This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/6eeb5c-d251-470a-a7cd-318362004e8a/1/Tm32g40DOAFB635O5V3AXYcGHck.mft File: Tm32g40DOAFB635O5V3AXYcGHck.mft (raw, json) Hash identifier: vUAb+8Hge+Pcl7LWSoJI/oPL8ocwR1b8FGXVIqin6AA= Subject key identifier: E4:BD:C3:7A:72:CE:1F:2E:0E:8E:EF:3E:AF:A6:1E:A1:B7:A4:7E:61 Authority key identifier: 4E:6D:F6:83:8D:03:38:01:41:EB:7E:4E:E5:5D:C0:5D:87:06:1D:C9 Certificate issuer: /CN=4e6df6838d03380141eb7e4ee55dc05d87061dc9 Certificate serial: 019B18713DCCADD71084AF3F20BFEAC0BC32 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tm32g40DOAFB635O5V3AXYcGHck.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/6eeb5c-d251-470a-a7cd-318362004e8a/1/Tm32g40DOAFB635O5V3AXYcGHck.mft Manifest number: 11C3 Signing time: Sat 13 Dec 2025 16:00:33 +0000 Manifest this update: Sat 13 Dec 2025 16:00:33 +0000 Manifest next update: Sun 14 Dec 2025 16:00:33 +0000 Files and hashes: 1: 6zGLvq4k5vmzCBWK5uxpgKx-SpM.roa (hash: d72RjXOy3TrPnzNgu1Y/cwJXn9F8xvKoAfaZ+LW3oR4=) 2: Tm32g40DOAFB635O5V3AXYcGHck.crl (hash: Xypp/6T3jiDmXoTYtHWq0EVvrRIOQC0VwFNqPlgALQ0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/6eeb5c-d251-470a-a7cd-318362004e8a/1/Tm32g40DOAFB635O5V3AXYcGHck.crl rsync://rpki.ripe.net/repository/DEFAULT/2b/6eeb5c-d251-470a-a7cd-318362004e8a/1/Tm32g40DOAFB635O5V3AXYcGHck.mft rsync://rpki.ripe.net/repository/DEFAULT/Tm32g40DOAFB635O5V3AXYcGHck.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 14 Dec 2025 16:00:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:18:71:3d:cc:ad:d7:10:84:af:3f:20:bf:ea:c0:bc:32 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4e6df6838d03380141eb7e4ee55dc05d87061dc9 Validity Not Before: Dec 13 16:00:33 2025 GMT Not After : Dec 14 16:00:33 2025 GMT Subject: CN=e4bdc37a72ce1f2e0e8eef3eafa61ea1b7a47e61 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:29:d3:f7:07:3b:13:56:6f:75:fc:3c:a6:49: d2:81:57:c0:7c:79:70:a9:14:0c:9e:57:30:70:f3: d3:0d:d7:5b:b6:da:3e:59:24:e1:c6:a8:05:2e:97: e7:d2:0a:8e:df:d3:7d:c0:96:e0:ff:28:f0:96:fd: 8a:a4:be:41:91:23:6a:6b:1d:80:4f:32:6c:f1:ae: 8c:fb:c3:b0:f8:ac:2e:33:92:62:8e:97:28:ed:16: d2:e2:c7:e7:a7:cb:59:f3:b1:d8:1e:95:5c:d7:03: e6:d4:c0:43:28:5c:a4:88:fb:5d:41:4d:a0:1f:65: db:8d:a4:d0:d9:27:c8:6f:9c:3f:9e:f4:ed:5a:44: d7:af:b4:e2:05:21:17:45:a0:71:b0:12:5b:87:76: 72:9e:55:38:a4:8b:a8:9a:3b:5a:36:33:55:cf:ee: e3:07:61:9b:86:c5:aa:f7:1e:59:8b:6d:2d:f6:da: 3b:7d:84:20:73:86:2d:46:ad:a9:72:d0:5e:93:bc: 36:1f:29:c4:84:5b:37:10:1e:8c:f7:79:e1:c0:61: 33:63:59:05:a1:e1:87:60:49:0a:6a:13:83:40:39: 57:da:08:30:45:02:cc:2c:0c:aa:c0:4c:52:57:a4: 40:e9:7b:c4:ff:ef:d6:51:99:71:e1:33:e8:6f:ab: d1:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E4:BD:C3:7A:72:CE:1F:2E:0E:8E:EF:3E:AF:A6:1E:A1:B7:A4:7E:61 X509v3 Authority Key Identifier: keyid:4E:6D:F6:83:8D:03:38:01:41:EB:7E:4E:E5:5D:C0:5D:87:06:1D:C9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tm32g40DOAFB635O5V3AXYcGHck.