This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/20ccac-33ee-45dc-bc9c-4499e3239f1f/1/tYaoZDYz6YdBEai881GKCQXyhgk.mft File: tYaoZDYz6YdBEai881GKCQXyhgk.mft (raw, json) Hash identifier: 1Io1pbLcfA9aqlEGsLXA6VWSA3ceQFqOki1LHRE8v2Y= Subject key identifier: 1A:94:DC:1C:28:32:A5:C7:41:59:CF:B4:55:4C:E4:12:B8:C9:D4:41 Authority key identifier: B5:86:A8:64:36:33:E9:87:41:11:A8:BC:F3:51:8A:09:05:F2:86:09 Certificate issuer: /CN=b586a8643633e9874111a8bcf3518a0905f28609 Certificate serial: 019AF12D1E1B6AD8DB29D7914053C7D111F0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tYaoZDYz6YdBEai881GKCQXyhgk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/20ccac-33ee-45dc-bc9c-4499e3239f1f/1/tYaoZDYz6YdBEai881GKCQXyhgk.mft Manifest number: 130A Signing time: Sat 06 Dec 2025 01:00:57 +0000 Manifest this update: Sat 06 Dec 2025 01:00:57 +0000 Manifest next update: Sun 07 Dec 2025 01:00:57 +0000 Files and hashes: 1: M5OG91JsCAL60eSIC9Ad8J1tKCQ.roa (hash: 1YIYjfLNUonn/y5DvRwWqNtN3UGauHay3fPvlHRKB78=) 2: NLZJeEG7B459T5HRjzbaryRo4U4.roa (hash: D+Zc3p+KtPQCrkhD8NK/RsRz3Ozk8j3l3fx+in8YU8k=) 3: SX0Et8xCJ-oQPSZhA1vLwpgECss.roa (hash: GtBoUqmPl7+e01rEjLRBIu11uahmgFfyYOp4+G1ts2k=) 4: g3mWLx3QHER7jvUWO9_K86XjFvg.roa (hash: CQjC54kUHdxygPOZtU3D7Ni2Q4FQ2f8Z6SwCWy0D9f0=) 5: hvqfOijr6dDuZ5bH5DmTLJBSNC0.roa (hash: wnrweN82zW3L/i2kjShP1DGJ6lX6f745nj23KDLcERg=) 6: pkTSWC0kyyJmikpwefrKy0hYNBc.roa (hash: uJAe5aUPI71DUshehwa1+fSKLZdP9CODCdcESePQJgY=) 7: tYaoZDYz6YdBEai881GKCQXyhgk.crl (hash: tJoSWf5WFia923FWPYWwW7EeCDziAq2aFrZv4qxcoco=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d6/20ccac-33ee-45dc-bc9c-4499e3239f1f/1/tYaoZDYz6YdBEai881GKCQXyhgk.crl rsync://rpki.ripe.net/repository/DEFAULT/d6/20ccac-33ee-45dc-bc9c-4499e3239f1f/1/tYaoZDYz6YdBEai881GKCQXyhgk.mft rsync://rpki.ripe.net/repository/DEFAULT/tYaoZDYz6YdBEai881GKCQXyhgk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:00:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2d:1e:1b:6a:d8:db:29:d7:91:40:53:c7:d1:11:f0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b586a8643633e9874111a8bcf3518a0905f28609 Validity Not Before: Dec 6 01:00:57 2025 GMT Not After : Dec 7 01:00:57 2025 GMT Subject: CN=1a94dc1c2832a5c74159cfb4554ce412b8c9d441 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:21:0d:fe:4f:fd:25:a4:5e:81:26:77:28:00: 42:d4:fb:4b:aa:4b:c8:66:42:f1:9f:b4:5e:bb:2f: a3:6c:37:8b:6c:a7:7f:61:83:6b:cc:25:72:5c:ab: 89:16:d0:db:b0:be:76:a8:2c:7a:4d:07:23:37:0b: c1:83:3f:b1:2a:e2:a8:ea:9c:60:19:74:1f:b7:6b: 19:1d:3b:e3:e5:6b:eb:c0:5a:3a:da:4b:68:94:d3: 71:45:6e:36:ba:78:99:9f:7e:73:b1:62:b8:2d:71: 3d:6b:53:eb:2b:bf:d1:e0:d8:87:0d:6d:82:9c:43: 9e:f4:62:01:01:7b:a0:b1:35:45:fb:55:32:40:3b: 37:2f:28:c1:e3:8c:ba:ba:37:71:2c:55:c4:c2:67: 5b:8c:34:af:d7:bd:92:9b:66:50:60:e2:1e:b2:2d: 46:73:87:68:66:2e:47:78:16:af:7b:5c:eb:67:77: 45:d1:dd:7b:7a:d1:54:04:4c:b9:fd:d8:6e:39:3e: 09:84:2f:29:93:5d:5e:b0:75:30:86:33:3f:68:51: 1d:3d:3f:d4:70:79:68:0e:63:4d:32:fb:16:25:35: e7:58:82:bf:aa:40:c7:c4:9f:b9:f6:bc:06:ef:f7: 1d:93:90:1c:63:ef:6d:46:8f:82:64:ad:4d:aa:e8: