This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/2bbd21-d147-4c78-8d2e-a209b90f27d9/1/ctdCYWpoBB9_D80HkvOOQQOnncI.mft File: ctdCYWpoBB9_D80HkvOOQQOnncI.mft (raw, json) Hash identifier: H/X/ZQ+L6zAialDK/dblh6iIPaEp6CEIicMx9/lfN2Y= Subject key identifier: 85:71:73:83:3C:C6:78:1D:77:66:12:70:B8:88:FE:5E:78:CC:6C:FD Authority key identifier: 72:D7:42:61:6A:68:04:1F:7F:0F:CD:07:92:F3:8E:41:03:A7:9D:C2 Certificate issuer: /CN=72d742616a68041f7f0fcd0792f38e4103a79dc2 Certificate serial: 019AF389333CE82B0425AB5E9D6652460762 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ctdCYWpoBB9_D80HkvOOQQOnncI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/2bbd21-d147-4c78-8d2e-a209b90f27d9/1/ctdCYWpoBB9_D80HkvOOQQOnncI.mft Manifest number: 0435 Signing time: Sat 06 Dec 2025 12:00:46 +0000 Manifest this update: Sat 06 Dec 2025 12:00:46 +0000 Manifest next update: Sun 07 Dec 2025 12:00:46 +0000 Files and hashes: 1: ctdCYWpoBB9_D80HkvOOQQOnncI.crl (hash: o27TAjnbJYiubzbwHIT/trjqakjpbgebZKNG5AI1eRI=) 2: zto4NeQB1_I3QORAJXQ-oNO5db0.roa (hash: 4X/MAtxcgqfp8hiwe6Iai+qfAWiiXuU0LC7+GPHFtZ0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/2bbd21-d147-4c78-8d2e-a209b90f27d9/1/ctdCYWpoBB9_D80HkvOOQQOnncI.crl rsync://rpki.ripe.net/repository/DEFAULT/a8/2bbd21-d147-4c78-8d2e-a209b90f27d9/1/ctdCYWpoBB9_D80HkvOOQQOnncI.mft rsync://rpki.ripe.net/repository/DEFAULT/ctdCYWpoBB9_D80HkvOOQQOnncI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 12:00:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:89:33:3c:e8:2b:04:25:ab:5e:9d:66:52:46:07:62 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=72d742616a68041f7f0fcd0792f38e4103a79dc2 Validity Not Before: Dec 6 12:00:46 2025 GMT Not After : Dec 7 12:00:46 2025 GMT Subject: CN=857173833cc6781d77661270b888fe5e78cc6cfd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:87:a8:df:94:f5:9a:74:5e:3e:71:25:8c:4a:bc: 37:48:f3:f2:5a:f6:14:95:d3:97:cf:57:a3:37:a9: ac:94:5d:56:10:c0:f3:e2:83:60:fb:c8:64:82:dd: 93:d8:37:f0:76:1d:7d:4a:22:84:16:74:f8:13:53: e8:88:e6:8e:24:dd:49:ac:59:c2:a6:67:d2:33:4e: cc:0f:4e:b3:1c:62:ed:cb:c9:22:88:f2:ef:d0:16: 07:a7:29:33:2c:7a:6f:6d:75:24:f8:64:82:11:63: f8:f8:0b:d5:42:e7:eb:45:24:7c:c6:6a:97:51:71: 98:2d:7f:3c:3e:74:90:49:89:19:a5:31:d6:b7:e4: 5d:af:9c:08:55:cb:22:2e:e1:6f:49:68:c0:0c:e9: 4a:b5:71:ea:98:91:53:b0:0c:ed:c7:2d:f6:f7:23: 32:ef:db:2b:59:50:98:30:89:1f:cb:18:af:be:f9: 50:13:97:27:9e:eb:20:95:93:90:96:02:80:6e:73: 81:f6:00:a9:f0:58:ff:68:60:f9:3f:a6:c9:f9:4e: 20:1f:53:65:26:68:11:a1:38:e6:f6:0b:7b:dd:d0: b6:a7:4d:9c:da:08:78:d7:c6:5a:2b:cd:ed:5f:b6: 4b:1e:ff:f7:89:e1:33:dc:60:b1:bd:43:2d:df:60: db:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:71:73:83:3C:C6:78:1D:77:66:12:70:B8:88:FE:5E:78:CC:6C:FD X509v3 Authority Key Identifier: keyid:72:D7:42:61:6A:68:04:1F:7F:0F:CD:07:92:F3:8E:41:03:A7:9D:C2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ctdCYWpoBB9_D80HkvOOQQOnncI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/2bbd21-d147-4c78-8d2e-a209b90f27d9/1/ctdCYWpoBB9_D80HkvOOQQOnncI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/2bbd21-d147-4c78-8d2e-a209b90f27d9/1/ctdCYWpoBB9_D80HkvOOQQOnncI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4d:62:24:87:bf:0f:6e:07:dc:c0:c4:6c:a1:43:af:5f:c5:13: cb:70:84:43:fc:64:b4:c3:6b:a5:76:0d:9e:f3:96:cc:fd:e2: e4:e0:4a:c7:8f:a2:47:7c:5c:b5:45:85:8e:ff:a5:2d:18:bb: 32:be:a4:59:a8:d9:d2:2a:84:47:2e:24:57:28:47:a3:f2:c9: 33:e9:ba:5d:f9:52:40:bf:a8:61:7c:97:b2:b0:48:ea:09:86: 9c:04:25:dc:e8:49:d1:f0:cd:a5:fe:f9:da:07:33:4a:0f:e6: 5c:15:4c:a3:bb:91:90:d3:72:c8:c3:d9:ed:27:71:29:0f:37: 3a:cf:f9:85:48:01:e5:56:a8:3c:b1:33:56:14:56:59:f8:9c: 52:6d:40:20:b4:32:c5:4e:8f:96:1c:8f:8b:da:6f:a7:3d:b5: 29:dd:e5:04:69:af:6c:04:aa:e2:41:72:0c:2b:14:7c:88:54: 86:bd:34:b2:85:c9:97:ee:95:18:c3:3e:bf:9d:f4:4b:38:74: 50:57:ee:c2:43:6b:69:42:2f:61:53:2f:3b:c8:d0:65:a9:30: 72:3e:ae:15:99:0a:49:be:90:b7:06:91:cc:3a:db:15:da:51: 31:b8:70:4c:d5:73:ed:9c:ef:7b:22:88:60:5c:8b:3a:d5:ab: a9:fb:c5:a7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrziTM86CsEJatenWZSRgdiMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDcyZDc0MjYxNmE2ODA0MWY3ZjBmY2QwNzkyZjM4ZTQxMDNh NzlkYzIwHhcNMjUxMjA2MTIwMDQ2WhcNMjUxMjA3MTIwMDQ2WjAzMTEwLwYDVQQD Eyg4NTcxNzM4MzNjYzY3ODFkNzc2NjEyNzBiODg4ZmU1ZTc4Y2M2Y2ZkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh6jflPWadF4+cSWMSrw3SPPyWvYU ldOXz1ejN6mslF1WEMDz4oNg+8hkgt2T2Dfwdh19SiKEFnT4E1PoiOaOJN1JrFnC pmfSM07MD06zHGLty8kiiPLv0BYHpykzLHpvbXUk+GSCEWP4+AvVQufrRSR8xmqX UXGYLX88PnSQSYkZpTHWt+Rdr5wIVcsiLuFvSWjADOlKtXHqmJFTsAztxy329yMy 79srWVCYMIkfyxivvvlQE5cnnusglZOQlgKAbnOB9gCp8Fj/aGD5P6bJ+U4gH1Nl JmgRoTjm9gt73dC2p02c2gh418ZaK83tX7ZLHv/3ieEz3GCxvUMt32Db1QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIVxc4M8xngdd2YScLiI/l54zGz9MB8GA1UdIwQY MBaAFHLXQmFqaAQffw/NB5LzjkEDp53CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY3RkQ1lXcG9CQjlfRDgwSGt2T09RUU9ubmNJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC8yYmJkMjEtZDE0Ny00Yzc4LThkMmUt YTIwOWI5MGYyN2Q5LzEvY3RkQ1lXcG9CQjlfRDgwSGt2T09RUU9ubmNJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hOC8yYmJkMjEtZDE0Ny00Yzc4LThkMmUtYTIwOWI5MGYyN2Q5 LzEvY3RkQ1lXcG9CQjlfRDgwSGt2T09RUU9ubmNJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATWIkh78P bgfcwMRsoUOvX8UTy3CEQ/xktMNrpXYNnvOWzP3i5OBKx4+iR3xctUWFjv+lLRi7 Mr6kWajZ0iqERy4kVyhHo/LJM+m6XflSQL+oYXyXsrBI6gmGnAQl3OhJ0fDNpf75 2gczSg/mXBVMo7uRkNNyyMPZ7SdxKQ83Os/5hUgB5VaoPLEzVhRWWficUm1AILQy xU6PlhyPi9pvpz21Kd3lBGmvbASq4kFyDCsUfIhUhr00soXJl+6VGMM+v530Szh0 UFfuwkNraUIvYVMvO8jQZakwcj6uFZkKSb6QtwaRzDrbFdpRMbhwTNVz7ZzveyKI YFyLOtWrqfvFpw== -----END CERTIFICATE-----Generated at Sat Dec 6 23:11:30 2025 by rpki-client