This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/38449c-aad8-405a-b7f7-6d9f384d2bc3/1/TvMzZvDPXk-oBO730eKSlO6lFIw.mft File: TvMzZvDPXk-oBO730eKSlO6lFIw.mft (raw, json) Hash identifier: 3CF7w6wc/8cVtB1nirmWkQibCA7T1f4ShRnOMmacQmU= Subject key identifier: AF:1D:36:F5:FB:C2:F2:AC:99:9B:48:62:54:34:F3:9A:57:2A:C5:B9 Authority key identifier: 4E:F3:33:66:F0:CF:5E:4F:A8:04:EE:F7:D1:E2:92:94:EE:A5:14:8C Certificate issuer: /CN=4ef33366f0cf5e4fa804eef7d1e29294eea5148c Certificate serial: 019AF0BF44A1D8E0C0680F63FD3E5124DAFD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TvMzZvDPXk-oBO730eKSlO6lFIw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/38449c-aad8-405a-b7f7-6d9f384d2bc3/1/TvMzZvDPXk-oBO730eKSlO6lFIw.mft Manifest number: 03FA Signing time: Fri 05 Dec 2025 23:00:58 +0000 Manifest this update: Fri 05 Dec 2025 23:00:58 +0000 Manifest next update: Sat 06 Dec 2025 23:00:58 +0000 Files and hashes: 1: TvMzZvDPXk-oBO730eKSlO6lFIw.crl (hash: HGel+ibU7b1RnTm47kA1fGs3GQDfo6E3q8+DZCgFWEY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/38449c-aad8-405a-b7f7-6d9f384d2bc3/1/TvMzZvDPXk-oBO730eKSlO6lFIw.crl rsync://rpki.ripe.net/repository/DEFAULT/df/38449c-aad8-405a-b7f7-6d9f384d2bc3/1/TvMzZvDPXk-oBO730eKSlO6lFIw.mft rsync://rpki.ripe.net/repository/DEFAULT/TvMzZvDPXk-oBO730eKSlO6lFIw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 23:00:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f0:bf:44:a1:d8:e0:c0:68:0f:63:fd:3e:51:24:da:fd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4ef33366f0cf5e4fa804eef7d1e29294eea5148c Validity Not Before: Dec 5 23:00:58 2025 GMT Not After : Dec 6 23:00:58 2025 GMT Subject: CN=af1d36f5fbc2f2ac999b48625434f39a572ac5b9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:fc:5f:3c:44:ec:07:14:42:7e:44:19:be:c1: 97:f8:44:77:12:76:4e:cf:0f:6d:ce:b4:b5:e3:99: 5b:cb:38:85:9f:f1:3b:7a:91:1c:49:5d:f0:06:9b: 51:e9:10:0b:d2:04:a8:3a:18:75:74:64:d5:7e:a7: a6:bb:a9:54:56:dc:7b:70:58:d0:71:f7:03:99:4f: 80:14:27:3d:dc:87:91:47:a7:8f:e8:91:8c:50:7b: 99:fd:dd:76:14:87:99:56:39:1b:71:c4:19:9c:76: 8c:9d:e6:94:49:a1:12:11:2b:c8:63:e0:a8:cd:5c: 56:a7:63:14:80:53:e0:51:6e:c4:04:7e:10:29:51: 43:da:b1:fc:f1:50:da:8a:c9:52:08:e2:13:c0:4c: 63:84:d0:51:b5:1c:87:4d:c0:c3:c5:d0:5f:cf:6a: c7:46:45:60:f3:d1:58:35:13:3e:ff:01:1b:42:ae: c8:1b:74:01:a5:fd:8e:f7:73:16:ae:69:ee:25:c2: 2c:c2:85:5a:6c:11:73:b0:8e:48:bf:ca:08:36:a8: 97:f2:41:9f:54:49:57:12:5f:2d:33:5e:78:b1:a9: 1d:79:8b:b6:cd:3f:06:30:8b:0a:73:c8:be:d3:5e: cc:58:15:2c:6b:1b:a8:a8:04:2a:d9:13:23:18:ff: 54:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AF:1D:36:F5:FB:C2:F2:AC:99:9B:48:62:54:34:F3:9A:57:2A:C5:B9 X509v3 Authority Key Identifier: keyid:4E:F3:33:66:F0:CF:5E:4F:A8:04:EE:F7:D1:E2:92:94:EE:A5:14:8C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TvMzZvDPXk-oBO730eKSlO6lFIw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/38449c-aad8-405a-b7f7-6d9f384d2bc3/1/TvMzZvDPXk-oBO730eKSlO6lFIw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/df/38449c-aad8-405a-b7f7-6d9f384d2bc3/1/TvMzZvDPXk-oBO730eKSlO6lFIw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 53:89:76:fa:33:32:5c:8e:b5:f5:7f:84:6e:c4:5c:6a:9c:c5: 53:1b:2a:94:e3:cb:5a:7d:12:4b:07:aa:53:4c:b3:12:f4:53: 97:fc:20:58:be:fa:ad:3b:83:f2:02:f8:d8:de:05:13:42:b5: 0b:8a:31:7d:ad:9b:f1:58:b1:5d:6f:bd:fc:0d:a8:de:0a:b9: 31:bb:28:8a:be:b8:99:0f:bc:b5:ee:c0:6a:ad:fa:4e:18:01: 5d:2c:8c:9a:74:13:e4:f6:bf:a7:6a:34:de:9f:a7:81:4d:0d: d2:cd:0e:93:3d:d8:a2:2d:42:95:10:3a:64:69:11:63:9a:a9: f8:b2:30:8d:d7:72:15:5b:f6:88:d5:fa:45:59:0d:0f:8d:24: a6:38:ca:fc:bd:94:0c:03:5f:8c:af:8f:a8:9a:e3:2d:7d:35: 3d:d7:3c:9e:cb:29:27:e5:fd:e6:19:f3:35:78:87:19:6b:9a: b7:22:95:1a:66:a1:4c:7d:c7:5e:bb:75:b9:e9:45:80:bc:07: 25:1d:1c:6e:d4:44:c3:34:29:9f:fc:5c:24:42:9c:73:10:50: 32:3a:5f:25:99:56:e9:15:7d:6b:25:ee:c5:d3:de:b2:02:49: e1:f9:3c:60:41:f3:16:6d:46:0d:53:29:70:c6:89:d4:17:fd: c8:e5:32:9c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrwv0Sh2ODAaA9j/T5RJNr9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRlZjMzMzY2ZjBjZjVlNGZhODA0ZWVmN2QxZTI5Mjk0ZWVh NTE0OGMwHhcNMjUxMjA1MjMwMDU4WhcNMjUxMjA2MjMwMDU4WjAzMTEwLwYDVQQD EyhhZjFkMzZmNWZiYzJmMmFjOTk5YjQ4NjI1NDM0ZjM5YTU3MmFjNWI5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr/xfPETsBxRCfkQZvsGX+ER3EnZO zw9tzrS145lbyziFn/E7epEcSV3wBptR6RAL0gSoOhh1dGTVfqemu6lUVtx7cFjQ cfcDmU+AFCc93IeRR6eP6JGMUHuZ/d12FIeZVjkbccQZnHaMneaUSaESESvIY+Co zVxWp2MUgFPgUW7EBH4QKVFD2rH88VDaislSCOITwExjhNBRtRyHTcDDxdBfz2rH RkVg89FYNRM+/wEbQq7IG3QBpf2O93MWrmnuJcIswoVabBFzsI5Iv8oINqiX8kGf VElXEl8tM154sakdeYu2zT8GMIsKc8i+017MWBUsaxuoqAQq2RMjGP9UwQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFK8dNvX7wvKsmZtIYlQ085pXKsW5MB8GA1UdIwQY MBaAFE7zM2bwz15PqATu99HikpTupRSMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVHZNelp2RFBYay1vQk83MzBlS1NsTzZsRkl3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8zODQ0OWMtYWFkOC00MDVhLWI3Zjct NmQ5ZjM4NGQyYmMzLzEvVHZNelp2RFBYay1vQk83MzBlS1NsTzZsRkl3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZi8zODQ0OWMtYWFkOC00MDVhLWI3ZjctNmQ5ZjM4NGQyYmMz LzEvVHZNelp2RFBYay1vQk83MzBlS1NsTzZsRkl3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAU4l2+jMy XI619X+EbsRcapzFUxsqlOPLWn0SSweqU0yzEvRTl/wgWL76rTuD8gL42N4FE0K1 C4oxfa2b8VixXW+9/A2o3gq5Mbsoir64mQ+8te7Aaq36ThgBXSyMmnQT5Pa/p2o0 3p+ngU0N0s0Okz3Yoi1ClRA6ZGkRY5qp+LIwjddyFVv2iNX6RVkND40kpjjK/L2U DANfjK+PqJrjLX01Pdc8nsspJ+X95hnzNXiHGWuatyKVGmahTH3HXrt1uelFgLwH JR0cbtREwzQpn/xcJEKccxBQMjpfJZlW6RV9ayXuxdPesgJJ4fk8YEHzFm1GDVMp cMaJ1Bf9yOUynA== -----END CERTIFICATE-----Generated at Sat Dec 6 08:59:11 2025 by rpki-client