This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/2bea8f-9fbc-4765-93bc-222252929873/1/TKha1Dt7R-dSh4MHGEeU1woCdmw.mft File: TKha1Dt7R-dSh4MHGEeU1woCdmw.mft (raw, json) Hash identifier: uk9A1UQkSt+Kn7kQ0ZHsy7IQPo/KSyQdy0XCvRAY7X0= Subject key identifier: 6C:DC:7D:44:21:29:A8:F4:DC:4F:CA:8E:E5:8F:60:BB:28:8F:4F:F3 Authority key identifier: 4C:A8:5A:D4:3B:7B:47:E7:52:87:83:07:18:47:94:D7:0A:02:76:6C Certificate issuer: /CN=4ca85ad43b7b47e752878307184794d70a02766c Certificate serial: 019B0F6E403D6C9B12903272467AD29EB899 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TKha1Dt7R-dSh4MHGEeU1woCdmw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/2bea8f-9fbc-4765-93bc-222252929873/1/TKha1Dt7R-dSh4MHGEeU1woCdmw.mft Manifest number: 02F6 Signing time: Thu 11 Dec 2025 22:00:42 +0000 Manifest this update: Thu 11 Dec 2025 22:00:42 +0000 Manifest next update: Fri 12 Dec 2025 22:00:42 +0000 Files and hashes: 1: TKha1Dt7R-dSh4MHGEeU1woCdmw.crl (hash: Pl4s6+TDkKXPjlci+mQ3g0ntTQX9HVPkdN5QZkqxmhs=) 2: cpRFayTuWEzodEO-QznXVMR-alE.roa (hash: wcJbOFjwwy8ZnD5yiXe5CzeprbHM7YA3HHhv8zEs++s=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/2bea8f-9fbc-4765-93bc-222252929873/1/TKha1Dt7R-dSh4MHGEeU1woCdmw.crl rsync://rpki.ripe.net/repository/DEFAULT/20/2bea8f-9fbc-4765-93bc-222252929873/1/TKha1Dt7R-dSh4MHGEeU1woCdmw.mft rsync://rpki.ripe.net/repository/DEFAULT/TKha1Dt7R-dSh4MHGEeU1woCdmw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 12 Dec 2025 14:45:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:0f:6e:40:3d:6c:9b:12:90:32:72:46:7a:d2:9e:b8:99 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4ca85ad43b7b47e752878307184794d70a02766c Validity Not Before: Dec 11 22:00:42 2025 GMT Not After : Dec 12 22:00:42 2025 GMT Subject: CN=6cdc7d442129a8f4dc4fca8ee58f60bb288f4ff3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:48:9c:1c:01:33:03:68:9a:52:26:c1:90:85: 15:06:1e:85:1a:75:4b:22:e0:55:1a:1e:99:c1:b9: 56:8f:7b:18:c9:ed:68:55:cb:65:47:c7:54:13:52: e3:e3:6d:8d:6e:ee:8a:66:f7:99:82:be:76:86:bc: 17:34:ba:4a:c3:49:d7:76:af:fc:d7:39:f9:0f:f5: 72:c4:4c:da:7d:95:0f:f8:bd:93:d8:71:f3:c6:80: 15:7c:2c:bb:6a:3a:0f:b8:3b:d7:15:3d:07:7d:a2: b5:90:24:45:e8:98:9c:7a:af:e3:d8:42:15:99:f0: c5:d1:fc:fb:d7:8f:47:df:88:00:e9:ea:99:51:47: dd:ae:f0:d6:87:ee:3d:3b:0d:24:ee:05:58:bd:c5: 87:c2:a7:49:62:02:7f:19:0a:6a:9e:0d:22:78:f6: 5c:bf:f1:05:d9:14:68:15:9d:5c:1e:ff:6a:da:4f: 8c:5e:78:b0:5b:6e:49:2c:8f:e5:7a:e4:f3:26:aa: 2c:5a:04:d6:0c:c5:38:b2:b7:38:9e:77:76:9c:ea: e4:f3:4a:8d:28:00:44:7b:34:56:56:cc:82:23:c1: 8b:a8:98:d7:5e:d1:19:10:c8:52:b0:e7:77:b3:70: 78:a8:b1:95:fe:d4:7a:1e:44:6f:74:49:b2:72:14: ec:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6C:DC:7D:44:21:29:A8:F4:DC:4F:CA:8E:E5:8F:60:BB:28:8F:4F:F3 X509v3 Authority Key Identifier: