This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/e71c9c-f589-476c-b080-c01db9d53479/1/TJ2SOjtDQWlZV2vLQAQWylz2Bg0.mft File: TJ2SOjtDQWlZV2vLQAQWylz2Bg0.mft (raw, json) Hash identifier: +RAeZ2LHI44v4af38ZRNZH/Xa4CZ9jkG6SStxM6cHYY= Subject key identifier: 53:68:0C:E5:2E:DB:15:24:1F:96:81:EF:80:30:1E:D3:80:79:5A:7E Authority key identifier: 4C:9D:92:3A:3B:43:41:69:59:57:6B:CB:40:04:16:CA:5C:F6:06:0D Certificate issuer: /CN=4c9d923a3b43416959576bcb400416ca5cf6060d Certificate serial: 019AF31CC8CF5DC121A2398FC9F470199752 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TJ2SOjtDQWlZV2vLQAQWylz2Bg0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/e71c9c-f589-476c-b080-c01db9d53479/1/TJ2SOjtDQWlZV2vLQAQWylz2Bg0.mft Manifest number: 08D2 Signing time: Sat 06 Dec 2025 10:02:21 +0000 Manifest this update: Sat 06 Dec 2025 10:02:21 +0000 Manifest next update: Sun 07 Dec 2025 10:02:21 +0000 Files and hashes: 1: TJ2SOjtDQWlZV2vLQAQWylz2Bg0.crl (hash: x/nV/IlSYMDz5k8EN87hFxZM/WdlbsKFr2LrByMfwk0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/e71c9c-f589-476c-b080-c01db9d53479/1/TJ2SOjtDQWlZV2vLQAQWylz2Bg0.crl rsync://rpki.ripe.net/repository/DEFAULT/99/e71c9c-f589-476c-b080-c01db9d53479/1/TJ2SOjtDQWlZV2vLQAQWylz2Bg0.mft rsync://rpki.ripe.net/repository/DEFAULT/TJ2SOjtDQWlZV2vLQAQWylz2Bg0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 10:02:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1c:c8:cf:5d:c1:21:a2:39:8f:c9:f4:70:19:97:52 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4c9d923a3b43416959576bcb400416ca5cf6060d Validity Not Before: Dec 6 10:02:21 2025 GMT Not After : Dec 7 10:02:21 2025 GMT Subject: CN=53680ce52edb15241f9681ef80301ed380795a7e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:ff:a8:85:4b:54:1f:ae:f2:25:18:f0:be:ef: 69:28:f6:c8:84:67:d9:9d:d9:9b:7b:df:b0:2e:a4: 1e:3c:88:eb:67:e6:1d:81:be:47:51:74:f8:41:35: 19:6a:d2:d5:3b:af:9a:cd:3e:79:14:ec:45:6d:40: 04:a4:cd:62:db:28:3e:b6:19:2b:ce:0a:1c:90:e9: ec:a3:82:44:af:44:04:bc:99:0c:83:80:2b:b9:61: 22:d4:41:6a:a6:78:e5:85:e1:a2:9e:92:2b:c0:a1: 81:58:bc:a5:c5:e6:47:2d:dd:3e:08:eb:0e:bc:4d: 3d:0a:c3:b0:f4:60:08:65:a7:eb:3e:58:34:8e:34: 76:59:7b:18:82:05:fd:b1:53:57:26:3a:2f:bb:ae: 46:c8:72:d3:1e:09:ec:3c:42:62:d1:5f:1c:d4:20: b4:ff:01:2a:9b:8d:93:9d:b3:c3:34:51:cb:76:c8: 47:f9:b6:52:4e:37:16:b3:64:32:62:b9:0d:0e:40: 7e:b7:97:cd:3e:47:a9:30:86:3e:37:9d:4c:63:f4: c8:5a:03:24:be:e0:e4:06:60:4f:c3:a0:1e:92:0a: 9f:73:14:56:a6:6b:43:3d:c5:7d:e8:1c:f3:e3:44: 0b:06:b5:6e:74:92:cf:df:59:76:18:18:b0:a6:91: 1d:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 53:68:0C:E5:2E:DB:15:24:1F:96:81:EF:80:30:1E:D3:80:79:5A:7E X509v3 Authority Key Identifier: keyid:4C:9D:92:3A:3B:43:41:69:59:57:6B:CB:40:04:16:CA:5C:F6:06:0D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TJ2SOjtDQWlZV2vLQAQWylz2Bg0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/e71c9c-f589-476c-b080-c01db9d53479/1/TJ2SOjtDQWlZV2vLQAQWylz2Bg0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/99/e71c9c-f589-476c-b080-c01db9d53479/1/TJ2SOjtDQWlZV2vLQAQWylz2Bg0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6a:4a:e9:d3:85:7c:e2:d2:db:f1:be:38:33:39:9a:57:e4:b8: 61:ba:05:7b:dd:68:f8:54:3c:bd:0a:52:4d:71:0a:1e:31:f6: 7c:49:2e:4d:ee:57:42:b5:15:74:db:f6:0b:5c:97:c6:80:7a: 59:ce:12:ec:56:01:fd:f4:91:39:b5:3e:80:bc:63:74:e2:25: 9b:e0:b5:94:da:14:12:d8:ee:9f:8a:02:74:e1:81:8a:ae:10: ea:a6:31:cd:75:e5:41:be:34:b9:66:ed:7e:15:6b:30:ac:c6: 69:10:6f:a7:a0:d1:80:27:74:6c:80:df:79:59:8d:09:c5:a8: c3:76:aa:40:65:5c:9b:50:1b:20:03:0d:13:17:3c:e8:4f:15: 86:51:76:aa:6d:0a:02:75:fa:10:a3:75:88:c5:4c:0d:12:bf: 11:dd:6e:02:7e:61:ed:20:ab:85:aa:65:0a:81:89:e6:7b:58: aa:88:7e:59:e1:49:66:61:11:33:6b:6f:80:f9:41:e5:60:e1: 03:16:ea:d2:df:bb:f8:75:4f:8d:17:d6:12:e4:73:59:9d:cf: b1:09:0c:7c:81:a4:53:dd:38:02:97:69:ef:8a:aa:8e:64:77: 24:d3:81:59:6e:0e:d8:b2:4f:1a:a0:63:d8:4d:a0:53:06:4c: 6e:c1:9e:cd -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzHMjPXcEhojmPyfRwGZdSMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRjOWQ5MjNhM2I0MzQxNjk1OTU3NmJjYjQwMDQxNmNhNWNm NjA2MGQwHhcNMjUxMjA2MTAwMjIxWhcNMjUxMjA3MTAwMjIxWjAzMTEwLwYDVQQD Eyg1MzY4MGNlNTJlZGIxNTI0MWY5NjgxZWY4MDMwMWVkMzgwNzk1YTdlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwP+ohUtUH67yJRjwvu9pKPbIhGfZ ndmbe9+wLqQePIjrZ+Ydgb5HUXT4QTUZatLVO6+azT55FOxFbUAEpM1i2yg+thkr zgockOnso4JEr0QEvJkMg4AruWEi1EFqpnjlheGinpIrwKGBWLylxeZHLd0+COsO vE09CsOw9GAIZafrPlg0jjR2WXsYggX9sVNXJjovu65GyHLTHgnsPEJi0V8c1CC0 /wEqm42TnbPDNFHLdshH+bZSTjcWs2QyYrkNDkB+t5fNPkepMIY+N51MY/TIWgMk vuDkBmBPw6AekgqfcxRWpmtDPcV96Bzz40QLBrVudJLP31l2GBiwppEdCQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFNoDOUu2xUkH5aB74AwHtOAeVp+MB8GA1UdIwQY MBaAFEydkjo7Q0FpWVdry0AEFspc9gYNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVEoyU09qdERRV2xaVjJ2TFFBUVd5bHoyQmcwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9lNzFjOWMtZjU4OS00NzZjLWIwODAt YzAxZGI5ZDUzNDc5LzEvVEoyU09qdERRV2xaVjJ2TFFBUVd5bHoyQmcwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85OS9lNzFjOWMtZjU4OS00NzZjLWIwODAtYzAxZGI5ZDUzNDc5 LzEvVEoyU09qdERRV2xaVjJ2TFFBUVd5bHoyQmcwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAakrp04V8 4tLb8b44MzmaV+S4YboFe91o+FQ8vQpSTXEKHjH2fEkuTe5XQrUVdNv2C1yXxoB6 Wc4S7FYB/fSRObU+gLxjdOIlm+C1lNoUEtjun4oCdOGBiq4Q6qYxzXXlQb40uWbt fhVrMKzGaRBvp6DRgCd0bIDfeVmNCcWow3aqQGVcm1AbIAMNExc86E8VhlF2qm0K AnX6EKN1iMVMDRK/Ed1uAn5h7SCrhaplCoGJ5ntYqoh+WeFJZmERM2tvgPlB5WDh Axbq0t+7+HVPjRfWEuRzWZ3PsQkMfIGkU904Apdp74qqjmR3JNOBWW4O2LJPGqBj 2E2gUwZMbsGezQ== -----END CERTIFICATE-----Generated at Sat Dec 6 16:57:20 2025 by rpki-client