This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/6f40dd-4c07-405b-a042-f9250dd79fe9/1/TNcQtlNz4NkQ2nBjb8FDwGul3aw.mft File: TNcQtlNz4NkQ2nBjb8FDwGul3aw.mft (raw, json) Hash identifier: A+N49GGXFZxQy941iGsfq4uLFspZVADjIVOE4j5eCIU= Subject key identifier: D4:18:C9:D0:B8:24:03:71:51:6D:06:AA:0B:9E:7B:58:4C:C4:FC:CE Authority key identifier: 4C:D7:10:B6:53:73:E0:D9:10:DA:70:63:6F:C1:43:C0:6B:A5:DD:AC Certificate issuer: /CN=4cd710b65373e0d910da70636fc143c06ba5ddac Certificate serial: 019AF19B61DA70BADC2EF847731861FF4BCD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TNcQtlNz4NkQ2nBjb8FDwGul3aw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/6f40dd-4c07-405b-a042-f9250dd79fe9/1/TNcQtlNz4NkQ2nBjb8FDwGul3aw.mft Manifest number: 16B7 Signing time: Sat 06 Dec 2025 03:01:23 +0000 Manifest this update: Sat 06 Dec 2025 03:01:23 +0000 Manifest next update: Sun 07 Dec 2025 03:01:23 +0000 Files and hashes: 1: TNcQtlNz4NkQ2nBjb8FDwGul3aw.crl (hash: wkU2mhlrXZ0eCXxe8oA4iMz+I+kngDyYxWJAdZ7Asxg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/6f40dd-4c07-405b-a042-f9250dd79fe9/1/TNcQtlNz4NkQ2nBjb8FDwGul3aw.crl rsync://rpki.ripe.net/repository/DEFAULT/57/6f40dd-4c07-405b-a042-f9250dd79fe9/1/TNcQtlNz4NkQ2nBjb8FDwGul3aw.mft rsync://rpki.ripe.net/repository/DEFAULT/TNcQtlNz4NkQ2nBjb8FDwGul3aw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:9b:61:da:70:ba:dc:2e:f8:47:73:18:61:ff:4b:cd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4cd710b65373e0d910da70636fc143c06ba5ddac Validity Not Before: Dec 6 03:01:23 2025 GMT Not After : Dec 7 03:01:23 2025 GMT Subject: CN=d418c9d0b8240371516d06aa0b9e7b584cc4fcce Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:0b:f6:1c:71:cd:d0:83:34:0e:15:68:93:9e: 9d:41:07:70:de:f0:e2:2a:a6:34:06:e5:cd:e7:6e: 55:1a:e2:07:0e:eb:d7:56:cc:c5:c2:83:1f:b9:24: e0:27:18:fd:5b:61:e9:32:66:34:94:e6:7b:98:de: 44:43:67:eb:18:83:c3:41:8b:52:9f:cc:02:3f:57: bf:b0:76:5b:e6:a2:0a:78:a4:61:c3:36:ef:5b:97: 98:cb:30:0a:af:6b:9e:e7:25:8a:63:57:6a:b7:9f: da:63:23:33:7b:1c:34:bf:80:79:81:83:9e:be:43: a2:a6:49:9d:ba:c4:78:91:a3:22:71:56:9c:7c:08: 03:ba:38:03:44:de:c4:4b:65:3b:80:18:3c:4e:21: a2:f8:25:a8:db:a9:72:e6:4c:19:b8:37:a3:a8:51: 22:01:5d:b3:bd:27:15:be:21:72:4e:54:f3:01:9b: 82:a1:3a:3d:c0:db:d3:0b:62:ee:7a:9e:aa:51:0a: 6a:c1:8a:0e:c8:6c:8f:01:73:b2:7a:f5:43:1a:08: ff:c5:4c:f9:8b:ab:44:95:97:62:08:c9:71:27:fe: 42:3d:ec:e2:98:34:b2:28:60:9e:2d:e7:06:2f:75: 66:f9:40:dd:0b:39:89:95:22:df:84:08:e7:f4:6f: 08:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:18:C9:D0:B8:24:03:71:51:6D:06:AA:0B:9E:7B:58:4C:C4:FC:CE X509v3 Authority Key Identifier: keyid:4C:D7:10:B6:53:73:E0:D9:10:DA:70:63:6F:C1:43:C0:6B:A5:DD:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TNcQtlNz4NkQ2nBjb8FDwGul3aw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/6f40dd-4c07-405b-a042-f9250dd79fe9/1/TNcQtlNz4NkQ2nBjb8FDwGul3aw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/57/6f40dd-4c07-405b-a042-f9250dd79fe9/1/TNcQtlNz4NkQ2nBjb8FDwGul3aw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 96:85:63:b3:41:59:41:0c:45:75:d2:1a:48:15:76:ea:11:31: 12:ae:e4:1f:b2:3d:b8:d0:ae:90:32:e6:de:54:79:e8:f1:31: 07:84:de:4c:6e:42:50:4d:51:36:a2:39:7b:68:7a:9c:cb:9a: 4a:84:78:b7:aa:09:39:e5:0c:01:95:20:f3:5e:ec:84:59:1a: fb:52:96:5e:4e:a5:bb:61:b8:29:6d:f0:7b:23:2c:58:4a:08: d0:c1:7c:65:19:31:97:f9:9e:e3:37:e1:b4:c6:3a:e9:fc:0c: f2:5e:00:4f:7b:f2:cc:b9:c0:0f:77:4e:ff:3b:ce:66:7e:14: 55:f3:7b:90:b7:64:18:c1:e3:44:94:6f:6e:84:99:6e:fe:c5: db:71:d9:d8:45:74:32:ec:46:21:b0:5d:74:62:de:00:8d:d6: 7a:f0:1d:ca:34:f8:92:75:56:ac:23:67:9a:0a:cb:53:9c:28: c9:65:89:21:81:db:98:db:f6:cb:34:a8:09:8a:74:a6:0a:62: 8b:07:26:48:dd:97:36:e6:9d:7d:03:0c:76:8f:d1:91:8f:13: d9:30:97:b2:51:72:5d:12:38:ba:d9:e8:a3:9b:3f:8f:17:27: cf:fb:64:82:66:52:26:b7:d1:b4:8b:d4:85:19:2c:9b:cd:a3: da:9a:b6:d0 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxm2HacLrcLvhHcxhh/0vNMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRjZDcxMGI2NTM3M2UwZDkxMGRhNzA2MzZmYzE0M2MwNmJh NWRkYWMwHhcNMjUxMjA2MDMwMTIzWhcNMjUxMjA3MDMwMTIzWjAzMTEwLwYDVQQD EyhkNDE4YzlkMGI4MjQwMzcxNTE2ZDA2YWEwYjllN2I1ODRjYzRmY2NlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArQv2HHHN0IM0DhVok56dQQdw3vDi KqY0BuXN525VGuIHDuvXVszFwoMfuSTgJxj9W2HpMmY0lOZ7mN5EQ2frGIPDQYtS n8wCP1e/sHZb5qIKeKRhwzbvW5eYyzAKr2ue5yWKY1dqt5/aYyMzexw0v4B5gYOe vkOipkmdusR4kaMicVacfAgDujgDRN7ES2U7gBg8TiGi+CWo26ly5kwZuDejqFEi AV2zvScVviFyTlTzAZuCoTo9wNvTC2Luep6qUQpqwYoOyGyPAXOyevVDGgj/xUz5 i6tElZdiCMlxJ/5CPezimDSyKGCeLecGL3Vm+UDdCzmJlSLfhAjn9G8IKQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNQYydC4JANxUW0Gqguee1hMxPzOMB8GA1UdIwQY MBaAFEzXELZTc+DZENpwY2/BQ8Brpd2sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVE5jUXRsTno0TmtRMm5CamI4RkR3R3VsM2F3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny82ZjQwZGQtNGMwNy00MDViLWEwNDIt ZjkyNTBkZDc5ZmU5LzEvVE5jUXRsTno0TmtRMm5CamI4RkR3R3VsM2F3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Ny82ZjQwZGQtNGMwNy00MDViLWEwNDItZjkyNTBkZDc5ZmU5 LzEvVE5jUXRsTno0TmtRMm5CamI4RkR3R3VsM2F3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAloVjs0FZ QQxFddIaSBV26hExEq7kH7I9uNCukDLm3lR56PExB4TeTG5CUE1RNqI5e2h6nMua SoR4t6oJOeUMAZUg817shFka+1KWXk6lu2G4KW3weyMsWEoI0MF8ZRkxl/me4zfh tMY66fwM8l4AT3vyzLnAD3dO/zvOZn4UVfN7kLdkGMHjRJRvboSZbv7F23HZ2EV0 MuxGIbBddGLeAI3WevAdyjT4knVWrCNnmgrLU5woyWWJIYHbmNv2yzSoCYp0pgpi iwcmSN2XNuadfQMMdo/RkY8T2TCXslFyXRI4utnoo5s/jxcnz/tkgmZSJrfRtIvU hRksm82j2pq20A== -----END CERTIFICATE-----Generated at Sat Dec 6 09:58:02 2025 by rpki-client