This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/847c9d-201c-477a-ba96-328f66996ec1/1/TShV3jcUZy5-qwceFh0RoDDT048.mft File: TShV3jcUZy5-qwceFh0RoDDT048.mft (raw, json) Hash identifier: Neaf1g2x3skcjwb8Eq2kMWvM3Llg1ZE3ujQFm9jX87A= Subject key identifier: 42:98:8D:71:1B:81:57:0B:BF:BA:0E:F6:CD:11:FD:C8:81:2E:49:89 Authority key identifier: 4D:28:55:DE:37:14:67:2E:7E:AB:07:1E:16:1D:11:A0:30:D3:D3:8F Certificate issuer: /CN=4d2855de3714672e7eab071e161d11a030d3d38f Certificate serial: 019AF23F8D89BB25CB526FA2265237121FFE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TShV3jcUZy5-qwceFh0RoDDT048.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/847c9d-201c-477a-ba96-328f66996ec1/1/TShV3jcUZy5-qwceFh0RoDDT048.mft Manifest number: 041B Signing time: Sat 06 Dec 2025 06:00:42 +0000 Manifest this update: Sat 06 Dec 2025 06:00:42 +0000 Manifest next update: Sun 07 Dec 2025 06:00:42 +0000 Files and hashes: 1: TShV3jcUZy5-qwceFh0RoDDT048.crl (hash: leLJHvLDtPO3xKFYDu++NBpfFkmojgtek4uJn7OLRCA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/847c9d-201c-477a-ba96-328f66996ec1/1/TShV3jcUZy5-qwceFh0RoDDT048.crl rsync://rpki.ripe.net/repository/DEFAULT/72/847c9d-201c-477a-ba96-328f66996ec1/1/TShV3jcUZy5-qwceFh0RoDDT048.mft rsync://rpki.ripe.net/repository/DEFAULT/TShV3jcUZy5-qwceFh0RoDDT048.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:3f:8d:89:bb:25:cb:52:6f:a2:26:52:37:12:1f:fe Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4d2855de3714672e7eab071e161d11a030d3d38f Validity Not Before: Dec 6 06:00:42 2025 GMT Not After : Dec 7 06:00:42 2025 GMT Subject: CN=42988d711b81570bbfba0ef6cd11fdc8812e4989 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:e8:d2:23:eb:c7:b6:51:7e:18:d4:c9:50:2c: 4e:57:10:7e:c3:38:32:56:3d:87:cf:c5:ce:a2:61: 77:53:1d:56:be:0f:38:2a:28:ee:83:34:bf:86:b6: 7e:ee:46:7f:c0:43:59:67:7e:7b:be:63:7f:95:6b: c0:09:cd:e3:db:dc:89:85:9c:ca:8d:82:ca:35:cc: f5:f7:bc:2e:11:e2:f4:10:86:e9:54:ef:02:34:46: 35:57:b1:1a:74:90:80:e3:d4:c9:f6:39:0a:f2:07: 33:97:b6:b5:a3:ca:df:6a:a2:ac:68:6f:f4:3e:05: 16:5a:ec:2e:d3:14:b9:55:33:89:29:ff:c0:56:e9: 4c:ac:56:17:c0:66:ad:04:b3:a0:1d:36:1b:90:48: 24:5e:b2:4b:d7:59:6d:76:be:60:7a:4e:79:02:95: 6f:6d:f9:58:b4:3b:fa:f1:5d:6c:47:8f:f5:71:73: d5:a7:f6:a9:7c:37:4b:f6:74:4e:ee:bd:fc:11:ca: 90:5f:00:76:df:c9:69:f3:4c:a4:c8:9c:2c:54:45: dd:fd:08:51:40:20:ac:71:25:a9:ac:f2:48:29:39: fa:34:7f:29:5e:59:7a:20:23:96:ad:3c:3d:42:0c: 3b:99:9b:36:52:69:c3:b5:ee:53:7f:ef:f1:63:e1: b7:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:98:8D:71:1B:81:57:0B:BF:BA:0E:F6:CD:11:FD:C8:81:2E:49:89 X509v3 Authority Key Identifier: keyid:4D:28:55:DE:37:14:67:2E:7E:AB:07:1E:16:1D:11:A0:30:D3:D3:8F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TShV3jcUZy5-qwceFh0RoDDT048.