keyid:4C:A8:5A:D4:3B:7B:47:E7:52:87:83:07:18:47:94:D7:0A:02:76:6C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TKha1Dt7R-dSh4MHGEeU1woCdmw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/2bea8f-9fbc-4765-93bc-222252929873/1/TKha1Dt7R-dSh4MHGEeU1woCdmw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/20/2bea8f-9fbc-4765-93bc-222252929873/1/TKha1Dt7R-dSh4MHGEeU1woCdmw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 26:00:5e:b7:91:4c:5c:76:ad:dd:7d:3e:10:3e:49:c0:3a:b0: 51:02:33:75:97:60:7c:53:d1:27:f4:11:84:81:c2:a1:7b:28: 49:b6:15:b0:30:a6:01:28:21:b1:17:9a:85:8b:e6:ba:63:5d: 47:12:33:9b:0b:77:e5:62:b6:62:71:3f:03:ac:0a:f1:6d:fb: 17:7b:9e:8c:a6:24:1b:89:e8:d7:ea:ec:df:34:a0:9a:d2:2a: 99:d0:41:b8:69:0d:b3:af:55:f1:05:a1:b1:fb:82:07:81:00: af:fa:7a:36:1f:58:90:22:6b:84:1f:93:d8:cc:ab:75:d5:76: 8a:22:93:d4:1b:e7:60:90:34:cd:64:95:47:84:26:99:11:d8: bc:1f:be:2c:06:cf:ef:10:a6:a3:bc:1e:e9:40:c1:c2:4f:23: 4f:0a:73:70:79:03:24:e7:8c:0c:34:51:be:d0:f8:5b:04:ec: d8:14:c3:ea:92:58:d1:02:45:2b:6c:ce:d4:2b:0c:60:0b:b3: d0:21:b4:0e:42:66:3e:b8:f2:f0:1d:b6:be:6c:3e:90:ef:36: 9a:84:3d:4f:22:c9:e3:36:3f:c5:d8:89:f2:83:13:d8:fd:7a: 01:f8:da:ab:26:40:d7:d3:b8:e8:d1:51:9e:60:63:ce:9d:51: 0e:fa:15:c7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsPbkA9bJsSkDJyRnrSnriZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRjYTg1YWQ0M2I3YjQ3ZTc1Mjg3ODMwNzE4NDc5NGQ3MGEw Mjc2NmMwHhcNMjUxMjExMjIwMDQyWhcNMjUxMjEyMjIwMDQyWjAzMTEwLwYDVQQD Eyg2Y2RjN2Q0NDIxMjlhOGY0ZGM0ZmNhOGVlNThmNjBiYjI4OGY0ZmYzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0UicHAEzA2iaUibBkIUVBh6FGnVL IuBVGh6ZwblWj3sYye1oVctlR8dUE1Lj422Nbu6KZveZgr52hrwXNLpKw0nXdq/8 1zn5D/VyxEzafZUP+L2T2HHzxoAVfCy7ajoPuDvXFT0HfaK1kCRF6Jiceq/j2EIV mfDF0fz7149H34gA6eqZUUfdrvDWh+49Ow0k7gVYvcWHwqdJYgJ/GQpqng0iePZc v/EF2RRoFZ1cHv9q2k+MXniwW25JLI/leuTzJqosWgTWDMU4src4nnd2nOrk80qN KABEezRWVsyCI8GLqJjXXtEZEMhSsOd3s3B4qLGV/tR6HkRvdEmychTs5QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGzcfUQhKaj03E/KjuWPYLsoj0/zMB8GA1UdIwQY MBaAFEyoWtQ7e0fnUoeDBxhHlNcKAnZsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVEtoYTFEdDdSLWRTaDRNSEdFZVUxd29DZG13LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8yYmVhOGYtOWZiYy00NzY1LTkzYmMt MjIyMjUyOTI5ODczLzEvVEtoYTFEdDdSLWRTaDRNSEdFZVUxd29DZG13Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMC8yYmVhOGYtOWZiYy00NzY1LTkzYmMtMjIyMjUyOTI5ODcz LzEvVEtoYTFEdDdSLWRTaDRNSEdFZVUxd29DZG13LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJgBet5FM XHat3X0+ED5JwDqwUQIzdZdgfFPRJ/QRhIHCoXsoSbYVsDCmASghsReahYvmumNd RxIzmwt35WK2YnE/A6wK8W37F3uejKYkG4no1+rs3zSgmtIqmdBBuGkNs69V8QWh sfuCB4EAr/p6Nh9YkCJrhB+T2MyrddV2iiKT1BvnYJA0zWSVR4QmmRHYvB++LAbP 7xCmo7we6UDBwk8jTwpzcHkDJOeMDDRRvtD4WwTs2BTD6pJY0QJFK2zO1CsMYAuz 0CG0DkJmPrjy8B22vmw+kO82moQ9TyLJ4zY/xdiJ8oMT2P16AfjaqyZA19O46NFR nmBjzp1RDvoVxw== -----END CERTIFICATE-----Generated at Fri Dec 12 00:59:06 2025 by rpki-client