This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/80ac78-bbe1-4124-b878-6667fa51c460/1/tnBxl-g2dgxZLh7xHxtMvlv9TS4.mft File: tnBxl-g2dgxZLh7xHxtMvlv9TS4.mft (raw, json) Hash identifier: pZB/+mSrfa3v9Yd/nfon6XhQfFICyuhnx6COuzOiJDU= Subject key identifier: AD:F4:14:D4:E0:86:62:DF:9B:6A:1C:5A:CE:81:BE:6A:B8:A3:60:82 Authority key identifier: B6:70:71:97:E8:36:76:0C:59:2E:1E:F1:1F:1B:4C:BE:5B:FD:4D:2E Certificate issuer: /CN=b6707197e836760c592e1ef11f1b4cbe5bfd4d2e Certificate serial: 019AF31CCE6467ACDD187DAB9E519A059A96 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tnBxl-g2dgxZLh7xHxtMvlv9TS4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/80ac78-bbe1-4124-b878-6667fa51c460/1/tnBxl-g2dgxZLh7xHxtMvlv9TS4.mft Manifest number: 0DCC Signing time: Sat 06 Dec 2025 10:02:22 +0000 Manifest this update: Sat 06 Dec 2025 10:02:22 +0000 Manifest next update: Sun 07 Dec 2025 10:02:22 +0000 Files and hashes: 1: tnBxl-g2dgxZLh7xHxtMvlv9TS4.crl (hash: KIelcwconzePh1UcZf8QiyPDEoZo92UQ2/zf3S+FO+8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/80ac78-bbe1-4124-b878-6667fa51c460/1/tnBxl-g2dgxZLh7xHxtMvlv9TS4.crl rsync://rpki.ripe.net/repository/DEFAULT/16/80ac78-bbe1-4124-b878-6667fa51c460/1/tnBxl-g2dgxZLh7xHxtMvlv9TS4.mft rsync://rpki.ripe.net/repository/DEFAULT/tnBxl-g2dgxZLh7xHxtMvlv9TS4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1c:ce:64:67:ac:dd:18:7d:ab:9e:51:9a:05:9a:96 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b6707197e836760c592e1ef11f1b4cbe5bfd4d2e Validity Not Before: Dec 6 10:02:22 2025 GMT Not After : Dec 7 10:02:22 2025 GMT Subject: CN=adf414d4e08662df9b6a1c5ace81be6ab8a36082 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:18:15:4d:0a:25:ba:38:fc:f7:75:ed:be:eb: 51:1b:da:6e:73:b3:42:17:f3:98:da:df:1a:d8:09: c0:4e:3b:4e:a1:0a:89:b8:ef:41:c3:56:8e:9b:42: 40:47:c3:25:6f:45:9c:72:16:73:eb:7f:b0:01:c5: 2e:d0:00:a3:f4:60:9d:e7:04:ef:c6:e5:88:b5:e1: 72:71:5f:d6:a2:d5:c9:b2:00:ab:51:d8:45:26:a3: 8d:44:dc:42:20:d4:6f:8f:49:1f:0a:31:3b:04:f3: 73:38:ae:32:fe:3f:0e:40:5a:f3:ea:c5:18:61:df: 50:b1:ac:52:de:bc:f6:4f:e2:1e:0d:d1:74:5f:35: 56:9a:ea:80:67:3e:ef:9e:46:d8:dc:f4:5b:cd:52: 39:71:3a:7f:b5:eb:62:8a:d7:3e:6d:94:35:dd:1e: 6c:e6:66:67:10:0f:b9:ab:19:78:db:ab:7b:23:8c: 89:2e:51:e4:4f:ad:23:91:be:82:5a:00:7b:85:ed: 14:e5:8c:40:ee:7b:d2:81:00:41:e9:15:a4:11:79: a4:fc:3a:5d:ae:e8:4e:b2:9d:c4:c8:e9:ad:b9:41: af:45:7c:f8:99:b5:8a:e7:5f:c3:d6:0e:ac:dd:8f: 1a:73:f9:ae:03:ff:08:2b:44:b1:b4:6b:94:15:81: 02:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AD:F4:14:D4:E0:86:62:DF:9B:6A:1C:5A:CE:81:BE:6A:B8:A3:60:82 X509v3 Authority Key Identifier: