This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/457f2d-0137-4d61-8500-300426ce32e2/1/tK4oip3bDvUKKUs8rpY-FHycfck.mft File: tK4oip3bDvUKKUs8rpY-FHycfck.mft (raw, json) Hash identifier: TCd4ZPxHdFRUF9fnG7lxfdkq+P4dp6XnVXpKKkhJ0Yg= Subject key identifier: 27:ED:F8:80:56:5A:08:B5:9A:38:DF:DA:A5:3C:64:42:97:42:C2:52 Authority key identifier: B4:AE:28:8A:9D:DB:0E:F5:0A:29:4B:3C:AE:96:3E:14:7C:9C:7D:C9 Certificate issuer: /CN=b4ae288a9ddb0ef50a294b3cae963e147c9c7dc9 Certificate serial: 019B416D9123B8D0963AF17C10BC7500C765 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tK4oip3bDvUKKUs8rpY-FHycfck.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/457f2d-0137-4d61-8500-300426ce32e2/1/tK4oip3bDvUKKUs8rpY-FHycfck.mft Manifest number: 1789 Signing time: Sun 21 Dec 2025 15:00:58 +0000 Manifest this update: Sun 21 Dec 2025 15:00:58 +0000 Manifest next update: Mon 22 Dec 2025 15:00:58 +0000 Files and hashes: 1: tK4oip3bDvUKKUs8rpY-FHycfck.crl (hash: 1d3evjL7HhIrTM4sEbPrP5qkNchPKTWFpyLwodpm25s=) 2: u16TB_X_VEL7--qGdSVXn8Zs3wY.roa (hash: m8sRTErDjjsLnDtgYn9w7y6plArnvxsTKmxxZwh54Fs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e3/457f2d-0137-4d61-8500-300426ce32e2/1/tK4oip3bDvUKKUs8rpY-FHycfck.crl rsync://rpki.ripe.net/repository/DEFAULT/e3/457f2d-0137-4d61-8500-300426ce32e2/1/tK4oip3bDvUKKUs8rpY-FHycfck.mft rsync://rpki.ripe.net/repository/DEFAULT/tK4oip3bDvUKKUs8rpY-FHycfck.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 13:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:41:6d:91:23:b8:d0:96:3a:f1:7c:10:bc:75:00:c7:65 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b4ae288a9ddb0ef50a294b3cae963e147c9c7dc9 Validity Not Before: Dec 21 15:00:58 2025 GMT Not After : Dec 22 15:00:58 2025 GMT Subject: CN=27edf880565a08b59a38dfdaa53c64429742c252 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:f2:72:9e:28:f0:f6:9b:7a:36:4f:cd:12:46: 11:41:b4:ec:81:63:27:93:3c:14:ef:85:fd:83:16: 30:12:75:d3:1a:cf:a3:97:a3:c9:93:2e:88:d9:cd: 1d:77:95:76:93:b4:f0:93:9c:09:0b:92:39:11:cb: 75:f8:f7:6f:57:81:bd:b5:75:b9:62:82:96:b2:95: 13:09:42:67:a9:eb:5c:3a:40:6b:80:64:b7:22:db: f5:db:c5:f2:b2:82:57:49:a8:93:ec:c3:43:da:21: b4:ca:8f:63:93:cd:fe:fd:41:c2:e8:20:b4:74:a7: 47:a5:c7:82:f8:48:03:b2:18:e0:e0:fa:9c:66:7b: ee:bc:90:b7:17:8f:3a:6c:8b:74:c9:73:7e:cf:6d: 92:e4:ff:05:69:48:58:f6:ed:a7:76:0a:b4:72:b2: 58:08:2f:f3:18:46:b2:08:45:23:33:22:86:8f:8d: 0b:63:c4:0e:11:2f:ef:36:36:f8:30:e7:3e:8a:2f: 90:62:58:b4:86:96:47:41:10:ca:0c:d9:ba:9f:17: 8a:6d:d5:f4:3e:f8:78:66:47:19:2b:ad:b7:41:ad: 59:cf:44:7b:24:40:ce:ca:d4:b6:da:80:56:36:ee: da:b8:28:b6:1d:fd:b1:27:94:d4:26:58:be:28:32: b8:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 27:ED:F8:80:56:5A:08:B5:9A:38:DF:DA:A5:3C:64:42:97:42:C2:52 X509v3 Authority Key Identifier: keyid:B4:AE:28:8A:9D:DB:0E:F5:0A:29:4B:3C:AE:96:3E:14:7C:9C:7D:C9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tK4oip3bDvUKKUs8rpY-FHycfck.