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/6eeb5c-d251-470a-a7cd-318362004e8a/1/Tm32g40DOAFB635O5V3AXYcGHck.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/6eeb5c-d251-470a-a7cd-318362004e8a/1/Tm32g40DOAFB635O5V3AXYcGHck.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9c:35:55:a8:b8:da:19:ff:55:45:68:ad:63:ba:54:f1:19:00: c6:0e:3b:6f:ca:58:ac:fe:e1:b7:cc:8d:7c:65:8f:18:98:b1: 92:2f:cd:a2:50:16:ad:64:90:1e:16:89:f0:f2:5b:b9:d2:99: b4:22:88:29:0e:aa:e9:7e:57:ac:8a:7b:55:29:ab:ea:e7:60: 99:fe:db:72:18:27:22:41:55:84:0e:f5:bd:e3:76:d1:69:cd: b1:be:ab:36:df:c9:fa:3e:f9:60:72:a0:44:ee:0b:31:a6:53: 0f:3e:1a:34:81:43:b9:76:a9:07:cf:33:54:68:85:c3:0e:c0: 31:5c:7c:36:3f:8b:f9:b9:16:7d:e7:b7:3e:d1:38:32:33:9e: ac:38:72:a7:fc:e4:71:79:90:cd:99:49:45:99:de:d7:0d:41: c1:83:f7:42:06:8d:6d:1f:e8:b0:da:9a:ba:c9:c8:8c:ac:6c: a6:db:f7:50:b1:ee:50:68:32:c1:64:50:52:87:b8:45:16:29: 92:be:b3:4d:52:21:ff:ae:55:e9:4a:01:6f:46:d7:f0:91:9f: d8:5b:47:ed:ac:b7:c3:e8:d0:c1:6c:97:be:92:38:6f:59:12: 3c:d7:66:d9:a8:21:16:4f:3e:40:3c:0b:69:1d:c0:a6:bf:5b: 9a:5a:1c:9d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsYcT3MrdcQhK8/IL/qwLwyMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRlNmRmNjgzOGQwMzM4MDE0MWViN2U0ZWU1NWRjMDVkODcw NjFkYzkwHhcNMjUxMjEzMTYwMDMzWhcNMjUxMjE0MTYwMDMzWjAzMTEwLwYDVQQD EyhlNGJkYzM3YTcyY2UxZjJlMGU4ZWVmM2VhZmE2MWVhMWI3YTQ3ZTYxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwCnT9wc7E1Zvdfw8pknSgVfAfHlw qRQMnlcwcPPTDddbtto+WSThxqgFLpfn0gqO39N9wJbg/yjwlv2KpL5BkSNqax2A TzJs8a6M+8Ow+KwuM5Jijpco7RbS4sfnp8tZ87HYHpVc1wPm1MBDKFykiPtdQU2g H2XbjaTQ2SfIb5w/nvTtWkTXr7TiBSEXRaBxsBJbh3ZynlU4pIuomjtaNjNVz+7j B2GbhsWq9x5Zi20t9to7fYQgc4YtRq2pctBek7w2HynEhFs3EB6M93nhwGEzY1kF oeGHYEkKahODQDlX2ggwRQLMLAyqwExSV6RA6XvE/+/WUZlx4TPob6vRRwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOS9w3pyzh8uDo7vPq+mHqG3pH5hMB8GA1UdIwQY MBaAFE5t9oONAzgBQet+TuVdwF2HBh3JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVG0zMmc0MERPQUZCNjM1TzVWM0FYWWNHSGNrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi82ZWViNWMtZDI1MS00NzBhLWE3Y2Qt MzE4MzYyMDA0ZThhLzEvVG0zMmc0MERPQUZCNjM1TzVWM0FYWWNHSGNrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYi82ZWViNWMtZDI1MS00NzBhLWE3Y2QtMzE4MzYyMDA0ZThh LzEvVG0zMmc0MERPQUZCNjM1TzVWM0FYWWNHSGNrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnDVVqLja Gf9VRWitY7pU8RkAxg47b8pYrP7ht8yNfGWPGJixki/NolAWrWSQHhaJ8PJbudKZ tCKIKQ6q6X5XrIp7VSmr6udgmf7bchgnIkFVhA71veN20WnNsb6rNt/J+j75YHKg RO4LMaZTDz4aNIFDuXapB88zVGiFww7AMVx8Nj+L+bkWfee3PtE4MjOerDhyp/zk cXmQzZlJRZne1w1BwYP3QgaNbR/osNqausnIjKxsptv3ULHuUGgywWRQUoe4RRYp kr6zTVIh/65V6UoBb0bX8JGf2FtH7ay3w+jQwWyXvpI4b1kSPNdm2aghFk8+QDwL aR3Apr9bmlocnQ== -----END CERTIFICATE-----Generated at Sun Dec 14 01:51:36 2025 by rpki-client