This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/229c3f-9972-43d6-8e42-5713f1749c1d/1/TpEWK7DZtVG_X3scFe4xWlGmd_Q.mft File: TpEWK7DZtVG_X3scFe4xWlGmd_Q.mft (raw, json) Hash identifier: xmqEMSvsPwzNaQ5gmAn6NiNWdX/k+c1RlkIn58xuySQ= Subject key identifier: CC:BF:00:4D:2A:1C:82:C9:43:B3:56:B0:3A:DF:45:19:1E:40:BA:10 Authority key identifier: 4E:91:16:2B:B0:D9:B5:51:BF:5F:7B:1C:15:EE:31:5A:51:A6:77:F4 Certificate issuer: /CN=4e91162bb0d9b551bf5f7b1c15ee315a51a677f4 Certificate serial: 019AF2097F11FB453E189E407C490D6E22BD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TpEWK7DZtVG_X3scFe4xWlGmd_Q.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/229c3f-9972-43d6-8e42-5713f1749c1d/1/TpEWK7DZtVG_X3scFe4xWlGmd_Q.mft Manifest number: 0CD4 Signing time: Sat 06 Dec 2025 05:01:39 +0000 Manifest this update: Sat 06 Dec 2025 05:01:39 +0000 Manifest next update: Sun 07 Dec 2025 05:01:39 +0000 Files and hashes: 1: TpEWK7DZtVG_X3scFe4xWlGmd_Q.crl (hash: sKbPHvwELxLpkGnBPQcG01GNpL3qUTXVATfkGtjtoGQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/229c3f-9972-43d6-8e42-5713f1749c1d/1/TpEWK7DZtVG_X3scFe4xWlGmd_Q.crl rsync://rpki.ripe.net/repository/DEFAULT/bf/229c3f-9972-43d6-8e42-5713f1749c1d/1/TpEWK7DZtVG_X3scFe4xWlGmd_Q.mft rsync://rpki.ripe.net/repository/DEFAULT/TpEWK7DZtVG_X3scFe4xWlGmd_Q.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:09:7f:11:fb:45:3e:18:9e:40:7c:49:0d:6e:22:bd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4e91162bb0d9b551bf5f7b1c15ee315a51a677f4 Validity Not Before: Dec 6 05:01:39 2025 GMT Not After : Dec 7 05:01:39 2025 GMT Subject: CN=ccbf004d2a1c82c943b356b03adf45191e40ba10 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:ea:f5:06:5f:01:0c:57:c1:70:b5:be:3f:ff: ef:2d:4b:34:83:31:24:ec:3a:31:f1:63:77:60:4a: dc:07:ac:a6:a3:37:b5:a4:a5:d7:d8:59:a2:a6:c7: da:c7:1d:3d:02:3b:ca:2b:a2:c7:ef:b3:9a:a4:c0: 7f:dc:b6:40:77:f7:18:f0:54:2e:08:c4:9d:59:49: c7:ef:c2:18:5d:1f:f8:9d:13:06:95:fe:63:9d:fe: f4:6a:be:ea:b1:02:52:49:82:5e:14:89:95:30:d5: 12:a4:9f:ab:15:84:29:c5:f1:d9:38:7d:45:f5:bd: 8e:23:5a:62:65:d0:bf:13:7c:c2:40:c4:6c:f0:06: 4b:a6:f3:75:e2:72:ca:b7:1b:ee:e0:fe:40:20:92: a4:94:54:78:1c:83:ac:e3:28:88:0f:4a:06:18:d0: 10:f4:91:81:9f:b8:37:d9:79:fc:ff:49:c6:98:6c: 05:ea:ff:10:4d:4d:4f:5c:1d:e0:c1:80:fa:e4:a2: 65:20:74:15:0e:63:29:3f:a7:c6:09:53:08:66:99: ea:1e:8d:61:5e:85:bd:aa:8d:5f:43:4d:ec:7e:36: 02:ce:aa:3a:b3:b2:09:05:70:82:07:00:ae:0b:05: d6:c2:63:4b:b9:f9:3d:ad:85:9c:50:0d:22:09:a8: 78:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CC:BF:00:4D:2A:1C:82:C9:43:B3:56:B0:3A:DF:45:19:1E:40:BA:10 X509v3 Authority Key Identifier: keyid:4E:91:16:2B:B0:D9:B5:51:BF:5F:7B:1C:15:EE:31:5A:51:A6:77:F4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TpEWK7DZtVG_X3scFe4xWlGmd_Q.