This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/aaf36c-666d-4ac4-b0f3-4bb37b18b9fe/1/tTrKNoRtLTAjZI6sWBx9m2MX7tw.mft File: tTrKNoRtLTAjZI6sWBx9m2MX7tw.mft (raw, json) Hash identifier: IOmBWkj151QwVNv+b3y0zmWWG8TwjURBtwMfZ91qweo= Subject key identifier: 1A:37:DF:BF:E6:C5:2D:52:3E:86:64:11:45:15:37:24:66:94:FA:04 Authority key identifier: B5:3A:CA:36:84:6D:2D:30:23:64:8E:AC:58:1C:7D:9B:63:17:EE:DC Certificate issuer: /CN=b53aca36846d2d3023648eac581c7d9b6317eedc Certificate serial: 019B2BF861B08862568B04EA1E28E83E2035 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tTrKNoRtLTAjZI6sWBx9m2MX7tw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/aaf36c-666d-4ac4-b0f3-4bb37b18b9fe/1/tTrKNoRtLTAjZI6sWBx9m2MX7tw.mft Manifest number: 037E Signing time: Wed 17 Dec 2025 11:00:56 +0000 Manifest this update: Wed 17 Dec 2025 11:00:56 +0000 Manifest next update: Thu 18 Dec 2025 11:00:56 +0000 Files and hashes: 1: tTrKNoRtLTAjZI6sWBx9m2MX7tw.crl (hash: CSIrRos/sztJWcGV3EVW/GtTm2O3sMzsc9PefRu1LdA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/aaf36c-666d-4ac4-b0f3-4bb37b18b9fe/1/tTrKNoRtLTAjZI6sWBx9m2MX7tw.crl rsync://rpki.ripe.net/repository/DEFAULT/fe/aaf36c-666d-4ac4-b0f3-4bb37b18b9fe/1/tTrKNoRtLTAjZI6sWBx9m2MX7tw.mft rsync://rpki.ripe.net/repository/DEFAULT/tTrKNoRtLTAjZI6sWBx9m2MX7tw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 18 Dec 2025 10:00:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2b:f8:61:b0:88:62:56:8b:04:ea:1e:28:e8:3e:20:35 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b53aca36846d2d3023648eac581c7d9b6317eedc Validity Not Before: Dec 17 11:00:56 2025 GMT Not After : Dec 18 11:00:56 2025 GMT Subject: CN=1a37dfbfe6c52d523e866411451537246694fa04 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:9c:c2:09:1b:e4:d8:5d:61:17:30:8f:2f:82: 6a:b8:8d:2c:ca:2f:ae:87:48:8f:60:9f:47:8e:23: bb:c3:89:0b:d5:ce:6d:52:55:38:f1:0d:b0:20:64: ff:56:32:7a:2d:01:58:40:94:50:e1:3e:b8:96:25: 0b:44:44:63:50:54:22:67:28:b0:e7:67:46:22:70: 2b:a4:39:45:c0:d1:e0:dc:6a:31:8e:4c:37:d7:f4: 89:77:8b:a2:01:91:94:77:4c:dd:d9:b6:11:02:cc: e8:3f:7d:ae:85:27:56:3f:3c:4a:97:87:14:a6:59: e2:ba:14:57:13:33:d3:4e:16:cf:59:7b:25:12:5f: 22:95:9a:49:29:a1:f0:3c:3d:e2:0b:5e:b1:4f:7b: bc:9a:6d:8e:ff:e6:20:fa:96:e5:90:2e:f5:e6:40: ac:94:e2:f2:14:df:45:7d:23:f0:7f:b3:70:a1:7f: f7:6d:f3:89:c3:d8:c0:ca:95:1b:83:7e:5b:9d:8a: dd:3c:fe:29:be:a2:c0:29:ea:53:4a:43:e3:cb:80: ca:40:cb:99:e7:39:63:d4:a2:ae:96:fb:1e:19:a0: 2a:05:4f:19:4b:57:78:dc:da:bf:8d:12:67:6a:b0: fe:a5:70:e3:43:c9:90:95:fb:20:0f:c3:ef:ee:00: 4f:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1A:37:DF:BF:E6:C5:2D:52:3E:86:64:11:45:15:37:24:66:94:FA:04 X509v3 Authority Key Identifier: keyid:B5:3A:CA:36:84:6D:2D:30:23:64:8E:AC:58:1C:7D:9B:63:17:EE:DC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tTrKNoRtLTAjZI6sWBx9m2MX7tw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/aaf36c-666d-4ac4-b0f3-4bb37b18b9fe/1/tTrKNoRtLTAjZI6sWBx9m2MX7tw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/aaf36c-666d-4ac4-b0f3-4bb37b18b9fe/1/tTrKNoRtLTAjZI6sWBx9m2MX7tw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 86:a9:9b:be:05:8f:9f:c4:46:18:ea:78:4a:32:ce:a1:42:31: ba:96:a5:41:39:f0:87:3b:13:3d:8b:e7:ac:60:a6:c2:1b:e8: f8:90:f6:a1:8c:62:35:77:8f:e2:d9:94:79:f0:8b:6c:a6:1c: 94:44:3a:3c:82:27:da:d3:26:cc:93:c1:bd:e1:46:70:bd:71: 3e:04:7e:21:b8:53:d2:0b:6d:7c:e7:16:50:ba:f3:7b:74:57: a7:ce:fe:19:0a:ad:6a:93:4c:2e:4e:28:91:08:cc:f3:27:a0: 7a:92:03:e6:5c:40:9d:c8:e6:a5:0e:9f:da:ef:f2:39:ef:22: b1:be:59:a9:52:26:78:3b:5f:81:9c:68:97:fb:e0:8d:a4:5d: db:7b:c3:1f:22:2e:f6:91:1c:c2:62:9f:14:62:bd:ac:ce:2e: c3:2d:d2:2d:21:36:86:55:63:c9:39:ae:be:b3:e5:15:52:44: 1d:ce:0d:67:eb:d4:83:25:86:48:13:df:78:64:3d:f4:12:78: 39:81:f7:72:3f:14:80:22:32:a1:14:70:3a:6b:1d:75:ad:6e: 0f:79:4d:64:6f:b4:8a:3d:03:10:b9:8a:8a:bb:b1:4f:ae:f4: 9b:5f:14:58:bd:4f:db:86:b4:ba:9e:1e:9e:d5:7d:23:04:3b: cd:a1:d2:9e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsr+GGwiGJWiwTqHijoPiA1MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI1M2FjYTM2ODQ2ZDJkMzAyMzY0OGVhYzU4MWM3ZDliNjMx N2VlZGMwHhcNMjUxMjE3MTEwMDU2WhcNMjUxMjE4MTEwMDU2WjAzMTEwLwYDVQQD EygxYTM3ZGZiZmU2YzUyZDUyM2U4NjY0MTE0NTE1MzcyNDY2OTRmYTA0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxZzCCRvk2F1hFzCPL4JquI0syi+u h0iPYJ9HjiO7w4kL1c5tUlU48Q2wIGT/VjJ6LQFYQJRQ4T64liULRERjUFQiZyiw 52dGInArpDlFwNHg3Goxjkw31/SJd4uiAZGUd0zd2bYRAszoP32uhSdWPzxKl4cU plniuhRXEzPTThbPWXslEl8ilZpJKaHwPD3iC16xT3u8mm2O/+Yg+pblkC715kCs lOLyFN9FfSPwf7NwoX/3bfOJw9jAypUbg35bnYrdPP4pvqLAKepTSkPjy4DKQMuZ 5zlj1KKulvseGaAqBU8ZS1d43Nq/jRJnarD+pXDjQ8mQlfsgD8Pv7gBPfQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBo337/mxS1SPoZkEUUVNyRmlPoEMB8GA1UdIwQY MBaAFLU6yjaEbS0wI2SOrFgcfZtjF+7cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdFRyS05vUnRMVEFqWkk2c1dCeDltMk1YN3R3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9hYWYzNmMtNjY2ZC00YWM0LWIwZjMt NGJiMzdiMThiOWZlLzEvdFRyS05vUnRMVEFqWkk2c1dCeDltMk1YN3R3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZS9hYWYzNmMtNjY2ZC00YWM0LWIwZjMtNGJiMzdiMThiOWZl LzEvdFRyS05vUnRMVEFqWkk2c1dCeDltMk1YN3R3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhqmbvgWP n8RGGOp4SjLOoUIxupalQTnwhzsTPYvnrGCmwhvo+JD2oYxiNXeP4tmUefCLbKYc lEQ6PIIn2tMmzJPBveFGcL1xPgR+IbhT0gttfOcWULrze3RXp87+GQqtapNMLk4o kQjM8yegepID5lxAncjmpQ6f2u/yOe8isb5ZqVImeDtfgZxol/vgjaRd23vDHyIu 9pEcwmKfFGK9rM4uwy3SLSE2hlVjyTmuvrPlFVJEHc4NZ+vUgyWGSBPfeGQ99BJ4 OYH3cj8UgCIyoRRwOmsdda1uD3lNZG+0ij0DELmKiruxT670m18UWL1P24a0up4e ntV9IwQ7zaHSng== -----END CERTIFICATE-----Generated at Wed Dec 17 18:33:20 2025 by rpki-client