This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/651421-3300-4886-bbe5-84abcfbcdf5e/1/tKbCB0KCIvY_ycuoOdDb2aaVCzE.mft File: tKbCB0KCIvY_ycuoOdDb2aaVCzE.mft (raw, json) Hash identifier: 22IUgZZ9dsAPjig9zVO9H0Yl7rf/0zM6IhhmL0dB8XM= Subject key identifier: 5B:3A:0D:95:36:1D:57:40:FF:62:86:C9:6C:69:EA:E9:BC:C3:08:47 Authority key identifier: B4:A6:C2:07:42:82:22:F6:3F:C9:CB:A8:39:D0:DB:D9:A6:95:0B:31 Certificate issuer: /CN=b4a6c207428222f63fc9cba839d0dbd9a6950b31 Certificate serial: 019AF31BE42EF64A7EE71913C8B127FBB147 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tKbCB0KCIvY_ycuoOdDb2aaVCzE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/651421-3300-4886-bbe5-84abcfbcdf5e/1/tKbCB0KCIvY_ycuoOdDb2aaVCzE.mft Manifest number: 0216 Signing time: Sat 06 Dec 2025 10:01:22 +0000 Manifest this update: Sat 06 Dec 2025 10:01:22 +0000 Manifest next update: Sun 07 Dec 2025 10:01:22 +0000 Files and hashes: 1: tKbCB0KCIvY_ycuoOdDb2aaVCzE.crl (hash: 5W/zlzoySXtL+EU2CEsGDD5rQC494+RQYh/N9CRRY84=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/651421-3300-4886-bbe5-84abcfbcdf5e/1/tKbCB0KCIvY_ycuoOdDb2aaVCzE.crl rsync://rpki.ripe.net/repository/DEFAULT/a9/651421-3300-4886-bbe5-84abcfbcdf5e/1/tKbCB0KCIvY_ycuoOdDb2aaVCzE.mft rsync://rpki.ripe.net/repository/DEFAULT/tKbCB0KCIvY_ycuoOdDb2aaVCzE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1b:e4:2e:f6:4a:7e:e7:19:13:c8:b1:27:fb:b1:47 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b4a6c207428222f63fc9cba839d0dbd9a6950b31 Validity Not Before: Dec 6 10:01:22 2025 GMT Not After : Dec 7 10:01:22 2025 GMT Subject: CN=5b3a0d95361d5740ff6286c96c69eae9bcc30847 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:42:41:e6:7f:ca:48:44:7b:fd:09:45:5a:57: 64:27:43:69:cc:59:8a:ff:92:ee:04:75:85:0a:db: 4b:ba:36:d1:25:4a:dc:93:4a:8f:43:e5:80:2f:3d: 38:98:b6:1f:3a:fa:9d:1f:fb:cf:ff:74:38:e6:18: 8a:85:44:e1:7d:7c:48:96:fb:23:39:62:8f:e5:24: 71:77:49:c2:d6:51:69:15:07:9c:aa:07:de:97:b8: 84:29:7f:f5:37:6b:73:ea:da:d2:0f:1b:f0:dd:cc: 3c:8f:7b:1b:79:c0:76:11:f0:a9:4d:7a:bc:95:d6: 8d:67:f5:32:46:78:8c:29:76:dc:81:39:29:3c:6c: 93:4e:a6:41:fd:ec:6f:92:85:25:8c:19:aa:70:23: 66:3b:6a:a3:f8:83:53:33:94:6a:24:c6:cf:50:e9: cd:67:b6:0a:f3:2b:bf:c7:eb:72:6e:e7:78:d4:3a: 43:3d:0c:71:44:0d:95:1a:29:cd:46:3e:91:d9:de: d1:dc:04:61:43:8a:55:b4:30:4c:57:b4:2d:f5:0f: 1b:88:22:3d:73:c9:34:b4:42:37:a1:6c:03:23:1c: 9b:38:0e:f0:5c:17:e3:1b:ce:66:0d:5b:56:dd:b8: c4:21:b5:c8:a0:20:45:f2:5a:d2:51:3b:fe:17:e7: cd:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5B:3A:0D:95:36:1D:57:40:FF:62:86:C9:6C:69:EA:E9:BC:C3:08:47 X509v3 Authority Key Identifier: keyid:B4:A6:C2:07:42:82:22:F6:3F:C9:CB:A8:39:D0:DB:D9:A6:95:0B:31 