This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/f541d1-5cf9-4481-8a07-3a5b3696817d/1/TYEGKSpQrK_qaBfLoczmd6J34OE.mft File: TYEGKSpQrK_qaBfLoczmd6J34OE.mft (raw, json) Hash identifier: EjsYf85hC9XQns51j23hMDxCt+lNJSMr1hCvu6D/VUQ= Subject key identifier: C9:48:BA:9C:14:2E:A4:D9:A5:DA:4E:57:2C:F5:33:B4:4B:83:85:83 Authority key identifier: 4D:81:06:29:2A:50:AC:AF:EA:68:17:CB:A1:CC:E6:77:A2:77:E0:E1 Certificate issuer: /CN=4d8106292a50acafea6817cba1cce677a277e0e1 Certificate serial: 019AF42E28828EAE94F1B130DF5273A400A6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TYEGKSpQrK_qaBfLoczmd6J34OE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/f541d1-5cf9-4481-8a07-3a5b3696817d/1/TYEGKSpQrK_qaBfLoczmd6J34OE.mft Manifest number: 05D6 Signing time: Sat 06 Dec 2025 15:00:56 +0000 Manifest this update: Sat 06 Dec 2025 15:00:56 +0000 Manifest next update: Sun 07 Dec 2025 15:00:56 +0000 Files and hashes: 1: TYEGKSpQrK_qaBfLoczmd6J34OE.crl (hash: lE79WfC9Bdm+0Mr++T0Nc8yYqRzTXbjWM+wchHdlf0s=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/f541d1-5cf9-4481-8a07-3a5b3696817d/1/TYEGKSpQrK_qaBfLoczmd6J34OE.crl rsync://rpki.ripe.net/repository/DEFAULT/5c/f541d1-5cf9-4481-8a07-3a5b3696817d/1/TYEGKSpQrK_qaBfLoczmd6J34OE.mft rsync://rpki.ripe.net/repository/DEFAULT/TYEGKSpQrK_qaBfLoczmd6J34OE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f4:2e:28:82:8e:ae:94:f1:b1:30:df:52:73:a4:00:a6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4d8106292a50acafea6817cba1cce677a277e0e1 Validity Not Before: Dec 6 15:00:56 2025 GMT Not After : Dec 7 15:00:56 2025 GMT Subject: CN=c948ba9c142ea4d9a5da4e572cf533b44b838583 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:a3:a8:4f:db:f2:b3:bb:c0:eb:d9:00:3a:e1: b3:28:09:ed:27:4b:7f:1b:76:93:41:c4:d2:be:68: ab:d8:06:8c:48:e3:0d:de:b3:2b:7b:67:66:b2:5e: 5f:63:5b:f9:e2:a7:e5:0c:bf:f6:ba:59:d4:70:c2: 68:4b:e2:e2:29:18:21:13:7d:aa:18:02:ae:da:bd: 68:51:70:7c:88:78:d0:da:a2:69:cd:a2:97:f9:60: 8d:10:b2:01:a3:0a:bf:d7:d5:e7:48:8a:58:11:ee: f9:fe:cf:aa:a8:57:0c:40:5e:5f:b2:f4:e9:fc:71: c7:eb:f7:94:63:55:cb:7b:fa:ad:39:b3:c8:b6:78: 71:47:5d:8f:b4:61:18:10:1f:7a:01:70:c5:3b:d1: 0c:6d:6c:a2:fb:3c:10:b5:e0:02:e3:72:19:fd:96: a5:a6:e6:36:c1:df:77:e4:f2:8e:9c:3c:b6:48:00: 80:67:7f:c3:06:ea:87:da:6e:10:e7:3f:12:db:72: 4b:7b:6f:04:d3:b5:29:fd:90:b7:e9:4c:64:77:bf: c6:7f:31:9a:2b:73:92:9f:e4:81:e5:45:25:3a:e0: 5f:01:d0:31:6a:e2:2a:93:f7:af:3d:dc:0f:3d:33: aa:3a:25:6d:af:87:d0:eb:91:69:02:28:78:72:fc: 2a:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C9:48:BA:9C:14:2E:A4:D9:A5:DA:4E:57:2C:F5:33:B4:4B:83:85:83 X509v3 Authority Key Identifier: