This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/1e5c88-c3fc-4e76-bc65-391fec267dae/1/tDlfbOqaAYpMyEgY5qo1INMiIYs.mft File: tDlfbOqaAYpMyEgY5qo1INMiIYs.mft (raw, json) Hash identifier: AMH7i+okDfUgwl9i1aOoi+X2NBR5oJB4ty8XJAKxSgo= Subject key identifier: B0:A6:55:A8:DA:2A:FE:3E:7E:3D:3A:B5:26:0B:1E:90:9E:72:EE:5C Authority key identifier: B4:39:5F:6C:EA:9A:01:8A:4C:C8:48:18:E6:AA:35:20:D3:22:21:8B Certificate issuer: /CN=b4395f6cea9a018a4cc84818e6aa3520d322218b Certificate serial: 019AF12E57BEC0145F41CE35FE80D28364D2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tDlfbOqaAYpMyEgY5qo1INMiIYs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/1e5c88-c3fc-4e76-bc65-391fec267dae/1/tDlfbOqaAYpMyEgY5qo1INMiIYs.mft Manifest number: 0DE3 Signing time: Sat 06 Dec 2025 01:02:17 +0000 Manifest this update: Sat 06 Dec 2025 01:02:17 +0000 Manifest next update: Sun 07 Dec 2025 01:02:17 +0000 Files and hashes: 1: UoFhfe1D4fv5504pD16hAMtOHqM.roa (hash: f5OjLqYpJfmM6P+Sc+etueFJmxpiBV6zei8gZZWeXpE=) 2: tDlfbOqaAYpMyEgY5qo1INMiIYs.crl (hash: D3SHH7S0ef6pPXLdCEweJYIiB5Fy3BCq31hGElJFPTA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/1e5c88-c3fc-4e76-bc65-391fec267dae/1/tDlfbOqaAYpMyEgY5qo1INMiIYs.crl rsync://rpki.ripe.net/repository/DEFAULT/a3/1e5c88-c3fc-4e76-bc65-391fec267dae/1/tDlfbOqaAYpMyEgY5qo1INMiIYs.mft rsync://rpki.ripe.net/repository/DEFAULT/tDlfbOqaAYpMyEgY5qo1INMiIYs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:02:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2e:57:be:c0:14:5f:41:ce:35:fe:80:d2:83:64:d2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b4395f6cea9a018a4cc84818e6aa3520d322218b Validity Not Before: Dec 6 01:02:17 2025 GMT Not After : Dec 7 01:02:17 2025 GMT Subject: CN=b0a655a8da2afe3e7e3d3ab5260b1e909e72ee5c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:a5:ef:9d:f9:34:b5:e2:d5:ed:3d:a4:40:fe: dd:54:c0:bf:ad:b6:c7:ee:6c:f2:23:a1:f2:a2:d4: d4:19:3b:50:86:15:33:00:fe:42:e4:85:2a:21:5e: cb:93:48:c1:d7:c3:a3:ae:ef:63:2e:dc:26:d1:56: be:48:37:48:2a:d5:6d:09:7e:31:e6:4a:66:05:fa: 6e:45:03:c5:35:f2:1e:40:69:4a:9e:1a:3f:4c:84: 8d:fc:fa:e2:d3:69:56:89:4b:1a:16:07:fd:32:0d: c7:8a:4a:28:50:8a:20:39:21:c2:ac:40:8f:01:e7: fa:61:03:bc:5e:93:a6:7e:28:83:7f:72:f1:45:3e: e7:d1:39:ce:d2:8d:21:57:41:a4:ea:9c:11:3e:98: b9:dc:15:14:48:13:57:c8:d7:02:62:fc:1f:d0:10: fd:dc:2d:0b:bc:3f:31:08:93:1d:99:ed:14:fd:05: d6:31:f8:49:2a:24:c7:60:15:02:41:02:67:66:75: 1e:05:35:70:47:30:78:3f:e5:c2:e0:ba:bc:71:c4: 70:11:22:24:dd:8c:29:b5:92:17:ac:3a:c6:3b:e9: 65:a1:33:64:fe:7b:6e:3a:be:92:db:9c:43:54:4f: d4:09:8a:b6:da:65:a5:95:21:e3:6c:96:b7:86:95: c2:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B0:A6:55:A8:DA:2A:FE:3E:7E:3D:3A:B5:26:0B:1E:90:9E:72:EE:5C X509v3 Authority Key Identifier: keyid:B4:39:5F:6C:EA:9A:01:8A:4C:C8:48:18:E6:AA:35:20:D3:22:21:8B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tDlfbOqaAYpMyEgY5qo1INMiIYs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/1e5c88-c3fc-4e76-bc65-391fec267dae/1/tDlfbOqaAYpMyEgY5qo1INMiIYs.