This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/cbfd1e-1202-40c1-bdf0-c24ee0494541/1/TZRvTfIjdJGmjfpAe-QfroS72mY.mft File: TZRvTfIjdJGmjfpAe-QfroS72mY.mft (raw, json) Hash identifier: E9vFiDPMcB0+uO/EkgqkvQJsgWjBMfnupLMxOJZymyE= Subject key identifier: A3:7A:23:C8:60:CC:88:C1:45:F5:E4:54:98:0E:8C:3A:E5:81:46:A3 Authority key identifier: 4D:94:6F:4D:F2:23:74:91:A6:8D:FA:40:7B:E4:1F:AE:84:BB:DA:66 Certificate issuer: /CN=4d946f4df2237491a68dfa407be41fae84bbda66 Certificate serial: 019AF3528678D851B35A57D3DCFD424377C8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TZRvTfIjdJGmjfpAe-QfroS72mY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/cbfd1e-1202-40c1-bdf0-c24ee0494541/1/TZRvTfIjdJGmjfpAe-QfroS72mY.mft Manifest number: 10C4 Signing time: Sat 06 Dec 2025 11:01:03 +0000 Manifest this update: Sat 06 Dec 2025 11:01:03 +0000 Manifest next update: Sun 07 Dec 2025 11:01:03 +0000 Files and hashes: 1: C8PR4XXWsjpP8PHYuoN78zoE9nY.roa (hash: uu2Jn3Slz9u+yGZ22j4LqOkp9lCOWyyfMINckydLJ3E=) 2: TZRvTfIjdJGmjfpAe-QfroS72mY.crl (hash: 5wIVmn3+7j76xUDWXCiIO3sz9GSMeolue8dkZrClbZc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b8/cbfd1e-1202-40c1-bdf0-c24ee0494541/1/TZRvTfIjdJGmjfpAe-QfroS72mY.crl rsync://rpki.ripe.net/repository/DEFAULT/b8/cbfd1e-1202-40c1-bdf0-c24ee0494541/1/TZRvTfIjdJGmjfpAe-QfroS72mY.mft rsync://rpki.ripe.net/repository/DEFAULT/TZRvTfIjdJGmjfpAe-QfroS72mY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 11:01:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:52:86:78:d8:51:b3:5a:57:d3:dc:fd:42:43:77:c8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4d946f4df2237491a68dfa407be41fae84bbda66 Validity Not Before: Dec 6 11:01:03 2025 GMT Not After : Dec 7 11:01:03 2025 GMT Subject: CN=a37a23c860cc88c145f5e454980e8c3ae58146a3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:05:e3:89:78:16:fa:d8:8e:25:8f:a1:2a:72: aa:d2:01:9c:db:0c:39:dc:fa:e0:56:8e:1b:28:17: d6:1f:a2:2a:8f:fc:48:72:69:e7:bf:05:ea:52:03: 41:80:14:7c:7a:4e:9f:0a:45:3e:3e:45:90:8e:9c: ae:97:df:12:8d:30:21:cd:b0:10:eb:0e:69:a1:78: 7c:ae:5f:9e:94:8a:de:3c:e6:fd:de:61:de:0f:27: 50:39:b5:d8:85:62:ab:bd:97:c4:fe:f4:85:c3:e8: 3e:d8:e4:ee:c5:19:d3:5c:92:11:c6:60:3d:c3:02: a3:4e:87:56:2c:4d:9b:c9:6c:49:ef:18:f6:31:04: 60:12:d1:01:ca:d4:66:9f:2b:ca:19:c2:cd:88:0e: 0d:f5:6d:a9:e2:b8:c9:9e:bd:01:d0:7f:c2:89:9b: 76:3d:41:2a:c5:94:d0:7a:9a:aa:3e:8f:3b:ab:e4: 92:7a:fd:e8:97:70:9d:57:a1:d0:fb:a2:5e:24:35: 29:bd:7a:be:56:ad:a4:a8:e1:ea:b6:8f:f9:ae:0f: 89:e2:af:fa:bd:fd:8a:98:07:fa:cf:9c:93:53:71: 0e:84:35:d3:ec:88:1e:07:12:b1:f0:39:58:a6:b5: f8:ed:7f:28:45:2a:f5:4e:bd:a4:64:54:2f:ff:84: 63:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:7A:23:C8:60:CC:88:C1:45:F5:E4:54:98:0E:8C:3A:E5:81:46:A3 X509v3 Authority Key Identifier: keyid:4D:94:6F:4D:F2:23:74:91:A6:8D:FA:40:7B:E4:1F:AE:84:BB:DA:66 