This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.mft File: tNkMTfZ2phH1alrtWAmwV-msV5E.mft (raw, json) Hash identifier: vzvimnBWREC+PAsFonLZoZ69xsa3ChiLpp7f9xuIW+8= Subject key identifier: 78:48:44:FF:C0:9D:6B:A3:77:91:5B:F6:76:A8:48:46:18:C8:DB:8B Authority key identifier: B4:D9:0C:4D:F6:76:A6:11:F5:6A:5A:ED:58:09:B0:57:E9:AC:57:91 Certificate issuer: /CN=b4d90c4df676a611f56a5aed5809b057e9ac5791 Certificate serial: 019AF35249A2DAB76512CD8ECA3D88CBCF57 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tNkMTfZ2phH1alrtWAmwV-msV5E.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.mft Manifest number: 09E9 Signing time: Sat 06 Dec 2025 11:00:47 +0000 Manifest this update: Sat 06 Dec 2025 11:00:47 +0000 Manifest next update: Sun 07 Dec 2025 11:00:47 +0000 Files and hashes: 1: tNkMTfZ2phH1alrtWAmwV-msV5E.crl (hash: ryfbmvXL74wqpeIlJMxwoi6gM0pyrJUlpdin6Lb63t0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.crl rsync://rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.mft rsync://rpki.ripe.net/repository/DEFAULT/tNkMTfZ2phH1alrtWAmwV-msV5E.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:52:49:a2:da:b7:65:12:cd:8e:ca:3d:88:cb:cf:57 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b4d90c4df676a611f56a5aed5809b057e9ac5791 Validity Not Before: Dec 6 11:00:47 2025 GMT Not After : Dec 7 11:00:47 2025 GMT Subject: CN=784844ffc09d6ba377915bf676a8484618c8db8b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:8c:22:e0:bb:aa:d2:ae:88:29:c3:4d:82:52: 60:48:0d:2f:78:15:70:95:87:33:2d:44:12:32:cf: 68:fc:3a:57:02:a9:60:b0:d2:43:71:1f:6a:29:56: d8:98:14:1c:71:a9:13:c9:81:b3:7a:56:3d:f4:e7: a8:3e:40:dd:1a:fd:0f:37:94:be:e4:e6:42:ee:cb: 04:93:12:9d:23:52:fa:7e:e2:c0:e9:f7:fb:c1:1e: 2d:61:81:30:76:17:63:31:9e:bc:19:01:11:06:28: fe:3d:49:41:9e:ca:9e:e3:86:3c:bc:57:d6:64:a1: 3a:f6:88:88:a9:56:6a:ca:03:ee:9a:63:fb:11:24: 2a:86:aa:8d:48:7c:6b:c3:d5:d4:8f:3b:70:da:61: 6a:89:e4:7d:47:f5:82:a4:86:83:51:32:cd:25:73: 35:3c:76:4f:5a:0f:08:93:90:29:a5:6d:9f:63:e3: dd:14:c3:c3:1a:88:6a:e5:c0:46:70:3e:28:fc:22: 45:75:ee:bb:fb:d9:d9:de:cf:bc:ca:76:33:d9:6b: 99:13:a8:af:a1:9c:f5:21:6c:47:ff:85:8e:0c:ae: 5a:04:37:47:b8:5a:6a:2f:53:51:20:62:30:6d:fc: d8:c0:3b:bf:4f:b9:97:a7:5f:c1:ef:06:99:cb:0d: 10:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 78:48:44:FF:C0:9D:6B:A3:77:91:5B:F6:76:A8:48:46:18:C8:DB:8B X509v3 Authority Key Identifier: keyid:B4:D9:0C:4D:F6:76:A6:11:F5:6A:5A:ED:58:09:B0:57:E9:AC:57:91 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tNkMTfZ2phH1alrtWAmwV-msV5E.