a3:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1A:94:DC:1C:28:32:A5:C7:41:59:CF:B4:55:4C:E4:12:B8:C9:D4:41 X509v3 Authority Key Identifier: keyid:B5:86:A8:64:36:33:E9:87:41:11:A8:BC:F3:51:8A:09:05:F2:86:09 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tYaoZDYz6YdBEai881GKCQXyhgk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/20ccac-33ee-45dc-bc9c-4499e3239f1f/1/tYaoZDYz6YdBEai881GKCQXyhgk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/20ccac-33ee-45dc-bc9c-4499e3239f1f/1/tYaoZDYz6YdBEai881GKCQXyhgk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 09:79:e5:d3:ac:81:d4:1d:3c:91:5d:de:d3:5f:38:61:81:e9: fc:30:42:d0:2a:b3:ac:de:53:08:1b:7f:c6:e0:80:b3:b3:9e: a3:03:4e:0d:d3:9f:2a:19:4b:97:64:5d:3a:1b:89:ba:34:61: e2:78:d5:ee:53:c3:82:7b:14:b2:c7:1b:cb:90:ec:57:f7:25: 29:aa:5b:2f:72:64:7b:a1:a6:8c:be:79:db:d0:33:8d:50:a3: 72:a0:a2:04:4d:79:0d:40:f1:79:2c:12:16:50:a3:38:d3:1b: 99:b2:d6:3d:c8:52:76:4c:83:46:40:1e:b2:35:98:db:ee:58: bd:9f:e8:4d:77:6b:c1:9a:9c:d0:58:6f:69:47:d6:ba:f8:ba: 0a:9d:ba:fc:33:90:bd:05:f3:bb:70:ef:4c:b2:00:77:59:f6: a2:35:da:37:40:94:47:63:e0:e4:4a:66:06:c2:72:99:38:50: 0a:c1:46:f9:e2:73:21:38:30:e9:b1:ab:5c:8e:49:e5:92:55: ad:3a:37:9e:06:02:b3:5e:06:a8:24:ca:56:df:2f:e0:a0:ab: 6b:97:b8:9d:b6:a4:67:c3:46:73:00:9c:9e:d4:b0:57:da:6e: 4d:c9:84:86:20:10:79:fd:64:76:87:59:f6:da:e1:64:36:47: 21:ab:7a:95 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLR4batjbKdeRQFPH0RHwMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI1ODZhODY0MzYzM2U5ODc0MTExYThiY2YzNTE4YTA5MDVm Mjg2MDkwHhcNMjUxMjA2MDEwMDU3WhcNMjUxMjA3MDEwMDU3WjAzMTEwLwYDVQQD EygxYTk0ZGMxYzI4MzJhNWM3NDE1OWNmYjQ1NTRjZTQxMmI4YzlkNDQxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqCEN/k/9JaRegSZ3KABC1PtLqkvI ZkLxn7Reuy+jbDeLbKd/YYNrzCVyXKuJFtDbsL52qCx6TQcjNwvBgz+xKuKo6pxg GXQft2sZHTvj5WvrwFo62ktolNNxRW42uniZn35zsWK4LXE9a1PrK7/R4NiHDW2C nEOe9GIBAXugsTVF+1UyQDs3LyjB44y6ujdxLFXEwmdbjDSv172Sm2ZQYOIesi1G c4doZi5HeBave1zrZ3dF0d17etFUBEy5/dhuOT4JhC8pk11esHUwhjM/aFEdPT/U cHloDmNNMvsWJTXnWIK/qkDHxJ+59rwG7/cdk5AcY+9tRo+CZK1Nquij9wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBqU3BwoMqXHQVnPtFVM5BK4ydRBMB8GA1UdIwQY MBaAFLWGqGQ2M+mHQRGovPNRigkF8oYJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdFlhb1pEWXo2WWRCRWFpODgxR0tDUVh5aGdrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi8yMGNjYWMtMzNlZS00NWRjLWJjOWMt NDQ5OWUzMjM5ZjFmLzEvdFlhb1pEWXo2WWRCRWFpODgxR0tDUVh5aGdrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kNi8yMGNjYWMtMzNlZS00NWRjLWJjOWMtNDQ5OWUzMjM5ZjFm LzEvdFlhb1pEWXo2WWRCRWFpODgxR0tDUVh5aGdrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACXnl06yB 1B08kV3e0184YYHp/DBC0CqzrN5TCBt/xuCAs7OeowNODdOfKhlLl2RdOhuJujRh 4njV7lPDgnsUsscby5DsV/clKapbL3Jke6GmjL5529AzjVCjcqCiBE15DUDxeSwS FlCjONMbmbLWPchSdkyDRkAesjWY2+5YvZ/oTXdrwZqc0FhvaUfWuvi6Cp26/DOQ vQXzu3DvTLIAd1n2ojXaN0CUR2Pg5EpmBsJymThQCsFG+eJzITgw6bGrXI5J5ZJV rTo3ngYCs14GqCTKVt8v4KCra5e4nbakZ8NGcwCcntSwV9puTcmEhiAQef1kdodZ 9trhZDZHIat6lQ== -----END CERTIFICATE-----Generated at Sat Dec 6 11:18:25 2025 by rpki-client