This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/6f40dd-4c07-405b-a042-f9250dd79fe9/1/TNcQtlNz4NkQ2nBjb8FDwGul3aw.mft File: TNcQtlNz4NkQ2nBjb8FDwGul3aw.mft (raw, json) Hash identifier: 2Ggy2aiUv9NittEdW/kmqPyPzmGG1yaa+ZN3MDn4QOk= Subject key identifier: 01:42:05:90:4E:B5:98:A1:1C:41:8E:79:89:A1:BF:42:39:EA:DC:C8 Authority key identifier: 4C:D7:10:B6:53:73:E0:D9:10:DA:70:63:6F:C1:43:C0:6B:A5:DD:AC Certificate issuer: /CN=4cd710b65373e0d910da70636fc143c06ba5ddac Certificate serial: 019B2B8A4B873D76BC59DF2064A652C4A066 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TNcQtlNz4NkQ2nBjb8FDwGul3aw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/6f40dd-4c07-405b-a042-f9250dd79fe9/1/TNcQtlNz4NkQ2nBjb8FDwGul3aw.mft Manifest number: 16D5 Signing time: Wed 17 Dec 2025 09:00:42 +0000 Manifest this update: Wed 17 Dec 2025 09:00:42 +0000 Manifest next update: Thu 18 Dec 2025 09:00:42 +0000 Files and hashes: 1: TNcQtlNz4NkQ2nBjb8FDwGul3aw.crl (hash: dmtGYGK9VJs2gJx8wfna7JDp7StJnBnj5hOwWOj6lBc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/6f40dd-4c07-405b-a042-f9250dd79fe9/1/TNcQtlNz4NkQ2nBjb8FDwGul3aw.crl rsync://rpki.ripe.net/repository/DEFAULT/57/6f40dd-4c07-405b-a042-f9250dd79fe9/1/TNcQtlNz4NkQ2nBjb8FDwGul3aw.mft rsync://rpki.ripe.net/repository/DEFAULT/TNcQtlNz4NkQ2nBjb8FDwGul3aw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 18 Dec 2025 09:00:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2b:8a:4b:87:3d:76:bc:59:df:20:64:a6:52:c4:a0:66 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4cd710b65373e0d910da70636fc143c06ba5ddac Validity Not Before: Dec 17 09:00:42 2025 GMT Not After : Dec 18 09:00:42 2025 GMT Subject: CN=014205904eb598a11c418e7989a1bf4239eadcc8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:cf:ff:f4:b1:1f:44:a3:11:ca:41:9a:28:99: 85:98:7a:b1:21:36:37:ff:e5:9b:e4:43:dc:d7:8a: 43:f7:8b:e4:53:02:b2:75:39:bb:20:a8:d4:1d:d4: ed:8a:7b:c2:a8:60:2d:5b:1d:29:8b:c0:f3:01:08: d7:64:e2:c8:16:9e:ab:e9:f5:2f:ac:88:d7:09:97: 8d:81:76:c1:be:72:53:21:26:71:ac:98:50:24:84: fa:4e:d1:a6:68:3f:33:25:b5:c8:b3:e3:43:fc:e0: 96:7a:21:94:91:f7:de:f9:3d:42:93:29:50:a8:8e: e4:f4:5d:2f:49:c8:92:f6:f6:3e:48:5b:93:73:17: b4:cd:33:aa:59:0e:b8:c6:fd:70:bc:10:05:69:55: fd:52:13:16:18:29:a9:01:7f:f2:6d:63:6d:38:0f: 84:80:33:d1:6c:5d:90:6b:15:33:fd:ee:a3:7d:40: 7b:57:5c:ba:76:f6:12:60:52:e8:11:2d:05:ca:91: 53:a6:85:ce:c8:19:2b:6e:96:1b:60:a6:6e:a9:41: 2d:8d:49:44:38:fb:43:1d:0a:75:80:3a:86:06:0a: 09:7a:d2:00:43:81:69:a5:41:30:fc:39:d6:04:53: a6:71:92:ee:71:a4:37:ec:5f:dd:54:2b:54:7f:e8: f1:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 01:42:05:90:4E:B5:98:A1:1C:41:8E:79:89:A1:BF:42:39:EA:DC:C8 X509v3 Authority Key Identifier: keyid:4C:D7:10:B6:53:73:E0:D9:10:DA:70:63:6F:C1:43:C0:6B:A5:DD:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TNcQtlNz4NkQ2nBjb8FDwGul3aw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/6f40dd-4c07-405b-a042-f9250dd79fe9/1/TNcQtlNz4NkQ2nBjb8FDwGul3aw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/57/6f40dd-4c07-405b-a042-f9250dd79fe9/1/TNcQtlNz4NkQ2nBjb8FDwGul3aw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 21:78:be:5a:72:41:f2:0e:f6:db:ca:02:a5:db:d2:a9:ff:e2: c2:71:9b:25:2d:d5:23:52:0d:11:31:87:00:ea:ea:d5:f3:95: 7b:c6:b4:a5:2b:2f:b3:96:38:8b:4e:13:ff:e8:da:74:2b:31: af:7a:f0:c5:77:0c:84:5d:61:2a:3d:15:36:d0:13:56:9d:fc: 30:27:f7:b2:0b:0a:98:7e:a2:c4:3c:73:6d:50:06:6a:b2:b3: 20:f9:02:93:b9:58:21:a3:4d:25:3f:97:ce:23:e5:33:45:ae: a6:25:7f:e4:b6:2e:e9:21:06:5b:c5:8f:ac:75:af:b9:f3:08: 8c:be:92:b0:70:d9:ce:fc:8d:98:19:9c:b0:93:6f:c8:c4:cd: c8:82:42:23:18:c5:b7:05:70:ff:b3:15:77:24:dd:5a:a5:21: 79:cc:b0:5e:ab:51:02:00:0d:81:c6:8c:60:48:29:0a:01:85: 96:8e:f8:6c:33:ea:1d:dc:29:7a:ec:c7:a6:ad:6d:65:1f:65: d8:97:a6:70:22:da:63:6b:0f:98:8a:a4:da:11:bf:99:56:18: 2d:80:4b:53:cb:7e:21:e7:70:09:f9:22:c4:14:8e:f5:69:a7: 01:c6:0b:2b:13:21:48:72:ff:4f:19:e1:a3:0c:c9:c1:89:f0: 02:0d:0f:ca -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsrikuHPXa8Wd8gZKZSxKBmMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRjZDcxMGI2NTM3M2UwZDkxMGRhNzA2MzZmYzE0M2MwNmJh NWRkYWMwHhcNMjUxMjE3MDkwMDQyWhcNMjUxMjE4MDkwMDQyWjAzMTEwLwYDVQQD EygwMTQyMDU5MDRlYjU5OGExMWM0MThlNzk4OWExYmY0MjM5ZWFkY2M4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq8//9LEfRKMRykGaKJmFmHqxITY3 /+Wb5EPc14pD94vkUwKydTm7IKjUHdTtinvCqGAtWx0pi8DzAQjXZOLIFp6r6fUv rIjXCZeNgXbBvnJTISZxrJhQJIT6TtGmaD8zJbXIs+ND/OCWeiGUkffe+T1CkylQ qI7k9F0vSciS9vY+SFuTcxe0zTOqWQ64xv1wvBAFaVX9UhMWGCmpAX/ybWNtOA+E gDPRbF2QaxUz/e6jfUB7V1y6dvYSYFLoES0FypFTpoXOyBkrbpYbYKZuqUEtjUlE OPtDHQp1gDqGBgoJetIAQ4FppUEw/DnWBFOmcZLucaQ37F/dVCtUf+jx8wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAFCBZBOtZihHEGOeYmhv0I56tzIMB8GA1UdIwQY MBaAFEzXELZTc+DZENpwY2/BQ8Brpd2sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVE5jUXRsTno0TmtRMm5CamI4RkR3R3VsM2F3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny82ZjQwZGQtNGMwNy00MDViLWEwNDIt ZjkyNTBkZDc5ZmU5LzEvVE5jUXRsTno0TmtRMm5CamI4RkR3R3VsM2F3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Ny82ZjQwZGQtNGMwNy00MDViLWEwNDItZjkyNTBkZDc5ZmU5 LzEvVE5jUXRsTno0TmtRMm5CamI4RkR3R3VsM2F3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIXi+WnJB 8g7228oCpdvSqf/iwnGbJS3VI1INETGHAOrq1fOVe8a0pSsvs5Y4i04T/+jadCsx r3rwxXcMhF1hKj0VNtATVp38MCf3sgsKmH6ixDxzbVAGarKzIPkCk7lYIaNNJT+X ziPlM0WupiV/5LYu6SEGW8WPrHWvufMIjL6SsHDZzvyNmBmcsJNvyMTNyIJCIxjF twVw/7MVdyTdWqUhecywXqtRAgANgcaMYEgpCgGFlo74bDPqHdwpeuzHpq1tZR9l 2JemcCLaY2sPmIqk2hG/mVYYLYBLU8t+IedwCfkixBSO9WmnAcYLKxMhSHL/Txnh owzJwYnwAg0Pyg== -----END CERTIFICATE-----Generated at Wed Dec 17 17:47:24 2025 by rpki-client