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/229c3f-9972-43d6-8e42-5713f1749c1d/1/TpEWK7DZtVG_X3scFe4xWlGmd_Q.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/229c3f-9972-43d6-8e42-5713f1749c1d/1/TpEWK7DZtVG_X3scFe4xWlGmd_Q.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption c3:c6:71:7c:16:7e:85:a7:38:5a:d4:b2:7e:0a:60:32:34:19: 5b:a6:f1:f6:a2:0e:55:33:f4:4a:92:e0:11:40:44:32:6b:dd: 22:7c:29:18:b1:e9:d9:f8:0a:74:e6:fb:8c:09:3a:94:79:15: de:fd:67:04:b4:0f:26:7d:bc:6f:99:00:9c:d0:07:4c:c0:5b: c9:75:a5:cc:0a:af:f7:cf:66:a5:26:97:80:82:3f:14:03:bb: f3:0b:94:b5:51:4d:53:c5:3e:d9:a5:e4:41:50:dd:30:38:ce: 7e:7e:47:67:19:96:65:c1:9f:dd:2d:ff:ee:52:7b:fe:a5:cf: 64:cf:1c:d0:ed:48:07:5a:7d:81:35:4a:ef:f1:19:98:8c:4f: 2f:6e:5d:b4:ff:f5:e6:94:41:62:80:b3:f3:4c:54:ce:36:e4: d9:88:37:a7:51:9f:b1:e0:f3:eb:4f:e7:ee:85:7e:9f:f9:3c: 61:6b:18:4d:3c:94:38:75:5e:3b:47:7f:0d:fa:f0:38:f6:50: 03:37:9e:6e:d4:08:c3:8a:96:87:3b:74:64:5a:ac:dd:cd:93: 3c:bd:f6:45:fd:dd:42:03:eb:68:17:8a:9b:87:9a:14:3f:3c: 7c:bd:b1:42:4d:39:da:de:ce:89:23:c2:7a:ba:e2:f3:f8:4b: 06:b3:2c:dd -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryCX8R+0U+GJ5AfEkNbiK9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRlOTExNjJiYjBkOWI1NTFiZjVmN2IxYzE1ZWUzMTVhNTFh Njc3ZjQwHhcNMjUxMjA2MDUwMTM5WhcNMjUxMjA3MDUwMTM5WjAzMTEwLwYDVQQD EyhjY2JmMDA0ZDJhMWM4MmM5NDNiMzU2YjAzYWRmNDUxOTFlNDBiYTEwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAner1Bl8BDFfBcLW+P//vLUs0gzEk 7Dox8WN3YErcB6ymoze1pKXX2Fmipsfaxx09AjvKK6LH77OapMB/3LZAd/cY8FQu CMSdWUnH78IYXR/4nRMGlf5jnf70ar7qsQJSSYJeFImVMNUSpJ+rFYQpxfHZOH1F 9b2OI1piZdC/E3zCQMRs8AZLpvN14nLKtxvu4P5AIJKklFR4HIOs4yiID0oGGNAQ 9JGBn7g32Xn8/0nGmGwF6v8QTU1PXB3gwYD65KJlIHQVDmMpP6fGCVMIZpnqHo1h XoW9qo1fQ03sfjYCzqo6s7IJBXCCBwCuCwXWwmNLufk9rYWcUA0iCah4AwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMy/AE0qHILJQ7NWsDrfRRkeQLoQMB8GA1UdIwQY MBaAFE6RFiuw2bVRv197HBXuMVpRpnf0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVHBFV0s3RFp0VkdfWDNzY0ZlNHhXbEdtZF9RLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi8yMjljM2YtOTk3Mi00M2Q2LThlNDIt NTcxM2YxNzQ5YzFkLzEvVHBFV0s3RFp0VkdfWDNzY0ZlNHhXbEdtZF9RLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iZi8yMjljM2YtOTk3Mi00M2Q2LThlNDItNTcxM2YxNzQ5YzFk LzEvVHBFV0s3RFp0VkdfWDNzY0ZlNHhXbEdtZF9RLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAw8ZxfBZ+ hac4WtSyfgpgMjQZW6bx9qIOVTP0SpLgEUBEMmvdInwpGLHp2fgKdOb7jAk6lHkV 3v1nBLQPJn28b5kAnNAHTMBbyXWlzAqv989mpSaXgII/FAO78wuUtVFNU8U+2aXk QVDdMDjOfn5HZxmWZcGf3S3/7lJ7/qXPZM8c0O1IB1p9gTVK7/EZmIxPL25dtP/1 5pRBYoCz80xUzjbk2Yg3p1GfseDz60/n7oV+n/k8YWsYTTyUOHVeO0d/DfrwOPZQ AzeebtQIw4qWhzt0ZFqs3c2TPL32Rf3dQgPraBeKm4eaFD88fL2xQk052t7OiSPC erri8/hLBrMs3Q== -----END CERTIFICATE-----Generated at Sat Dec 6 14:21:46 2025 by rpki-client