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/1e5c88-c3fc-4e76-bc65-391fec267dae/1/tDlfbOqaAYpMyEgY5qo1INMiIYs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8c:df:5d:d9:47:d9:c7:2c:a9:a6:25:57:b3:fc:d1:bf:b3:57: 82:3c:16:60:61:c8:a9:d4:fd:67:16:35:e8:77:47:4b:ee:a0: 9a:ad:c2:95:ad:da:da:7d:aa:4f:84:4c:d3:42:f1:bc:3d:c2: c2:94:0e:f0:86:f3:dd:b4:c0:64:1b:33:37:a9:9c:78:a8:ee: d3:aa:03:a5:d5:7c:cd:31:8a:47:dd:6b:c2:46:bf:b8:0a:15: b6:c8:7a:9e:47:ee:bd:56:f3:8d:7e:0f:3f:fd:b8:9c:df:e3: 51:62:ed:8b:3b:7c:f8:12:8e:93:6e:b3:95:3c:6a:b9:73:94: 40:e0:fe:ee:d1:cd:1f:03:22:4a:b2:a4:10:0d:98:56:54:6a: 7f:8a:df:a4:82:63:7b:20:14:87:eb:c3:97:a3:53:43:6f:eb: 8d:38:eb:f1:25:7b:3d:51:a8:f9:e6:f6:1e:04:7c:41:f7:5e: 15:c7:5b:f7:29:54:20:b8:b7:0f:ab:2e:06:28:69:74:ae:7b: 92:a1:75:67:db:35:9e:f1:29:6d:78:64:b6:3e:ac:8d:70:a7: 91:7e:cb:64:02:87:bd:b1:58:dd:d4:69:a5:96:e3:ee:7f:bd: 1b:9e:4c:86:45:e4:51:44:97:41:26:a8:ea:d2:07:4c:cf:78: e8:d5:af:c6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLle+wBRfQc41/oDSg2TSMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI0Mzk1ZjZjZWE5YTAxOGE0Y2M4NDgxOGU2YWEzNTIwZDMy MjIxOGIwHhcNMjUxMjA2MDEwMjE3WhcNMjUxMjA3MDEwMjE3WjAzMTEwLwYDVQQD EyhiMGE2NTVhOGRhMmFmZTNlN2UzZDNhYjUyNjBiMWU5MDllNzJlZTVjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn6Xvnfk0teLV7T2kQP7dVMC/rbbH 7mzyI6HyotTUGTtQhhUzAP5C5IUqIV7Lk0jB18Ojru9jLtwm0Va+SDdIKtVtCX4x 5kpmBfpuRQPFNfIeQGlKnho/TISN/Pri02lWiUsaFgf9Mg3HikooUIogOSHCrECP Aef6YQO8XpOmfiiDf3LxRT7n0TnO0o0hV0Gk6pwRPpi53BUUSBNXyNcCYvwf0BD9 3C0LvD8xCJMdme0U/QXWMfhJKiTHYBUCQQJnZnUeBTVwRzB4P+XC4Lq8ccRwESIk 3YwptZIXrDrGO+lloTNk/ntuOr6S25xDVE/UCYq22mWllSHjbJa3hpXCmQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLCmVajaKv4+fj06tSYLHpCecu5cMB8GA1UdIwQY MBaAFLQ5X2zqmgGKTMhIGOaqNSDTIiGLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdERsZmJPcWFBWXBNeUVnWTVxbzFJTk1pSVlzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy8xZTVjODgtYzNmYy00ZTc2LWJjNjUt MzkxZmVjMjY3ZGFlLzEvdERsZmJPcWFBWXBNeUVnWTVxbzFJTk1pSVlzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMy8xZTVjODgtYzNmYy00ZTc2LWJjNjUtMzkxZmVjMjY3ZGFl LzEvdERsZmJPcWFBWXBNeUVnWTVxbzFJTk1pSVlzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjN9d2UfZ xyyppiVXs/zRv7NXgjwWYGHIqdT9ZxY16HdHS+6gmq3Cla3a2n2qT4RM00LxvD3C wpQO8Ibz3bTAZBszN6mceKju06oDpdV8zTGKR91rwka/uAoVtsh6nkfuvVbzjX4P P/24nN/jUWLtizt8+BKOk26zlTxquXOUQOD+7tHNHwMiSrKkEA2YVlRqf4rfpIJj eyAUh+vDl6NTQ2/rjTjr8SV7PVGo+eb2HgR8QfdeFcdb9ylUILi3D6suBihpdK57 kqF1Z9s1nvEpbXhktj6sjXCnkX7LZAKHvbFY3dRppZbj7n+9G55MhkXkUUSXQSao 6tIHTM946NWvxg== -----END CERTIFICATE-----Generated at Sat Dec 6 10:17:13 2025 by rpki-client