This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/a20fb0-5b8d-4517-b46e-c72cbac285f8/1/tAqlFjSW4FOna21pzcRfdQBs2N8.mft File: tAqlFjSW4FOna21pzcRfdQBs2N8.mft (raw, json) Hash identifier: ljdBDTTPpZEUiu8LSqxaQYwcYHyiegUmQGyb4ltHiF4= Subject key identifier: D1:76:76:87:86:B0:C1:19:5B:72:19:94:BB:FE:FB:C4:09:90:7A:24 Authority key identifier: B4:0A:A5:16:34:96:E0:53:A7:6B:6D:69:CD:C4:5F:75:00:6C:D8:DF Certificate issuer: /CN=b40aa5163496e053a76b6d69cdc45f75006cd8df Certificate serial: 019B2BF8F6098F861AC125F36259EC894BE3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tAqlFjSW4FOna21pzcRfdQBs2N8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/a20fb0-5b8d-4517-b46e-c72cbac285f8/1/tAqlFjSW4FOna21pzcRfdQBs2N8.mft Manifest number: 1780 Signing time: Wed 17 Dec 2025 11:01:34 +0000 Manifest this update: Wed 17 Dec 2025 11:01:34 +0000 Manifest next update: Thu 18 Dec 2025 11:01:34 +0000 Files and hashes: 1: 1-d6DUI7mmJKHILGE-ACGJbIFV40.roa (hash: WM+ispXO9qKwdYzXWtwDmpPip6PK1PIBVYZaFFY6Sl4=) 2: tAqlFjSW4FOna21pzcRfdQBs2N8.crl (hash: EWwsGm3kevfZ69eVD01uiiyf6cL4ZaX7RXSmaeklULY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/a20fb0-5b8d-4517-b46e-c72cbac285f8/1/tAqlFjSW4FOna21pzcRfdQBs2N8.crl rsync://rpki.ripe.net/repository/DEFAULT/70/a20fb0-5b8d-4517-b46e-c72cbac285f8/1/tAqlFjSW4FOna21pzcRfdQBs2N8.mft rsync://rpki.ripe.net/repository/DEFAULT/tAqlFjSW4FOna21pzcRfdQBs2N8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 18 Dec 2025 10:00:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2b:f8:f6:09:8f:86:1a:c1:25:f3:62:59:ec:89:4b:e3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b40aa5163496e053a76b6d69cdc45f75006cd8df Validity Not Before: Dec 17 11:01:34 2025 GMT Not After : Dec 18 11:01:34 2025 GMT Subject: CN=d176768786b0c1195b721994bbfefbc409907a24 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:22:09:d4:45:6c:45:db:5e:3d:16:b6:dd:8f: 58:5c:f7:92:48:19:0c:6d:95:74:f8:fc:22:7b:6a: 10:d3:84:79:24:e2:b5:a9:6e:4c:80:e0:2a:fa:33: 67:f1:fa:ae:1a:36:6c:01:32:56:65:8f:b8:73:35: bd:37:b1:ac:93:7f:28:37:20:c4:b4:4b:8b:87:93: 1f:c6:f6:a5:db:da:e7:63:22:16:62:bd:4c:4e:98: c0:bc:76:d0:d6:db:c0:f6:50:d4:43:8e:5b:69:77: a7:77:ce:10:12:78:4b:42:e5:41:e0:d2:7c:02:53: 34:37:e6:c2:4d:06:f8:6a:c8:c7:8c:60:f7:8e:64: f9:8e:90:d2:c8:66:d8:80:f4:8a:be:4a:b3:e8:6d: ae:e8:2c:7d:af:51:ab:bb:81:80:17:fe:bf:73:09: fc:9a:1b:31:e9:f4:ca:b0:44:7e:3b:39:54:e7:35: e6:6f:f3:89:f8:ce:8b:a7:20:c6:db:a5:2d:51:2b: ac:8b:7d:d4:cd:b8:78:fb:f6:18:c0:5e:2d:4a:f6: 4c:bb:4d:12:1c:7b:a4:29:55:d3:4a:17:4d:7e:4a: 1a:03:b2:e5:bf:57:b9:e8:33:c3:24:82:65:ed:fa: a8:34:b5:c4:2e:5a:d7:9f:7a:49:aa:ba:82:61:c2: 20:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D1:76:76:87:86:B0:C1:19:5B:72:19:94:BB:FE:FB:C4:09:90:7A:24 X509v3 Authority Key Identifier: keyid:B4:0A:A5:16:34:96:E0:53:A7:6B:6D:69:CD:C4:5F:75:00:6C:D8:DF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tAqlFjSW4FOna21pzcRfdQBs2N8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/a20fb0-5b8d-4517-b46e-c72cbac285f8/1/tAqlFjSW4FOna21pzcRfdQBs2N8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/70/a20fb0-5b8d-4517-b46e-c72cbac285f8/1/tAqlFjSW4FOna21pzcRfdQBs2N8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 59:e3:3a:25:70:15:03:5d:4a:49:83:21:62:d1:4f:14:c1:10: 4f:92:6c:49:8e:41:9a:0a:c7:f9:7a:96:a7:f7:7a:5b:fe:7b: fd:39:09:ac:19:68:80:30:59:60:7b:26:be:3b:b8:9f:23:73: ab:0f:34:8a:fb:aa:ca:e0:7b:a1:16:af:d4:34:43:df:f9:fc: 4a:ed:7e:22:1f:0c:59:7d:ff:cd:53:00:e0:da:40:8f:cc:32: c6:04:fe:eb:0d:10:4e:10:2d:7e:08:f1:00:2c:99:4b:cc:ac: c8:88:f2:4f:8a:5d:ba:43:d1:89:f4:7d:68:51:6e:38:d7:d3: cc:99:ae:1e:67:08:4c:56:5a:a6:f4:a2:b8:55:d5:c9:1f:f4: 34:23:15:92:26:e6:68:29:c0:42:1b:05:d1:47:a4:fe:81:5d: e7:8c:61:ab:50:2a:bb:11:ea:eb:b9:c8:79:60:6e:b0:a5:f3: 72:a7:62:cb:2b:65:9e:d4:ab:fe:18:a2:4c:b3:a0:30:97:e0: 7b:07:79:b1:db:20:5d:00:c1:9f:ef:87:5e:8b:e0:5b:e9:ec: 54:1d:66:d5:53:e0:71:4c:9a:8d:b3:d3:59:a9:79:c9:5f:68: 07:a0:c4:38:40:1d:e7:47:99:4b:e2:20:4c:90:e6:9a:e3:8f: 5b:3e:45:df -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsr+PYJj4YawSXzYlnsiUvjMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI0MGFhNTE2MzQ5NmUwNTNhNzZiNmQ2OWNkYzQ1Zjc1MDA2 Y2Q4ZGYwHhcNMjUxMjE3MTEwMTM0WhcNMjUxMjE4MTEwMTM0WjAzMTEwLwYDVQQD EyhkMTc2NzY4Nzg2YjBjMTE5NWI3MjE5OTRiYmZlZmJjNDA5OTA3YTI0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsiIJ1EVsRdtePRa23Y9YXPeSSBkM bZV0+Pwie2oQ04R5JOK1qW5MgOAq+jNn8fquGjZsATJWZY+4czW9N7Gsk38oNyDE tEuLh5Mfxval29rnYyIWYr1MTpjAvHbQ1tvA9lDUQ45baXend84QEnhLQuVB4NJ8 AlM0N+bCTQb4asjHjGD3jmT5jpDSyGbYgPSKvkqz6G2u6Cx9r1Gru4GAF/6/cwn8 mhsx6fTKsER+OzlU5zXmb/OJ+M6LpyDG26UtUSusi33Uzbh4+/YYwF4tSvZMu00S HHukKVXTShdNfkoaA7Llv1e56DPDJIJl7fqoNLXELlrXn3pJqrqCYcIgqQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNF2doeGsMEZW3IZlLv++8QJkHokMB8GA1UdIwQY MBaAFLQKpRY0luBTp2ttac3EX3UAbNjfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdEFxbEZqU1c0Rk9uYTIxcHpjUmZkUUJzMk44LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9hMjBmYjAtNWI4ZC00NTE3LWI0NmUt YzcyY2JhYzI4NWY4LzEvdEFxbEZqU1c0Rk9uYTIxcHpjUmZkUUJzMk44Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83MC9hMjBmYjAtNWI4ZC00NTE3LWI0NmUtYzcyY2JhYzI4NWY4 LzEvdEFxbEZqU1c0Rk9uYTIxcHpjUmZkUUJzMk44LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWeM6JXAV A11KSYMhYtFPFMEQT5JsSY5BmgrH+XqWp/d6W/57/TkJrBlogDBZYHsmvju4nyNz qw80ivuqyuB7oRav1DRD3/n8Su1+Ih8MWX3/zVMA4NpAj8wyxgT+6w0QThAtfgjx ACyZS8ysyIjyT4pdukPRifR9aFFuONfTzJmuHmcITFZapvSiuFXVyR/0NCMVkibm aCnAQhsF0Uek/oFd54xhq1AquxHq67nIeWBusKXzcqdiyytlntSr/hiiTLOgMJfg ewd5sdsgXQDBn++HXovgW+nsVB1m1VPgcUyajbPTWal5yV9oB6DEOEAd50eZS+Ig TJDmmuOPWz5F3w== -----END CERTIFICATE-----Generated at Wed Dec 17 17:54:41 2025 by rpki-client