This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/d885bb-a3dc-4390-bf24-103b17d3eb45/1/TTaHdCvs89CAgu0S6fNHC4LafP8.mft File: TTaHdCvs89CAgu0S6fNHC4LafP8.mft (raw, json) Hash identifier: Vv7PO3fRr7MAiQSOwl8O+szfgQzRv31G4RHQaGHbOKI= Subject key identifier: 0E:9E:41:03:E2:ED:B3:0A:61:BB:9B:5C:A8:A7:1D:17:91:52:D5:24 Authority key identifier: 4D:36:87:74:2B:EC:F3:D0:80:82:ED:12:E9:F3:47:0B:82:DA:7C:FF Certificate issuer: /CN=4d3687742becf3d08082ed12e9f3470b82da7cff Certificate serial: 019AF3F7CB481DD80F427A580A772EDCB97D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TTaHdCvs89CAgu0S6fNHC4LafP8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/d885bb-a3dc-4390-bf24-103b17d3eb45/1/TTaHdCvs89CAgu0S6fNHC4LafP8.mft Manifest number: 0E44 Signing time: Sat 06 Dec 2025 14:01:34 +0000 Manifest this update: Sat 06 Dec 2025 14:01:34 +0000 Manifest next update: Sun 07 Dec 2025 14:01:34 +0000 Files and hashes: 1: TTaHdCvs89CAgu0S6fNHC4LafP8.crl (hash: nw2ts8uYXq7oQq/carA04iGfYAm9uB/4xl38p+0TBLk=) 2: ehQIMYmYwJQIMwezxzrnCxQWXrQ.roa (hash: K5j8O7wSUuuth3uj2946HM7L4q3WosF43ObE+K/eL8k=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/d885bb-a3dc-4390-bf24-103b17d3eb45/1/TTaHdCvs89CAgu0S6fNHC4LafP8.crl rsync://rpki.ripe.net/repository/DEFAULT/57/d885bb-a3dc-4390-bf24-103b17d3eb45/1/TTaHdCvs89CAgu0S6fNHC4LafP8.mft rsync://rpki.ripe.net/repository/DEFAULT/TTaHdCvs89CAgu0S6fNHC4LafP8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:f7:cb:48:1d:d8:0f:42:7a:58:0a:77:2e:dc:b9:7d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4d3687742becf3d08082ed12e9f3470b82da7cff Validity Not Before: Dec 6 14:01:34 2025 GMT Not After : Dec 7 14:01:34 2025 GMT Subject: CN=0e9e4103e2edb30a61bb9b5ca8a71d179152d524 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:72:18:a1:a3:09:e0:d6:50:59:3d:31:39:a9: 1a:89:6c:05:82:f2:ab:b6:c0:84:e9:6d:6b:ca:53: a1:91:51:62:01:b7:c1:5e:b3:f9:9d:fb:b3:a6:b2: be:80:4c:54:23:99:78:35:fc:91:49:68:5c:e5:8d: 24:6a:f1:7a:e5:91:a5:bc:e4:f8:96:e9:6b:17:c9: f6:ca:ed:9d:3f:25:42:b1:aa:ef:d2:3d:2f:cb:5a: bf:96:31:f0:b0:b8:63:02:1d:87:48:ec:a9:f4:08: b4:0c:79:31:dd:61:c8:b6:52:00:82:94:8d:0c:03: be:43:b0:09:5a:c9:0a:6a:5f:1e:a8:21:96:29:68: 0f:5b:2c:9b:94:11:de:97:3f:0c:42:ac:65:ca:ec: 17:c0:9c:cb:1e:5d:0a:b9:bc:57:bf:85:08:7d:90: 0c:f2:3f:4e:6c:8c:b8:fa:de:fd:8c:7a:37:15:83: c7:0b:2f:dc:76:29:c4:e5:b8:54:0c:c5:94:c2:e1: 37:83:3a:42:74:34:36:a0:b9:19:2f:e4:34:8f:68: e6:d3:ee:17:9f:8f:b6:f0:87:54:e5:66:26:41:d5: 89:84:23:e3:b4:1d:96:fa:4e:1b:d6:6c:a3:a7:16: ea:cc:72:ae:5a:be:37:25:3a:20:64:cd:b3:84:f7: 74:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0E:9E:41:03:E2:ED:B3:0A:61:BB:9B:5C:A8:A7:1D:17:91:52:D5:24 X509v3 Authority Key Identifier: