This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/2bea8f-9fbc-4765-93bc-222252929873/1/TKha1Dt7R-dSh4MHGEeU1woCdmw.mft File: TKha1Dt7R-dSh4MHGEeU1woCdmw.mft (raw, json) Hash identifier: SYwDROiOvDEagQFnhedW1WhCKh3N9e0156KhOeAlhns= Subject key identifier: E4:82:D9:F0:BA:E0:5C:5D:52:97:02:3B:59:16:DF:CB:AF:4F:CA:8A Authority key identifier: 4C:A8:5A:D4:3B:7B:47:E7:52:87:83:07:18:47:94:D7:0A:02:76:6C Certificate issuer: /CN=4ca85ad43b7b47e752878307184794d70a02766c Certificate serial: 019AF464E84E08ECDE443ED407A8DCF946CB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TKha1Dt7R-dSh4MHGEeU1woCdmw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/2bea8f-9fbc-4765-93bc-222252929873/1/TKha1Dt7R-dSh4MHGEeU1woCdmw.mft Manifest number: 02E8 Signing time: Sat 06 Dec 2025 16:00:44 +0000 Manifest this update: Sat 06 Dec 2025 16:00:44 +0000 Manifest next update: Sun 07 Dec 2025 16:00:44 +0000 Files and hashes: 1: TKha1Dt7R-dSh4MHGEeU1woCdmw.crl (hash: rgLW1Je4s5xD3ip5QB9rJWWNg7I0PtQmITF380pKCwQ=) 2: cpRFayTuWEzodEO-QznXVMR-alE.roa (hash: wcJbOFjwwy8ZnD5yiXe5CzeprbHM7YA3HHhv8zEs++s=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/2bea8f-9fbc-4765-93bc-222252929873/1/TKha1Dt7R-dSh4MHGEeU1woCdmw.crl rsync://rpki.ripe.net/repository/DEFAULT/20/2bea8f-9fbc-4765-93bc-222252929873/1/TKha1Dt7R-dSh4MHGEeU1woCdmw.mft rsync://rpki.ripe.net/repository/DEFAULT/TKha1Dt7R-dSh4MHGEeU1woCdmw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 16:00:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f4:64:e8:4e:08:ec:de:44:3e:d4:07:a8:dc:f9:46:cb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4ca85ad43b7b47e752878307184794d70a02766c Validity Not Before: Dec 6 16:00:44 2025 GMT Not After : Dec 7 16:00:44 2025 GMT Subject: CN=e482d9f0bae05c5d5297023b5916dfcbaf4fca8a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:07:7e:1f:ae:4e:74:48:f0:92:4a:ec:73:59: 3e:03:64:1b:35:ef:a9:ac:aa:56:bd:90:4b:68:33: ec:5b:21:26:91:54:c5:17:34:f2:75:bf:17:3f:6f: a3:94:51:68:5b:9a:08:51:14:ee:49:2c:52:b6:36: 00:46:60:73:2e:4b:eb:fe:a0:d4:ea:ce:6b:3d:f6: 96:b2:5b:1f:15:79:b2:cf:fe:a3:82:bf:3f:00:46: ee:69:00:6e:92:bf:8f:de:a3:0c:4b:70:15:2a:71: 7a:68:e7:b3:25:4b:37:f8:85:9c:e1:46:4c:63:8b: 61:90:f2:61:75:f4:ea:c0:70:ec:d5:0e:46:85:ab: 7c:c7:fa:92:76:6f:60:8d:88:bf:e8:6e:86:03:1a: 06:bb:e9:9e:24:69:e1:40:a9:ed:01:2f:7a:8f:bf: 5f:9f:ad:b3:2c:3d:87:41:da:05:56:de:1e:f6:87: db:50:bd:6c:95:44:70:30:29:29:69:1c:cf:b1:35: 37:a4:fc:51:e1:a5:3e:d0:d6:c0:3a:16:b6:d3:30: dc:58:11:ff:97:76:01:c6:74:94:42:e7:de:5f:b4: ac:ca:34:af:17:a6:dd:23:8d:b5:9a:50:12:b8:a0: cd:66:a7:fe:70:b8:b1:22:52:5e:6a:4d:2b:fa:f9: 2c:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E4:82:D9:F0:BA:E0:5C:5D:52:97:02:3B:59:16:DF:CB:AF:4F:CA:8A X509v3 Authority Key Identifier: keyid:4C:A8:5A:D4:3B:7B:47:E7:52:87:83:07:18:47:94:D7:0A:02:76:6C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TKha1Dt7R-dSh4MHGEeU1woCdmw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/2bea8f-9fbc-4765-93bc-222252929873/1/TKha1Dt7R-dSh4MHGEeU1woCdmw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/20/2bea8f-9fbc-4765-93bc-222252929873/1/TKha1Dt7R-dSh4MHGEeU1woCdmw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5f:ad:5e:6c:7b:7c:d8:bc:e4:71:33:2b:de:65:9e:18:49:45: 23:d2:ce:0c:06:f2:af:67:6b:68:57:bd:68:01:4f:8e:50:6d: f5:30:6e:de:bf:2a:1e:29:1e:71:b3:c8:5b:43:97:0b:64:20: 3f:78:b0:64:4c:b0:2d:94:b6:9c:6b:03:4e:6f:4f:b5:65:0b: 02:d5:9f:70:08:26:1b:f6:12:74:59:32:df:b1:32:aa:45:2d: 49:94:ca:83:c2:fa:3a:a7:3e:a6:4f:46:4d:51:83:d4:bd:4f: e4:a7:de:4f:b0:74:3c:a5:aa:74:a9:34:f5:f1:00:f1:90:54: 58:22:b8:0a:bd:52:68:d2:ed:dd:8e:0e:73:ab:91:c6:1c:f6: 53:fb:41:36:a6:5c:14:1f:67:a8:ac:35:62:39:d0:d4:78:79: 67:8d:45:59:88:12:c7:d3:a8:f4:b1:61:3e:28:4c:2f:50:1f: f3:5d:7a:ac:d2:25:41:c8:3c:76:4d:eb:22:95:23:79:25:57: d9:ca:5a:b9:c4:0d:5e:72:7a:e9:1c:0e:9c:6a:eb:43:85:4c: 6d:46:e9:37:3b:db:17:9d:b3:7d:f3:ab:df:cd:ce:90:86:f8: ea:6c:02:3f:0a:05:92:a7:02:05:b2:19:2f:75:76:2b:f8:62: e1:95:24:51 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr0ZOhOCOzeRD7UB6jc+UbLMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRjYTg1YWQ0M2I3YjQ3ZTc1Mjg3ODMwNzE4NDc5NGQ3MGEw Mjc2NmMwHhcNMjUxMjA2MTYwMDQ0WhcNMjUxMjA3MTYwMDQ0WjAzMTEwLwYDVQQD EyhlNDgyZDlmMGJhZTA1YzVkNTI5NzAyM2I1OTE2ZGZjYmFmNGZjYThhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Qd+H65OdEjwkkrsc1k+A2QbNe+p rKpWvZBLaDPsWyEmkVTFFzTydb8XP2+jlFFoW5oIURTuSSxStjYARmBzLkvr/qDU 6s5rPfaWslsfFXmyz/6jgr8/AEbuaQBukr+P3qMMS3AVKnF6aOezJUs3+IWc4UZM Y4thkPJhdfTqwHDs1Q5Ghat8x/qSdm9gjYi/6G6GAxoGu+meJGnhQKntAS96j79f n62zLD2HQdoFVt4e9ofbUL1slURwMCkpaRzPsTU3pPxR4aU+0NbAOha20zDcWBH/ l3YBxnSUQufeX7SsyjSvF6bdI421mlASuKDNZqf+cLixIlJeak0r+vksIQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOSC2fC64FxdUpcCO1kW38uvT8qKMB8GA1UdIwQY MBaAFEyoWtQ7e0fnUoeDBxhHlNcKAnZsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVEtoYTFEdDdSLWRTaDRNSEdFZVUxd29DZG13LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8yYmVhOGYtOWZiYy00NzY1LTkzYmMt MjIyMjUyOTI5ODczLzEvVEtoYTFEdDdSLWRTaDRNSEdFZVUxd29DZG13Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMC8yYmVhOGYtOWZiYy00NzY1LTkzYmMtMjIyMjUyOTI5ODcz LzEvVEtoYTFEdDdSLWRTaDRNSEdFZVUxd29DZG13LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAX61ebHt8 2LzkcTMr3mWeGElFI9LODAbyr2draFe9aAFPjlBt9TBu3r8qHikecbPIW0OXC2Qg P3iwZEywLZS2nGsDTm9PtWULAtWfcAgmG/YSdFky37EyqkUtSZTKg8L6Oqc+pk9G TVGD1L1P5KfeT7B0PKWqdKk09fEA8ZBUWCK4Cr1SaNLt3Y4Oc6uRxhz2U/tBNqZc FB9nqKw1YjnQ1Hh5Z41FWYgSx9Oo9LFhPihML1Af8116rNIlQcg8dk3rIpUjeSVX 2cpaucQNXnJ66RwOnGrrQ4VMbUbpNzvbF52zffOr383OkIb46mwCPwoFkqcCBbIZ L3V2K/hi4ZUkUQ== -----END CERTIFICATE-----Generated at Sun Dec 7 01:54:14 2025 by rpki-client