This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/6a4b86-32b4-405f-bd65-68083709a4b5/1/TUknoUH7JbdYJMa-rvBnnTT8Sb0.mft File: TUknoUH7JbdYJMa-rvBnnTT8Sb0.mft (raw, json) Hash identifier: CSaGv07RTXtu9ZeLYSuupSWwbzH7ekuFOYWAh/Jw77k= Subject key identifier: 29:86:F7:11:FF:07:2A:85:0F:E7:2A:3A:53:67:25:C7:16:10:CC:8F Authority key identifier: 4D:49:27:A1:41:FB:25:B7:58:24:C6:BE:AE:F0:67:9D:34:FC:49:BD Certificate issuer: /CN=4d4927a141fb25b75824c6beaef0679d34fc49bd Certificate serial: 019B2BF82A32B447D57BB04CBF0C40690F86 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TUknoUH7JbdYJMa-rvBnnTT8Sb0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/6a4b86-32b4-405f-bd65-68083709a4b5/1/TUknoUH7JbdYJMa-rvBnnTT8Sb0.mft Manifest number: 0474 Signing time: Wed 17 Dec 2025 11:00:42 +0000 Manifest this update: Wed 17 Dec 2025 11:00:42 +0000 Manifest next update: Thu 18 Dec 2025 11:00:42 +0000 Files and hashes: 1: TUknoUH7JbdYJMa-rvBnnTT8Sb0.crl (hash: upRdWumClKDIT5iF1a4b88WNgzEnEdRs/xplECXeHKE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9c/6a4b86-32b4-405f-bd65-68083709a4b5/1/TUknoUH7JbdYJMa-rvBnnTT8Sb0.crl rsync://rpki.ripe.net/repository/DEFAULT/9c/6a4b86-32b4-405f-bd65-68083709a4b5/1/TUknoUH7JbdYJMa-rvBnnTT8Sb0.mft rsync://rpki.ripe.net/repository/DEFAULT/TUknoUH7JbdYJMa-rvBnnTT8Sb0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 18 Dec 2025 10:00:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2b:f8:2a:32:b4:47:d5:7b:b0:4c:bf:0c:40:69:0f:86 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4d4927a141fb25b75824c6beaef0679d34fc49bd Validity Not Before: Dec 17 11:00:42 2025 GMT Not After : Dec 18 11:00:42 2025 GMT Subject: CN=2986f711ff072a850fe72a3a536725c71610cc8f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:73:a5:77:6e:49:c1:92:fb:97:6d:78:d5:ff: 7d:f4:fb:a1:5f:d4:ba:9e:bd:e8:bc:ba:27:ff:a6: 18:08:31:64:de:6f:d5:51:93:f7:06:f5:f2:75:1d: 9b:09:a3:35:f2:12:e8:d9:16:da:1e:0a:47:f6:d5: c5:d3:9e:44:07:f1:07:bd:c3:ec:02:1f:88:4d:65: 4e:12:81:ed:47:d3:61:2c:51:bd:ab:b4:5d:f2:69: d3:3a:be:7d:11:63:f9:d3:6e:ea:54:03:42:9b:bf: 86:47:57:d9:ab:48:67:36:0a:eb:a3:7b:94:7e:a0: 8c:e1:99:39:d8:2c:80:2f:88:76:76:aa:3a:9c:f6: 72:6c:42:57:c4:6b:60:1c:3e:ae:93:3f:75:dd:76: e0:bd:31:98:d8:6b:15:ec:c8:f0:ac:82:5e:c0:0c: 99:bb:8d:55:25:43:53:e7:13:f1:c7:47:aa:cd:23: 79:55:7f:95:3a:82:2a:f0:2e:45:25:d8:fb:c9:f3: f3:82:bc:4d:de:52:99:00:58:d9:22:c8:93:b6:64: c9:30:a2:9c:f2:b5:14:c5:22:ad:fc:7e:79:ea:df: 51:60:45:a8:10:0d:1c:9f:c7:18:d3:9b:e2:b6:96: cb:77:b1:58:83:9c:5a:0f:b2:08:4c:00:7e:e7:9f: 3b:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:86:F7:11:FF:07:2A:85:0F:E7:2A:3A:53:67:25:C7:16:10:CC:8F X509v3 Authority Key Identifier: