This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/db66ab-70ac-41ad-9958-dd8b5afcee3b/1/tDbA8OyLvt8PYIRN_k_pOTaaS0A.mft File: tDbA8OyLvt8PYIRN_k_pOTaaS0A.mft (raw, json) Hash identifier: Sl/wvkMR620oGp6i9qtiQ3eXXWvVEIVAnBpdAV/I5wI= Subject key identifier: 1A:53:C4:9D:6C:30:6B:C6:E0:B3:B7:78:3E:5C:1E:11:C3:9F:44:A9 Authority key identifier: B4:36:C0:F0:EC:8B:BE:DF:0F:60:84:4D:FE:4F:E9:39:36:9A:4B:40 Certificate issuer: /CN=b436c0f0ec8bbedf0f60844dfe4fe939369a4b40 Certificate serial: 019AF208DDE7D318596E2B59E658A5946228 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDbA8OyLvt8PYIRN_k_pOTaaS0A.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/db66ab-70ac-41ad-9958-dd8b5afcee3b/1/tDbA8OyLvt8PYIRN_k_pOTaaS0A.mft Manifest number: 0492 Signing time: Sat 06 Dec 2025 05:00:58 +0000 Manifest this update: Sat 06 Dec 2025 05:00:58 +0000 Manifest next update: Sun 07 Dec 2025 05:00:58 +0000 Files and hashes: 1: kdQZ4QS0sUqXnywKZ8M79hUmfTA.roa (hash: xGG3G4XfdVhcDuFzw8EOPzLUi5vn/b3D8pkyEY9PSkc=) 2: tDbA8OyLvt8PYIRN_k_pOTaaS0A.crl (hash: mhObq30IL/HctC1/N5oXqAyAkOLScq4BBM9QAPyjHbk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/db66ab-70ac-41ad-9958-dd8b5afcee3b/1/tDbA8OyLvt8PYIRN_k_pOTaaS0A.crl rsync://rpki.ripe.net/repository/DEFAULT/a2/db66ab-70ac-41ad-9958-dd8b5afcee3b/1/tDbA8OyLvt8PYIRN_k_pOTaaS0A.mft rsync://rpki.ripe.net/repository/DEFAULT/tDbA8OyLvt8PYIRN_k_pOTaaS0A.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:08:dd:e7:d3:18:59:6e:2b:59:e6:58:a5:94:62:28 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b436c0f0ec8bbedf0f60844dfe4fe939369a4b40 Validity Not Before: Dec 6 05:00:58 2025 GMT Not After : Dec 7 05:00:58 2025 GMT Subject: CN=1a53c49d6c306bc6e0b3b7783e5c1e11c39f44a9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:dd:e9:03:8b:d6:5d:d8:20:a6:73:89:70:c5: 48:e6:5e:a3:6a:8a:90:50:7e:d6:6f:10:b7:eb:f9: 0e:2d:a4:6f:96:69:6f:4c:9c:fd:ae:eb:b0:45:47: 1b:e6:5b:56:5b:a0:c3:10:bd:28:ab:2d:95:94:8d: 55:de:4d:44:ae:4e:99:80:f8:bd:87:98:39:10:03: a0:bd:9f:be:2b:e7:3e:d9:e6:8f:e5:a7:4d:19:19: b9:7e:06:64:af:c4:f7:d6:5e:6e:de:2a:b5:9c:79: 62:f1:74:b2:26:6f:70:06:ec:29:c3:dc:03:44:6b: 55:8f:f2:85:7a:fc:0a:1a:06:6a:b3:ec:ed:12:1e: 5c:b2:cd:31:7a:95:15:65:c6:ac:5c:0d:7a:19:1e: 36:66:f2:f3:a0:b2:7b:e7:97:ca:fe:4f:4d:49:85: 69:67:45:f5:3e:b6:65:e0:ed:d2:18:8f:49:4d:5a: a5:97:87:b3:a3:bb:51:ac:dc:06:a8:87:43:1d:7c: 17:25:67:21:1c:a7:92:8c:55:51:7d:0d:0f:91:fb: 15:25:38:8b:b1:02:14:25:d6:dd:ed:bf:11:06:af: 92:a9:b4:b2:53:04:2c:59:53:81:a5:47:60:b4:3a: a0:f2:a3:9b:b0:4d:94:ee:1d:7f:af:b6:67:5c:12: 9e:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1A:53:C4:9D:6C:30:6B:C6:E0:B3:B7:78:3E:5C:1E:11:C3:9F:44:A9 X509v3 Authority Key Identifier: keyid:B4:36:C0:F0:EC:8B:BE:DF:0F:60:84:4D:FE:4F:E9:39:36:9A:4B:40 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDbA8OyLvt8PYIRN_k_pOTaaS0A.