This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/9a08b0-cfec-4c91-b8eb-4abadb5aea9a/1/TQiJTKQFMefSApQJEojnetEsKXk.mft File: TQiJTKQFMefSApQJEojnetEsKXk.mft (raw, json) Hash identifier: fVv2ZS7kbwO9wmMcK98HvjVi4TrdotfMhcNWvihrPn0= Subject key identifier: 79:E9:9A:42:C0:27:86:BE:B2:0C:98:A0:3B:47:58:EB:B7:A5:CD:DB Authority key identifier: 4D:08:89:4C:A4:05:31:E7:D2:02:94:09:12:88:E7:7A:D1:2C:29:79 Certificate issuer: /CN=4d08894ca40531e7d20294091288e77ad12c2979 Certificate serial: 019AF3892CB4C913DE3A4DA04833EC442CA9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TQiJTKQFMefSApQJEojnetEsKXk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/9a08b0-cfec-4c91-b8eb-4abadb5aea9a/1/TQiJTKQFMefSApQJEojnetEsKXk.mft Manifest number: 0829 Signing time: Sat 06 Dec 2025 12:00:44 +0000 Manifest this update: Sat 06 Dec 2025 12:00:44 +0000 Manifest next update: Sun 07 Dec 2025 12:00:44 +0000 Files and hashes: 1: 9vSYuCdAG_e0E6RGGzb6agTE0BM.roa (hash: QacZLKOpB/Eo9Q8tjYWI0KN++SKGpTz/tW+UR9tDqD0=) 2: TQiJTKQFMefSApQJEojnetEsKXk.crl (hash: eos/LjcFeGjddNZdfeCT6WOawIqwf0R5xuENGXYybCA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/9a08b0-cfec-4c91-b8eb-4abadb5aea9a/1/TQiJTKQFMefSApQJEojnetEsKXk.crl rsync://rpki.ripe.net/repository/DEFAULT/35/9a08b0-cfec-4c91-b8eb-4abadb5aea9a/1/TQiJTKQFMefSApQJEojnetEsKXk.mft rsync://rpki.ripe.net/repository/DEFAULT/TQiJTKQFMefSApQJEojnetEsKXk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 12:00:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:89:2c:b4:c9:13:de:3a:4d:a0:48:33:ec:44:2c:a9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4d08894ca40531e7d20294091288e77ad12c2979 Validity Not Before: Dec 6 12:00:44 2025 GMT Not After : Dec 7 12:00:44 2025 GMT Subject: CN=79e99a42c02786beb20c98a03b4758ebb7a5cddb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:91:89:ed:4b:e8:a4:78:4a:1c:c6:55:9d:f5: 4e:92:fe:92:5d:be:68:b1:b7:f3:0a:dd:dc:c5:9d: d5:8a:65:88:3a:7c:8b:83:c5:90:84:cc:d1:2f:9f: 56:f1:5e:92:34:26:40:51:73:0c:0e:af:08:3a:b4: 49:56:ed:49:c9:d0:ff:70:41:b4:cb:b3:dc:70:af: 41:de:9f:48:14:e6:d4:ff:75:0d:17:fd:f3:16:48: 2b:ff:7a:70:ec:82:ad:a8:4b:d7:95:c6:39:2e:cb: 52:f4:13:6b:fe:5d:36:70:9b:28:b0:0a:70:a5:e3: 42:32:b1:42:0e:56:ff:1d:56:89:16:a7:8f:97:73: 1a:40:16:33:33:eb:dd:f2:0e:7f:d6:d6:b9:5a:a9: 8b:4c:52:b2:38:97:7c:b1:46:b2:34:07:13:65:8d: e3:00:23:cf:a9:77:58:4e:dc:33:ce:2e:30:a5:e7: 35:28:91:fa:f4:6d:55:f7:de:a5:49:9a:c6:d9:e0: 07:e7:5b:91:08:a7:3f:2d:26:c4:0c:30:e1:e7:da: 51:62:53:d1:ca:04:11:6e:c3:66:7a:b9:83:cc:cb: 6b:95:6e:d4:15:c6:de:2c:d6:88:5d:74:e6:17:e2: 86:10:be:1d:9e:ec:f2:1d:ba:2a:3a:30:58:42:c1: 40:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 79:E9:9A:42:C0:27:86:BE:B2:0C:98:A0:3B:47:58:EB:B7:A5:CD:DB X509v3 Authority Key Identifier: keyid:4D:08:89:4C:A4:05:31:E7:D2:02:94:09:12:88:E7:7A:D1:2C:29:79 