This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/1e63a3-b306-413a-adf4-d3f265ad514f/1/toF3Ytn8jxGwHPUjS25DHPvsG80.mft File: toF3Ytn8jxGwHPUjS25DHPvsG80.mft (raw, json) Hash identifier: OrD3pO6bJSVKpczJtbB92Zo3GK8F/O08/0v9eOdE6eU= Subject key identifier: 86:EB:90:B3:70:D3:CF:05:FA:95:68:86:5C:D9:C7:43:36:12:90:39 Authority key identifier: B6:81:77:62:D9:FC:8F:11:B0:1C:F5:23:4B:6E:43:1C:FB:EC:1B:CD Certificate issuer: /CN=b6817762d9fc8f11b01cf5234b6e431cfbec1bcd Certificate serial: 019B34FB4616224483F0A86B4EF4993FAB0C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/toF3Ytn8jxGwHPUjS25DHPvsG80.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/1e63a3-b306-413a-adf4-d3f265ad514f/1/toF3Ytn8jxGwHPUjS25DHPvsG80.mft Manifest number: 0AE4 Signing time: Fri 19 Dec 2025 05:00:41 +0000 Manifest this update: Fri 19 Dec 2025 05:00:41 +0000 Manifest next update: Sat 20 Dec 2025 05:00:41 +0000 Files and hashes: 1: iFeMzfeEdL5eLiPhJVZH9fOR9os.roa (hash: Hluf44L3umjh9a1sEhuox24mM0+jKftFeuevrlqeW6M=) 2: toF3Ytn8jxGwHPUjS25DHPvsG80.crl (hash: yS1W3CvRnVXknSBd0FGgR2wIXgbTCroMresZjZe4HL4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/1e63a3-b306-413a-adf4-d3f265ad514f/1/toF3Ytn8jxGwHPUjS25DHPvsG80.crl rsync://rpki.ripe.net/repository/DEFAULT/d7/1e63a3-b306-413a-adf4-d3f265ad514f/1/toF3Ytn8jxGwHPUjS25DHPvsG80.mft rsync://rpki.ripe.net/repository/DEFAULT/toF3Ytn8jxGwHPUjS25DHPvsG80.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 05:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:34:fb:46:16:22:44:83:f0:a8:6b:4e:f4:99:3f:ab:0c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b6817762d9fc8f11b01cf5234b6e431cfbec1bcd Validity Not Before: Dec 19 05:00:41 2025 GMT Not After : Dec 20 05:00:41 2025 GMT Subject: CN=86eb90b370d3cf05fa9568865cd9c74336129039 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:6a:59:1e:9e:a6:cb:68:d3:88:87:8d:87:69: b5:0e:87:4e:8b:a2:fe:86:a4:c9:d3:d3:b4:53:f0: 37:2d:6c:53:41:61:1b:4c:88:e6:18:44:45:76:a2: 28:79:bd:58:a7:cc:dd:c1:4e:16:62:1b:00:45:95: 43:78:28:b8:60:01:be:73:fb:0c:c6:fd:ae:d5:4c: fe:c7:d8:8c:70:26:d8:bd:a2:9e:09:33:10:b1:c3: 2e:42:8d:b0:6e:41:75:a4:3f:15:d9:8a:8e:2d:cd: 93:c7:a0:89:b2:3e:9f:34:b8:d2:09:bb:22:7a:6b: 94:3d:aa:43:2b:a1:b1:03:f6:14:66:49:83:93:05: a7:ff:52:05:c2:52:10:e0:73:eb:5e:76:d0:f4:ba: 0a:c1:42:12:cb:9f:48:38:29:6d:45:89:80:60:7d: 65:4c:7b:c6:04:58:e0:f3:90:ab:9c:10:e9:1b:7b: 04:17:41:15:60:8c:0f:c4:e9:47:42:b6:00:c3:0a: c8:f6:d8:cb:47:22:1c:50:b7:0a:b5:7b:79:a0:40: 83:25:df:5f:0e:b6:ac:12:6c:dd:18:25:91:5c:db: 2b:94:a2:c6:c9:29:71:c8:23:cb:90:46:05:34:b7: 6d:99:af:31:27:1a:65:e0:e1:45:89:53:7f:a1:84: 3e:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:EB:90:B3:70:D3:CF:05:FA:95:68:86:5C:D9:C7:43:36:12:90:39 X509v3 Authority Key Identifier: keyid:B6:81:77:62:D9:FC:8F:11:B0:1C:F5:23:4B:6E:43:1C:FB:EC:1B:CD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/toF3Ytn8jxGwHPUjS25DHPvsG80.