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/db66ab-70ac-41ad-9958-dd8b5afcee3b/1/tDbA8OyLvt8PYIRN_k_pOTaaS0A.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/db66ab-70ac-41ad-9958-dd8b5afcee3b/1/tDbA8OyLvt8PYIRN_k_pOTaaS0A.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 41:cf:8d:31:73:5c:9b:22:63:17:88:8b:e7:31:d9:7a:3b:f1: d0:0a:04:45:3a:1b:e1:ae:e0:7c:48:75:bf:b2:ec:36:93:36: bd:78:c2:58:ed:53:8d:e9:bd:08:3d:b1:31:34:ec:6d:6f:64: c6:57:74:58:d9:9f:3a:84:4a:cf:7b:0c:2c:73:e5:43:ca:1d: 79:16:26:92:93:56:7e:7a:01:6d:2d:ec:d9:06:85:1c:c7:9f: 71:a1:1c:1c:74:90:97:0c:76:77:62:62:84:0d:60:fc:02:ce: 8a:ef:26:90:48:11:5b:f6:2e:8a:a0:84:23:99:63:1d:af:87: bf:60:c3:d0:c0:42:ec:52:79:4c:f6:7b:c5:3a:75:58:37:88: a4:e9:3b:e1:7e:7c:cd:d8:fb:39:32:fe:98:94:54:2f:df:55: dc:6a:76:3d:a9:43:07:d5:16:f1:3f:0b:e3:21:33:40:20:e2: 9d:d7:f2:c2:55:3d:de:a7:3f:93:56:3f:b7:47:12:9d:07:e3: 7d:63:33:6e:8a:01:7d:62:48:21:df:b2:c5:e1:d7:c2:d2:ad: 51:94:d7:d4:b4:5b:64:aa:73:95:a7:7c:64:fe:47:cd:ec:f5: ee:89:25:44:1e:25:7f:aa:8d:38:dd:a6:ac:f7:cf:12:01:06: 41:f1:41:6e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryCN3n0xhZbitZ5lillGIoMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI0MzZjMGYwZWM4YmJlZGYwZjYwODQ0ZGZlNGZlOTM5MzY5 YTRiNDAwHhcNMjUxMjA2MDUwMDU4WhcNMjUxMjA3MDUwMDU4WjAzMTEwLwYDVQQD EygxYTUzYzQ5ZDZjMzA2YmM2ZTBiM2I3NzgzZTVjMWUxMWMzOWY0NGE5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuN3pA4vWXdggpnOJcMVI5l6jaoqQ UH7WbxC36/kOLaRvlmlvTJz9ruuwRUcb5ltWW6DDEL0oqy2VlI1V3k1Erk6ZgPi9 h5g5EAOgvZ++K+c+2eaP5adNGRm5fgZkr8T31l5u3iq1nHli8XSyJm9wBuwpw9wD RGtVj/KFevwKGgZqs+ztEh5css0xepUVZcasXA16GR42ZvLzoLJ755fK/k9NSYVp Z0X1PrZl4O3SGI9JTVqll4ezo7tRrNwGqIdDHXwXJWchHKeSjFVRfQ0PkfsVJTiL sQIUJdbd7b8RBq+SqbSyUwQsWVOBpUdgtDqg8qObsE2U7h1/r7ZnXBKe7QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBpTxJ1sMGvG4LO3eD5cHhHDn0SpMB8GA1UdIwQY MBaAFLQ2wPDsi77fD2CETf5P6Tk2mktAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdERiQThPeUx2dDhQWUlSTl9rX3BPVGFhUzBBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9kYjY2YWItNzBhYy00MWFkLTk5NTgt ZGQ4YjVhZmNlZTNiLzEvdERiQThPeUx2dDhQWUlSTl9rX3BPVGFhUzBBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMi9kYjY2YWItNzBhYy00MWFkLTk5NTgtZGQ4YjVhZmNlZTNi LzEvdERiQThPeUx2dDhQWUlSTl9rX3BPVGFhUzBBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQc+NMXNc myJjF4iL5zHZejvx0AoERTob4a7gfEh1v7LsNpM2vXjCWO1Tjem9CD2xMTTsbW9k xld0WNmfOoRKz3sMLHPlQ8odeRYmkpNWfnoBbS3s2QaFHMefcaEcHHSQlwx2d2Ji hA1g/ALOiu8mkEgRW/YuiqCEI5ljHa+Hv2DD0MBC7FJ5TPZ7xTp1WDeIpOk74X58 zdj7OTL+mJRUL99V3Gp2PalDB9UW8T8L4yEzQCDindfywlU93qc/k1Y/t0cSnQfj fWMzbooBfWJIId+yxeHXwtKtUZTX1LRbZKpzlad8ZP5Hzez17oklRB4lf6qNON2m rPfPEgEGQfFBbg== -----END CERTIFICATE-----Generated at Sat Dec 6 08:07:27 2025 by rpki-client