This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/e703c8-465f-47a5-952c-495e188701b6/1/tTmDGDXIfHUB9sN8tI5gp5WjlLs.mft File: tTmDGDXIfHUB9sN8tI5gp5WjlLs.mft (raw, json) Hash identifier: dC8EY5OYoInlj+sGg4vsPPWezs0HbzeeFAD8Cn5RT8o= Subject key identifier: 8B:43:56:94:CE:0C:87:70:C2:98:32:2F:A9:62:EF:C3:E2:93:FB:E6 Authority key identifier: B5:39:83:18:35:C8:7C:75:01:F6:C3:7C:B4:8E:60:A7:95:A3:94:BB Certificate issuer: /CN=b539831835c87c7501f6c37cb48e60a795a394bb Certificate serial: 019AF12EB1F26E64FA8B6C62074A20C6259E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tTmDGDXIfHUB9sN8tI5gp5WjlLs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/e703c8-465f-47a5-952c-495e188701b6/1/tTmDGDXIfHUB9sN8tI5gp5WjlLs.mft Manifest number: 1760 Signing time: Sat 06 Dec 2025 01:02:40 +0000 Manifest this update: Sat 06 Dec 2025 01:02:40 +0000 Manifest next update: Sun 07 Dec 2025 01:02:40 +0000 Files and hashes: 1: tTmDGDXIfHUB9sN8tI5gp5WjlLs.crl (hash: A6R/4Ott18I1nE3kXXOk2TSfPToN9tibfRZh3QTDiqo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/e703c8-465f-47a5-952c-495e188701b6/1/tTmDGDXIfHUB9sN8tI5gp5WjlLs.crl rsync://rpki.ripe.net/repository/DEFAULT/a8/e703c8-465f-47a5-952c-495e188701b6/1/tTmDGDXIfHUB9sN8tI5gp5WjlLs.mft rsync://rpki.ripe.net/repository/DEFAULT/tTmDGDXIfHUB9sN8tI5gp5WjlLs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:02:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2e:b1:f2:6e:64:fa:8b:6c:62:07:4a:20:c6:25:9e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b539831835c87c7501f6c37cb48e60a795a394bb Validity Not Before: Dec 6 01:02:40 2025 GMT Not After : Dec 7 01:02:40 2025 GMT Subject: CN=8b435694ce0c8770c298322fa962efc3e293fbe6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:ce:f1:8f:fb:b0:6a:f4:30:6e:91:8b:38:d7: 1b:9b:3b:95:d3:c4:cc:e7:0f:13:a5:ec:96:6d:bc: 0d:e3:c0:a1:fa:7b:c9:2c:08:32:1d:41:e4:57:96: a6:5b:72:72:10:bb:29:28:06:bd:f3:d7:5c:35:11: 5f:d8:f2:7a:14:79:a4:d3:92:26:5b:9a:9c:3d:74: 4e:29:2c:cf:49:0e:46:0e:df:c2:67:9b:78:6c:6e: da:ca:eb:39:3c:f3:79:aa:65:e1:29:9f:0b:87:2f: 6d:b2:7f:50:15:6b:d3:aa:eb:cd:27:86:b5:21:f5: 16:ee:21:d4:93:19:63:c3:bc:15:d5:29:94:0c:4a: b4:7a:82:e6:e3:78:7f:fc:39:99:d2:9e:79:e8:64: b8:95:a0:68:31:6a:be:37:e4:fb:79:d2:9e:cd:65: 5c:b9:e0:65:f4:df:7a:ac:f5:ad:b0:10:38:1b:1e: ca:9e:66:14:55:c0:28:d7:6c:49:d4:7c:7d:b0:c8: 76:18:eb:ef:7e:a8:d6:38:03:37:d4:4e:82:d3:9c: d4:62:f4:68:3f:4e:0f:79:e7:04:68:e0:d5:8a:5d: ea:e6:53:76:ed:61:90:76:55:c4:b0:6a:f2:f1:0e: 3a:a6:67:ac:f2:bd:aa:03:31:e1:0a:0f:e7:f2:67: 11:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8B:43:56:94:CE:0C:87:70:C2:98:32:2F:A9:62:EF:C3:E2:93:FB:E6 X509v3 Authority Key Identifier: keyid:B5:39:83:18:35:C8:7C:75:01:F6:C3:7C:B4:8E:60:A7:95:A3:94:BB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tTmDGDXIfHUB9sN8tI5gp5WjlLs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/e703c8-465f-47a5-952c-495e188701b6/1/tTmDGDXIfHUB9sN8tI5gp5WjlLs.