This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/94b73a-a3d5-40c4-9224-cdc2490393a6/1/tRQMX448e8JKGtTIQGQVJj62ur8.mft File: tRQMX448e8JKGtTIQGQVJj62ur8.mft (raw, json) Hash identifier: FPrm506aav/Rwzw3p2g/HK4fGJ/jp7JqCbF70o7QC40= Subject key identifier: CE:63:1E:EA:E9:37:5F:A8:6F:CE:F6:63:9D:5B:F1:D0:75:5C:78:68 Authority key identifier: B5:14:0C:5F:8E:3C:7B:C2:4A:1A:D4:C8:40:64:15:26:3E:B6:BA:BF Certificate issuer: /CN=b5140c5f8e3c7bc24a1ad4c8406415263eb6babf Certificate serial: 019AF23F8F327AA38492D25E40EE5CB873AC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tRQMX448e8JKGtTIQGQVJj62ur8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/94b73a-a3d5-40c4-9224-cdc2490393a6/1/tRQMX448e8JKGtTIQGQVJj62ur8.mft Manifest number: 151D Signing time: Sat 06 Dec 2025 06:00:42 +0000 Manifest this update: Sat 06 Dec 2025 06:00:42 +0000 Manifest next update: Sun 07 Dec 2025 06:00:42 +0000 Files and hashes: 1: tRQMX448e8JKGtTIQGQVJj62ur8.crl (hash: yFgQjvCo0hR/8syUTmMAGiBhmrUAFVrx7fDCwDQAkPI=) 2: vBSjooCv1VbYtFGvr_WsQil5zco.roa (hash: 9TpEuhk1/IC2lzmVZHygO3k9GcTIx0s6uCEc0lzgzlU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/98/94b73a-a3d5-40c4-9224-cdc2490393a6/1/tRQMX448e8JKGtTIQGQVJj62ur8.crl rsync://rpki.ripe.net/repository/DEFAULT/98/94b73a-a3d5-40c4-9224-cdc2490393a6/1/tRQMX448e8JKGtTIQGQVJj62ur8.mft rsync://rpki.ripe.net/repository/DEFAULT/tRQMX448e8JKGtTIQGQVJj62ur8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:3f:8f:32:7a:a3:84:92:d2:5e:40:ee:5c:b8:73:ac Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b5140c5f8e3c7bc24a1ad4c8406415263eb6babf Validity Not Before: Dec 6 06:00:42 2025 GMT Not After : Dec 7 06:00:42 2025 GMT Subject: CN=ce631eeae9375fa86fcef6639d5bf1d0755c7868 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:e6:db:5f:ab:00:3f:c6:a1:28:49:37:2d:89: 90:26:2a:0c:66:66:a2:60:37:33:6f:cc:77:74:4b: 6f:1a:10:cf:b8:34:2a:a3:53:1f:b8:f6:66:e2:dc: 3d:7e:7c:a3:98:51:73:58:78:70:51:7b:b6:26:c6: d4:2f:26:13:24:57:55:a8:e4:e4:16:5a:42:85:23: fc:0f:96:71:3c:f1:5b:5e:de:d4:91:f8:95:fc:e5: ce:7a:6c:4c:12:10:a8:1a:30:60:1c:a0:89:98:e0: 89:fd:af:0f:80:c7:70:52:d9:c8:35:45:60:b1:42: 27:fa:c8:f8:bf:28:6d:5a:0f:a6:32:b5:07:6c:a6: 01:35:91:cc:07:6d:d3:7b:19:3c:7e:bd:39:36:0f: b4:63:48:3f:66:d7:42:ad:76:fa:fc:e2:62:d0:96: a8:4a:d2:c6:6a:52:8b:fa:a1:7c:5f:60:52:7b:95: af:71:ef:11:1a:89:c9:a2:7b:0f:8e:6a:ed:4e:62: 76:12:e8:e5:3a:9c:49:be:70:fd:e0:cf:26:d6:a3: de:85:64:1e:45:dc:27:2d:96:e8:5e:2d:65:8d:67: 78:84:17:a9:be:4e:07:8d:c4:9e:96:d6:89:b9:c4: ef:2c:43:b1:f5:74:bb:a4:7e:92:7e:48:da:ed:30: 0d:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:63:1E:EA:E9:37:5F:A8:6F:CE:F6:63:9D:5B:F1:D0:75:5C:78:68 X509v3 Authority Key Identifier: keyid:B5:14:0C:5F:8E:3C:7B:C2:4A:1A:D4:C8:40:64:15:26:3E:B6:BA:BF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tRQMX448e8JKGtTIQGQVJj62ur8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/94b73a-a3d5-40c4-9224-cdc2490393a6/1/tRQMX448e8JKGtTIQGQVJj62ur8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/98/94b73a-a3d5-40c4-9224-cdc2490393a6/1/tRQMX448e8JKGtTIQGQVJj62ur8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 33:b8:7a:56:58:71:98:35:a8:31:59:cb:b4:e0:b5:ce:ae:3c: dc:0e:98:1d:29:82:d7:29:6e:c5:89:26:d1:ce:63:27:67:80: a3:16:4f:46:9d:8c:9a:57:46:77:b3:92:89:04:91:9b:95:57: a3:3f:cc:17:89:71:33:94:bb:0b:68:9f:e5:07:b0:13:d5:a5: 96:9c:60:75:79:bf:e1:8b:a7:07:96:e2:92:9e:04:19:a4:be: 42:e9:9a:cc:bc:97:bb:9a:7b:01:1a:0e:06:1b:37:87:53:46: b2:bf:f6:84:5c:36:9f:ae:0a:cd:fe:1f:47:36:5b:b4:4b:f6: 58:72:70:ce:b6:2f:99:9d:17:49:56:14:71:5b:b5:a7:5e:b0: 11:dd:e5:c8:e1:1c:47:bc:47:fb:43:45:c5:10:fc:f5:69:bc: 70:8f:da:07:f9:44:d0:d0:8b:12:47:2b:01:fc:27:05:c5:af: 19:43:0f:f3:d0:96:c0:84:42:e2:90:18:c4:3b:a5:d8:78:f4: 30:20:f5:e9:72:0d:6d:f0:9a:98:74:07:0b:9b:51:15:ee:12: 10:02:5d:3a:87:3f:7e:96:8a:4c:1f:38:e1:5d:f3:0d:2b:a2: 53:6a:7d:0a:4c:a3:2a:fe:c6:ab:d2:4a:e0:69:c9:09:44:6b: a9:8a:76:2f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryP48yeqOEktJeQO5cuHOsMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI1MTQwYzVmOGUzYzdiYzI0YTFhZDRjODQwNjQxNTI2M2Vi NmJhYmYwHhcNMjUxMjA2MDYwMDQyWhcNMjUxMjA3MDYwMDQyWjAzMTEwLwYDVQQD EyhjZTYzMWVlYWU5Mzc1ZmE4NmZjZWY2NjM5ZDViZjFkMDc1NWM3ODY4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwubbX6sAP8ahKEk3LYmQJioMZmai YDczb8x3dEtvGhDPuDQqo1MfuPZm4tw9fnyjmFFzWHhwUXu2JsbULyYTJFdVqOTk FlpChSP8D5ZxPPFbXt7UkfiV/OXOemxMEhCoGjBgHKCJmOCJ/a8PgMdwUtnINUVg sUIn+sj4vyhtWg+mMrUHbKYBNZHMB23Texk8fr05Ng+0Y0g/ZtdCrXb6/OJi0Jao StLGalKL+qF8X2BSe5Wvce8RGonJonsPjmrtTmJ2EujlOpxJvnD94M8m1qPehWQe RdwnLZboXi1ljWd4hBepvk4HjcSeltaJucTvLEOx9XS7pH6Sfkja7TANowIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFM5jHurpN1+ob872Y51b8dB1XHhoMB8GA1UdIwQY MBaAFLUUDF+OPHvCShrUyEBkFSY+trq/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdFJRTVg0NDhlOEpLR3RUSVFHUVZKajYydXI4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC85NGI3M2EtYTNkNS00MGM0LTkyMjQt Y2RjMjQ5MDM5M2E2LzEvdFJRTVg0NDhlOEpLR3RUSVFHUVZKajYydXI4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85OC85NGI3M2EtYTNkNS00MGM0LTkyMjQtY2RjMjQ5MDM5M2E2 LzEvdFJRTVg0NDhlOEpLR3RUSVFHUVZKajYydXI4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAM7h6Vlhx mDWoMVnLtOC1zq483A6YHSmC1yluxYkm0c5jJ2eAoxZPRp2MmldGd7OSiQSRm5VX oz/MF4lxM5S7C2if5QewE9WllpxgdXm/4YunB5bikp4EGaS+QumazLyXu5p7ARoO Bhs3h1NGsr/2hFw2n64Kzf4fRzZbtEv2WHJwzrYvmZ0XSVYUcVu1p16wEd3lyOEc R7xH+0NFxRD89Wm8cI/aB/lE0NCLEkcrAfwnBcWvGUMP89CWwIRC4pAYxDul2Hj0 MCD16XINbfCamHQHC5tRFe4SEAJdOoc/fpaKTB844V3zDSuiU2p9CkyjKv7Gq9JK 4GnJCURrqYp2Lw== -----END CERTIFICATE-----Generated at Sat Dec 6 09:26:56 2025 by rpki-client