: Tue 16 Dec 2025 11:01:28 +0000 Manifest this update: Tue 16 Dec 2025 11:01:28 +0000 Manifest next update: Wed 17 Dec 2025 11:01:28 +0000 Files and hashes: 1: 1-QbsigNOAsIOrzATvCDKf5YVw3s.roa (hash: gWNRwRZG0Ifn0uSFb+Au9uZSZqHds/SqKOwbteITnow=) 2: TOpmrdqd-WJaPXjWKPsF4khN2Hg.crl (hash: ztOh9FtjbqbcwrwxphUZKmHk6VTM1Sp+el3qqKYgm5o=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9f/570d93-696d-47eb-93b1-77836e2fcbdd/1/TOpmrdqd-WJaPXjWKPsF4khN2Hg.crl rsync://rpki.ripe.net/repository/DEFAULT/9f/570d93-696d-47eb-93b1-77836e2fcbdd/1/TOpmrdqd-WJaPXjWKPsF4khN2Hg.mft rsync://rpki.ripe.net/repository/DEFAULT/TOpmrdqd-WJaPXjWKPsF4khN2Hg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 17 Dec 2025 11:01:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:26:d2:82:c4:95:13:4a:d9:a3:6e:e0:dd:67:f2:3b:21 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4cea66adda9df9625a3d78d628fb05e2484dd878 Validity Not Before: Dec 16 11:01:28 2025 GMT Not After : Dec 17 11:01:28 2025 GMT Subject: CN=28bb9ed82928bfc6b605f65d4103a2d6ad804a5d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:33:f8:41:5b:b5:6a:31:cf:73:9d:9c:53:11: d9:5c:bc:be:b1:1e:24:3d:24:50:4f:29:fc:e9:3e: 53:61:e2:68:7c:0a:34:1e:6b:fe:8c:3b:68:bd:d2: 07:d6:fd:b4:cc:fe:41:ca:41:89:f0:f2:1c:60:c0: 8a:3c:ec:c9:f2:9e:bf:ae:a2:f0:1f:f1:9e:50:b9: f9:5a:9e:ac:69:a9:b9:41:d4:b9:e8:7f:26:51:cc: 69:f0:7e:fd:8e:58:58:b4:1f:7a:8e:fe:84:be:ac: c8:de:fb:bc:6b:58:39:7f:1f:f9:13:d2:69:4d:3d: 18:e4:4e:2f:7e:9d:95:c8:d0:53:0b:5f:07:f1:85: 13:74:b7:7d:5e:71:d1:d2:92:4c:b1:e2:5b:ca:3e: f4:52:9a:85:c5:6a:6a:ae:6f:46:0c:3a:a3:60:5f: f7:7f:c9:ae:0e:f6:7a:df:5f:57:fd:16:7c:c1:36: a1:75:42:ea:5d:8c:ad:38:64:9e:1d:7f:6b:25:13: b6:ea:e4:e6:e3:14:03:ff:bc:75:ad:ac:10:02:d8: 7c:2a:1a:f6:ca:ab:a8:5c:19:ce:c9:19:09:be:02: 65:a9:e0:96:6b:f2:13:d4:3d:d6:4e:df:ea:65:17: 8a:28:ef:c8:68:c4:50:0e:c3:eb:35:b6:e7:b3:e8: eb:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:BB:9E:D8:29:28:BF:C6:B6:05:F6:5D:41:03:A2:D6:AD:80:4A:5D X509v3 Authority Key Identifier: keyid:4C:EA:66:AD:DA:9D:F9:62:5A:3D:78:D6:28:FB:05:E2:48:4D:D8:78 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TOpmrdqd-WJaPXjWKPsF4khN2Hg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/570d93-696d-47eb-93b1-77836e2fcbdd/1/TOpmrdqd-WJaPXjWKPsF4khN2Hg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/570d93-696d-47eb-93b1-77836e2fcbdd/1/TOpmrdqd-WJaPXjWKPsF4khN2Hg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 