This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/4239e9-e670-44f1-868e-f3f581dfc648/1/TQ8lfzOc-54nVLbMJDZPDxKQWNs.mft File: TQ8lfzOc-54nVLbMJDZPDxKQWNs.mft (raw, json) Hash identifier: iFl/EwztljEbj4rETqICXltA/o3b6p2lz0TWLiNW5vo= Subject key identifier: 04:4E:D4:5F:50:49:96:5C:8F:E9:B7:FA:BC:3A:BD:C8:7B:4D:24:AC Authority key identifier: 4D:0F:25:7F:33:9C:FB:9E:27:54:B6:CC:24:36:4F:0F:12:90:58:DB Certificate issuer: /CN=4d0f257f339cfb9e2754b6cc24364f0f129058db Certificate serial: 019AF19B49A03C6264E3EAA399B1997B7116 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TQ8lfzOc-54nVLbMJDZPDxKQWNs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/4239e9-e670-44f1-868e-f3f581dfc648/1/TQ8lfzOc-54nVLbMJDZPDxKQWNs.mft Manifest number: 159A Signing time: Sat 06 Dec 2025 03:01:17 +0000 Manifest this update: Sat 06 Dec 2025 03:01:17 +0000 Manifest next update: Sun 07 Dec 2025 03:01:17 +0000 Files and hashes: 1: TQ8lfzOc-54nVLbMJDZPDxKQWNs.crl (hash: nMIDfRaVn9Or/ZpFy3upPdtFoxEPbfAbHKpzOS6UsF0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/4239e9-e670-44f1-868e-f3f581dfc648/1/TQ8lfzOc-54nVLbMJDZPDxKQWNs.crl rsync://rpki.ripe.net/repository/DEFAULT/dd/4239e9-e670-44f1-868e-f3f581dfc648/1/TQ8lfzOc-54nVLbMJDZPDxKQWNs.mft rsync://rpki.ripe.net/repository/DEFAULT/TQ8lfzOc-54nVLbMJDZPDxKQWNs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 03:01:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:9b:49:a0:3c:62:64:e3:ea:a3:99:b1:99:7b:71:16 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4d0f257f339cfb9e2754b6cc24364f0f129058db Validity Not Before: Dec 6 03:01:17 2025 GMT Not After : Dec 7 03:01:17 2025 GMT Subject: CN=044ed45f5049965c8fe9b7fabc3abdc87b4d24ac Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:6d:01:70:df:e8:9e:19:60:4c:ea:b0:1b:a5: cb:dd:aa:8e:5b:1a:e0:8a:8b:e9:8c:d8:a1:e1:98: d5:bb:a5:75:f8:5b:96:4a:e3:4b:a6:8b:37:2e:64: ff:55:3e:53:20:79:bc:ea:d4:ca:e2:92:0c:a1:db: d3:70:ed:67:f9:64:2c:3a:d4:32:d0:55:71:aa:4f: 33:fd:d0:51:68:a7:5e:c5:fc:2c:18:83:3b:13:e8: b1:38:52:a2:bc:f8:e8:12:f2:7c:e2:55:02:3c:e4: 67:02:88:5b:7d:59:6e:7d:68:d9:a1:38:26:8e:53: 41:9c:f1:19:65:a9:9f:6c:c6:66:44:cf:d2:bb:ff: 4f:ce:f2:41:71:18:1c:77:5f:4b:5b:85:17:37:73: cf:71:26:53:9d:83:78:51:44:13:e7:0b:18:b6:df: 80:fb:8e:e7:84:32:d9:45:70:0c:6b:01:de:9a:70: 5e:ff:c6:4b:a5:e0:26:98:fc:7a:1c:43:01:32:1b: d6:cd:7a:59:52:4c:57:32:95:c9:e2:2c:e0:37:f0: e0:28:27:74:26:ac:b4:4a:4b:d9:4f:57:41:c8:dd: 54:5e:19:bc:82:0e:bc:35:1f:a3:2c:ae:db:c5:98: d3:73:82:98:e6:dc:7d:91:d6:67:cc:d3:3b:49:66: 11:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 04:4E:D4:5F:50:49:96:5C:8F:E9:B7:FA:BC:3A:BD:C8:7B:4D:24:AC X509v3 Authority Key Identifier: keyid:4D:0F:25:7F:33:9C:FB:9E:27:54:B6:CC:24:36:4F:0F:12:90:58:DB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TQ8lfzOc-54nVLbMJDZPDxKQWNs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/4239e9-e670-44f1-868e-f3f581dfc648/1/TQ8lfzOc-54nVLbMJDZPDxKQWNs.