This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/278398-7339-44b2-b0b0-73a01ae5de8f/1/TNcfWgBQ-K5kRMY4dpujdf3bzhk.mft File: TNcfWgBQ-K5kRMY4dpujdf3bzhk.mft (raw, json) Hash identifier: mSRHwWC4RwbFILdAaXVE3OO4bZ8cwNAxonty3Digg/g= Subject key identifier: C3:E2:2E:7E:88:B4:95:E9:9C:73:8D:C1:08:15:35:66:43:6A:D2:CD Authority key identifier: 4C:D7:1F:5A:00:50:F8:AE:64:44:C6:38:76:9B:A3:75:FD:DB:CE:19 Certificate issuer: /CN=4cd71f5a0050f8ae6444c638769ba375fddbce19 Certificate serial: 019AF464D5A86E9BC830A9D69DEF1094F064 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TNcfWgBQ-K5kRMY4dpujdf3bzhk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/278398-7339-44b2-b0b0-73a01ae5de8f/1/TNcfWgBQ-K5kRMY4dpujdf3bzhk.mft Manifest number: 144E Signing time: Sat 06 Dec 2025 16:00:40 +0000 Manifest this update: Sat 06 Dec 2025 16:00:40 +0000 Manifest next update: Sun 07 Dec 2025 16:00:40 +0000 Files and hashes: 1: R8OfYueHd1P1AWWtdGiixwllIMs.roa (hash: ZKzgreBUlCJXbuPQDDLtfbqfZaf5YaZJohzFfYmemPA=) 2: TNcfWgBQ-K5kRMY4dpujdf3bzhk.crl (hash: MwDta3EoRdyKcoZBrxy8LjxuEhh+PeAlbl5eIl04PZQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/278398-7339-44b2-b0b0-73a01ae5de8f/1/TNcfWgBQ-K5kRMY4dpujdf3bzhk.crl rsync://rpki.ripe.net/repository/DEFAULT/3b/278398-7339-44b2-b0b0-73a01ae5de8f/1/TNcfWgBQ-K5kRMY4dpujdf3bzhk.mft rsync://rpki.ripe.net/repository/DEFAULT/TNcfWgBQ-K5kRMY4dpujdf3bzhk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f4:64:d5:a8:6e:9b:c8:30:a9:d6:9d:ef:10:94:f0:64 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4cd71f5a0050f8ae6444c638769ba375fddbce19 Validity Not Before: Dec 6 16:00:40 2025 GMT Not After : Dec 7 16:00:40 2025 GMT Subject: CN=c3e22e7e88b495e99c738dc108153566436ad2cd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:f4:d6:da:94:05:51:35:17:83:f9:8c:12:97: bf:5e:14:ff:d3:0e:fa:28:c1:d6:83:46:a9:bd:28: 4d:e1:ee:30:2e:79:5f:30:73:28:a3:65:7b:da:7b: b6:fc:00:50:61:1e:f4:07:e1:8f:87:e5:80:4c:dc: d8:14:87:d7:a7:d0:06:e6:e0:3d:2f:bf:41:09:e9: a2:1b:5a:a1:8e:b6:cb:e5:38:6f:25:67:ea:fe:59: af:47:00:67:2a:7f:ea:d7:1c:5b:65:f2:78:f4:4e: 7b:bb:68:b7:f6:c1:13:72:2a:b1:e5:f2:b7:c4:0a: e6:a5:08:f5:f1:3d:d4:74:40:41:83:84:14:9b:1f: ea:3d:29:02:61:02:6d:6c:17:93:4b:e3:e3:90:2b: e8:5d:de:c5:58:4c:c0:d7:ed:5d:3c:e8:b6:ad:e8: 18:51:6e:5e:12:b5:c9:4e:f4:29:4b:07:86:19:4e: 88:de:f1:ee:37:88:f0:8f:f4:48:a0:47:5e:82:b9: 3c:5c:7d:0e:ae:3e:af:22:75:6e:9b:2d:41:1a:f9: fb:50:9d:c1:fd:95:61:f6:57:f4:35:7e:96:bf:6e: 0a:1c:46:bf:81:7e:26:9a:23:71:a2:23:ef:05:fe: d2:65:90:91:b4:ba:33:be:fa:d5:d5:65:32:cd:ba: 25:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C3:E2:2E:7E:88:B4:95:E9:9C:73:8D:C1:08:15:35:66:43:6A:D2:CD X509v3 Authority Key Identifier: keyid:4C:D7:1F:5A:00:50:F8:AE:64:44:C6:38:76:9B:A3:75:FD:DB:CE:19 