This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/94f662-506b-4ec9-a7aa-c9b7eb2cea57/1/THHp8j7qymjHIcvkKAYQC3XhV3A.mft File: THHp8j7qymjHIcvkKAYQC3XhV3A.mft (raw, json) Hash identifier: TwmKHT9MzMSm8qonO1XkM6NvRFk8OgFO13Zu+fMqX0A= Subject key identifier: 21:0E:AC:10:C8:B8:F5:9F:CE:EB:4B:A1:EC:3E:9F:4F:5F:47:1C:F8 Authority key identifier: 4C:71:E9:F2:3E:EA:CA:68:C7:21:CB:E4:28:06:10:0B:75:E1:57:70 Certificate issuer: /CN=4c71e9f23eeaca68c721cbe42806100b75e15770 Certificate serial: 019B41A4BD36F6C09FC22553A26C9EC30C0A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/THHp8j7qymjHIcvkKAYQC3XhV3A.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/94f662-506b-4ec9-a7aa-c9b7eb2cea57/1/THHp8j7qymjHIcvkKAYQC3XhV3A.mft Manifest number: 0648 Signing time: Sun 21 Dec 2025 16:01:13 +0000 Manifest this update: Sun 21 Dec 2025 16:01:13 +0000 Manifest next update: Mon 22 Dec 2025 16:01:13 +0000 Files and hashes: 1: THHp8j7qymjHIcvkKAYQC3XhV3A.crl (hash: q61q3oOOy03nrzFm5Lf/EQl0oK2WIa6an5HFq8KxpFs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/94f662-506b-4ec9-a7aa-c9b7eb2cea57/1/THHp8j7qymjHIcvkKAYQC3XhV3A.crl rsync://rpki.ripe.net/repository/DEFAULT/16/94f662-506b-4ec9-a7aa-c9b7eb2cea57/1/THHp8j7qymjHIcvkKAYQC3XhV3A.mft rsync://rpki.ripe.net/repository/DEFAULT/THHp8j7qymjHIcvkKAYQC3XhV3A.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 13:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:41:a4:bd:36:f6:c0:9f:c2:25:53:a2:6c:9e:c3:0c:0a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4c71e9f23eeaca68c721cbe42806100b75e15770 Validity Not Before: Dec 21 16:01:13 2025 GMT Not After : Dec 22 16:01:13 2025 GMT Subject: CN=210eac10c8b8f59fceeb4ba1ec3e9f4f5f471cf8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:15:e5:65:79:c0:40:b6:ad:25:8c:53:3b:e8: 58:aa:b8:6d:5e:84:2e:87:12:f6:d0:4f:86:68:bf: f0:61:14:33:eb:c6:d3:45:3a:32:88:14:70:34:10: a1:03:b5:70:06:cf:b1:4d:1b:ec:68:c0:88:cc:ec: 32:98:f0:2d:aa:f7:64:32:01:9c:96:8e:90:1c:d4: 46:69:37:cd:e6:f4:1e:50:a9:9e:45:ad:4b:7a:04: ca:ae:a7:d7:49:d1:4d:f5:a9:70:66:a2:ad:64:8b: ec:2f:c9:ae:36:95:47:e4:38:e5:ea:ec:ab:cb:43: 0e:42:cd:7d:b8:d3:0f:44:ef:74:ce:42:8d:0b:cc: 77:7d:41:24:fe:46:a9:9c:e5:57:1f:e5:4a:95:c3: a0:4c:7c:9c:01:2f:d4:80:78:2c:50:53:56:f6:64: ac:14:84:62:c3:bb:d1:59:54:b9:73:95:0b:e2:f2: 58:2d:24:51:04:ec:17:0f:59:60:69:11:df:88:51: 83:1c:e1:36:04:f1:5c:9b:be:98:aa:0a:04:6b:f2: 01:8c:24:da:8f:ce:d0:f3:52:47:ab:05:82:58:ed: 43:17:34:4a:60:f6:92:ce:cf:33:a1:0b:8a:6d:db: c2:8e:cb:e9:45:9e:07:59:ca:d1:20:d5:99:6f:af: b5:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:0E:AC:10:C8:B8:F5:9F:CE:EB:4B:A1:EC:3E:9F:4F:5F:47:1C:F8 X509v3 Authority Key Identifier: keyid:4C:71:E9:F2:3E:EA:CA:68:C7:21:CB:E4:28:06:10:0B:75:E1:57:70 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/THHp8j7qymjHIcvkKAYQC3XhV3A.