This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/a20fb0-5b8d-4517-b46e-c72cbac285f8/1/tAqlFjSW4FOna21pzcRfdQBs2N8.mft File: tAqlFjSW4FOna21pzcRfdQBs2N8.mft (raw, json) Hash identifier: sXfaBo3RRx9NLvZIIAn7McAyLbwUTPy5T7ductZYMFg= Subject key identifier: 00:45:03:43:9D:70:6F:05:29:26:AB:62:C1:C3:D6:4F:CE:37:4F:99 Authority key identifier: B4:0A:A5:16:34:96:E0:53:A7:6B:6D:69:CD:C4:5F:75:00:6C:D8:DF Certificate issuer: /CN=b40aa5163496e053a76b6d69cdc45f75006cd8df Certificate serial: 019AF209704B837C099E9153A2DBDBF50760 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tAqlFjSW4FOna21pzcRfdQBs2N8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/a20fb0-5b8d-4517-b46e-c72cbac285f8/1/tAqlFjSW4FOna21pzcRfdQBs2N8.mft Manifest number: 1762 Signing time: Sat 06 Dec 2025 05:01:36 +0000 Manifest this update: Sat 06 Dec 2025 05:01:36 +0000 Manifest next update: Sun 07 Dec 2025 05:01:36 +0000 Files and hashes: 1: 1-d6DUI7mmJKHILGE-ACGJbIFV40.roa (hash: WM+ispXO9qKwdYzXWtwDmpPip6PK1PIBVYZaFFY6Sl4=) 2: tAqlFjSW4FOna21pzcRfdQBs2N8.crl (hash: 5eBt+g6aDaPRJHnWvKvjGq0wP7oa1MXa7fETBJ/7wjY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/a20fb0-5b8d-4517-b46e-c72cbac285f8/1/tAqlFjSW4FOna21pzcRfdQBs2N8.crl rsync://rpki.ripe.net/repository/DEFAULT/70/a20fb0-5b8d-4517-b46e-c72cbac285f8/1/tAqlFjSW4FOna21pzcRfdQBs2N8.mft rsync://rpki.ripe.net/repository/DEFAULT/tAqlFjSW4FOna21pzcRfdQBs2N8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:09:70:4b:83:7c:09:9e:91:53:a2:db:db:f5:07:60 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b40aa5163496e053a76b6d69cdc45f75006cd8df Validity Not Before: Dec 6 05:01:36 2025 GMT Not After : Dec 7 05:01:36 2025 GMT Subject: CN=004503439d706f052926ab62c1c3d64fce374f99 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:b3:3e:2d:55:ce:8f:7b:c1:95:14:5c:9a:7d: 14:29:5c:57:7f:52:03:97:3a:be:d1:bc:23:fc:5b: 42:9e:a1:e4:f2:e8:cf:2e:b3:cd:e3:a7:44:19:0b: 75:25:4f:8d:ae:88:e5:03:69:7f:81:8b:b3:1f:1f: dd:b2:db:67:8e:56:f4:b5:76:62:14:58:2b:84:59: 48:f1:43:84:e2:e4:f7:bd:2d:4a:d1:b7:d1:9a:68: f3:ee:78:40:5d:af:16:0c:55:d5:04:d7:16:29:9f: a1:7d:6c:52:2a:54:44:c4:42:d9:83:f2:7c:b5:01: de:07:5d:c7:f3:68:26:57:97:15:d7:dc:25:00:83: 94:6d:c5:d2:b3:73:38:36:de:2b:31:fd:b6:c4:de: 4e:26:c6:b2:f8:2f:c4:3f:aa:6c:ca:44:1e:a1:8f: 25:95:4a:0f:c1:16:1a:58:6d:91:98:ec:5f:7c:1f: 6f:ee:11:69:8e:06:b9:5b:de:81:46:e4:be:4a:27: ed:cc:27:2a:93:39:34:eb:c5:7f:f5:0f:ad:65:cc: 7b:c0:e3:a6:c7:4f:9b:c0:50:d2:7f:a1:c5:64:de: e6:f0:b6:58:04:a3:0a:4d:4f:5c:68:10:a8:a4:9c: 52:5e:7b:14:47:fc:ed:84:19:42:1e:b1:c6:57:8d: be:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:45:03:43:9D:70:6F:05:29:26:AB:62:C1:C3:D6:4F:CE:37:4F:99 X509v3 Authority Key Identifier: keyid:B4:0A:A5:16:34:96:E0:53:A7:6B:6D:69:CD:C4:5F:75:00:6C:D8:DF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tAqlFjSW4FOna21pzcRfdQBs2N8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/a20fb0-5b8d-4517-b46e-c72cbac285f8/1/tAqlFjSW4FOna21pzcRfdQBs2N8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/70/a20fb0-5b8d-4517-b46e-c72cbac285f8/1/tAqlFjSW4FOna21pzcRfdQBs2N8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 10:42:68:8e:bd:62:f8:8b:08:ff:f0:33:47:de:52:8b:c5:0c: c1:f7:87:8d:e8:c3:c7:59:0d:b6:a2:fe:d4:0b:bc:23:f4:14: 53:15:f2:34:33:06:b4:97:ae:bd:bc:72:c0:86:2a:d4:92:a2: c2:2e:97:ce:cf:fa:9f:da:c7:70:34:da:8d:af:3d:61:54:47: 2f:ea:55:7e:8b:bc:c6:2c:44:03:df:28:18:b2:b0:cb:5e:ee: 6a:0a:ac:29:d5:6c:a5:ba:10:80:7f:97:89:55:f4:f0:b1:72: 30:6d:ce:b7:7b:8f:ef:8b:37:2f:fb:7e:72:37:7b:94:59:35: 11:ee:fd:9e:f6:76:86:0a:56:6d:4c:2a:6c:33:be:12:d5:6a: 79:eb:81:f0:7f:e6:4c:2f:7b:c5:da:d7:e4:d4:75:63:bb:11: 99:34:d0:ac:f5:9f:b4:b0:45:ee:f0:9c:ed:40:b2:df:21:be: 42:05:e6:14:4a:4b:fe:39:4f:7d:79:1d:ac:d2:c5:5d:a8:ac: 0f:97:57:01:6e:f4:08:0c:a6:04:23:eb:15:af:98:df:02:ef: f6:8d:35:fb:90:68:ed:6d:76:1f:9a:ba:85:0b:55:2e:01:1c: ee:18:6b:81:c9:83:14:a9:79:94:d2:86:37:80:c9:f1:7a:c8: dc:8d:df:2f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryCXBLg3wJnpFTotvb9QdgMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI0MGFhNTE2MzQ5NmUwNTNhNzZiNmQ2OWNkYzQ1Zjc1MDA2 Y2Q4ZGYwHhcNMjUxMjA2MDUwMTM2WhcNMjUxMjA3MDUwMTM2WjAzMTEwLwYDVQQD EygwMDQ1MDM0MzlkNzA2ZjA1MjkyNmFiNjJjMWMzZDY0ZmNlMzc0Zjk5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvLM+LVXOj3vBlRRcmn0UKVxXf1ID lzq+0bwj/FtCnqHk8ujPLrPN46dEGQt1JU+NrojlA2l/gYuzHx/dsttnjlb0tXZi FFgrhFlI8UOE4uT3vS1K0bfRmmjz7nhAXa8WDFXVBNcWKZ+hfWxSKlRExELZg/J8 tQHeB13H82gmV5cV19wlAIOUbcXSs3M4Nt4rMf22xN5OJsay+C/EP6psykQeoY8l lUoPwRYaWG2RmOxffB9v7hFpjga5W96BRuS+SiftzCcqkzk068V/9Q+tZcx7wOOm x0+bwFDSf6HFZN7m8LZYBKMKTU9caBCopJxSXnsUR/zthBlCHrHGV42+fQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFABFA0OdcG8FKSarYsHD1k/ON0+ZMB8GA1UdIwQY MBaAFLQKpRY0luBTp2ttac3EX3UAbNjfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdEFxbEZqU1c0Rk9uYTIxcHpjUmZkUUJzMk44LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9hMjBmYjAtNWI4ZC00NTE3LWI0NmUt YzcyY2JhYzI4NWY4LzEvdEFxbEZqU1c0Rk9uYTIxcHpjUmZkUUJzMk44Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83MC9hMjBmYjAtNWI4ZC00NTE3LWI0NmUtYzcyY2JhYzI4NWY4 LzEvdEFxbEZqU1c0Rk9uYTIxcHpjUmZkUUJzMk44LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEEJojr1i +IsI//AzR95Si8UMwfeHjejDx1kNtqL+1Au8I/QUUxXyNDMGtJeuvbxywIYq1JKi wi6Xzs/6n9rHcDTaja89YVRHL+pVfou8xixEA98oGLKwy17uagqsKdVspboQgH+X iVX08LFyMG3Ot3uP74s3L/t+cjd7lFk1Ee79nvZ2hgpWbUwqbDO+EtVqeeuB8H/m TC97xdrX5NR1Y7sRmTTQrPWftLBF7vCc7UCy3yG+QgXmFEpL/jlPfXkdrNLFXais D5dXAW70CAymBCPrFa+Y3wLv9o01+5Bo7W12H5q6hQtVLgEc7hhrgcmDFKl5lNKG N4DJ8XrI3I3fLw== -----END CERTIFICATE-----Generated at Sat Dec 6 10:02:59 2025 by rpki-client