keyid:B6:70:71:97:E8:36:76:0C:59:2E:1E:F1:1F:1B:4C:BE:5B:FD:4D:2E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tnBxl-g2dgxZLh7xHxtMvlv9TS4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/80ac78-bbe1-4124-b878-6667fa51c460/1/tnBxl-g2dgxZLh7xHxtMvlv9TS4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/16/80ac78-bbe1-4124-b878-6667fa51c460/1/tnBxl-g2dgxZLh7xHxtMvlv9TS4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 82:f8:4f:43:99:b2:c5:6f:ff:e5:6b:6d:ac:fa:61:95:90:b3: 92:46:89:88:0c:bd:36:3a:d0:52:7d:8b:8f:f3:5c:58:dd:be: ba:4b:7b:9e:06:50:71:d2:0c:4f:0f:03:f8:cd:20:b2:49:2d: 82:64:44:b0:49:e6:69:74:f3:c7:33:b2:e1:89:dc:c6:6b:d7: 53:42:62:b5:c7:eb:ea:e5:64:ad:e7:6b:a7:8d:82:0e:be:67: 7b:d2:9b:5c:70:49:c1:e5:4c:e3:fc:35:cb:d4:10:5a:11:98: 9a:73:b0:94:48:d5:c5:2c:68:aa:08:46:8f:5b:c5:c6:7b:52: 4d:f6:7b:08:4e:6e:54:dd:72:ef:c0:2b:f6:7d:af:c2:e7:c0: 45:3a:42:4e:91:fb:82:f3:29:48:20:57:a4:e1:1b:f3:5e:50: 4f:82:3a:2b:0e:7a:e2:59:3c:65:9c:d6:ea:c5:49:c7:61:0c: ee:1c:b0:06:7e:b4:17:87:f4:31:74:5a:26:e5:75:14:90:fc: a9:b2:13:94:18:3f:63:cb:30:7d:6a:fa:d4:1c:74:e7:aa:9b: ef:91:47:47:c6:d7:2b:03:60:11:1f:44:de:0c:a8:4e:ce:40: 8b:fb:57:a7:2d:f0:cb:4f:6e:d9:4a:af:20:1b:37:c9:df:29: 21:08:38:f6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzHM5kZ6zdGH2rnlGaBZqWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI2NzA3MTk3ZTgzNjc2MGM1OTJlMWVmMTFmMWI0Y2JlNWJm ZDRkMmUwHhcNMjUxMjA2MTAwMjIyWhcNMjUxMjA3MTAwMjIyWjAzMTEwLwYDVQQD EyhhZGY0MTRkNGUwODY2MmRmOWI2YTFjNWFjZTgxYmU2YWI4YTM2MDgyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyBgVTQolujj893XtvutRG9puc7NC F/OY2t8a2AnATjtOoQqJuO9Bw1aOm0JAR8Mlb0WcchZz63+wAcUu0ACj9GCd5wTv xuWIteFycV/WotXJsgCrUdhFJqONRNxCINRvj0kfCjE7BPNzOK4y/j8OQFrz6sUY Yd9QsaxS3rz2T+IeDdF0XzVWmuqAZz7vnkbY3PRbzVI5cTp/tetiitc+bZQ13R5s 5mZnEA+5qxl426t7I4yJLlHkT60jkb6CWgB7he0U5YxA7nvSgQBB6RWkEXmk/Dpd ruhOsp3EyOmtuUGvRXz4mbWK51/D1g6s3Y8ac/muA/8IK0SxtGuUFYECyQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFK30FNTghmLfm2ocWs6Bvmq4o2CCMB8GA1UdIwQY MBaAFLZwcZfoNnYMWS4e8R8bTL5b/U0uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdG5CeGwtZzJkZ3haTGg3eEh4dE12bHY5VFM0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi84MGFjNzgtYmJlMS00MTI0LWI4Nzgt NjY2N2ZhNTFjNDYwLzEvdG5CeGwtZzJkZ3haTGg3eEh4dE12bHY5VFM0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNi84MGFjNzgtYmJlMS00MTI0LWI4NzgtNjY2N2ZhNTFjNDYw LzEvdG5CeGwtZzJkZ3haTGg3eEh4dE12bHY5VFM0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgvhPQ5my xW//5WttrPphlZCzkkaJiAy9NjrQUn2Lj/NcWN2+ukt7ngZQcdIMTw8D+M0gskkt gmREsEnmaXTzxzOy4YncxmvXU0Jitcfr6uVkredrp42CDr5ne9KbXHBJweVM4/w1 y9QQWhGYmnOwlEjVxSxoqghGj1vFxntSTfZ7CE5uVN1y78Ar9n2vwufARTpCTpH7 gvMpSCBXpOEb815QT4I6Kw564lk8ZZzW6sVJx2EM7hywBn60F4f0MXRaJuV1FJD8 qbITlBg/Y8swfWr61Bx056qb75FHR8bXKwNgER9E3gyoTs5Ai/tXpy3wy09u2Uqv IBs3yd8pIQg49g== -----END CERTIFICATE-----Generated at Sat Dec 6 14:48:04 2025 by rpki-client