keyid:4D:36:87:74:2B:EC:F3:D0:80:82:ED:12:E9:F3:47:0B:82:DA:7C:FF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TTaHdCvs89CAgu0S6fNHC4LafP8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/d885bb-a3dc-4390-bf24-103b17d3eb45/1/TTaHdCvs89CAgu0S6fNHC4LafP8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/57/d885bb-a3dc-4390-bf24-103b17d3eb45/1/TTaHdCvs89CAgu0S6fNHC4LafP8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption c9:3d:88:c7:93:5c:cc:9e:d6:d6:81:6d:2e:05:2c:21:6d:bf: cc:6e:ed:be:4d:c5:75:a4:f5:61:65:30:69:6c:07:75:f4:c7: 53:52:e7:21:73:79:6e:27:7f:00:e6:c0:75:b0:cc:a4:c4:56: 8a:81:9b:d3:42:2a:eb:f3:fd:e7:ac:03:d9:c8:70:15:ce:b1: 52:ba:4d:54:1b:dd:4f:63:9f:87:55:0f:9f:df:e7:85:51:4e: 9c:e2:7b:bd:9e:46:94:5f:e4:20:77:27:0f:4c:17:2f:0d:4d: 52:30:ca:ff:68:eb:a1:3f:e3:f1:a6:3d:0f:60:e6:11:4a:a0: 04:61:15:98:89:cf:5a:83:c5:7c:4c:43:bd:15:f0:69:0a:ac: 0c:3e:73:6a:fc:fc:ac:40:da:96:36:63:1a:ec:03:0e:a6:1d: ba:fb:fe:df:69:87:cd:dd:9d:f3:8a:8d:4b:ac:ff:72:c9:72: d3:d3:55:82:8a:c3:c3:1e:57:2f:91:0b:bb:8d:32:db:63:87: da:ee:5f:f8:3d:a5:81:f1:61:08:e4:5d:38:8c:2b:1b:ca:ae: 85:40:81:e5:b6:af:40:fc:a3:ea:f1:89:ee:33:16:6b:e1:ee: 7c:cf:b7:74:14:a5:42:1a:96:44:9d:81:62:dd:72:d5:d8:f6: 43:76:85:83 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrz98tIHdgPQnpYCncu3Ll9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRkMzY4Nzc0MmJlY2YzZDA4MDgyZWQxMmU5ZjM0NzBiODJk YTdjZmYwHhcNMjUxMjA2MTQwMTM0WhcNMjUxMjA3MTQwMTM0WjAzMTEwLwYDVQQD EygwZTllNDEwM2UyZWRiMzBhNjFiYjliNWNhOGE3MWQxNzkxNTJkNTI0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw3IYoaMJ4NZQWT0xOakaiWwFgvKr tsCE6W1rylOhkVFiAbfBXrP5nfuzprK+gExUI5l4NfyRSWhc5Y0kavF65ZGlvOT4 lulrF8n2yu2dPyVCsarv0j0vy1q/ljHwsLhjAh2HSOyp9Ai0DHkx3WHItlIAgpSN DAO+Q7AJWskKal8eqCGWKWgPWyyblBHelz8MQqxlyuwXwJzLHl0KubxXv4UIfZAM 8j9ObIy4+t79jHo3FYPHCy/cdinE5bhUDMWUwuE3gzpCdDQ2oLkZL+Q0j2jm0+4X n4+28IdU5WYmQdWJhCPjtB2W+k4b1myjpxbqzHKuWr43JTogZM2zhPd0iQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFA6eQQPi7bMKYbubXKinHReRUtUkMB8GA1UdIwQY MBaAFE02h3Qr7PPQgILtEunzRwuC2nz/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVFRhSGRDdnM4OUNBZ3UwUzZmTkhDNExhZlA4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9kODg1YmItYTNkYy00MzkwLWJmMjQt MTAzYjE3ZDNlYjQ1LzEvVFRhSGRDdnM4OUNBZ3UwUzZmTkhDNExhZlA4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Ny9kODg1YmItYTNkYy00MzkwLWJmMjQtMTAzYjE3ZDNlYjQ1 LzEvVFRhSGRDdnM4OUNBZ3UwUzZmTkhDNExhZlA4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAyT2Ix5Nc zJ7W1oFtLgUsIW2/zG7tvk3FdaT1YWUwaWwHdfTHU1LnIXN5bid/AObAdbDMpMRW ioGb00Iq6/P956wD2chwFc6xUrpNVBvdT2Ofh1UPn9/nhVFOnOJ7vZ5GlF/kIHcn D0wXLw1NUjDK/2jroT/j8aY9D2DmEUqgBGEVmInPWoPFfExDvRXwaQqsDD5zavz8 rEDaljZjGuwDDqYduvv+32mHzd2d84qNS6z/csly09NVgorDwx5XL5ELu40y22OH 2u5f+D2lgfFhCORdOIwrG8quhUCB5bavQPyj6vGJ7jMWa+HufM+3dBSlQhqWRJ2B Yt1y1dj2Q3aFgw== -----END CERTIFICATE-----Generated at Sat Dec 6 18:45:40 2025 by rpki-client