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/60/2aaf4a-e03f-4d61-b652-435e57fccdc9/1/tNkMTfZ2phH1alrtWAmwV-msV5E.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b2:ed:08:6c:ed:e3:e7:2f:56:ef:eb:e7:50:1a:35:91:89:c4: b0:94:a4:d7:84:2b:e4:25:a6:fd:c5:97:47:5a:b6:cf:e3:41: 06:53:5f:c3:d9:c1:1f:4e:5d:d4:fa:d5:e6:99:9e:cb:07:4a: 0b:21:b2:c2:c0:93:ba:fa:0b:31:15:e9:d2:6d:99:6f:42:d1: 9e:b8:38:a9:40:af:33:da:83:17:d3:91:2e:5a:55:21:35:60: 75:04:ce:b2:d6:20:a6:01:bc:a2:cd:ab:ba:5d:7a:8c:18:09: 84:99:3b:b6:12:4d:67:f1:2e:3f:90:1a:02:dc:ae:f4:53:b4: c8:78:a1:c5:c2:21:5e:2f:a8:32:b3:52:89:7b:14:0a:9d:6b: c3:d4:9c:7b:87:0b:44:42:eb:3e:8e:f7:88:d8:61:82:bc:f6: 54:bb:c5:fc:b6:24:03:20:32:1f:70:4b:c3:e0:2a:ce:d0:af: f0:24:4e:30:22:f8:c8:3d:ad:99:0e:f2:12:5a:23:5f:6b:bf: 4a:20:a9:71:77:f9:c2:dc:67:c0:87:a9:d6:71:d0:28:b8:3a: c2:67:80:56:65:e3:85:07:0a:7c:0a:0a:a4:d6:1b:22:64:8b: 89:0d:77:26:79:23:c8:ac:e1:66:89:8f:2b:7f:53:28:94:1c: 06:9f:26:b7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzUkmi2rdlEs2Oyj2Iy89XMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI0ZDkwYzRkZjY3NmE2MTFmNTZhNWFlZDU4MDliMDU3ZTlh YzU3OTEwHhcNMjUxMjA2MTEwMDQ3WhcNMjUxMjA3MTEwMDQ3WjAzMTEwLwYDVQQD Eyg3ODQ4NDRmZmMwOWQ2YmEzNzc5MTViZjY3NmE4NDg0NjE4YzhkYjhiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwowi4Luq0q6IKcNNglJgSA0veBVw lYczLUQSMs9o/DpXAqlgsNJDcR9qKVbYmBQccakTyYGzelY99OeoPkDdGv0PN5S+ 5OZC7ssEkxKdI1L6fuLA6ff7wR4tYYEwdhdjMZ68GQERBij+PUlBnsqe44Y8vFfW ZKE69oiIqVZqygPummP7ESQqhqqNSHxrw9XUjztw2mFqieR9R/WCpIaDUTLNJXM1 PHZPWg8Ik5AppW2fY+PdFMPDGohq5cBGcD4o/CJFde67+9nZ3s+8ynYz2WuZE6iv oZz1IWxH/4WODK5aBDdHuFpqL1NRIGIwbfzYwDu/T7mXp1/B7waZyw0QBQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHhIRP/AnWujd5Fb9naoSEYYyNuLMB8GA1UdIwQY MBaAFLTZDE32dqYR9Wpa7VgJsFfprFeRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdE5rTVRmWjJwaEgxYWxydFdBbXdWLW1zVjVFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC8yYWFmNGEtZTAzZi00ZDYxLWI2NTIt NDM1ZTU3ZmNjZGM5LzEvdE5rTVRmWjJwaEgxYWxydFdBbXdWLW1zVjVFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82MC8yYWFmNGEtZTAzZi00ZDYxLWI2NTItNDM1ZTU3ZmNjZGM5 LzEvdE5rTVRmWjJwaEgxYWxydFdBbXdWLW1zVjVFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsu0IbO3j 5y9W7+vnUBo1kYnEsJSk14Qr5CWm/cWXR1q2z+NBBlNfw9nBH05d1PrV5pmeywdK CyGywsCTuvoLMRXp0m2Zb0LRnrg4qUCvM9qDF9ORLlpVITVgdQTOstYgpgG8os2r ul16jBgJhJk7thJNZ/EuP5AaAtyu9FO0yHihxcIhXi+oMrNSiXsUCp1rw9Sce4cL RELrPo73iNhhgrz2VLvF/LYkAyAyH3BLw+AqztCv8CROMCL4yD2tmQ7yElojX2u/ SiCpcXf5wtxnwIep1nHQKLg6wmeAVmXjhQcKfAoKpNYbImSLiQ13JnkjyKzhZomP K39TKJQcBp8mtw== -----END CERTIFICATE-----Generated at Sat Dec 6 15:17:28 2025 by rpki-client