This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/229c3f-9972-43d6-8e42-5713f1749c1d/1/TpEWK7DZtVG_X3scFe4xWlGmd_Q.mft File: TpEWK7DZtVG_X3scFe4xWlGmd_Q.mft (raw, json) Hash identifier: iAkyIvHcR0Rja7zCjHl67Wm55DMqVR8mCLsexo0Utnc= Subject key identifier: F3:BF:97:28:D0:51:EF:94:60:FE:6E:5C:0D:60:DB:6E:11:BB:CF:B0 Authority key identifier: 4E:91:16:2B:B0:D9:B5:51:BF:5F:7B:1C:15:EE:31:5A:51:A6:77:F4 Certificate issuer: /CN=4e91162bb0d9b551bf5f7b1c15ee315a51a677f4 Certificate serial: 019B2FD53E48F450C1FCEE36810C39484CDA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TpEWK7DZtVG_X3scFe4xWlGmd_Q.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/229c3f-9972-43d6-8e42-5713f1749c1d/1/TpEWK7DZtVG_X3scFe4xWlGmd_Q.mft Manifest number: 0CF4 Signing time: Thu 18 Dec 2025 05:01:02 +0000 Manifest this update: Thu 18 Dec 2025 05:01:02 +0000 Manifest next update: Fri 19 Dec 2025 05:01:02 +0000 Files and hashes: 1: TpEWK7DZtVG_X3scFe4xWlGmd_Q.crl (hash: a/aMne5LyacW1TEXcVtVl/V3Qs2ZLhhh0b5V9o+dHSg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/229c3f-9972-43d6-8e42-5713f1749c1d/1/TpEWK7DZtVG_X3scFe4xWlGmd_Q.crl rsync://rpki.ripe.net/repository/DEFAULT/bf/229c3f-9972-43d6-8e42-5713f1749c1d/1/TpEWK7DZtVG_X3scFe4xWlGmd_Q.mft rsync://rpki.ripe.net/repository/DEFAULT/TpEWK7DZtVG_X3scFe4xWlGmd_Q.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 01:18:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2f:d5:3e:48:f4:50:c1:fc:ee:36:81:0c:39:48:4c:da Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4e91162bb0d9b551bf5f7b1c15ee315a51a677f4 Validity Not Before: Dec 18 05:01:02 2025 GMT Not After : Dec 19 05:01:02 2025 GMT Subject: CN=f3bf9728d051ef9460fe6e5c0d60db6e11bbcfb0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:51:78:d0:20:43:b6:50:ff:cb:14:8b:6a:f5: ec:45:7f:be:1d:62:96:db:b8:f6:31:47:95:fe:3f: 71:bc:2c:08:19:21:f5:b9:d7:ee:be:46:56:69:b7: bb:9e:3e:f1:13:a1:af:25:bd:bb:fe:f0:38:41:3e: df:4c:96:f5:13:44:42:9b:92:a0:8c:51:43:90:62: 08:01:f9:5f:0e:4b:5c:4c:46:8f:a8:12:99:c4:ec: 05:22:ff:c7:a7:d4:9c:2a:bd:d2:cd:14:4b:6c:21: a9:bf:b2:4e:26:3c:f2:d0:5c:22:6c:66:6f:53:d3: 00:f4:28:89:aa:92:66:a7:d9:56:2c:a0:02:c7:d4: e3:36:03:35:1a:08:59:78:30:7c:df:29:0d:92:cf: 1d:d2:42:60:9d:44:5d:f8:d7:36:a4:19:d6:29:90: 36:ba:7a:e0:63:39:ea:3b:09:4f:34:4a:a6:f7:8a: a9:7e:b5:f5:00:b8:83:b8:2c:8f:d2:0f:0c:de:06: 02:fb:a0:40:86:7a:f8:5e:63:7f:b5:41:19:2e:15: c3:25:e5:c2:1f:bc:14:22:6a:98:15:39:3a:f0:85: 32:c4:07:c5:ce:08:02:3a:91:06:65:9c:c7:18:0c: d5:e6:b4:f5:73:4f:07:f2:a2:df:a2:8b:c1:1f:af: c9:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F3:BF:97:28:D0:51:EF:94:60:FE:6E:5C:0D:60:DB:6E:11:BB:CF:B0 X509v3 Authority Key Identifier: keyid:4E:91:16:2B:B0:D9:B5:51:BF:5F:7B:1C:15:EE:31:5A:51:A6:77:F4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TpEWK7DZtVG_X3scFe4xWlGmd_Q.