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/e703c8-465f-47a5-952c-495e188701b6/1/tTmDGDXIfHUB9sN8tI5gp5WjlLs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0f:17:54:f0:0b:06:b5:c3:19:6f:85:e2:c7:bc:74:38:ac:36: 85:75:af:99:27:f6:f6:09:b4:d4:52:63:37:b9:1b:0e:34:59: 6d:60:fb:66:28:07:8e:ad:e7:66:e5:68:3e:ca:67:61:c1:b2: 6b:31:74:74:68:c1:56:9c:dc:b9:a7:d6:b1:40:06:c4:7f:23: 05:4c:4e:df:76:5b:f1:16:ff:bc:0f:84:08:93:e2:0c:fb:89: 02:0c:0c:30:1d:1c:f6:59:48:7b:3c:2e:49:94:86:5f:1a:be: 38:68:05:f8:d2:26:93:07:6c:77:b5:80:14:9e:f4:07:70:f7: 8d:24:57:41:b6:bb:97:f1:9f:cb:ee:fd:f1:c3:1c:25:50:b5: 2b:f3:16:fb:3e:94:af:08:3e:ec:db:ec:59:19:4e:a4:a6:3d: 0b:ee:f0:5d:bd:c7:eb:24:a9:6b:de:72:f6:a8:97:43:b9:35: 7b:f0:e5:5c:89:60:27:4d:fd:b6:8b:99:57:95:c7:47:65:66: 8f:2f:d2:76:85:dc:4c:f0:2d:3c:d6:44:bd:c1:65:c0:d7:a9: 4a:30:15:2a:34:70:32:0e:75:cf:95:d0:65:0c:70:74:3b:d9: 7b:1b:94:2a:45:15:14:bc:ae:3b:91:7a:50:55:07:4a:4f:4d: 68:1d:73:f6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLrHybmT6i2xiB0ogxiWeMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI1Mzk4MzE4MzVjODdjNzUwMWY2YzM3Y2I0OGU2MGE3OTVh Mzk0YmIwHhcNMjUxMjA2MDEwMjQwWhcNMjUxMjA3MDEwMjQwWjAzMTEwLwYDVQQD Eyg4YjQzNTY5NGNlMGM4NzcwYzI5ODMyMmZhOTYyZWZjM2UyOTNmYmU2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1s7xj/uwavQwbpGLONcbmzuV08TM 5w8TpeyWbbwN48Ch+nvJLAgyHUHkV5amW3JyELspKAa989dcNRFf2PJ6FHmk05Im W5qcPXROKSzPSQ5GDt/CZ5t4bG7ayus5PPN5qmXhKZ8Lhy9tsn9QFWvTquvNJ4a1 IfUW7iHUkxljw7wV1SmUDEq0eoLm43h//DmZ0p556GS4laBoMWq+N+T7edKezWVc ueBl9N96rPWtsBA4Gx7KnmYUVcAo12xJ1Hx9sMh2GOvvfqjWOAM31E6C05zUYvRo P04PeecEaODVil3q5lN27WGQdlXEsGry8Q46pmes8r2qAzHhCg/n8mcRSQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFItDVpTODIdwwpgyL6li78Pik/vmMB8GA1UdIwQY MBaAFLU5gxg1yHx1AfbDfLSOYKeVo5S7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdFRtREdEWElmSFVCOXNOOHRJNWdwNVdqbExzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9lNzAzYzgtNDY1Zi00N2E1LTk1MmMt NDk1ZTE4ODcwMWI2LzEvdFRtREdEWElmSFVCOXNOOHRJNWdwNVdqbExzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hOC9lNzAzYzgtNDY1Zi00N2E1LTk1MmMtNDk1ZTE4ODcwMWI2 LzEvdFRtREdEWElmSFVCOXNOOHRJNWdwNVdqbExzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADxdU8AsG tcMZb4Xix7x0OKw2hXWvmSf29gm01FJjN7kbDjRZbWD7ZigHjq3nZuVoPspnYcGy azF0dGjBVpzcuafWsUAGxH8jBUxO33Zb8Rb/vA+ECJPiDPuJAgwMMB0c9llIezwu SZSGXxq+OGgF+NImkwdsd7WAFJ70B3D3jSRXQba7l/Gfy+798cMcJVC1K/MW+z6U rwg+7NvsWRlOpKY9C+7wXb3H6ySpa95y9qiXQ7k1e/DlXIlgJ039touZV5XHR2Vm jy/SdoXcTPAtPNZEvcFlwNepSjAVKjRwMg51z5XQZQxwdDvZexuUKkUVFLyuO5F6 UFUHSk9NaB1z9g== -----END CERTIFICATE-----Generated at Sat Dec 6 07:44:26 2025 by rpki-client