27:3b:a0:1e:3b:77:f4:56:ee:bb:dd:41:39:cf:87:48:d3:c8: e2:af:0c:49:0f:a7:ac:11:58:af:74:e9:36:0b:b7:24:9b:5a: 6a:9e:e2:85:21:a1:9a:34:6e:af:a6:4a:21:5b:8a:08:55:35: 4b:37:8c:0f:fc:08:0d:33:58:b1:b2:7d:20:fc:03:68:0e:60: 34:a1:d9:61:c9:5c:9e:b6:8e:7b:d6:c9:d3:74:26:8b:b7:40: 09:b9:95:19:fb:80:66:05:1b:4d:69:71:8d:2e:01:aa:c4:e1: 1a:eb:7b:fc:88:35:c6:68:fc:93:25:41:7d:53:2f:0f:01:cf: 0b:f9:48:0b:5f:44:36:4b:84:95:0e:fd:9c:32:3f:af:f7:16: 4d:e2:08:63:5d:36:d0:ef:42:b8:4b:ac:16:6c:0c:c8:84:55: 8b:c1:f3:25:44:c8:ee:0a:c9:aa:66:67:39:b5:6e:b6:d4:d5: 99:6a:09:dd:e7:2e:30:46:e2:c1:0b:6a:93:89:f7:8e:b1:fc: c0:80:20:d2:c7:e0:95:f2:e7:92:d4:d7:13:6b:93:04:95:ad: b4:da:49:92:da:65:40:97:3a:f1:b8:7d:0c:2d:a0:6f:6c:b9: 56:29:f8:ef:63:2a:9d:39:b9:b5:4e:2d:2b:8d:d2:af:4a:a2: 0f:84:c0:78 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsm0oLElRNK2aNu4N1n8jshMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRjZWE2NmFkZGE5ZGY5NjI1YTNkNzhkNjI4ZmIwNWUyNDg0 ZGQ4NzgwHhcNMjUxMjE2MTEwMTI4WhcNMjUxMjE3MTEwMTI4WjAzMTEwLwYDVQQD EygyOGJiOWVkODI5MjhiZmM2YjYwNWY2NWQ0MTAzYTJkNmFkODA0YTVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3zP4QVu1ajHPc52cUxHZXLy+sR4k PSRQTyn86T5TYeJofAo0Hmv+jDtovdIH1v20zP5BykGJ8PIcYMCKPOzJ8p6/rqLw H/GeULn5Wp6saam5QdS56H8mUcxp8H79jlhYtB96jv6EvqzI3vu8a1g5fx/5E9Jp TT0Y5E4vfp2VyNBTC18H8YUTdLd9XnHR0pJMseJbyj70UpqFxWpqrm9GDDqjYF/3 f8muDvZ6319X/RZ8wTahdULqXYytOGSeHX9rJRO26uTm4xQD/7x1rawQAth8Khr2 yquoXBnOyRkJvgJlqeCWa/IT1D3WTt/qZReKKO/IaMRQDsPrNbbns+jrIwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCi7ntgpKL/GtgX2XUEDotatgEpdMB8GA1UdIwQY MBaAFEzqZq3anfliWj141ij7BeJITdh4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVE9wbXJkcWQtV0phUFhqV0tQc0Y0a2hOMkhnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi81NzBkOTMtNjk2ZC00N2ViLTkzYjEt Nzc4MzZlMmZjYmRkLzEvVE9wbXJkcWQtV0phUFhqV0tQc0Y0a2hOMkhnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85Zi81NzBkOTMtNjk2ZC00N2ViLTkzYjEtNzc4MzZlMmZjYmRk LzEvVE9wbXJkcWQtV0phUFhqV0tQc0Y0a2hOMkhnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJzugHjt3 9Fbuu91BOc+HSNPI4q8MSQ+nrBFYr3TpNgu3JJtaap7ihSGhmjRur6ZKIVuKCFU1 SzeMD/wIDTNYsbJ9IPwDaA5gNKHZYclcnraOe9bJ03Qmi7dACbmVGfuAZgUbTWlx jS4BqsThGut7/Ig1xmj8kyVBfVMvDwHPC/lIC19ENkuElQ79nDI/r/cWTeIIY102 0O9CuEusFmwMyIRVi8HzJUTI7grJqmZnObVuttTVmWoJ3ecuMEbiwQtqk4n3jrH8 wIAg0sfglfLnktTXE2uTBJWttNpJktplQJc68bh9DC2gb2y5Vin472MqnTm5tU4t K43Sr0qiD4TAeA== -----END CERTIFICATE-----Generated at Tue Dec 16 20:28:59 2025 by rpki-client