This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/ba784d-746e-49e7-a408-4abaf53a50af/1/tczdiD9t0RTs9vcnFqhGNPZ6yXc.mft File: tczdiD9t0RTs9vcnFqhGNPZ6yXc.mft (raw, json) Hash identifier: GADN3weIxc1fDPDjE9vG1i94vzglL2krnWIt5vT2MbI= Subject key identifier: DD:D4:5E:20:D6:CD:64:BC:2F:B9:62:51:6B:0A:17:06:94:2F:EA:6C Authority key identifier: B5:CC:DD:88:3F:6D:D1:14:EC:F6:F7:27:16:A8:46:34:F6:7A:C9:77 Certificate issuer: /CN=b5ccdd883f6dd114ecf6f72716a84634f67ac977 Certificate serial: 019AF389017575E2F5E53C0CCBF866E1B52F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tczdiD9t0RTs9vcnFqhGNPZ6yXc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/ba784d-746e-49e7-a408-4abaf53a50af/1/tczdiD9t0RTs9vcnFqhGNPZ6yXc.mft Manifest number: 0D93 Signing time: Sat 06 Dec 2025 12:00:33 +0000 Manifest this update: Sat 06 Dec 2025 12:00:33 +0000 Manifest next update: Sun 07 Dec 2025 12:00:33 +0000 Files and hashes: 1: 6mSAzptlMtavroiRBEbzErufO08.roa (hash: lJ5Bp/WretmXqwZLM24/DP1Oy5iyysz4o7F+olg5yZQ=) 2: tczdiD9t0RTs9vcnFqhGNPZ6yXc.crl (hash: gp7lc0hInz4clohqE2Qi1hVF/HwKwPiI4yUOb6QsJ7k=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/ba784d-746e-49e7-a408-4abaf53a50af/1/tczdiD9t0RTs9vcnFqhGNPZ6yXc.crl rsync://rpki.ripe.net/repository/DEFAULT/ea/ba784d-746e-49e7-a408-4abaf53a50af/1/tczdiD9t0RTs9vcnFqhGNPZ6yXc.mft rsync://rpki.ripe.net/repository/DEFAULT/tczdiD9t0RTs9vcnFqhGNPZ6yXc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 12:00:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:89:01:75:75:e2:f5:e5:3c:0c:cb:f8:66:e1:b5:2f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b5ccdd883f6dd114ecf6f72716a84634f67ac977 Validity Not Before: Dec 6 12:00:33 2025 GMT Not After : Dec 7 12:00:33 2025 GMT Subject: CN=ddd45e20d6cd64bc2fb962516b0a1706942fea6c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:d5:33:0c:b8:29:a0:e7:4a:f0:91:2d:cf:1e: 9b:85:c8:36:68:0f:9b:f0:19:5f:bd:a3:5f:f0:ce: 90:65:63:a0:bc:96:83:57:c2:36:d0:c7:22:1c:c2: 41:36:c4:72:4c:27:93:be:ea:7b:70:ef:8d:fe:e5: 13:57:b5:ff:89:e9:a7:32:06:bf:33:30:62:8f:00: 91:82:5f:6b:d8:de:be:ec:6a:58:0a:2c:84:d1:b7: 70:44:7b:7c:60:48:cf:6f:b5:81:63:7f:4e:82:2a: 49:2a:83:fc:e8:a0:ee:33:8e:37:95:9b:6b:ba:2c: b0:41:c1:e7:47:db:90:35:41:e2:a6:d8:d1:9a:20: 70:5e:29:74:cf:ee:db:6a:e8:e9:4f:4c:29:15:90: 16:e3:d8:84:5a:61:bf:02:1d:fa:21:c9:56:1c:0e: b4:f1:2f:42:f6:21:4f:a0:a3:82:60:82:ec:4e:81: 97:fa:05:b6:d4:c1:5a:16:77:ba:0d:1e:a7:ff:ab: de:33:2f:d2:38:b5:4d:be:a5:1e:4c:f5:1c:d6:4f: 41:c4:8a:ca:0b:f1:15:ab:06:ac:a0:08:e2:13:5f: 5d:d0:e2:c3:19:c3:4d:29:d2:11:3f:02:f2:cd:92: 6c:f9:ab:6e:75:7f:cc:e9:c6:16:aa:04:9a:b8:cd: e0:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:D4:5E:20:D6:CD:64:BC:2F:B9:62:51:6B:0A:17:06:94:2F:EA:6C X509v3 Authority Key Identifier: keyid:B5:CC:DD:88:3F:6D:D1:14:EC:F6:F7:27:16:A8:46:34:F6:7A:C9:77 