This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/6a9378-2fa7-482d-8c7c-69ca4cb65f97/1/TNkIkaeTL3NWqAMznaDM32OtLTU.mft File: TNkIkaeTL3NWqAMznaDM32OtLTU.mft (raw, json) Hash identifier: sIBbDMJudXLO3pCavCMuK6S4srmLGnynEL6j8Om785E= Subject key identifier: A7:B3:EC:95:AC:C4:B9:94:63:5A:10:38:61:74:5B:31:40:A8:50:71 Authority key identifier: 4C:D9:08:91:A7:93:2F:73:56:A8:03:33:9D:A0:CC:DF:63:AD:2D:35 Certificate issuer: /CN=4cd90891a7932f7356a803339da0ccdf63ad2d35 Certificate serial: 019AF2091257811564371914C82C4AB8F08E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TNkIkaeTL3NWqAMznaDM32OtLTU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/6a9378-2fa7-482d-8c7c-69ca4cb65f97/1/TNkIkaeTL3NWqAMznaDM32OtLTU.mft Manifest number: 024C Signing time: Sat 06 Dec 2025 05:01:11 +0000 Manifest this update: Sat 06 Dec 2025 05:01:11 +0000 Manifest next update: Sun 07 Dec 2025 05:01:11 +0000 Files and hashes: 1: GPp0CA4dJEmXPt3FvKOuB6Y1Ajo.roa (hash: /WVZb52tGGnvS1Lpmu++5VCxojp2nMgaocCDFVDfPQY=) 2: TNkIkaeTL3NWqAMznaDM32OtLTU.crl (hash: aNuCCEm16cDL+DpMBOXQTrHa9P6/IU0uUwKbxA/aSLo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5e/6a9378-2fa7-482d-8c7c-69ca4cb65f97/1/TNkIkaeTL3NWqAMznaDM32OtLTU.crl rsync://rpki.ripe.net/repository/DEFAULT/5e/6a9378-2fa7-482d-8c7c-69ca4cb65f97/1/TNkIkaeTL3NWqAMznaDM32OtLTU.mft rsync://rpki.ripe.net/repository/DEFAULT/TNkIkaeTL3NWqAMznaDM32OtLTU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:09:12:57:81:15:64:37:19:14:c8:2c:4a:b8:f0:8e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4cd90891a7932f7356a803339da0ccdf63ad2d35 Validity Not Before: Dec 6 05:01:11 2025 GMT Not After : Dec 7 05:01:11 2025 GMT Subject: CN=a7b3ec95acc4b994635a103861745b3140a85071 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f2:fa:22:5e:3a:d7:a9:62:1a:69:e4:3e:b0:45: 76:fc:af:00:f7:b4:b7:31:fc:ec:0a:26:ac:80:12: 4f:54:5c:49:87:dc:01:72:9d:e8:4d:7b:c6:af:e2: 2f:74:94:58:59:f2:0a:74:44:b6:29:7a:16:fb:8a: bb:55:62:c1:0e:c1:da:b5:65:5b:fe:b3:d4:50:86: d6:fd:8f:b5:85:51:c1:4b:02:62:2d:a8:f8:9f:d9: 3d:7f:ca:f2:47:fe:7f:5a:c0:f9:15:a5:23:da:3c: ba:6e:1f:52:e0:58:fa:fa:af:74:3c:23:4e:ab:ae: dd:90:f6:e6:27:02:11:08:83:ad:11:35:e7:7a:b9: f8:f6:fc:53:05:d6:7d:95:a2:0f:83:a9:71:01:ac: 5b:1a:16:30:e8:f4:e8:72:14:05:75:56:b5:d0:fd: 4a:21:c7:e1:7b:e2:df:d1:69:04:3f:99:c5:2e:4d: 81:98:ed:32:a0:ee:e5:72:5a:fc:30:70:ae:0c:b3: 0c:f9:7a:ee:70:06:2e:9b:4c:02:09:2b:a2:d4:c4: 23:17:6e:eb:1c:c6:32:9d:f6:7a:de:c0:d6:df:20: d9:c1:26:03:bb:c6:8e:da:fb:76:47:59:0f:6e:b1: 3d:11:4b:a2:c7:bc:4f:2e:ca:44:63:8f:e0:6b:5e: 6c:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A7:B3:EC:95:AC:C4:B9:94:63:5A:10:38:61:74:5B:31:40:A8:50:71 X509v3 Authority Key Identifier: keyid:4C:D9:08:91:A7:93:2F:73:56:A8:03:33:9D:A0:CC:DF:63:AD:2D:35 