This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/1d0c39-2555-468f-be66-ff9bab90af18/1/tmxJhc1gZDIg4GSi4RTXj1sDnCs.mft File: tmxJhc1gZDIg4GSi4RTXj1sDnCs.mft (raw, json) Hash identifier: Ph5rZyo5oVXfeQOweHQ7fq1Wqzr12gU5Y+uCq93s/H4= Subject key identifier: 70:E6:CE:E2:E5:30:25:28:12:21:F2:09:9F:0E:71:43:4D:1D:44:D7 Authority key identifier: B6:6C:49:85:CD:60:64:32:20:E0:64:A2:E1:14:D7:8F:5B:03:9C:2B Certificate issuer: /CN=b66c4985cd60643220e064a2e114d78f5b039c2b Certificate serial: 019AF31C430AB416F09BD76C9076A0F2E746 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tmxJhc1gZDIg4GSi4RTXj1sDnCs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/1d0c39-2555-468f-be66-ff9bab90af18/1/tmxJhc1gZDIg4GSi4RTXj1sDnCs.mft Manifest number: 09AF Signing time: Sat 06 Dec 2025 10:01:46 +0000 Manifest this update: Sat 06 Dec 2025 10:01:46 +0000 Manifest next update: Sun 07 Dec 2025 10:01:46 +0000 Files and hashes: 1: tmxJhc1gZDIg4GSi4RTXj1sDnCs.crl (hash: 6lKNONnv7VZ2L8WV0WKTxd4Z7vzESBKcBdGwYp5MzG0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/79/1d0c39-2555-468f-be66-ff9bab90af18/1/tmxJhc1gZDIg4GSi4RTXj1sDnCs.crl rsync://rpki.ripe.net/repository/DEFAULT/79/1d0c39-2555-468f-be66-ff9bab90af18/1/tmxJhc1gZDIg4GSi4RTXj1sDnCs.mft rsync://rpki.ripe.net/repository/DEFAULT/tmxJhc1gZDIg4GSi4RTXj1sDnCs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1c:43:0a:b4:16:f0:9b:d7:6c:90:76:a0:f2:e7:46 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b66c4985cd60643220e064a2e114d78f5b039c2b Validity Not Before: Dec 6 10:01:46 2025 GMT Not After : Dec 7 10:01:46 2025 GMT Subject: CN=70e6cee2e53025281221f2099f0e71434d1d44d7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:e7:f1:8e:ad:5c:15:4b:74:d5:dd:34:6f:d5: 78:4d:0a:8d:ed:d8:15:64:c5:55:2e:20:94:0e:91: ef:a0:98:5c:57:e6:2c:23:bf:dd:0e:ca:8a:38:0d: e8:79:ed:53:1a:34:f4:60:22:d6:77:69:4a:a0:50: 7a:03:94:2b:9b:55:0b:3d:ef:03:7a:96:39:e9:e8: 17:85:83:b6:dd:0d:90:2c:a7:1c:a8:84:7c:4e:f9: 6c:9e:69:e2:ea:7f:74:3c:27:ea:6a:21:74:f9:08: 29:87:56:36:89:23:c9:fc:e3:d4:7c:1b:dd:e5:3e: 00:28:83:df:e3:da:e7:be:69:e0:1b:68:ce:d8:9b: 7a:60:9a:aa:0a:d4:7f:34:b8:f4:ed:f1:84:aa:4d: 4d:76:5e:3a:88:4c:61:66:7b:26:76:56:47:fb:ae: 05:21:bd:67:33:ff:48:fc:29:ec:50:39:07:96:db: d5:15:48:ed:e3:9c:20:38:1e:5f:59:1c:3c:85:15: eb:77:e2:b4:38:af:ec:e8:3b:2f:71:9d:ab:36:3c: 23:d2:0c:e4:b3:ed:95:f5:40:d1:48:7d:b0:61:27: 11:b1:46:9e:ec:9a:93:f0:20:8a:61:9d:79:bb:3e: cf:9b:f1:25:d9:f8:98:39:01:b6:1d:f0:4c:9a:4b: 95:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 70:E6:CE:E2:E5:30:25:28:12:21:F2:09:9F:0E:71:43:4D:1D:44:D7 X509v3 Authority Key Identifier: keyid:B6:6C:49:85:CD:60:64:32:20:E0:64:A2:E1:14:D7:8F:5B:03:9C:2B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tmxJhc1gZDIg4GSi4RTXj1sDnCs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/1d0c39-2555-468f-be66-ff9bab90af18/1/tmxJhc1gZDIg4GSi4RTXj1sDnCs.