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/457f2d-0137-4d61-8500-300426ce32e2/1/tK4oip3bDvUKKUs8rpY-FHycfck.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/457f2d-0137-4d61-8500-300426ce32e2/1/tK4oip3bDvUKKUs8rpY-FHycfck.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 50:c7:01:ac:2f:1d:5f:55:96:42:ea:0e:5d:34:84:1c:60:ce: ee:81:32:eb:92:28:4a:f4:d3:bf:3b:c6:9e:a6:06:2c:6e:4b: ec:08:d4:3b:fd:0f:fa:c7:88:87:8d:8e:fd:93:26:18:0a:e2: 9d:3a:fc:9a:c2:db:8e:d0:03:af:bb:b4:05:57:df:f5:9c:53: 54:bc:3d:e1:72:ef:0d:6f:e5:af:85:a5:70:ac:6b:6a:f0:56: 07:d7:60:5d:c0:13:1e:f3:3c:61:75:f6:5f:e1:c6:c3:34:fd: 1f:90:9a:22:ef:a7:5d:eb:73:f1:d7:c6:3a:27:dd:9b:67:61: 20:e6:51:09:f9:d1:fe:54:53:90:71:34:de:15:db:f7:fd:72: 92:a0:d5:4e:97:b0:47:78:52:08:5b:56:63:b9:09:f8:1b:bc: 78:38:d6:3d:6a:22:9e:c7:92:33:68:45:25:3a:3e:5d:d7:f6: b1:83:6e:c6:fc:06:90:a7:bc:d9:22:54:52:80:5d:d6:35:68: 75:aa:d9:fe:4e:24:13:76:85:3c:56:e5:ab:1b:a6:a4:0f:b1: 02:84:7d:54:23:90:ed:09:e6:ba:55:5e:01:c8:61:f1:c5:4f: 5a:9e:e0:ff:07:ff:92:40:12:99:4e:12:74:15:24:a6:d8:96: e4:e7:ba:29 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtBbZEjuNCWOvF8ELx1AMdlMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI0YWUyODhhOWRkYjBlZjUwYTI5NGIzY2FlOTYzZTE0N2M5 YzdkYzkwHhcNMjUxMjIxMTUwMDU4WhcNMjUxMjIyMTUwMDU4WjAzMTEwLwYDVQQD EygyN2VkZjg4MDU2NWEwOGI1OWEzOGRmZGFhNTNjNjQ0Mjk3NDJjMjUyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/Jynijw9pt6Nk/NEkYRQbTsgWMn kzwU74X9gxYwEnXTGs+jl6PJky6I2c0dd5V2k7Twk5wJC5I5Ect1+PdvV4G9tXW5 YoKWspUTCUJnqetcOkBrgGS3Itv128XysoJXSaiT7MND2iG0yo9jk83+/UHC6CC0 dKdHpceC+EgDshjg4PqcZnvuvJC3F486bIt0yXN+z22S5P8FaUhY9u2ndgq0crJY CC/zGEayCEUjMyKGj40LY8QOES/vNjb4MOc+ii+QYli0hpZHQRDKDNm6nxeKbdX0 Pvh4ZkcZK623Qa1Zz0R7JEDOytS22oBWNu7auCi2Hf2xJ5TUJli+KDK4HQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCft+IBWWgi1mjjf2qU8ZEKXQsJSMB8GA1UdIwQY MBaAFLSuKIqd2w71CilLPK6WPhR8nH3JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdEs0b2lwM2JEdlVLS1VzOHJwWS1GSHljZmNrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy80NTdmMmQtMDEzNy00ZDYxLTg1MDAt MzAwNDI2Y2UzMmUyLzEvdEs0b2lwM2JEdlVLS1VzOHJwWS1GSHljZmNrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lMy80NTdmMmQtMDEzNy00ZDYxLTg1MDAtMzAwNDI2Y2UzMmUy LzEvdEs0b2lwM2JEdlVLS1VzOHJwWS1GSHljZmNrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUMcBrC8d X1WWQuoOXTSEHGDO7oEy65IoSvTTvzvGnqYGLG5L7AjUO/0P+seIh42O/ZMmGAri nTr8msLbjtADr7u0BVff9ZxTVLw94XLvDW/lr4WlcKxravBWB9dgXcATHvM8YXX2 X+HGwzT9H5CaIu+nXetz8dfGOifdm2dhIOZRCfnR/lRTkHE03hXb9/1ykqDVTpew R3hSCFtWY7kJ+Bu8eDjWPWoinseSM2hFJTo+Xdf2sYNuxvwGkKe82SJUUoBd1jVo darZ/k4kE3aFPFblqxumpA+xAoR9VCOQ7QnmulVeAchh8cVPWp7g/wf/kkASmU4S dBUkptiW5Oe6KQ== -----END CERTIFICATE-----Generated at Sun Dec 21 23:15:41 2025 by rpki-client