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/94f662-506b-4ec9-a7aa-c9b7eb2cea57/1/THHp8j7qymjHIcvkKAYQC3XhV3A.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/16/94f662-506b-4ec9-a7aa-c9b7eb2cea57/1/THHp8j7qymjHIcvkKAYQC3XhV3A.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7b:1a:89:e6:02:d2:67:e0:9d:c4:28:28:11:49:ad:9e:88:29: dc:eb:f5:6d:6b:12:e3:f6:c9:ee:86:87:01:8f:8b:72:05:78: 08:64:91:73:34:25:8b:81:74:8e:6b:f1:6f:3e:a1:db:29:48: c6:23:d5:74:34:34:d1:89:a9:06:0c:90:70:da:73:18:7e:c0: 7e:82:a6:1e:27:e3:c0:b8:46:bf:ad:3b:0a:ac:97:b3:fd:4d: 64:ac:cb:77:e8:2d:c7:8d:7a:dd:5d:fe:56:3e:1c:18:1c:6d: d8:6d:5d:35:dc:f5:54:7a:9f:9f:3f:63:9a:2f:90:ba:e4:67: 48:cb:c6:fb:ae:81:f5:0c:23:7a:f8:cc:91:b9:e3:ab:99:c0: 02:49:d3:22:90:0f:91:b4:78:f7:a4:e4:06:b6:f2:a8:c5:17: 2a:c6:b7:c0:3d:5f:ef:15:bb:0e:78:74:33:d3:05:53:24:ec: 87:69:6f:ad:09:8d:66:d9:84:8b:ef:51:f0:93:89:56:83:79: d3:1e:43:0a:5b:f2:b6:19:2a:b8:e4:71:e6:d4:33:b2:bd:d8: 02:9d:9d:03:2d:5d:3c:1f:5f:88:6c:7c:00:7c:74:93:67:3a: 65:97:a4:d7:11:80:da:68:5f:9b:6e:a6:fa:75:b0:68:5f:9c: 93:b0:41:d0 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtBpL029sCfwiVTomyewwwKMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRjNzFlOWYyM2VlYWNhNjhjNzIxY2JlNDI4MDYxMDBiNzVl MTU3NzAwHhcNMjUxMjIxMTYwMTEzWhcNMjUxMjIyMTYwMTEzWjAzMTEwLwYDVQQD EygyMTBlYWMxMGM4YjhmNTlmY2VlYjRiYTFlYzNlOWY0ZjVmNDcxY2Y4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6hXlZXnAQLatJYxTO+hYqrhtXoQu hxL20E+GaL/wYRQz68bTRToyiBRwNBChA7VwBs+xTRvsaMCIzOwymPAtqvdkMgGc lo6QHNRGaTfN5vQeUKmeRa1LegTKrqfXSdFN9alwZqKtZIvsL8muNpVH5Djl6uyr y0MOQs19uNMPRO90zkKNC8x3fUEk/kapnOVXH+VKlcOgTHycAS/UgHgsUFNW9mSs FIRiw7vRWVS5c5UL4vJYLSRRBOwXD1lgaRHfiFGDHOE2BPFcm76YqgoEa/IBjCTa j87Q81JHqwWCWO1DFzRKYPaSzs8zoQuKbdvCjsvpRZ4HWcrRINWZb6+1WwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCEOrBDIuPWfzutLoew+n09fRxz4MB8GA1UdIwQY MBaAFExx6fI+6spoxyHL5CgGEAt14VdwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVEhIcDhqN3F5bWpISWN2a0tBWVFDM1hoVjNBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi85NGY2NjItNTA2Yi00ZWM5LWE3YWEt YzliN2ViMmNlYTU3LzEvVEhIcDhqN3F5bWpISWN2a0tBWVFDM1hoVjNBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNi85NGY2NjItNTA2Yi00ZWM5LWE3YWEtYzliN2ViMmNlYTU3 LzEvVEhIcDhqN3F5bWpISWN2a0tBWVFDM1hoVjNBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAexqJ5gLS Z+CdxCgoEUmtnogp3Ov1bWsS4/bJ7oaHAY+LcgV4CGSRczQli4F0jmvxbz6h2ylI xiPVdDQ00YmpBgyQcNpzGH7AfoKmHifjwLhGv607CqyXs/1NZKzLd+gtx4163V3+ Vj4cGBxt2G1dNdz1VHqfnz9jmi+QuuRnSMvG+66B9QwjevjMkbnjq5nAAknTIpAP kbR496TkBrbyqMUXKsa3wD1f7xW7Dnh0M9MFUyTsh2lvrQmNZtmEi+9R8JOJVoN5 0x5DClvythkquORx5tQzsr3YAp2dAy1dPB9fiGx8AHx0k2c6ZZek1xGA2mhfm26m +nWwaF+ck7BB0A== -----END CERTIFICATE-----Generated at Sun Dec 21 19:50:09 2025 by rpki-client