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/229c3f-9972-43d6-8e42-5713f1749c1d/1/TpEWK7DZtVG_X3scFe4xWlGmd_Q.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/229c3f-9972-43d6-8e42-5713f1749c1d/1/TpEWK7DZtVG_X3scFe4xWlGmd_Q.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 96:e8:46:3a:d8:33:94:7e:0e:50:fd:fb:78:fa:69:02:37:4c: 37:b5:b6:71:5e:95:2e:77:ab:83:2b:9b:e4:7b:97:83:31:ce: d4:8f:3b:49:1a:42:98:10:41:8a:b4:74:b6:ef:ca:79:74:7b: 41:33:3d:70:5a:92:24:5e:01:bc:f6:0c:7f:53:a9:bd:b4:1a: 83:a8:35:8d:bd:48:e2:13:76:12:25:6f:f7:3c:33:ea:1a:62: 52:66:81:01:e5:b8:0c:f2:a4:62:4b:45:5f:65:d4:99:05:c8: da:ba:72:b7:ff:e9:5f:ff:d3:49:d6:ab:66:22:dd:7e:c0:1e: ac:9c:af:1f:b3:67:32:8c:3d:c6:02:ed:5f:29:66:38:a9:73: ab:a3:b6:bd:fc:be:0e:b6:dc:38:3c:1e:4a:65:57:86:5e:c9: 41:bd:91:d5:12:2f:65:0f:7d:93:28:31:0a:51:2e:84:07:3a: 03:4f:d1:0e:77:4a:37:f3:f7:b8:f6:18:29:f3:ff:55:ae:93: 88:c0:68:ef:be:49:ae:46:50:22:d5:44:26:83:e8:ff:fe:b4: df:c0:b6:f1:fd:dd:be:2a:8f:ef:99:92:c9:7d:b5:db:c3:1f: e1:2a:7a:ea:20:e0:13:6e:47:a3:ab:67:fe:49:cb:8d:4e:83: 9b:84:ce:22 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsv1T5I9FDB/O42gQw5SEzaMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRlOTExNjJiYjBkOWI1NTFiZjVmN2IxYzE1ZWUzMTVhNTFh Njc3ZjQwHhcNMjUxMjE4MDUwMTAyWhcNMjUxMjE5MDUwMTAyWjAzMTEwLwYDVQQD EyhmM2JmOTcyOGQwNTFlZjk0NjBmZTZlNWMwZDYwZGI2ZTExYmJjZmIwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwlF40CBDtlD/yxSLavXsRX++HWKW 27j2MUeV/j9xvCwIGSH1udfuvkZWabe7nj7xE6GvJb27/vA4QT7fTJb1E0RCm5Kg jFFDkGIIAflfDktcTEaPqBKZxOwFIv/Hp9ScKr3SzRRLbCGpv7JOJjzy0FwibGZv U9MA9CiJqpJmp9lWLKACx9TjNgM1GghZeDB83ykNks8d0kJgnURd+Nc2pBnWKZA2 unrgYznqOwlPNEqm94qpfrX1ALiDuCyP0g8M3gYC+6BAhnr4XmN/tUEZLhXDJeXC H7wUImqYFTk68IUyxAfFzggCOpEGZZzHGAzV5rT1c08H8qLfoovBH6/JKQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPO/lyjQUe+UYP5uXA1g224Ru8+wMB8GA1UdIwQY MBaAFE6RFiuw2bVRv197HBXuMVpRpnf0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVHBFV0s3RFp0VkdfWDNzY0ZlNHhXbEdtZF9RLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi8yMjljM2YtOTk3Mi00M2Q2LThlNDIt NTcxM2YxNzQ5YzFkLzEvVHBFV0s3RFp0VkdfWDNzY0ZlNHhXbEdtZF9RLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iZi8yMjljM2YtOTk3Mi00M2Q2LThlNDItNTcxM2YxNzQ5YzFk LzEvVHBFV0s3RFp0VkdfWDNzY0ZlNHhXbEdtZF9RLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAluhGOtgz lH4OUP37ePppAjdMN7W2cV6VLnergyub5HuXgzHO1I87SRpCmBBBirR0tu/KeXR7 QTM9cFqSJF4BvPYMf1OpvbQag6g1jb1I4hN2EiVv9zwz6hpiUmaBAeW4DPKkYktF X2XUmQXI2rpyt//pX//TSdarZiLdfsAerJyvH7NnMow9xgLtXylmOKlzq6O2vfy+ DrbcODweSmVXhl7JQb2R1RIvZQ99kygxClEuhAc6A0/RDndKN/P3uPYYKfP/Va6T iMBo775JrkZQItVEJoPo//6038C28f3dviqP75mSyX2128Mf4Sp66iDgE25Ho6tn /knLjU6Dm4TOIg== -----END CERTIFICATE-----Generated at Thu Dec 18 07:41:55 2025 by rpki-client