This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/f90ac9-5367-4232-b137-778873a2726c/1/TqgFrqhgMLrN0Lo-TkJOG67wgk0.mft File: TqgFrqhgMLrN0Lo-TkJOG67wgk0.mft (raw, json) Hash identifier: K7DGts/yzrJ3O/8iHwA+GXFe99pL33W0jWp+IWT/AeI= Subject key identifier: 0C:39:54:F4:75:BE:22:7E:28:99:E7:B6:EF:9B:9A:4C:EA:FF:56:2B Authority key identifier: 4E:A8:05:AE:A8:60:30:BA:CD:D0:BA:3E:4E:42:4E:1B:AE:F0:82:4D Certificate issuer: /CN=4ea805aea86030bacdd0ba3e4e424e1baef0824d Certificate serial: 019B31C38FBF07360D45C86308B6E4C18DAD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TqgFrqhgMLrN0Lo-TkJOG67wgk0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/f90ac9-5367-4232-b137-778873a2726c/1/TqgFrqhgMLrN0Lo-TkJOG67wgk0.mft Manifest number: 0371 Signing time: Thu 18 Dec 2025 14:00:58 +0000 Manifest this update: Thu 18 Dec 2025 14:00:58 +0000 Manifest next update: Fri 19 Dec 2025 14:00:58 +0000 Files and hashes: 1: TqgFrqhgMLrN0Lo-TkJOG67wgk0.crl (hash: KuvKRvogy4LjpETGYjGGa/ez5M8nmZraqtLPMfT1oZA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/f90ac9-5367-4232-b137-778873a2726c/1/TqgFrqhgMLrN0Lo-TkJOG67wgk0.crl rsync://rpki.ripe.net/repository/DEFAULT/36/f90ac9-5367-4232-b137-778873a2726c/1/TqgFrqhgMLrN0Lo-TkJOG67wgk0.mft rsync://rpki.ripe.net/repository/DEFAULT/TqgFrqhgMLrN0Lo-TkJOG67wgk0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 13:00:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:31:c3:8f:bf:07:36:0d:45:c8:63:08:b6:e4:c1:8d:ad Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4ea805aea86030bacdd0ba3e4e424e1baef0824d Validity Not Before: Dec 18 14:00:58 2025 GMT Not After : Dec 19 14:00:58 2025 GMT Subject: CN=0c3954f475be227e2899e7b6ef9b9a4ceaff562b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:9c:5b:56:27:72:7a:b9:86:43:a8:14:fb:7c: 4e:d2:17:61:01:4d:c1:a9:ff:bd:38:6f:b1:d6:82: 46:17:32:19:07:3a:ab:6c:ad:b2:20:25:17:3c:7a: d9:27:d6:23:06:b9:df:b0:92:49:75:77:76:31:8e: e4:d1:07:fa:bb:e7:da:c2:3e:9b:87:12:4e:56:6d: 08:d6:65:a2:0d:69:14:9f:9a:92:f4:0d:8e:85:fc: 87:fa:fe:d1:eb:69:22:d3:7f:d9:ed:86:bc:b5:c7: bc:5a:2a:cc:1a:60:ce:e5:ff:05:9d:8b:6e:4c:fd: 58:24:7d:8a:d9:aa:e6:f4:b9:e7:d3:8a:77:a2:71: 3e:2f:4a:60:d6:ab:71:e9:13:72:01:38:e1:cb:b5: 9e:ad:9f:73:53:a8:10:62:0b:93:c4:de:fb:b5:41: 04:f4:b5:ab:38:ad:2d:00:e3:1d:d9:87:c2:47:c8: 65:d1:7a:d1:5a:40:d2:3e:03:d1:8a:53:e8:16:d4: 6f:51:f8:c5:a7:13:31:10:e7:34:86:d5:33:69:aa: 2b:a4:87:31:01:91:c4:04:9f:ee:31:c4:31:8d:50: d2:44:0f:12:16:19:95:3c:50:48:f9:65:30:5c:ea: 70:cc:df:43:fb:55:ca:55:a4:7b:32:12:ac:a4:e0: 19:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:39:54:F4:75:BE:22:7E:28:99:E7:B6:EF:9B:9A:4C:EA:FF:56:2B X509v3 Authority Key Identifier: keyid:4E:A8:05:AE:A8:60:30:BA:CD:D0:BA:3E:4E:42:4E:1B:AE:F0:82:4D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TqgFrqhgMLrN0Lo-TkJOG67wgk0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/f90ac9-5367-4232-b137-778873a2726c/1/TqgFrqhgMLrN0Lo-TkJOG67wgk0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/36/f90ac9-5367-4232-b137-778873a2726c/1/TqgFrqhgMLrN0Lo-TkJOG67wgk0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a4:ca:c9:92:8a:f2:a4:a5:a3:63:0c:24:a2:9c:81:ac:c1:70: eb:2d:5e:d3:64:53:4c:cb:40:79:ba:5a:0d:85:5d:a5:43:1b: 7d:bd:a8:78:4d:ec:98:9a:e3:9b:ca:39:df:82:94:f4:fb:fa: 50:eb:6c:87:47:a5:12:72:5e:18:57:82:01:b1:77:51:70:5b: 0a:40:c0:3b:75:e1:7f:c4:7a:33:7e:24:3b:32:2f:81:60:f7: e2:c9:56:e7:94:8f:28:57:a0:6f:db:da:6c:bc:0f:79:d9:c8: 07:79:a5:cb:95:fa:44:52:67:c7:0e:49:dc:ae:7f:66:fc:a6: 8d:94:92:9d:c6:dc:d4:a5:4f:2b:d3:1c:1b:ea:0b:01:a4:85: c8:78:6c:91:9f:70:09:b8:3e:42:fa:be:18:9c:df:33:a2:49: df:62:e6:92:5c:e2:50:a7:de:e8:e9:fd:a0:36:07:d5:ef:8b: 8e:16:35:75:bf:d5:1a:27:da:df:32:44:e1:65:59:a5:86:d0: 4d:c7:a4:ae:3e:93:02:51:97:ad:ac:54:41:b3:d4:4f:8e:4e: 64:d1:1a:9d:10:19:4f:a8:b0:4a:e1:9f:d8:2d:b1:30:bb:ee: 55:6f:54:71:1f:92:58:73:46:aa:2d:47:28:ab:1c:a4:3e:33: 00:01:5a:d0 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsxw4+/BzYNRchjCLbkwY2tMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRlYTgwNWFlYTg2MDMwYmFjZGQwYmEzZTRlNDI0ZTFiYWVm MDgyNGQwHhcNMjUxMjE4MTQwMDU4WhcNMjUxMjE5MTQwMDU4WjAzMTEwLwYDVQQD EygwYzM5NTRmNDc1YmUyMjdlMjg5OWU3YjZlZjliOWE0Y2VhZmY1NjJiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzZxbVidyermGQ6gU+3xO0hdhAU3B qf+9OG+x1oJGFzIZBzqrbK2yICUXPHrZJ9YjBrnfsJJJdXd2MY7k0Qf6u+fawj6b hxJOVm0I1mWiDWkUn5qS9A2OhfyH+v7R62ki03/Z7Ya8tce8WirMGmDO5f8FnYtu TP1YJH2K2arm9Lnn04p3onE+L0pg1qtx6RNyATjhy7WerZ9zU6gQYguTxN77tUEE 9LWrOK0tAOMd2YfCR8hl0XrRWkDSPgPRilPoFtRvUfjFpxMxEOc0htUzaaorpIcx AZHEBJ/uMcQxjVDSRA8SFhmVPFBI+WUwXOpwzN9D+1XKVaR7MhKspOAZlQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAw5VPR1viJ+KJnntu+bmkzq/1YrMB8GA1UdIwQY MBaAFE6oBa6oYDC6zdC6Pk5CThuu8IJNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVHFnRnJxaGdNTHJOMExvLVRrSk9HNjd3Z2swLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9mOTBhYzktNTM2Ny00MjMyLWIxMzct Nzc4ODczYTI3MjZjLzEvVHFnRnJxaGdNTHJOMExvLVRrSk9HNjd3Z2swLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNi9mOTBhYzktNTM2Ny00MjMyLWIxMzctNzc4ODczYTI3MjZj LzEvVHFnRnJxaGdNTHJOMExvLVRrSk9HNjd3Z2swLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApMrJkory pKWjYwwkopyBrMFw6y1e02RTTMtAebpaDYVdpUMbfb2oeE3smJrjm8o534KU9Pv6 UOtsh0elEnJeGFeCAbF3UXBbCkDAO3Xhf8R6M34kOzIvgWD34slW55SPKFegb9va bLwPednIB3mly5X6RFJnxw5J3K5/ZvymjZSSncbc1KVPK9McG+oLAaSFyHhskZ9w Cbg+Qvq+GJzfM6JJ32LmklziUKfe6On9oDYH1e+LjhY1db/VGifa3zJE4WVZpYbQ Tcekrj6TAlGXraxUQbPUT45OZNEanRAZT6iwSuGf2C2xMLvuVW9UcR+SWHNGqi1H KKscpD4zAAFa0A== -----END CERTIFICATE-----Generated at Thu Dec 18 22:36:45 2025 by rpki-client