This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/aaf36c-666d-4ac4-b0f3-4bb37b18b9fe/1/tTrKNoRtLTAjZI6sWBx9m2MX7tw.mft File: tTrKNoRtLTAjZI6sWBx9m2MX7tw.mft (raw, json) Hash identifier: yStszevACk/Ltoe71B4sRWetRbwk2s7EwU/m3Ud7R+w= Subject key identifier: 07:F3:DB:AD:73:F4:5F:72:20:EF:E9:A3:6F:DB:BA:87:1E:4C:7F:2B Authority key identifier: B5:3A:CA:36:84:6D:2D:30:23:64:8E:AC:58:1C:7D:9B:63:17:EE:DC Certificate issuer: /CN=b53aca36846d2d3023648eac581c7d9b6317eedc Certificate serial: 019AF3F7E81DCC49C0B8134F029B2542D20E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tTrKNoRtLTAjZI6sWBx9m2MX7tw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/aaf36c-666d-4ac4-b0f3-4bb37b18b9fe/1/tTrKNoRtLTAjZI6sWBx9m2MX7tw.mft Manifest number: 0361 Signing time: Sat 06 Dec 2025 14:01:41 +0000 Manifest this update: Sat 06 Dec 2025 14:01:41 +0000 Manifest next update: Sun 07 Dec 2025 14:01:41 +0000 Files and hashes: 1: tTrKNoRtLTAjZI6sWBx9m2MX7tw.crl (hash: hSkKOh4dN0esW7o5IgU5jP5L25AokQ2mXa3pJQCq/FQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/aaf36c-666d-4ac4-b0f3-4bb37b18b9fe/1/tTrKNoRtLTAjZI6sWBx9m2MX7tw.crl rsync://rpki.ripe.net/repository/DEFAULT/fe/aaf36c-666d-4ac4-b0f3-4bb37b18b9fe/1/tTrKNoRtLTAjZI6sWBx9m2MX7tw.mft rsync://rpki.ripe.net/repository/DEFAULT/tTrKNoRtLTAjZI6sWBx9m2MX7tw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:f7:e8:1d:cc:49:c0:b8:13:4f:02:9b:25:42:d2:0e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b53aca36846d2d3023648eac581c7d9b6317eedc Validity Not Before: Dec 6 14:01:41 2025 GMT Not After : Dec 7 14:01:41 2025 GMT Subject: CN=07f3dbad73f45f7220efe9a36fdbba871e4c7f2b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:69:53:c4:12:f6:a1:cc:84:eb:89:da:5e:9d: 6f:f6:70:03:d7:3b:f2:ec:c8:5d:72:c2:11:e3:d1: 6b:a0:24:c4:24:77:93:2d:3a:d7:a2:b1:05:10:a5: 50:c1:3a:77:56:bf:fa:21:18:1a:2f:fb:07:95:76: d4:c4:75:d0:7b:b0:2c:4d:a2:a6:96:82:6e:02:9d: 1d:b0:79:55:7f:32:be:7f:6e:a2:59:75:37:bc:ad: 7e:25:13:85:f1:f5:6d:0c:f6:ad:fb:0c:62:99:59: 43:5b:7d:e2:89:d9:6f:3d:99:a6:f3:e6:bb:21:ff: 3f:6b:99:95:b2:44:64:32:43:ac:23:30:84:c5:9c: 8b:4a:3a:8d:1b:9f:90:cb:06:4b:74:f5:3e:f8:6c: 3d:19:6f:a9:20:6e:05:35:31:b7:64:7a:b8:cd:01: 02:81:37:bc:da:41:20:77:5f:61:c7:2a:9d:4e:e5: 28:1c:f4:ce:7f:07:11:4d:59:fe:dd:36:5a:4a:c5: 9f:34:75:52:82:8a:9a:9a:d8:4d:4f:d6:80:5f:19: 71:22:56:68:5d:ee:0a:cd:ea:b3:62:c4:b9:7b:87: a0:2b:e3:06:5e:aa:37:a2:70:e5:fc:ab:25:51:71: c6:eb:5d:ab:00:4d:fc:0b:e2:07:d6:f3:b2:e1:e2: a2:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 07:F3:DB:AD:73:F4:5F:72:20:EF:E9:A3:6F:DB:BA:87:1E:4C:7F:2B X509v3 Authority Key Identifier: keyid:B5:3A:CA:36:84:6D:2D:30:23:64:8E:AC:58:1C:7D:9B:63:17:EE:DC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tTrKNoRtLTAjZI6sWBx9m2MX7tw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/aaf36c-666d-4ac4-b0f3-4bb37b18b9fe/1/tTrKNoRtLTAjZI6sWBx9m2MX7tw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/aaf36c-666d-4ac4-b0f3-4bb37b18b9fe/1/tTrKNoRtLTAjZI6sWBx9m2MX7tw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 94:85:c0:15:dc:1a:e2:17:d1:5c:bd:4b:85:14:6b:54:5d:48: 65:69:45:fb:74:67:e6:c1:09:23:ab:ef:fd:42:ae:7b:78:7f: af:f8:f0:6e:cf:cd:2d:40:27:20:4b:32:5e:64:2f:38:03:cf: 98:4b:1f:35:a0:b9:04:dd:5f:49:66:d0:17:9c:4b:ce:97:3e: 10:1f:56:d6:55:e3:9b:1a:b5:b9:2f:26:cd:6b:80:2a:c5:ed: f1:ad:46:44:54:37:98:c9:5c:44:f8:5a:d7:90:a7:a1:a7:f5: 70:ac:95:fc:20:bd:48:6f:66:f4:82:04:a4:99:67:4d:d1:62: 92:11:cf:7c:db:7c:c8:3c:01:bc:5f:ea:5b:19:4f:b7:c5:d4: df:79:81:ff:2d:81:c2:66:c9:e9:af:ae:e5:b9:df:46:b0:84: 9e:1f:cc:a5:f8:df:78:dc:b2:da:b9:3d:e5:56:36:78:e7:8d: 22:a5:57:34:1e:85:92:6f:13:7d:7f:f0:7d:dc:02:fe:c8:d4: 2d:bd:1d:6b:71:ac:e1:71:bf:39:e2:e6:c5:0c:d5:ce:9e:c8: b9:33:ad:96:da:63:8e:3c:79:47:d7:da:cf:54:6c:1d:a2:25: 9a:09:f6:04:85:21:a5:8d:34:57:36:9e:da:ec:b8:f0:b0:8d: a8:2b:1f:76 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrz9+gdzEnAuBNPApslQtIOMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI1M2FjYTM2ODQ2ZDJkMzAyMzY0OGVhYzU4MWM3ZDliNjMx N2VlZGMwHhcNMjUxMjA2MTQwMTQxWhcNMjUxMjA3MTQwMTQxWjAzMTEwLwYDVQQD EygwN2YzZGJhZDczZjQ1ZjcyMjBlZmU5YTM2ZmRiYmE4NzFlNGM3ZjJiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3WlTxBL2ocyE64naXp1v9nAD1zvy 7MhdcsIR49FroCTEJHeTLTrXorEFEKVQwTp3Vr/6IRgaL/sHlXbUxHXQe7AsTaKm loJuAp0dsHlVfzK+f26iWXU3vK1+JROF8fVtDPat+wximVlDW33iidlvPZmm8+a7 If8/a5mVskRkMkOsIzCExZyLSjqNG5+QywZLdPU++Gw9GW+pIG4FNTG3ZHq4zQEC gTe82kEgd19hxyqdTuUoHPTOfwcRTVn+3TZaSsWfNHVSgoqamthNT9aAXxlxIlZo Xe4KzeqzYsS5e4egK+MGXqo3onDl/KslUXHG612rAE38C+IH1vOy4eKiNwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAfz261z9F9yIO/po2/buoceTH8rMB8GA1UdIwQY MBaAFLU6yjaEbS0wI2SOrFgcfZtjF+7cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdFRyS05vUnRMVEFqWkk2c1dCeDltMk1YN3R3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9hYWYzNmMtNjY2ZC00YWM0LWIwZjMt NGJiMzdiMThiOWZlLzEvdFRyS05vUnRMVEFqWkk2c1dCeDltMk1YN3R3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZS9hYWYzNmMtNjY2ZC00YWM0LWIwZjMtNGJiMzdiMThiOWZl LzEvdFRyS05vUnRMVEFqWkk2c1dCeDltMk1YN3R3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlIXAFdwa 4hfRXL1LhRRrVF1IZWlF+3Rn5sEJI6vv/UKue3h/r/jwbs/NLUAnIEsyXmQvOAPP mEsfNaC5BN1fSWbQF5xLzpc+EB9W1lXjmxq1uS8mzWuAKsXt8a1GRFQ3mMlcRPha 15Cnoaf1cKyV/CC9SG9m9IIEpJlnTdFikhHPfNt8yDwBvF/qWxlPt8XU33mB/y2B wmbJ6a+u5bnfRrCEnh/MpfjfeNyy2rk95VY2eOeNIqVXNB6Fkm8TfX/wfdwC/sjU Lb0da3Gs4XG/OeLmxQzVzp7IuTOtltpjjjx5R9faz1RsHaIlmgn2BIUhpY00Vzae 2uy48LCNqCsfdg== -----END CERTIFICATE-----Generated at Sat Dec 6 16:01:14 2025 by rpki-client