This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/94b73a-a3d5-40c4-9224-cdc2490393a6/1/tRQMX448e8JKGtTIQGQVJj62ur8.mft File: tRQMX448e8JKGtTIQGQVJj62ur8.mft (raw, json) Hash identifier: P81vCCGP7wHbzRP1nyWYMAdIwYncQ/AMj9dCanjE37U= Subject key identifier: 46:B5:57:5D:0B:8D:EA:6A:E5:1F:2A:5B:E1:1D:9F:94:99:F6:23:A5 Authority key identifier: B5:14:0C:5F:8E:3C:7B:C2:4A:1A:D4:C8:40:64:15:26:3E:B6:BA:BF Certificate issuer: /CN=b5140c5f8e3c7bc24a1ad4c8406415263eb6babf Certificate serial: 019B35D6EEC4F8894FC85D761004FEDCD687 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tRQMX448e8JKGtTIQGQVJj62ur8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/94b73a-a3d5-40c4-9224-cdc2490393a6/1/tRQMX448e8JKGtTIQGQVJj62ur8.mft Manifest number: 1540 Signing time: Fri 19 Dec 2025 09:00:36 +0000 Manifest this update: Fri 19 Dec 2025 09:00:36 +0000 Manifest next update: Sat 20 Dec 2025 09:00:36 +0000 Files and hashes: 1: tRQMX448e8JKGtTIQGQVJj62ur8.crl (hash: aGdvmujAbAL5OXmbEOdYFOmPMqUFZX3nUE5hyxrRc6A=) 2: vBSjooCv1VbYtFGvr_WsQil5zco.roa (hash: 9TpEuhk1/IC2lzmVZHygO3k9GcTIx0s6uCEc0lzgzlU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/98/94b73a-a3d5-40c4-9224-cdc2490393a6/1/tRQMX448e8JKGtTIQGQVJj62ur8.crl rsync://rpki.ripe.net/repository/DEFAULT/98/94b73a-a3d5-40c4-9224-cdc2490393a6/1/tRQMX448e8JKGtTIQGQVJj62ur8.mft rsync://rpki.ripe.net/repository/DEFAULT/tRQMX448e8JKGtTIQGQVJj62ur8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 07:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:35:d6:ee:c4:f8:89:4f:c8:5d:76:10:04:fe:dc:d6:87 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b5140c5f8e3c7bc24a1ad4c8406415263eb6babf Validity Not Before: Dec 19 09:00:36 2025 GMT Not After : Dec 20 09:00:36 2025 GMT Subject: CN=46b5575d0b8dea6ae51f2a5be11d9f9499f623a5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:f1:07:f2:74:58:fe:f3:2e:70:fa:e9:37:3c: 25:ae:ca:42:7b:59:36:ba:45:7b:8e:a1:cd:55:83: 1a:36:65:f6:d3:aa:26:9f:61:a4:5b:5a:38:8f:64: 16:c2:4e:14:20:85:30:17:98:98:88:ca:2d:07:5f: a2:a7:ee:d1:b1:bb:a1:c9:73:62:79:7c:b9:aa:18: 5a:31:a1:09:6b:42:40:0c:f2:49:4a:a3:1e:8a:ad: 17:14:21:8f:0e:c3:b3:8f:0f:79:b6:b1:77:4e:46: 1c:4e:08:bc:62:92:61:5a:c5:01:87:c4:62:d3:12: d2:bc:3c:9a:ee:10:e3:07:d9:f3:6e:82:e6:da:71: fe:ce:26:2f:91:58:b2:97:70:88:e5:4a:26:6d:3d: 20:18:77:64:e5:0e:de:5b:b3:97:7e:63:73:c5:22: df:cd:ea:20:ef:07:1a:75:37:d2:58:c6:78:8e:c5: d9:74:72:ab:f9:2a:e4:5d:af:49:25:7c:92:ad:8d: 39:60:19:c7:70:b2:5e:f8:bf:4e:7f:13:c0:d3:b6: a1:d4:98:41:f5:4a:ec:db:f0:29:ff:c0:70:2b:37: 33:6d:04:0c:9a:d6:32:67:02:02:39:62:90:8b:a5: 5b:f7:17:1a:a4:e9:ee:c4:76:b5:11:57:9a:e1:7e: f2:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 46:B5:57:5D:0B:8D:EA:6A:E5:1F:2A:5B:E1:1D:9F:94:99:F6:23:A5 X509v3 Authority Key Identifier: keyid:B5:14:0C:5F:8E:3C:7B:C2:4A:1A:D4:C8:40:64:15:26:3E:B6:BA:BF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tRQMX448e8JKGtTIQGQVJj62ur8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/94b73a-a3d5-40c4-9224-cdc2490393a6/1/tRQMX448e8JKGtTIQGQVJj62ur8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/98/94b73a-a3d5-40c4-9224-cdc2490393a6/1/tRQMX448e8JKGtTIQGQVJj62ur8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6e:ad:17:1a:3b:ef:b4:3f:fb:ea:94:97:72:0d:d6:ec:d9:32: 0d:1f:1a:51:e5:e5:e5:9a:f9:38:a6:2c:78:6e:cb:04:39:6f: 1e:61:5e:20:c6:a9:24:6a:4a:c0:b1:4d:d0:c9:21:8e:0d:f8: 48:13:5e:d0:2d:97:53:3c:e0:40:f5:5f:f8:73:98:7b:26:72: 70:8c:06:3b:2b:4d:64:ae:e3:97:e0:56:60:44:05:08:57:c8: ce:75:6b:03:c8:0e:99:b1:01:74:25:b2:4a:23:c2:77:27:22: 13:a9:cc:93:f9:b1:4f:8d:c3:d0:18:1f:0e:05:bd:15:3e:67: 84:04:aa:3e:8e:2c:f1:73:fa:22:3e:81:17:1b:ab:8a:34:e9: 0c:8f:b5:d0:02:ca:f2:b9:2b:20:a7:a2:ec:76:d4:21:e9:a4: 9a:25:55:57:b5:48:2a:3b:74:35:0c:92:18:cc:17:77:ab:fb: 16:d7:ad:37:08:7d:1b:a8:00:e0:e0:1a:a0:9f:84:1f:6e:b5: 31:c2:4e:45:80:ba:5c:4a:a1:6f:ff:9c:07:09:f7:91:87:9a: 06:e8:aa:5b:f3:ba:3e:0a:b1:3f:42:2b:74:32:b9:82:67:52: c1:c0:ad:67:48:a8:89:8d:12:c4:f2:d3:0d:5a:0e:07:04:71: 0c:48:6d:f0 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs11u7E+IlPyF12EAT+3NaHMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI1MTQwYzVmOGUzYzdiYzI0YTFhZDRjODQwNjQxNTI2M2Vi NmJhYmYwHhcNMjUxMjE5MDkwMDM2WhcNMjUxMjIwMDkwMDM2WjAzMTEwLwYDVQQD Eyg0NmI1NTc1ZDBiOGRlYTZhZTUxZjJhNWJlMTFkOWY5NDk5ZjYyM2E1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuPEH8nRY/vMucPrpNzwlrspCe1k2 ukV7jqHNVYMaNmX206omn2GkW1o4j2QWwk4UIIUwF5iYiMotB1+ip+7RsbuhyXNi eXy5qhhaMaEJa0JADPJJSqMeiq0XFCGPDsOzjw95trF3TkYcTgi8YpJhWsUBh8Ri 0xLSvDya7hDjB9nzboLm2nH+ziYvkViyl3CI5UombT0gGHdk5Q7eW7OXfmNzxSLf zeog7wcadTfSWMZ4jsXZdHKr+SrkXa9JJXySrY05YBnHcLJe+L9OfxPA07ah1JhB 9Urs2/Ap/8BwKzczbQQMmtYyZwICOWKQi6Vb9xcapOnuxHa1EVea4X7yRwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEa1V10Ljepq5R8qW+Edn5SZ9iOlMB8GA1UdIwQY MBaAFLUUDF+OPHvCShrUyEBkFSY+trq/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdFJRTVg0NDhlOEpLR3RUSVFHUVZKajYydXI4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC85NGI3M2EtYTNkNS00MGM0LTkyMjQt Y2RjMjQ5MDM5M2E2LzEvdFJRTVg0NDhlOEpLR3RUSVFHUVZKajYydXI4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85OC85NGI3M2EtYTNkNS00MGM0LTkyMjQtY2RjMjQ5MDM5M2E2 LzEvdFJRTVg0NDhlOEpLR3RUSVFHUVZKajYydXI4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbq0XGjvv tD/76pSXcg3W7NkyDR8aUeXl5Zr5OKYseG7LBDlvHmFeIMapJGpKwLFN0Mkhjg34 SBNe0C2XUzzgQPVf+HOYeyZycIwGOytNZK7jl+BWYEQFCFfIznVrA8gOmbEBdCWy SiPCdyciE6nMk/mxT43D0BgfDgW9FT5nhASqPo4s8XP6Ij6BFxurijTpDI+10ALK 8rkrIKei7HbUIemkmiVVV7VIKjt0NQySGMwXd6v7FtetNwh9G6gA4OAaoJ+EH261 McJORYC6XEqhb/+cBwn3kYeaBuiqW/O6PgqxP0IrdDK5gmdSwcCtZ0ioiY0SxPLT DVoOBwRxDEht8A== -----END CERTIFICATE-----Generated at Fri Dec 19 12:54:15 2025 by rpki-client