This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/6a4b86-32b4-405f-bd65-68083709a4b5/1/TUknoUH7JbdYJMa-rvBnnTT8Sb0.mft File: TUknoUH7JbdYJMa-rvBnnTT8Sb0.mft (raw, json) Hash identifier: kWZUYvt+MByXBTHCmfloWn3HqNVITKFalsanWguwLIk= Subject key identifier: 87:A5:C6:A5:44:17:14:FB:4A:F4:C4:84:41:67:BB:59:85:4F:B7:F9 Authority key identifier: 4D:49:27:A1:41:FB:25:B7:58:24:C6:BE:AE:F0:67:9D:34:FC:49:BD Certificate issuer: /CN=4d4927a141fb25b75824c6beaef0679d34fc49bd Certificate serial: 019AF208A2E87747DC147EC7E10C0E923FE6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TUknoUH7JbdYJMa-rvBnnTT8Sb0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/6a4b86-32b4-405f-bd65-68083709a4b5/1/TUknoUH7JbdYJMa-rvBnnTT8Sb0.mft Manifest number: 0456 Signing time: Sat 06 Dec 2025 05:00:43 +0000 Manifest this update: Sat 06 Dec 2025 05:00:43 +0000 Manifest next update: Sun 07 Dec 2025 05:00:43 +0000 Files and hashes: 1: TUknoUH7JbdYJMa-rvBnnTT8Sb0.crl (hash: 4Hmw9Gu75gw8RkAUVDVFVScPHTUS2bmcSFAzrgeEmqM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9c/6a4b86-32b4-405f-bd65-68083709a4b5/1/TUknoUH7JbdYJMa-rvBnnTT8Sb0.crl rsync://rpki.ripe.net/repository/DEFAULT/9c/6a4b86-32b4-405f-bd65-68083709a4b5/1/TUknoUH7JbdYJMa-rvBnnTT8Sb0.mft rsync://rpki.ripe.net/repository/DEFAULT/TUknoUH7JbdYJMa-rvBnnTT8Sb0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:08:a2:e8:77:47:dc:14:7e:c7:e1:0c:0e:92:3f:e6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4d4927a141fb25b75824c6beaef0679d34fc49bd Validity Not Before: Dec 6 05:00:43 2025 GMT Not After : Dec 7 05:00:43 2025 GMT Subject: CN=87a5c6a5441714fb4af4c4844167bb59854fb7f9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:da:a6:62:f1:6b:f2:0d:97:75:47:a8:37:d3: de:05:4f:a6:53:3c:0f:64:70:8a:c9:ca:86:27:78: 3b:e8:3b:b1:70:24:83:4c:fb:ee:e3:64:9e:79:c2: e7:c6:35:05:68:31:55:bb:b8:a5:dc:ea:3b:5b:15: 37:7c:dd:4e:95:08:dd:92:c2:28:bc:73:6b:d6:9a: b5:c2:6e:4b:b1:cc:cd:fa:40:1d:7f:73:50:a3:73: 8b:71:11:de:0c:48:60:99:b5:05:30:d6:0f:73:b3: a5:01:c4:ce:15:2b:92:e8:85:84:f5:de:6a:29:aa: 64:3c:8f:b3:98:b0:12:10:28:73:ed:b0:1e:e8:e5: 9a:9d:dc:9f:d9:c2:76:14:ee:dd:08:eb:6a:2c:02: 41:b1:26:f2:79:3a:82:c6:b9:94:4c:23:fc:d6:ab: 2d:c3:26:d9:4b:81:b9:b0:70:14:c8:ad:1c:e5:1f: c6:84:b7:e4:1d:65:b6:8e:9e:c3:7f:12:5f:34:2a: b3:45:14:8d:73:b9:83:1d:23:05:93:fd:4d:fd:77: 31:49:8d:9a:1e:c2:68:e2:ba:9e:dc:4a:06:7c:dc: b2:9f:19:f2:13:3d:62:d3:8e:eb:fa:d1:52:01:46: 39:b8:dd:ef:ea:bb:67:70:9a:bd:b5:54:b2:78:10: 72:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:A5:C6:A5:44:17:14:FB:4A:F4:C4:84:41:67:BB:59:85:4F:B7:F9 X509v3 Authority Key Identifier: keyid:4D:49:27:A1:41:FB:25:B7:58:24:C6:BE:AE:F0:67:9D:34:FC:49:BD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TUknoUH7JbdYJMa-rvBnnTT8Sb0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/6a4b86-32b4-405f-bd65-68083709a4b5/1/TUknoUH7JbdYJMa-rvBnnTT8Sb0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/6a4b86-32b4-405f-bd65-68083709a4b5/1/TUknoUH7JbdYJMa-rvBnnTT8Sb0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 15:60:2e:fb:f8:7d:df:35:7f:5d:b4:ab:71:ac:8d:4e:e7:3e: e2:23:d1:71:64:f8:ab:63:b5:7f:e0:43:6b:6e:25:02:5d:5e: 19:17:7b:34:cc:5d:6e:cd:94:c7:35:3d:75:92:47:e2:d4:21: 76:6a:59:58:27:51:06:78:64:a7:3f:91:28:0e:56:ae:dd:99: 06:81:43:15:f1:9f:0a:d7:81:d3:69:1a:bc:5b:cf:a4:b0:d1: 0e:e2:db:d4:f6:d6:ea:8b:74:26:d0:99:d0:21:16:4f:9b:3c: 36:8c:7b:f9:88:eb:54:de:c5:02:6f:23:2f:01:75:09:9a:73: fe:6c:e0:76:f3:22:a0:9f:89:0c:a2:d3:4d:74:ea:7e:37:71: ab:20:3a:0f:73:49:83:4d:97:99:e3:b7:0a:73:1e:c5:7d:89: ef:b2:f1:e1:76:81:c8:34:71:e4:c0:2b:9a:9e:3c:a3:3e:77: 01:3c:59:f6:bf:83:10:41:a4:36:e9:c2:41:d2:29:bc:c0:6f: 27:2a:13:b0:0b:f0:11:c9:ee:a6:58:df:4e:5b:87:01:bb:73: f8:69:89:b8:fe:86:56:e6:a2:03:7b:d9:92:7f:a8:0e:34:32: f7:d3:8d:b9:36:93:b8:fc:62:40:03:6b:45:a9:dd:12:a5:2a: be:30:db:ad -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryCKLod0fcFH7H4QwOkj/mMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRkNDkyN2ExNDFmYjI1Yjc1ODI0YzZiZWFlZjA2NzlkMzRm YzQ5YmQwHhcNMjUxMjA2MDUwMDQzWhcNMjUxMjA3MDUwMDQzWjAzMTEwLwYDVQQD Eyg4N2E1YzZhNTQ0MTcxNGZiNGFmNGM0ODQ0MTY3YmI1OTg1NGZiN2Y5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA29qmYvFr8g2XdUeoN9PeBU+mUzwP ZHCKycqGJ3g76DuxcCSDTPvu42SeecLnxjUFaDFVu7il3Oo7WxU3fN1OlQjdksIo vHNr1pq1wm5LsczN+kAdf3NQo3OLcRHeDEhgmbUFMNYPc7OlAcTOFSuS6IWE9d5q KapkPI+zmLASEChz7bAe6OWandyf2cJ2FO7dCOtqLAJBsSbyeTqCxrmUTCP81qst wybZS4G5sHAUyK0c5R/GhLfkHWW2jp7DfxJfNCqzRRSNc7mDHSMFk/1N/XcxSY2a HsJo4rqe3EoGfNyynxnyEz1i047r+tFSAUY5uN3v6rtncJq9tVSyeBByaQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIelxqVEFxT7SvTEhEFnu1mFT7f5MB8GA1UdIwQY MBaAFE1JJ6FB+yW3WCTGvq7wZ500/Em9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVFVrbm9VSDdKYmRZSk1hLXJ2Qm5uVFQ4U2IwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy82YTRiODYtMzJiNC00MDVmLWJkNjUt NjgwODM3MDlhNGI1LzEvVFVrbm9VSDdKYmRZSk1hLXJ2Qm5uVFQ4U2IwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85Yy82YTRiODYtMzJiNC00MDVmLWJkNjUtNjgwODM3MDlhNGI1 LzEvVFVrbm9VSDdKYmRZSk1hLXJ2Qm5uVFQ4U2IwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFWAu+/h9 3zV/XbSrcayNTuc+4iPRcWT4q2O1f+BDa24lAl1eGRd7NMxdbs2UxzU9dZJH4tQh dmpZWCdRBnhkpz+RKA5Wrt2ZBoFDFfGfCteB02kavFvPpLDRDuLb1PbW6ot0JtCZ 0CEWT5s8Nox7+YjrVN7FAm8jLwF1CZpz/mzgdvMioJ+JDKLTTXTqfjdxqyA6D3NJ g02XmeO3CnMexX2J77Lx4XaByDRx5MArmp48oz53ATxZ9r+DEEGkNunCQdIpvMBv JyoTsAvwEcnupljfTluHAbtz+GmJuP6GVuaiA3vZkn+oDjQy99ONuTaTuPxiQANr RandEqUqvjDbrQ== -----END CERTIFICATE-----Generated at Sat Dec 6 10:02:57 2025 by rpki-client