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TNkIkaeTL3NWqAMznaDM32OtLTU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/6a9378-2fa7-482d-8c7c-69ca4cb65f97/1/TNkIkaeTL3NWqAMznaDM32OtLTU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/6a9378-2fa7-482d-8c7c-69ca4cb65f97/1/TNkIkaeTL3NWqAMznaDM32OtLTU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 77:4e:39:30:d7:43:8c:8e:6b:2c:21:49:68:b9:49:79:09:b4: c0:30:50:6b:b3:32:28:f1:58:fb:e6:3e:1b:ff:72:06:e9:0e: 9d:91:de:de:12:3a:9c:06:e9:32:71:c3:7b:74:7a:66:1e:50: c0:cf:98:45:1b:10:97:2a:9f:54:92:e9:47:7b:3c:e2:c3:91: 01:e6:d2:48:83:6e:36:02:b1:20:af:0e:60:e0:5c:02:02:bf: df:40:d0:e4:cf:10:44:1c:28:f2:b7:8c:06:28:24:33:5d:e3: 31:2e:d2:0b:d8:d4:db:b9:18:d9:a2:25:37:39:b1:6c:99:a9: ca:66:8b:ef:95:a4:b4:6d:4c:4a:d1:15:db:0e:7b:05:d5:49: 8f:ce:65:75:24:10:d1:57:e2:9b:ca:68:0f:c3:a7:9f:1e:98: fd:c7:b0:51:be:30:91:20:09:7e:88:55:97:4f:02:b5:23:61: 85:24:e9:98:92:f5:23:b3:25:c2:50:b7:10:bd:81:e0:50:d3: ab:f3:ce:8d:da:d4:64:2f:2c:cc:97:76:20:10:68:34:ab:06: b1:f0:96:5c:8b:ba:64:ce:ed:19:b0:d3:ef:68:58:8b:60:20: ff:f8:73:88:f8:d2:7b:1a:4f:83:f6:39:6b:b2:44:6b:66:f9: 84:6b:be:fc -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryCRJXgRVkNxkUyCxKuPCOMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRjZDkwODkxYTc5MzJmNzM1NmE4MDMzMzlkYTBjY2RmNjNh ZDJkMzUwHhcNMjUxMjA2MDUwMTExWhcNMjUxMjA3MDUwMTExWjAzMTEwLwYDVQQD EyhhN2IzZWM5NWFjYzRiOTk0NjM1YTEwMzg2MTc0NWIzMTQwYTg1MDcxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8voiXjrXqWIaaeQ+sEV2/K8A97S3 MfzsCiasgBJPVFxJh9wBcp3oTXvGr+IvdJRYWfIKdES2KXoW+4q7VWLBDsHatWVb /rPUUIbW/Y+1hVHBSwJiLaj4n9k9f8ryR/5/WsD5FaUj2jy6bh9S4Fj6+q90PCNO q67dkPbmJwIRCIOtETXnern49vxTBdZ9laIPg6lxAaxbGhYw6PTochQFdVa10P1K Icfhe+Lf0WkEP5nFLk2BmO0yoO7lclr8MHCuDLMM+XrucAYum0wCCSui1MQjF27r HMYynfZ63sDW3yDZwSYDu8aO2vt2R1kPbrE9EUuix7xPLspEY4/ga15sQQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKez7JWsxLmUY1oQOGF0WzFAqFBxMB8GA1UdIwQY MBaAFEzZCJGnky9zVqgDM52gzN9jrS01MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVE5rSWthZVRMM05XcUFNem5hRE0zMk90TFRVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS82YTkzNzgtMmZhNy00ODJkLThjN2Mt NjljYTRjYjY1Zjk3LzEvVE5rSWthZVRMM05XcUFNem5hRE0zMk90TFRVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81ZS82YTkzNzgtMmZhNy00ODJkLThjN2MtNjljYTRjYjY1Zjk3 LzEvVE5rSWthZVRMM05XcUFNem5hRE0zMk90TFRVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd045MNdD jI5rLCFJaLlJeQm0wDBQa7MyKPFY++Y+G/9yBukOnZHe3hI6nAbpMnHDe3R6Zh5Q wM+YRRsQlyqfVJLpR3s84sORAebSSINuNgKxIK8OYOBcAgK/30DQ5M8QRBwo8reM BigkM13jMS7SC9jU27kY2aIlNzmxbJmpymaL75WktG1MStEV2w57BdVJj85ldSQQ 0Vfim8poD8Onnx6Y/cewUb4wkSAJfohVl08CtSNhhSTpmJL1I7MlwlC3EL2B4FDT q/POjdrUZC8szJd2IBBoNKsGsfCWXIu6ZM7tGbDT72hYi2Ag//hziPjSexpPg/Y5 a7JEa2b5hGu+/A== -----END CERTIFICATE-----Generated at Sat Dec 6 07:21:10 2025 by rpki-client