keyid:4D:49:27:A1:41:FB:25:B7:58:24:C6:BE:AE:F0:67:9D:34:FC:49:BD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TUknoUH7JbdYJMa-rvBnnTT8Sb0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/6a4b86-32b4-405f-bd65-68083709a4b5/1/TUknoUH7JbdYJMa-rvBnnTT8Sb0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/6a4b86-32b4-405f-bd65-68083709a4b5/1/TUknoUH7JbdYJMa-rvBnnTT8Sb0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1c:10:80:06:a0:5f:71:4b:72:0c:a0:b7:ca:5f:22:29:13:be: 85:77:a2:ec:07:e4:4b:f4:30:aa:c5:f9:ad:a5:5a:2b:88:7b: e3:40:e0:67:fa:2f:04:83:d1:67:ba:5b:c1:75:dc:80:b9:d5: cb:48:a5:06:a2:48:f7:60:63:d7:8d:66:ce:a7:f9:93:bb:4a: e1:32:d0:3b:f7:88:79:10:ca:20:f6:a5:c7:6c:e8:ab:af:cf: 74:27:cf:3a:0c:99:be:a3:88:11:14:b5:99:d9:9b:7b:d2:b4: 78:cc:3f:b2:b9:51:a9:c7:3a:e4:d7:81:91:70:6c:a7:6c:0d: e1:48:30:28:4d:3f:74:bc:89:ba:07:2d:69:d1:99:3b:a8:e5: 2a:bd:a6:9b:1e:42:e5:cf:cc:29:7b:c0:99:22:d5:fc:0c:66: 49:cb:98:ce:8f:51:0b:1b:56:e3:10:16:93:45:56:e7:3e:7e: 3b:87:d5:83:b3:c7:1c:26:09:85:e2:6e:2c:19:ba:bf:fd:db: 70:bc:ea:fd:30:13:e2:07:a5:b1:67:f3:c6:21:c2:2d:d9:ac: 18:f4:77:24:ab:cb:70:1e:7c:8f:69:5a:bc:5e:3b:b3:af:c6: 8b:d5:35:4c:02:0b:47:f1:b7:74:3e:99:d6:f4:22:58:00:20: e7:f0:dd:9a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsr+CoytEfVe7BMvwxAaQ+GMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRkNDkyN2ExNDFmYjI1Yjc1ODI0YzZiZWFlZjA2NzlkMzRm YzQ5YmQwHhcNMjUxMjE3MTEwMDQyWhcNMjUxMjE4MTEwMDQyWjAzMTEwLwYDVQQD EygyOTg2ZjcxMWZmMDcyYTg1MGZlNzJhM2E1MzY3MjVjNzE2MTBjYzhmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxXOld25JwZL7l2141f999PuhX9S6 nr3ovLon/6YYCDFk3m/VUZP3BvXydR2bCaM18hLo2RbaHgpH9tXF055EB/EHvcPs Ah+ITWVOEoHtR9NhLFG9q7Rd8mnTOr59EWP5027qVANCm7+GR1fZq0hnNgrro3uU fqCM4Zk52CyAL4h2dqo6nPZybEJXxGtgHD6ukz913XbgvTGY2GsV7MjwrIJewAyZ u41VJUNT5xPxx0eqzSN5VX+VOoIq8C5FJdj7yfPzgrxN3lKZAFjZIsiTtmTJMKKc 8rUUxSKt/H556t9RYEWoEA0cn8cY05vitpbLd7FYg5xaD7IITAB+55874QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCmG9xH/ByqFD+cqOlNnJccWEMyPMB8GA1UdIwQY MBaAFE1JJ6FB+yW3WCTGvq7wZ500/Em9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVFVrbm9VSDdKYmRZSk1hLXJ2Qm5uVFQ4U2IwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy82YTRiODYtMzJiNC00MDVmLWJkNjUt NjgwODM3MDlhNGI1LzEvVFVrbm9VSDdKYmRZSk1hLXJ2Qm5uVFQ4U2IwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85Yy82YTRiODYtMzJiNC00MDVmLWJkNjUtNjgwODM3MDlhNGI1 LzEvVFVrbm9VSDdKYmRZSk1hLXJ2Qm5uVFQ4U2IwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHBCABqBf cUtyDKC3yl8iKRO+hXei7AfkS/QwqsX5raVaK4h740DgZ/ovBIPRZ7pbwXXcgLnV y0ilBqJI92Bj141mzqf5k7tK4TLQO/eIeRDKIPalx2zoq6/PdCfPOgyZvqOIERS1 mdmbe9K0eMw/srlRqcc65NeBkXBsp2wN4UgwKE0/dLyJugctadGZO6jlKr2mmx5C 5c/MKXvAmSLV/AxmScuYzo9RCxtW4xAWk0VW5z5+O4fVg7PHHCYJheJuLBm6v/3b cLzq/TAT4gelsWfzxiHCLdmsGPR3JKvLcB58j2lavF47s6/Gi9U1TAILR/G3dD6Z 1vQiWAAg5/Ddmg== -----END CERTIFICATE-----Generated at Wed Dec 17 17:55:25 2025 by rpki-client