keyid:4D:81:06:29:2A:50:AC:AF:EA:68:17:CB:A1:CC:E6:77:A2:77:E0:E1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TYEGKSpQrK_qaBfLoczmd6J34OE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f541d1-5cf9-4481-8a07-3a5b3696817d/1/TYEGKSpQrK_qaBfLoczmd6J34OE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f541d1-5cf9-4481-8a07-3a5b3696817d/1/TYEGKSpQrK_qaBfLoczmd6J34OE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3d:38:73:82:19:7f:a3:67:e9:9f:20:ee:62:80:1a:2f:73:96: 11:8f:b6:3b:1e:60:1d:d6:74:94:bb:ff:d7:58:36:70:b5:f9: 9b:b3:2e:d2:fb:e2:90:89:70:d0:77:e3:8d:13:ec:1e:05:09: f1:f3:11:48:c4:a8:0f:b2:8a:25:d9:6d:fb:42:9a:4d:c8:a4: 87:51:93:73:a8:00:98:f8:ef:da:4e:94:13:44:2f:2f:8d:3e: 57:4d:79:e4:97:e6:c2:2b:fd:a6:2d:5c:14:71:5b:24:d0:72: f3:b2:a0:d6:7e:80:01:b6:ea:49:bb:c5:59:1b:64:e0:9f:78: dc:69:cd:a4:df:64:cb:2b:14:37:22:09:fa:3e:6f:06:1c:ba: 5a:7d:34:83:41:54:42:a0:5b:15:52:ec:b8:4e:3f:aa:fa:6f: 7d:31:19:9c:be:f2:dc:8b:ae:15:a8:86:fd:19:c2:3f:b7:6c: 1a:ed:20:60:97:c8:4a:7b:6a:c9:a1:f4:93:f8:2c:c2:4f:ae: 2b:83:67:08:2d:9f:fc:3d:e3:ad:17:78:9e:f4:a7:81:7f:d8: 2d:6b:78:df:de:ef:58:7d:ec:07:4b:c4:26:51:a7:04:3d:91: c5:62:c1:be:6f:83:23:42:8b:72:19:8c:7b:bb:80:4f:8e:32: 9c:29:cf:b7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr0LiiCjq6U8bEw31JzpACmMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRkODEwNjI5MmE1MGFjYWZlYTY4MTdjYmExY2NlNjc3YTI3 N2UwZTEwHhcNMjUxMjA2MTUwMDU2WhcNMjUxMjA3MTUwMDU2WjAzMTEwLwYDVQQD EyhjOTQ4YmE5YzE0MmVhNGQ5YTVkYTRlNTcyY2Y1MzNiNDRiODM4NTgzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1qOoT9vys7vA69kAOuGzKAntJ0t/ G3aTQcTSvmir2AaMSOMN3rMre2dmsl5fY1v54qflDL/2ulnUcMJoS+LiKRghE32q GAKu2r1oUXB8iHjQ2qJpzaKX+WCNELIBowq/19XnSIpYEe75/s+qqFcMQF5fsvTp /HHH6/eUY1XLe/qtObPItnhxR12PtGEYEB96AXDFO9EMbWyi+zwQteAC43IZ/Zal puY2wd935PKOnDy2SACAZ3/DBuqH2m4Q5z8S23JLe28E07Up/ZC36Uxkd7/GfzGa K3OSn+SB5UUlOuBfAdAxauIqk/evPdwPPTOqOiVtr4fQ65FpAih4cvwq8QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMlIupwULqTZpdpOVyz1M7RLg4WDMB8GA1UdIwQY MBaAFE2BBikqUKyv6mgXy6HM5neid+DhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVFlFR0tTcFFyS19xYUJmTG9jem1kNkozNE9FLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9mNTQxZDEtNWNmOS00NDgxLThhMDct M2E1YjM2OTY4MTdkLzEvVFlFR0tTcFFyS19xYUJmTG9jem1kNkozNE9FLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Yy9mNTQxZDEtNWNmOS00NDgxLThhMDctM2E1YjM2OTY4MTdk LzEvVFlFR0tTcFFyS19xYUJmTG9jem1kNkozNE9FLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPThzghl/ o2fpnyDuYoAaL3OWEY+2Ox5gHdZ0lLv/11g2cLX5m7Mu0vvikIlw0HfjjRPsHgUJ 8fMRSMSoD7KKJdlt+0KaTcikh1GTc6gAmPjv2k6UE0QvL40+V0155Jfmwiv9pi1c FHFbJNBy87Kg1n6AAbbqSbvFWRtk4J943GnNpN9kyysUNyIJ+j5vBhy6Wn00g0FU QqBbFVLsuE4/qvpvfTEZnL7y3IuuFaiG/RnCP7dsGu0gYJfISntqyaH0k/gswk+u K4NnCC2f/D3jrRd4nvSngX/YLWt4397vWH3sB0vEJlGnBD2RxWLBvm+DI0KLchmM e7uAT44ynCnPtw== -----END CERTIFICATE-----Generated at Sat Dec 6 17:31:19 2025 by rpki-client