This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/e71c9c-f589-476c-b080-c01db9d53479/1/TJ2SOjtDQWlZV2vLQAQWylz2Bg0.mft File: TJ2SOjtDQWlZV2vLQAQWylz2Bg0.mft (raw, json) Hash identifier: r7oBuSiDhYYTUTKUdhd212AeR7AGj2DNcMc1EC9JwAA= Subject key identifier: DE:F6:B4:05:BD:50:FE:05:D6:CA:29:6D:39:3E:64:4D:43:1D:DE:10 Authority key identifier: 4C:9D:92:3A:3B:43:41:69:59:57:6B:CB:40:04:16:CA:5C:F6:06:0D Certificate issuer: /CN=4c9d923a3b43416959576bcb400416ca5cf6060d Certificate serial: 019B2EFA829907806A9E6BF96A6842C34086 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TJ2SOjtDQWlZV2vLQAQWylz2Bg0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/e71c9c-f589-476c-b080-c01db9d53479/1/TJ2SOjtDQWlZV2vLQAQWylz2Bg0.mft Manifest number: 08F1 Signing time: Thu 18 Dec 2025 01:02:07 +0000 Manifest this update: Thu 18 Dec 2025 01:02:07 +0000 Manifest next update: Fri 19 Dec 2025 01:02:07 +0000 Files and hashes: 1: TJ2SOjtDQWlZV2vLQAQWylz2Bg0.crl (hash: R8+FaAqQkfFFE/Kak3asu+YC/ns6IxMcHPElfYUxEk4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/e71c9c-f589-476c-b080-c01db9d53479/1/TJ2SOjtDQWlZV2vLQAQWylz2Bg0.crl rsync://rpki.ripe.net/repository/DEFAULT/99/e71c9c-f589-476c-b080-c01db9d53479/1/TJ2SOjtDQWlZV2vLQAQWylz2Bg0.mft rsync://rpki.ripe.net/repository/DEFAULT/TJ2SOjtDQWlZV2vLQAQWylz2Bg0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 01:02:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2e:fa:82:99:07:80:6a:9e:6b:f9:6a:68:42:c3:40:86 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4c9d923a3b43416959576bcb400416ca5cf6060d Validity Not Before: Dec 18 01:02:07 2025 GMT Not After : Dec 19 01:02:07 2025 GMT Subject: CN=def6b405bd50fe05d6ca296d393e644d431dde10 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:f7:14:f7:ff:46:81:81:7c:da:80:ef:03:53: 90:8f:fe:fb:ae:3a:fb:84:e0:4c:0b:9b:bf:1d:14: fa:69:2e:fc:f4:43:47:49:04:5b:d9:8a:5e:ae:79: 02:b8:ce:7b:70:fd:05:e5:ba:50:d4:74:eb:72:6c: 22:18:1a:17:a7:67:f9:3b:0d:64:0e:af:6d:c4:d0: de:c7:a9:39:36:5b:36:ea:01:f2:95:56:e0:71:0e: 9a:14:9d:69:63:cb:be:d4:62:86:70:df:53:38:51: 6c:6b:54:40:50:ea:a7:7a:00:75:96:ff:d8:c0:38: 39:7e:28:f8:f1:67:85:7d:22:60:27:8d:ad:cb:5c: e4:40:c8:a9:2e:89:a4:04:63:67:af:56:da:51:a7: 2b:cc:3b:c1:18:6b:81:3e:6e:35:2e:1b:b8:c7:e4: 68:11:88:8f:90:0b:c5:93:2c:80:fd:05:ad:c8:2d: 01:b7:e6:fd:e1:06:5f:fe:b0:1a:d4:99:05:61:39: 50:16:19:12:44:db:a6:e5:94:eb:d1:7a:56:fb:2e: 18:b8:73:b6:40:ba:2d:3b:43:31:26:04:1a:a8:53: 2e:67:bc:99:1e:3b:85:7d:f6:05:26:ad:32:cf:12: e0:2d:54:e1:32:f1:99:d0:c5:b3:fa:a7:e1:51:f0: 19:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DE:F6:B4:05:BD:50:FE:05:D6:CA:29:6D:39:3E:64:4D:43:1D:DE:10 X509v3 Authority Key Identifier: keyid:4C:9D:92:3A:3B:43:41:69:59:57:6B:CB:40:04:16:CA:5C:F6:06:0D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TJ2SOjtDQWlZV2vLQAQWylz2Bg0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/e71c9c-f589-476c-b080-c01db9d53479/1/TJ2SOjtDQWlZV2vLQAQWylz2Bg0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/99/e71c9c-f589-476c-b080-c01db9d53479/1/TJ2SOjtDQWlZV2vLQAQWylz2Bg0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4e:b7:9d:d3:52:e7:7a:7a:18:21:27:38:1f:80:52:34:7b:7d: 9e:ee:2b:27:71:52:c7:cd:eb:7c:40:5b:f8:2e:a2:a2:a8:95: 93:fc:f7:8f:f2:99:62:d0:dd:85:0e:65:de:da:33:d1:40:3e: 79:6d:b8:09:3f:d6:82:65:b3:9f:f8:c2:2d:aa:74:73:cd:a4: 07:53:c0:08:6c:f6:1d:e3:ed:8e:43:8d:15:d8:a3:ab:97:f8: e5:b4:50:0e:f4:70:c4:35:73:cf:7f:81:66:b0:c2:a3:d4:dd: 6b:7d:80:cb:78:72:ea:7e:56:b6:70:5a:05:1b:7b:3d:1c:02: 41:b4:73:fd:c7:92:c4:cc:cb:16:80:97:1b:d1:cc:c2:db:56: 39:7d:71:6f:3c:10:5e:32:4e:a2:a4:3b:55:c5:27:60:6b:aa: 52:30:22:5e:d8:9b:28:11:0d:d5:5d:98:ba:0c:b9:49:c9:aa: f4:24:06:74:16:af:d9:fe:66:39:9c:c2:73:08:98:22:23:0f: 78:af:8c:4f:cb:6c:60:aa:06:61:ec:97:9f:89:e4:3b:95:b6: cf:ee:6a:9b:c8:24:f8:52:68:31:5c:74:a4:df:80:86:ab:bd: f4:d6:5d:5f:60:df:07:4b:83:22:33:96:77:91:0d:d5:7d:f9: d8:9f:b3:3f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsu+oKZB4Bqnmv5amhCw0CGMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRjOWQ5MjNhM2I0MzQxNjk1OTU3NmJjYjQwMDQxNmNhNWNm NjA2MGQwHhcNMjUxMjE4MDEwMjA3WhcNMjUxMjE5MDEwMjA3WjAzMTEwLwYDVQQD EyhkZWY2YjQwNWJkNTBmZTA1ZDZjYTI5NmQzOTNlNjQ0ZDQzMWRkZTEwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArvcU9/9GgYF82oDvA1OQj/77rjr7 hOBMC5u/HRT6aS789ENHSQRb2YpernkCuM57cP0F5bpQ1HTrcmwiGBoXp2f5Ow1k Dq9txNDex6k5Nls26gHylVbgcQ6aFJ1pY8u+1GKGcN9TOFFsa1RAUOqnegB1lv/Y wDg5fij48WeFfSJgJ42ty1zkQMipLomkBGNnr1baUacrzDvBGGuBPm41Lhu4x+Ro EYiPkAvFkyyA/QWtyC0Bt+b94QZf/rAa1JkFYTlQFhkSRNum5ZTr0XpW+y4YuHO2 QLotO0MxJgQaqFMuZ7yZHjuFffYFJq0yzxLgLVThMvGZ0MWz+qfhUfAZoQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFN72tAW9UP4F1sopbTk+ZE1DHd4QMB8GA1UdIwQY MBaAFEydkjo7Q0FpWVdry0AEFspc9gYNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVEoyU09qdERRV2xaVjJ2TFFBUVd5bHoyQmcwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9lNzFjOWMtZjU4OS00NzZjLWIwODAt YzAxZGI5ZDUzNDc5LzEvVEoyU09qdERRV2xaVjJ2TFFBUVd5bHoyQmcwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85OS9lNzFjOWMtZjU4OS00NzZjLWIwODAtYzAxZGI5ZDUzNDc5 LzEvVEoyU09qdERRV2xaVjJ2TFFBUVd5bHoyQmcwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATred01Ln enoYISc4H4BSNHt9nu4rJ3FSx83rfEBb+C6ioqiVk/z3j/KZYtDdhQ5l3toz0UA+ eW24CT/WgmWzn/jCLap0c82kB1PACGz2HePtjkONFdijq5f45bRQDvRwxDVzz3+B ZrDCo9Tda32Ay3hy6n5WtnBaBRt7PRwCQbRz/ceSxMzLFoCXG9HMwttWOX1xbzwQ XjJOoqQ7VcUnYGuqUjAiXtibKBEN1V2Yugy5Scmq9CQGdBav2f5mOZzCcwiYIiMP eK+MT8tsYKoGYeyXn4nkO5W2z+5qm8gk+FJoMVx0pN+Ahqu99NZdX2DfB0uDIjOW d5EN1X352J+zPw== -----END CERTIFICATE-----Generated at Thu Dec 18 07:48:35 2025 by rpki-client