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tKbCB0KCIvY_ycuoOdDb2aaVCzE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/651421-3300-4886-bbe5-84abcfbcdf5e/1/tKbCB0KCIvY_ycuoOdDb2aaVCzE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/651421-3300-4886-bbe5-84abcfbcdf5e/1/tKbCB0KCIvY_ycuoOdDb2aaVCzE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4f:e4:cb:16:9c:60:8f:a0:4f:7c:84:03:40:fd:35:d0:01:e9: e2:33:3d:db:53:85:c0:0e:e7:92:5f:9e:57:3e:fd:f3:ae:1d: 3a:5d:3d:bc:73:ab:7c:32:9d:db:61:c4:be:0c:f8:59:0e:40: a3:7c:32:54:77:32:74:88:0c:73:b0:c2:65:ac:88:3a:9a:3e: f6:63:10:85:da:23:4a:2d:1e:eb:68:a3:70:fc:85:ef:94:70: 31:20:21:61:f4:ca:32:79:bc:39:ba:15:38:b1:16:bb:99:e3: 72:cc:a9:d6:71:f2:9c:0a:8f:bb:e8:b2:07:97:51:ba:23:69: 55:4e:e1:14:da:85:39:ec:7e:bc:c2:89:b4:9d:d4:d9:13:00: 51:aa:04:c0:de:ed:09:c7:10:e5:22:3f:7e:b1:a2:bd:fc:9a: ad:5c:e9:f0:d6:b1:b1:a4:54:1a:cc:41:12:55:17:b1:16:5e: 56:54:f2:85:7a:86:f8:15:bf:fd:0e:d4:de:93:d0:53:7a:21: ab:03:c0:69:3c:ec:e9:35:b3:0b:b7:44:be:33:fe:b6:67:92: 52:7b:7c:f9:23:13:9a:9f:7d:b9:fb:a3:09:f2:a9:4b:29:74: 25:c5:32:98:83:b2:b8:2a:c6:e6:67:f9:bd:e8:14:2e:83:0c: 2c:2d:65:0c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzG+Qu9kp+5xkTyLEn+7FHMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI0YTZjMjA3NDI4MjIyZjYzZmM5Y2JhODM5ZDBkYmQ5YTY5 NTBiMzEwHhcNMjUxMjA2MTAwMTIyWhcNMjUxMjA3MTAwMTIyWjAzMTEwLwYDVQQD Eyg1YjNhMGQ5NTM2MWQ1NzQwZmY2Mjg2Yzk2YzY5ZWFlOWJjYzMwODQ3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqEJB5n/KSER7/QlFWldkJ0NpzFmK /5LuBHWFCttLujbRJUrck0qPQ+WALz04mLYfOvqdH/vP/3Q45hiKhUThfXxIlvsj OWKP5SRxd0nC1lFpFQecqgfel7iEKX/1N2tz6trSDxvw3cw8j3sbecB2EfCpTXq8 ldaNZ/UyRniMKXbcgTkpPGyTTqZB/exvkoUljBmqcCNmO2qj+INTM5RqJMbPUOnN Z7YK8yu/x+tybud41DpDPQxxRA2VGinNRj6R2d7R3ARhQ4pVtDBMV7Qt9Q8biCI9 c8k0tEI3oWwDIxybOA7wXBfjG85mDVtW3bjEIbXIoCBF8lrSUTv+F+fN4QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFs6DZU2HVdA/2KGyWxp6um8wwhHMB8GA1UdIwQY MBaAFLSmwgdCgiL2P8nLqDnQ29mmlQsxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdEtiQ0IwS0NJdllfeWN1b09kRGIyYWFWQ3pFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS82NTE0MjEtMzMwMC00ODg2LWJiZTUt ODRhYmNmYmNkZjVlLzEvdEtiQ0IwS0NJdllfeWN1b09kRGIyYWFWQ3pFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hOS82NTE0MjEtMzMwMC00ODg2LWJiZTUtODRhYmNmYmNkZjVl LzEvdEtiQ0IwS0NJdllfeWN1b09kRGIyYWFWQ3pFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT+TLFpxg j6BPfIQDQP010AHp4jM921OFwA7nkl+eVz79864dOl09vHOrfDKd22HEvgz4WQ5A o3wyVHcydIgMc7DCZayIOpo+9mMQhdojSi0e62ijcPyF75RwMSAhYfTKMnm8OboV OLEWu5njcsyp1nHynAqPu+iyB5dRuiNpVU7hFNqFOex+vMKJtJ3U2RMAUaoEwN7t CccQ5SI/frGivfyarVzp8NaxsaRUGsxBElUXsRZeVlTyhXqG+BW//Q7U3pPQU3oh qwPAaTzs6TWzC7dEvjP+tmeSUnt8+SMTmp99ufujCfKpSyl0JcUymIOyuCrG5mf5 vegULoMMLC1lDA== -----END CERTIFICATE-----Generated at Sat Dec 6 15:28:01 2025 by rpki-client