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tczdiD9t0RTs9vcnFqhGNPZ6yXc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/ba784d-746e-49e7-a408-4abaf53a50af/1/tczdiD9t0RTs9vcnFqhGNPZ6yXc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/ba784d-746e-49e7-a408-4abaf53a50af/1/tczdiD9t0RTs9vcnFqhGNPZ6yXc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 89:1b:3f:6b:33:dd:e2:05:8f:ea:5c:06:36:59:64:31:30:ed: 2b:48:db:bc:85:49:bc:0f:fc:1a:8b:0f:47:78:d1:b7:41:ad: fd:3c:66:4a:da:57:df:73:36:b1:2a:35:c6:66:bc:c4:cf:dc: 60:f1:fa:1d:28:75:9f:ff:dc:b2:a4:df:b8:34:2e:86:84:e5: d9:1b:84:c0:5e:da:85:e9:c4:84:36:a9:6c:1f:ce:63:dd:f8: b9:43:42:a1:72:d6:f9:e1:a6:97:fa:61:77:ab:95:f6:b1:b5: 85:62:0f:5c:80:7e:0c:10:ec:76:14:a0:cb:53:d4:a3:4c:25: 16:6b:e6:48:8f:85:a4:b6:27:06:14:ab:ce:6b:1c:c4:69:bb: e0:b4:f8:93:3a:09:d3:a7:6e:1a:d9:bb:fc:a1:4f:fa:c5:0b: 3b:60:46:0b:a7:a9:eb:ce:99:29:51:f3:78:cc:47:55:cb:7a: 19:4b:88:e7:d4:b6:5e:6b:34:4d:36:ac:a1:61:83:fe:fe:62: 8f:ce:30:99:4a:f6:e0:ae:d4:d1:7b:1f:61:03:e4:90:e9:3c: 53:74:60:60:33:a5:87:b4:9f:e9:e7:d5:5e:6f:02:e4:86:ce: 58:95:12:fa:77:a4:9d:90:56:1d:a9:19:cf:d2:29:9e:ad:5e: c8:64:42:7b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrziQF1deL15TwMy/hm4bUvMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI1Y2NkZDg4M2Y2ZGQxMTRlY2Y2ZjcyNzE2YTg0NjM0ZjY3 YWM5NzcwHhcNMjUxMjA2MTIwMDMzWhcNMjUxMjA3MTIwMDMzWjAzMTEwLwYDVQQD EyhkZGQ0NWUyMGQ2Y2Q2NGJjMmZiOTYyNTE2YjBhMTcwNjk0MmZlYTZjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAldUzDLgpoOdK8JEtzx6bhcg2aA+b 8BlfvaNf8M6QZWOgvJaDV8I20MciHMJBNsRyTCeTvup7cO+N/uUTV7X/iemnMga/ MzBijwCRgl9r2N6+7GpYCiyE0bdwRHt8YEjPb7WBY39OgipJKoP86KDuM443lZtr uiywQcHnR9uQNUHiptjRmiBwXil0z+7baujpT0wpFZAW49iEWmG/Ah36IclWHA60 8S9C9iFPoKOCYILsToGX+gW21MFaFne6DR6n/6veMy/SOLVNvqUeTPUc1k9BxIrK C/EVqwasoAjiE19d0OLDGcNNKdIRPwLyzZJs+atudX/M6cYWqgSauM3gQwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFN3UXiDWzWS8L7liUWsKFwaUL+psMB8GA1UdIwQY MBaAFLXM3Yg/bdEU7Pb3JxaoRjT2esl3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdGN6ZGlEOXQwUlRzOXZjbkZxaEdOUFo2eVhjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9iYTc4NGQtNzQ2ZS00OWU3LWE0MDgt NGFiYWY1M2E1MGFmLzEvdGN6ZGlEOXQwUlRzOXZjbkZxaEdOUFo2eVhjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lYS9iYTc4NGQtNzQ2ZS00OWU3LWE0MDgtNGFiYWY1M2E1MGFm LzEvdGN6ZGlEOXQwUlRzOXZjbkZxaEdOUFo2eVhjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiRs/azPd 4gWP6lwGNllkMTDtK0jbvIVJvA/8GosPR3jRt0Gt/TxmStpX33M2sSo1xma8xM/c YPH6HSh1n//csqTfuDQuhoTl2RuEwF7ahenEhDapbB/OY934uUNCoXLW+eGml/ph d6uV9rG1hWIPXIB+DBDsdhSgy1PUo0wlFmvmSI+FpLYnBhSrzmscxGm74LT4kzoJ 06duGtm7/KFP+sULO2BGC6ep686ZKVHzeMxHVct6GUuI59S2Xms0TTasoWGD/v5i j84wmUr24K7U0XsfYQPkkOk8U3RgYDOlh7Sf6efVXm8C5IbOWJUS+neknZBWHakZ z9Ipnq1eyGRCew== -----END CERTIFICATE-----Generated at Sat Dec 6 22:58:32 2025 by rpki-client