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TZRvTfIjdJGmjfpAe-QfroS72mY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/cbfd1e-1202-40c1-bdf0-c24ee0494541/1/TZRvTfIjdJGmjfpAe-QfroS72mY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/cbfd1e-1202-40c1-bdf0-c24ee0494541/1/TZRvTfIjdJGmjfpAe-QfroS72mY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4d:cc:01:b1:a4:6f:4a:99:93:c8:57:76:fd:c7:e7:4f:0a:d6: 79:10:10:ce:9f:a0:b4:a4:70:61:24:86:ec:d9:23:15:77:59: 28:4a:29:96:bd:d8:f8:56:0c:a9:8b:62:6c:ed:29:b2:4e:c1: 03:d7:e5:ca:6b:d1:2d:f9:89:f8:eb:38:e6:b8:f3:aa:04:64: 56:3b:6a:a5:99:9b:5c:ac:bc:bd:90:43:3c:ea:75:81:aa:de: 94:40:a9:80:f9:ef:16:2d:0a:c7:e1:8e:c0:c4:7f:b5:6d:36: 71:de:4a:01:d4:62:47:b6:d4:5c:ae:3c:96:63:31:99:ee:6f: ca:ff:26:ca:3a:e4:f8:05:e2:f6:8a:57:32:9f:02:f4:28:c5: 38:58:64:0a:6d:06:b6:e9:08:1d:68:8d:69:b6:bc:53:db:ce: 84:c2:1b:c9:d1:6f:30:0c:fd:36:c2:e7:b4:b3:75:ec:88:0d: 48:cc:48:b4:ed:de:bd:12:d6:ee:25:4f:7f:b1:be:ee:fd:d3: 82:59:b8:d7:5d:f6:4f:59:3a:76:e5:5f:a5:62:06:bd:ad:a4: 0d:65:33:61:6c:48:6c:97:49:99:4f:3d:02:77:5e:ee:cd:96: e8:dd:45:2d:70:30:83:26:22:ad:c0:0a:09:0a:52:cc:80:09: 76:eb:6b:31 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzUoZ42FGzWlfT3P1CQ3fIMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRkOTQ2ZjRkZjIyMzc0OTFhNjhkZmE0MDdiZTQxZmFlODRi YmRhNjYwHhcNMjUxMjA2MTEwMTAzWhcNMjUxMjA3MTEwMTAzWjAzMTEwLwYDVQQD EyhhMzdhMjNjODYwY2M4OGMxNDVmNWU0NTQ5ODBlOGMzYWU1ODE0NmEzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqgXjiXgW+tiOJY+hKnKq0gGc2ww5 3PrgVo4bKBfWH6Iqj/xIcmnnvwXqUgNBgBR8ek6fCkU+PkWQjpyul98SjTAhzbAQ 6w5poXh8rl+elIrePOb93mHeDydQObXYhWKrvZfE/vSFw+g+2OTuxRnTXJIRxmA9 wwKjTodWLE2byWxJ7xj2MQRgEtEBytRmnyvKGcLNiA4N9W2p4rjJnr0B0H/CiZt2 PUEqxZTQepqqPo87q+SSev3ol3CdV6HQ+6JeJDUpvXq+Vq2kqOHqto/5rg+J4q/6 vf2KmAf6z5yTU3EOhDXT7IgeBxKx8DlYprX47X8oRSr1Tr2kZFQv/4Rj8wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKN6I8hgzIjBRfXkVJgOjDrlgUajMB8GA1UdIwQY MBaAFE2Ub03yI3SRpo36QHvkH66Eu9pmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVFpSdlRmSWpkSkdtamZwQWUtUWZyb1M3Mm1ZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9jYmZkMWUtMTIwMi00MGMxLWJkZjAt YzI0ZWUwNDk0NTQxLzEvVFpSdlRmSWpkSkdtamZwQWUtUWZyb1M3Mm1ZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iOC9jYmZkMWUtMTIwMi00MGMxLWJkZjAtYzI0ZWUwNDk0NTQx LzEvVFpSdlRmSWpkSkdtamZwQWUtUWZyb1M3Mm1ZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATcwBsaRv SpmTyFd2/cfnTwrWeRAQzp+gtKRwYSSG7NkjFXdZKEoplr3Y+FYMqYtibO0psk7B A9flymvRLfmJ+Os45rjzqgRkVjtqpZmbXKy8vZBDPOp1garelECpgPnvFi0Kx+GO wMR/tW02cd5KAdRiR7bUXK48lmMxme5vyv8myjrk+AXi9opXMp8C9CjFOFhkCm0G tukIHWiNaba8U9vOhMIbydFvMAz9NsLntLN17IgNSMxItO3evRLW7iVPf7G+7v3T glm41132T1k6duVfpWIGva2kDWUzYWxIbJdJmU89Ande7s2W6N1FLXAwgyYircAK CQpSzIAJdutrMQ== -----END CERTIFICATE-----Generated at Sat Dec 6 15:33:58 2025 by rpki-client