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/4239e9-e670-44f1-868e-f3f581dfc648/1/TQ8lfzOc-54nVLbMJDZPDxKQWNs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 43:65:1c:5e:38:8f:69:2e:a2:b9:fd:67:70:9e:e6:c5:5e:ae: 0e:c5:c7:73:99:92:78:41:a4:26:dd:71:2d:81:5d:66:7c:22: aa:5a:74:24:07:f0:05:8d:c9:a8:8c:83:9a:47:60:0e:3d:0f: 93:5a:83:1d:e7:4c:53:1c:02:98:d5:27:14:7f:a0:20:bd:21: 14:fe:2b:05:d3:2f:39:c8:8e:6e:c7:95:00:49:db:61:1d:42: 42:41:6e:0c:93:eb:77:9f:a1:d0:36:62:a9:4b:b0:d8:f1:ec: d8:72:59:b5:92:89:8a:23:ae:30:54:f0:3e:34:d7:dd:01:e0: c1:5c:b7:a3:73:79:1f:0c:5e:6b:d0:ff:c1:ba:57:b5:8c:fe: c2:b8:29:62:7c:b4:1e:39:68:9f:5b:de:49:5b:4e:c3:0f:20: 84:a3:f9:ac:47:43:73:b3:9f:83:97:3e:6e:5f:51:80:39:eb: 38:ed:d8:ee:c9:10:b7:a4:93:28:b3:ea:10:e9:fa:1d:7e:1c: 2d:9e:65:71:67:f2:9f:7e:bc:46:72:7c:6f:81:e6:97:98:60: 9c:37:bf:ae:1b:41:80:65:6b:00:6b:71:ae:84:36:b1:b8:64: f0:a2:69:fb:92:4d:06:f1:bb:18:23:eb:03:e3:96:f7:8b:1e: 33:fe:3e:ba -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxm0mgPGJk4+qjmbGZe3EWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRkMGYyNTdmMzM5Y2ZiOWUyNzU0YjZjYzI0MzY0ZjBmMTI5 MDU4ZGIwHhcNMjUxMjA2MDMwMTE3WhcNMjUxMjA3MDMwMTE3WjAzMTEwLwYDVQQD EygwNDRlZDQ1ZjUwNDk5NjVjOGZlOWI3ZmFiYzNhYmRjODdiNGQyNGFjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz20BcN/onhlgTOqwG6XL3aqOWxrg iovpjNih4ZjVu6V1+FuWSuNLpos3LmT/VT5TIHm86tTK4pIModvTcO1n+WQsOtQy 0FVxqk8z/dBRaKdexfwsGIM7E+ixOFKivPjoEvJ84lUCPORnAohbfVlufWjZoTgm jlNBnPEZZamfbMZmRM/Su/9PzvJBcRgcd19LW4UXN3PPcSZTnYN4UUQT5wsYtt+A +47nhDLZRXAMawHemnBe/8ZLpeAmmPx6HEMBMhvWzXpZUkxXMpXJ4izgN/DgKCd0 Jqy0SkvZT1dByN1UXhm8gg68NR+jLK7bxZjTc4KY5tx9kdZnzNM7SWYRJwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFARO1F9QSZZcj+m3+rw6vch7TSSsMB8GA1UdIwQY MBaAFE0PJX8znPueJ1S2zCQ2Tw8SkFjbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVFE4bGZ6T2MtNTRuVkxiTUpEWlBEeEtRV05zLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC80MjM5ZTktZTY3MC00NGYxLTg2OGUt ZjNmNTgxZGZjNjQ4LzEvVFE4bGZ6T2MtNTRuVkxiTUpEWlBEeEtRV05zLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZC80MjM5ZTktZTY3MC00NGYxLTg2OGUtZjNmNTgxZGZjNjQ4 LzEvVFE4bGZ6T2MtNTRuVkxiTUpEWlBEeEtRV05zLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ2UcXjiP aS6iuf1ncJ7mxV6uDsXHc5mSeEGkJt1xLYFdZnwiqlp0JAfwBY3JqIyDmkdgDj0P k1qDHedMUxwCmNUnFH+gIL0hFP4rBdMvOciObseVAEnbYR1CQkFuDJPrd5+h0DZi qUuw2PHs2HJZtZKJiiOuMFTwPjTX3QHgwVy3o3N5Hwxea9D/wbpXtYz+wrgpYny0 Hjlon1veSVtOww8ghKP5rEdDc7Ofg5c+bl9RgDnrOO3Y7skQt6STKLPqEOn6HX4c LZ5lcWfyn368RnJ8b4Hml5hgnDe/rhtBgGVrAGtxroQ2sbhk8KJp+5JNBvG7GCPr A+OW94seM/4+ug== -----END CERTIFICATE-----Generated at Sat Dec 6 14:03:18 2025 by rpki-client