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/1e63a3-b306-413a-adf4-d3f265ad514f/1/toF3Ytn8jxGwHPUjS25DHPvsG80.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/1e63a3-b306-413a-adf4-d3f265ad514f/1/toF3Ytn8jxGwHPUjS25DHPvsG80.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0a:6d:ec:5a:e7:21:29:92:38:f1:2d:57:d6:2e:f7:a0:06:11: b2:c6:dc:49:a6:2b:33:c3:b4:33:21:2e:92:67:83:e8:09:37: 7a:76:7e:20:f9:aa:b2:e1:25:e6:09:7f:96:02:82:f0:38:8c: 71:43:1d:a3:30:88:b4:18:8e:51:a2:b0:e6:99:62:74:9d:dd: 64:54:47:db:e7:b8:5a:7f:1a:ee:90:2d:53:8b:bb:06:d0:a8: 95:08:22:dd:cb:0b:2a:87:1b:4f:c3:46:ff:0f:97:c1:c8:76: 0d:32:33:8a:dd:63:8e:3c:ee:7b:13:97:0f:ce:39:7b:4f:8d: 5e:13:47:14:c5:00:e8:5a:8e:ab:14:77:77:6f:c1:73:1f:77: cd:e4:19:7e:72:d3:8d:6c:94:ae:23:c5:3a:0c:fc:df:76:93: 53:6b:59:5c:b6:0e:ec:bb:05:29:da:e1:c8:8e:1c:66:98:13: 39:da:b5:df:4c:c5:78:c8:cd:0e:b2:a6:35:bd:21:06:15:f1: 46:05:7c:ec:52:e0:7a:aa:1b:7b:59:a4:e3:9b:0a:9b:09:20: 77:40:a6:1a:05:2b:fc:3e:09:7b:e6:3c:47:5d:f5:1b:5c:d0: 43:c3:1e:73:9d:90:56:63:2d:67:2f:8e:e4:45:d5:13:d8:87: f3:29:48:6b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs0+0YWIkSD8KhrTvSZP6sMMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI2ODE3NzYyZDlmYzhmMTFiMDFjZjUyMzRiNmU0MzFjZmJl YzFiY2QwHhcNMjUxMjE5MDUwMDQxWhcNMjUxMjIwMDUwMDQxWjAzMTEwLwYDVQQD Eyg4NmViOTBiMzcwZDNjZjA1ZmE5NTY4ODY1Y2Q5Yzc0MzM2MTI5MDM5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmWpZHp6my2jTiIeNh2m1DodOi6L+ hqTJ09O0U/A3LWxTQWEbTIjmGERFdqIoeb1Yp8zdwU4WYhsARZVDeCi4YAG+c/sM xv2u1Uz+x9iMcCbYvaKeCTMQscMuQo2wbkF1pD8V2YqOLc2Tx6CJsj6fNLjSCbsi emuUPapDK6GxA/YUZkmDkwWn/1IFwlIQ4HPrXnbQ9LoKwUISy59IOCltRYmAYH1l THvGBFjg85CrnBDpG3sEF0EVYIwPxOlHQrYAwwrI9tjLRyIcULcKtXt5oECDJd9f DrasEmzdGCWRXNsrlKLGySlxyCPLkEYFNLdtma8xJxpl4OFFiVN/oYQ+8wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIbrkLNw088F+pVohlzZx0M2EpA5MB8GA1UdIwQY MBaAFLaBd2LZ/I8RsBz1I0tuQxz77BvNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdG9GM1l0bjhqeEd3SFBValMyNURIUHZzRzgwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy8xZTYzYTMtYjMwNi00MTNhLWFkZjQt ZDNmMjY1YWQ1MTRmLzEvdG9GM1l0bjhqeEd3SFBValMyNURIUHZzRzgwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kNy8xZTYzYTMtYjMwNi00MTNhLWFkZjQtZDNmMjY1YWQ1MTRm LzEvdG9GM1l0bjhqeEd3SFBValMyNURIUHZzRzgwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACm3sWuch KZI48S1X1i73oAYRssbcSaYrM8O0MyEukmeD6Ak3enZ+IPmqsuEl5gl/lgKC8DiM cUMdozCItBiOUaKw5plidJ3dZFRH2+e4Wn8a7pAtU4u7BtColQgi3csLKocbT8NG /w+Xwch2DTIzit1jjjzuexOXD845e0+NXhNHFMUA6FqOqxR3d2/Bcx93zeQZfnLT jWyUriPFOgz833aTU2tZXLYO7LsFKdrhyI4cZpgTOdq130zFeMjNDrKmNb0hBhXx RgV87FLgeqobe1mk45sKmwkgd0CmGgUr/D4Je+Y8R131G1zQQ8Mec52QVmMtZy+O 5EXVE9iH8ylIaw== -----END CERTIFICATE-----Generated at Fri Dec 19 13:44:26 2025 by rpki-client