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TQiJTKQFMefSApQJEojnetEsKXk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9a08b0-cfec-4c91-b8eb-4abadb5aea9a/1/TQiJTKQFMefSApQJEojnetEsKXk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9a08b0-cfec-4c91-b8eb-4abadb5aea9a/1/TQiJTKQFMefSApQJEojnetEsKXk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b8:e5:47:ae:be:79:2b:52:ca:ff:03:db:68:32:84:52:d2:b4: 45:ad:b1:0f:01:c1:b0:5a:88:b8:57:d7:0b:36:77:5e:d1:45: 8f:a4:d1:6d:c2:a5:ee:41:8a:8a:fa:1b:30:23:7b:40:ac:f1: 37:cb:ac:99:9c:be:f0:20:d9:e7:ad:4f:17:57:ec:1a:3a:5a: cc:b4:8a:db:00:ff:7c:ba:2f:1f:98:48:22:91:f3:b3:3e:b0: 39:f8:83:0a:71:1c:35:a4:a9:21:9e:42:90:d4:11:fe:5c:17: e9:6c:98:9c:df:8c:f3:5b:c7:2d:be:ac:bb:6c:27:10:b0:7c: 52:46:7d:2a:8b:fb:b9:da:cc:72:69:8e:be:1f:90:ad:e6:f3: f6:0f:e5:1a:02:93:af:e3:b6:29:07:e4:dd:17:9d:a6:c2:eb: 0b:7e:4b:bf:e6:8b:9e:98:56:e9:47:83:a0:6c:33:49:94:f0: ba:3a:2d:34:85:39:96:38:f5:72:65:0e:0e:25:1b:7d:82:65: 68:ab:2c:f7:84:c0:e8:9d:61:dc:7a:ff:ad:02:4f:5f:b8:8f: 04:a0:c9:a1:2a:6e:25:d6:42:8f:cc:6a:c7:24:67:5d:f1:68: 0c:c0:55:6b:cc:bc:b1:20:e9:f1:20:b4:1f:bc:0c:a8:63:e0: 2c:00:71:55 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrziSy0yRPeOk2gSDPsRCypMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRkMDg4OTRjYTQwNTMxZTdkMjAyOTQwOTEyODhlNzdhZDEy YzI5NzkwHhcNMjUxMjA2MTIwMDQ0WhcNMjUxMjA3MTIwMDQ0WjAzMTEwLwYDVQQD Eyg3OWU5OWE0MmMwMjc4NmJlYjIwYzk4YTAzYjQ3NThlYmI3YTVjZGRiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAspGJ7UvopHhKHMZVnfVOkv6SXb5o sbfzCt3cxZ3VimWIOnyLg8WQhMzRL59W8V6SNCZAUXMMDq8IOrRJVu1JydD/cEG0 y7PccK9B3p9IFObU/3UNF/3zFkgr/3pw7IKtqEvXlcY5LstS9BNr/l02cJsosApw peNCMrFCDlb/HVaJFqePl3MaQBYzM+vd8g5/1ta5WqmLTFKyOJd8sUayNAcTZY3j ACPPqXdYTtwzzi4wpec1KJH69G1V996lSZrG2eAH51uRCKc/LSbEDDDh59pRYlPR ygQRbsNmermDzMtrlW7UFcbeLNaIXXTmF+KGEL4dnuzyHboqOjBYQsFAtwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHnpmkLAJ4a+sgyYoDtHWOu3pc3bMB8GA1UdIwQY MBaAFE0IiUykBTHn0gKUCRKI53rRLCl5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVFFpSlRLUUZNZWZTQXBRSkVvam5ldEVzS1hrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS85YTA4YjAtY2ZlYy00YzkxLWI4ZWIt NGFiYWRiNWFlYTlhLzEvVFFpSlRLUUZNZWZTQXBRSkVvam5ldEVzS1hrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNS85YTA4YjAtY2ZlYy00YzkxLWI4ZWItNGFiYWRiNWFlYTlh LzEvVFFpSlRLUUZNZWZTQXBRSkVvam5ldEVzS1hrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuOVHrr55 K1LK/wPbaDKEUtK0Ra2xDwHBsFqIuFfXCzZ3XtFFj6TRbcKl7kGKivobMCN7QKzx N8usmZy+8CDZ561PF1fsGjpazLSK2wD/fLovH5hIIpHzsz6wOfiDCnEcNaSpIZ5C kNQR/lwX6WyYnN+M81vHLb6su2wnELB8UkZ9Kov7udrMcmmOvh+Qrebz9g/lGgKT r+O2KQfk3RedpsLrC35Lv+aLnphW6UeDoGwzSZTwujotNIU5ljj1cmUODiUbfYJl aKss94TA6J1h3Hr/rQJPX7iPBKDJoSpuJdZCj8xqxyRnXfFoDMBVa8y8sSDp8SC0 H7wMqGPgLABxVQ== -----END CERTIFICATE-----Generated at Sat Dec 6 19:05:18 2025 by rpki-client