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TNcfWgBQ-K5kRMY4dpujdf3bzhk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/278398-7339-44b2-b0b0-73a01ae5de8f/1/TNcfWgBQ-K5kRMY4dpujdf3bzhk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/278398-7339-44b2-b0b0-73a01ae5de8f/1/TNcfWgBQ-K5kRMY4dpujdf3bzhk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6a:33:6f:cb:62:9f:33:b2:e6:8f:ff:14:61:bb:ac:40:f6:78: ca:ac:ab:a4:88:37:4e:97:29:78:a2:d9:6f:9e:9d:ba:36:a8: c3:60:06:74:33:98:73:ec:78:78:31:ca:52:4a:5f:32:e8:16: f1:3b:25:d5:64:5e:57:e2:75:62:d3:9d:ba:f8:61:9e:8f:f9: 26:8f:b2:91:1c:8a:45:dc:44:60:41:71:a8:05:62:70:86:a2: e8:eb:1e:e9:15:1a:90:3b:cf:1b:f8:84:b6:97:2e:09:eb:ea: 03:71:d9:cd:8b:bf:90:9f:22:8b:25:12:2f:c1:85:ab:5e:8f: fb:88:d1:e5:56:4f:dd:b4:1a:3a:a5:3f:54:9f:05:05:ae:53: ff:40:e9:74:9c:f4:cf:b4:fa:98:d8:df:a7:fb:81:4e:6e:2a: 99:7f:7f:e3:f0:e9:6e:61:25:65:3b:55:4d:54:51:2b:4f:2f: c3:a6:d4:d3:f4:79:a0:b4:b7:2f:c7:b0:fd:a0:f6:20:19:c1: a8:03:26:b2:1b:3a:a0:42:c5:47:cc:83:73:b6:4e:00:6b:43: 99:6b:60:5b:eb:d7:59:a8:67:80:2c:20:7b:61:62:69:e3:33: 31:e0:f0:7b:ee:9c:c6:64:36:13:3f:d9:2f:66:53:c1:2b:03: fe:f8:29:00 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr0ZNWobpvIMKnWne8QlPBkMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRjZDcxZjVhMDA1MGY4YWU2NDQ0YzYzODc2OWJhMzc1ZmRk YmNlMTkwHhcNMjUxMjA2MTYwMDQwWhcNMjUxMjA3MTYwMDQwWjAzMTEwLwYDVQQD EyhjM2UyMmU3ZTg4YjQ5NWU5OWM3MzhkYzEwODE1MzU2NjQzNmFkMmNkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuvTW2pQFUTUXg/mMEpe/XhT/0w76 KMHWg0apvShN4e4wLnlfMHMoo2V72nu2/ABQYR70B+GPh+WATNzYFIfXp9AG5uA9 L79BCemiG1qhjrbL5ThvJWfq/lmvRwBnKn/q1xxbZfJ49E57u2i39sETciqx5fK3 xArmpQj18T3UdEBBg4QUmx/qPSkCYQJtbBeTS+PjkCvoXd7FWEzA1+1dPOi2regY UW5eErXJTvQpSweGGU6I3vHuN4jwj/RIoEdegrk8XH0Orj6vInVumy1BGvn7UJ3B /ZVh9lf0NX6Wv24KHEa/gX4mmiNxoiPvBf7SZZCRtLozvvrV1WUyzbolNwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMPiLn6ItJXpnHONwQgVNWZDatLNMB8GA1UdIwQY MBaAFEzXH1oAUPiuZETGOHabo3X9284ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVE5jZldnQlEtSzVrUk1ZNGRwdWpkZjNiemhrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi8yNzgzOTgtNzMzOS00NGIyLWIwYjAt NzNhMDFhZTVkZThmLzEvVE5jZldnQlEtSzVrUk1ZNGRwdWpkZjNiemhrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYi8yNzgzOTgtNzMzOS00NGIyLWIwYjAtNzNhMDFhZTVkZThm LzEvVE5jZldnQlEtSzVrUk1ZNGRwdWpkZjNiemhrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAajNvy2Kf M7Lmj/8UYbusQPZ4yqyrpIg3TpcpeKLZb56dujaow2AGdDOYc+x4eDHKUkpfMugW 8Tsl1WReV+J1YtOduvhhno/5Jo+ykRyKRdxEYEFxqAVicIai6Ose6RUakDvPG/iE tpcuCevqA3HZzYu/kJ8iiyUSL8GFq16P+4jR5VZP3bQaOqU/VJ8FBa5T/0DpdJz0 z7T6mNjfp/uBTm4qmX9/4/DpbmElZTtVTVRRK08vw6bU0/R5oLS3L8ew/aD2IBnB qAMmshs6oELFR8yDc7ZOAGtDmWtgW+vXWahngCwge2FiaeMzMeDwe+6cxmQ2Ez/Z L2ZTwSsD/vgpAA== -----END CERTIFICATE-----Generated at Sat Dec 6 18:12:28 2025 by rpki-client