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/847c9d-201c-477a-ba96-328f66996ec1/1/TShV3jcUZy5-qwceFh0RoDDT048.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/72/847c9d-201c-477a-ba96-328f66996ec1/1/TShV3jcUZy5-qwceFh0RoDDT048.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 36:89:d2:2e:02:a2:d4:8b:b8:ac:48:e2:1d:dd:cb:7f:e0:69: e5:a2:7b:d3:af:45:d9:3a:2f:44:03:4a:e5:7e:6e:09:4f:dd: 9c:3d:02:4d:47:b8:3d:c1:e9:02:4a:b3:c8:cf:2e:08:3f:f5: 4b:16:a4:2a:bc:aa:a6:16:1d:33:3b:28:e7:d9:6e:a5:b5:e0: 72:93:f9:4f:0d:83:79:3c:5b:09:72:fa:d0:ab:00:2a:4a:b3: c1:c5:87:55:c2:f9:e6:9d:dd:d1:07:21:5c:3e:58:fa:1f:48: b1:b1:76:76:31:cc:c9:ea:cd:c8:b5:b7:9d:03:f8:7b:cb:09: 24:21:27:a2:90:4b:79:e1:df:1f:30:c0:bb:ee:6c:e8:8c:32: 11:a3:7f:de:2a:c4:3f:ea:33:40:46:38:02:92:07:13:76:cc: 5b:7d:1b:8b:28:a5:c5:5d:9d:0d:4e:88:db:2e:e6:a8:7b:9b: eb:cb:e4:d5:61:c3:8a:8d:b5:19:fe:61:d0:52:49:51:48:f1: 31:44:71:cf:16:72:c9:e0:18:d8:ab:fe:b3:44:46:e2:98:e9: 97:c4:ce:f2:5f:6f:d7:67:25:c4:80:58:27:58:79:ce:21:ea: 5a:a6:9c:20:a0:07:d2:f1:91:dd:fb:91:c1:89:e7:72:fb:fc: 90:97:14:81 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryP42JuyXLUm+iJlI3Eh/+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRkMjg1NWRlMzcxNDY3MmU3ZWFiMDcxZTE2MWQxMWEwMzBk M2QzOGYwHhcNMjUxMjA2MDYwMDQyWhcNMjUxMjA3MDYwMDQyWjAzMTEwLwYDVQQD Eyg0Mjk4OGQ3MTFiODE1NzBiYmZiYTBlZjZjZDExZmRjODgxMmU0OTg5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr+jSI+vHtlF+GNTJUCxOVxB+wzgy Vj2Hz8XOomF3Ux1Wvg84KijugzS/hrZ+7kZ/wENZZ357vmN/lWvACc3j29yJhZzK jYLKNcz197wuEeL0EIbpVO8CNEY1V7EadJCA49TJ9jkK8gczl7a1o8rfaqKsaG/0 PgUWWuwu0xS5VTOJKf/AVulMrFYXwGatBLOgHTYbkEgkXrJL11ltdr5gek55ApVv bflYtDv68V1sR4/1cXPVp/apfDdL9nRO7r38EcqQXwB238lp80ykyJwsVEXd/QhR QCCscSWprPJIKTn6NH8pXll6ICOWrTw9Qgw7mZs2UmnDte5Tf+/xY+G3yQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEKYjXEbgVcLv7oO9s0R/ciBLkmJMB8GA1UdIwQY MBaAFE0oVd43FGcufqsHHhYdEaAw09OPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVFNoVjNqY1VaeTUtcXdjZUZoMFJvRERUMDQ4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi84NDdjOWQtMjAxYy00NzdhLWJhOTYt MzI4ZjY2OTk2ZWMxLzEvVFNoVjNqY1VaeTUtcXdjZUZoMFJvRERUMDQ4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83Mi84NDdjOWQtMjAxYy00NzdhLWJhOTYtMzI4ZjY2OTk2ZWMx LzEvVFNoVjNqY1VaeTUtcXdjZUZoMFJvRERUMDQ4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANonSLgKi 1Iu4rEjiHd3Lf+Bp5aJ7069F2TovRANK5X5uCU/dnD0CTUe4PcHpAkqzyM8uCD/1 SxakKryqphYdMzso59lupbXgcpP5Tw2DeTxbCXL60KsAKkqzwcWHVcL55p3d0Qch XD5Y+h9IsbF2djHMyerNyLW3nQP4e8sJJCEnopBLeeHfHzDAu+5s6IwyEaN/3irE P+ozQEY4ApIHE3bMW30biyilxV2dDU6I2y7mqHub68vk1WHDio21Gf5h0FJJUUjx MURxzxZyyeAY2Kv+s0RG4pjpl8TO8l9v12clxIBYJ1h5ziHqWqacIKAH0vGR3fuR wYnncvv8kJcUgQ== -----END CERTIFICATE-----Generated at Sat Dec 6 14:18:41 2025 by rpki-client