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/79/1d0c39-2555-468f-be66-ff9bab90af18/1/tmxJhc1gZDIg4GSi4RTXj1sDnCs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 48:a5:2c:ae:d7:51:aa:96:70:35:fc:ec:3f:24:ef:f1:8f:5e: cd:53:ce:45:fe:68:c8:93:03:c4:04:9b:96:f0:9c:83:9b:5b: 87:02:8b:b3:14:1f:42:bc:3a:6e:0f:7f:5d:a1:0f:10:a6:fb: 69:0e:1a:bb:d8:4a:7f:85:12:ed:b4:75:15:20:e7:6a:bb:12: 3a:c4:ed:d0:fa:49:31:ad:ac:d9:f7:9c:2d:82:aa:9b:5c:e1: e9:f0:0a:54:3f:ea:e9:52:81:62:ea:50:c5:96:6c:0e:7b:a8: 4a:6c:5b:68:1c:49:1f:c9:e0:6c:55:a0:1a:36:b7:fc:66:2a: cb:bc:6e:c7:4f:64:84:4c:b2:2d:6a:43:5a:c1:3d:37:d2:85: eb:4d:f7:41:9b:1e:d5:e0:f9:74:b9:12:be:7a:7b:9d:8d:73: aa:e1:df:af:e8:80:f3:14:cc:65:31:39:24:58:70:47:b6:c8: 40:fe:5a:9f:a6:a9:d9:68:cf:b2:a5:7e:7c:e4:c9:04:76:83: f4:ac:db:df:f0:98:6d:ad:0d:8e:92:60:18:29:5f:e7:f3:9d: 2b:b4:0b:d4:19:0f:a4:ae:07:21:64:e4:05:e5:e7:ee:6b:e5: 9c:6f:79:f1:e0:f0:51:2b:a7:5d:6e:75:d6:e0:4a:94:3f:9f: 17:d4:53:51 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzHEMKtBbwm9dskHag8udGMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI2NmM0OTg1Y2Q2MDY0MzIyMGUwNjRhMmUxMTRkNzhmNWIw MzljMmIwHhcNMjUxMjA2MTAwMTQ2WhcNMjUxMjA3MTAwMTQ2WjAzMTEwLwYDVQQD Eyg3MGU2Y2VlMmU1MzAyNTI4MTIyMWYyMDk5ZjBlNzE0MzRkMWQ0NGQ3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm+fxjq1cFUt01d00b9V4TQqN7dgV ZMVVLiCUDpHvoJhcV+YsI7/dDsqKOA3oee1TGjT0YCLWd2lKoFB6A5Qrm1ULPe8D epY56egXhYO23Q2QLKccqIR8Tvlsnmni6n90PCfqaiF0+Qgph1Y2iSPJ/OPUfBvd 5T4AKIPf49rnvmngG2jO2Jt6YJqqCtR/NLj07fGEqk1Ndl46iExhZnsmdlZH+64F Ib1nM/9I/CnsUDkHltvVFUjt45wgOB5fWRw8hRXrd+K0OK/s6DsvcZ2rNjwj0gzk s+2V9UDRSH2wYScRsUae7JqT8CCKYZ15uz7Pm/El2fiYOQG2HfBMmkuVrQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHDmzuLlMCUoEiHyCZ8OcUNNHUTXMB8GA1UdIwQY MBaAFLZsSYXNYGQyIOBkouEU149bA5wrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdG14SmhjMWdaRElnNEdTaTRSVFhqMXNEbkNzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS8xZDBjMzktMjU1NS00NjhmLWJlNjYt ZmY5YmFiOTBhZjE4LzEvdG14SmhjMWdaRElnNEdTaTRSVFhqMXNEbkNzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83OS8xZDBjMzktMjU1NS00NjhmLWJlNjYtZmY5YmFiOTBhZjE4 LzEvdG14SmhjMWdaRElnNEdTaTRSVFhqMXNEbkNzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASKUsrtdR qpZwNfzsPyTv8Y9ezVPORf5oyJMDxASblvCcg5tbhwKLsxQfQrw6bg9/XaEPEKb7 aQ4au9hKf4US7bR1FSDnarsSOsTt0PpJMa2s2fecLYKqm1zh6fAKVD/q6VKBYupQ xZZsDnuoSmxbaBxJH8ngbFWgGja3/GYqy7xux09khEyyLWpDWsE9N9KF6033QZse 1eD5dLkSvnp7nY1zquHfr+iA8xTMZTE5JFhwR7bIQP5an6ap2WjPsqV+fOTJBHaD 9Kzb3/CYba0NjpJgGClf5/OdK7QL1BkPpK4HIWTkBeXn7mvlnG958eDwUSunXW51 1uBKlD+fF9RTUQ== -----END CERTIFICATE-----Generated at Sat Dec 6 11:58:41 2025 by rpki-client