This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/f541d1-5cf9-4481-8a07-3a5b3696817d/1/TYEGKSpQrK_qaBfLoczmd6J34OE.mft File: TYEGKSpQrK_qaBfLoczmd6J34OE.mft (raw, json) Hash identifier: xEiW7Jb0PCeM+rnaUZUBBeIx1mpFI3+5O8RG/xUW1vE= Subject key identifier: A8:DA:63:27:1A:12:DC:60:A2:3A:D6:79:7C:A8:80:22:4B:1E:69:09 Authority key identifier: 4D:81:06:29:2A:50:AC:AF:EA:68:17:CB:A1:CC:E6:77:A2:77:E0:E1 Certificate issuer: /CN=4d8106292a50acafea6817cba1cce677a277e0e1 Certificate serial: 019B18DF76BEA18B4466E2CE136407F69167 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TYEGKSpQrK_qaBfLoczmd6J34OE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/f541d1-5cf9-4481-8a07-3a5b3696817d/1/TYEGKSpQrK_qaBfLoczmd6J34OE.mft Manifest number: 05E9 Signing time: Sat 13 Dec 2025 18:00:56 +0000 Manifest this update: Sat 13 Dec 2025 18:00:56 +0000 Manifest next update: Sun 14 Dec 2025 18:00:56 +0000 Files and hashes: 1: TYEGKSpQrK_qaBfLoczmd6J34OE.crl (hash: N9qd19QteD4g1jrqp0mekYkxWQ/aEQSPB9fQiZH14aU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/f541d1-5cf9-4481-8a07-3a5b3696817d/1/TYEGKSpQrK_qaBfLoczmd6J34OE.crl rsync://rpki.ripe.net/repository/DEFAULT/5c/f541d1-5cf9-4481-8a07-3a5b3696817d/1/TYEGKSpQrK_qaBfLoczmd6J34OE.mft rsync://rpki.ripe.net/repository/DEFAULT/TYEGKSpQrK_qaBfLoczmd6J34OE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 14 Dec 2025 17:47:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:18:df:76:be:a1:8b:44:66:e2:ce:13:64:07:f6:91:67 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4d8106292a50acafea6817cba1cce677a277e0e1 Validity Not Before: Dec 13 18:00:56 2025 GMT Not After : Dec 14 18:00:56 2025 GMT Subject: CN=a8da63271a12dc60a23ad6797ca880224b1e6909 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:70:7c:fe:a7:ae:3a:83:5c:f6:ff:51:36:8a: 32:7e:2d:46:e2:6e:d1:6f:3b:e3:68:1d:a4:16:cc: ed:0f:11:fd:43:29:d1:e7:18:7a:b0:9d:96:29:8c: 20:5e:40:af:1b:d8:2a:9d:d6:22:79:bb:8f:c5:0d: 55:19:78:88:4b:e7:b3:cc:75:5f:f6:ab:34:2e:23: 51:29:7f:9b:10:fc:90:5b:56:15:06:2d:c1:53:1a: a9:c2:46:3b:bc:07:08:3a:13:7f:a2:20:c7:d4:f3: 7c:32:82:cf:46:53:87:a4:c6:b3:5c:ed:9f:42:b4: 0d:21:af:65:f6:8b:25:6a:69:eb:b2:10:82:5e:22: 71:c6:0a:d3:6a:cf:b5:6c:95:1f:82:24:6f:c1:88: 66:e5:fb:a5:46:19:ff:f1:71:74:44:d6:f0:4f:8d: 8d:9b:27:a5:dc:19:4e:11:9f:1e:17:78:46:5f:09: d5:91:15:99:45:df:b6:0e:d8:1c:f3:5a:1f:ba:75: 2e:11:22:5c:f6:90:cd:a3:9c:db:94:9e:23:bc:fe: ea:cb:28:59:2f:ae:20:56:50:8f:35:89:47:0c:83: 8e:54:72:b1:ab:ae:e1:f9:3a:60:d9:f4:17:b6:8e: 35:24:45:69:42:c8:a0:31:7f:de:1a:08:80:f3:8b: 32:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A8:DA:63:27:1A:12:DC:60:A2:3A:D6:79:7C:A8:80:22:4B:1E:69:09 X509v3 Authority Key Identifier: keyid:4D:81:06:29:2A:50:AC:AF:EA:68:17:CB:A1:CC:E6:77:A2:77:E0:E1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TYEGKSpQrK_qaBfLoczmd6J34OE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f541d1-5cf9-4481-8a07-3a5b3696817d/1/TYEGKSpQrK_qaBfLoczmd6J34OE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f541d1-5cf9-4481-8a07-3a5b3696817d/1/TYEGKSpQrK_qaBfLoczmd6J34OE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 37:a4:c1:4a:1e:b5:80:56:cd:f8:53:2c:8e:30:a6:44:4c:92: 77:73:ee:af:4e:33:31:2c:31:7c:ac:05:25:d8:04:43:3b:8a: 83:a7:b1:7f:6c:7a:9d:5e:de:ff:dc:24:84:1f:f1:fd:5d:bf: 6a:a9:d2:9f:18:99:ab:83:7c:c4:a0:4a:c5:01:0e:52:a4:86: f0:1d:00:bf:cf:a3:5d:50:ea:8d:12:8a:bd:e3:7a:d0:d4:1a: a6:35:4f:33:d9:94:61:30:20:f9:45:7c:e0:24:6f:99:42:bb: f8:5d:cf:9b:e7:f6:79:bc:a3:96:98:e8:3a:ee:f2:b0:aa:ad: c0:a2:99:d3:64:17:df:ba:1c:d3:b4:a9:d3:25:f0:69:ca:5f: dc:92:15:a1:e1:1f:94:b8:21:f4:5a:5c:ed:f4:0d:03:13:37: 1b:a7:d8:46:27:f1:58:1f:a8:14:be:ca:91:2e:9d:da:67:96: eb:fa:3b:0e:fc:e2:22:e1:d1:27:5e:cd:6f:0c:d6:b3:72:35: 5e:bb:84:82:60:b7:05:21:40:0c:42:05:b4:9a:8b:ee:32:97: 47:38:a1:fd:ce:d5:9f:85:f1:e5:07:22:2c:2b:37:73:e6:1d: 38:06:46:db:d6:f8:12:f9:fa:22:ad:fb:45:37:e5:fe:04:2e: 6b:10:ea:88 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsY33a+oYtEZuLOE2QH9pFnMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRkODEwNjI5MmE1MGFjYWZlYTY4MTdjYmExY2NlNjc3YTI3 N2UwZTEwHhcNMjUxMjEzMTgwMDU2WhcNMjUxMjE0MTgwMDU2WjAzMTEwLwYDVQQD EyhhOGRhNjMyNzFhMTJkYzYwYTIzYWQ2Nzk3Y2E4ODAyMjRiMWU2OTA5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHB8/qeuOoNc9v9RNooyfi1G4m7R bzvjaB2kFsztDxH9QynR5xh6sJ2WKYwgXkCvG9gqndYiebuPxQ1VGXiIS+ezzHVf 9qs0LiNRKX+bEPyQW1YVBi3BUxqpwkY7vAcIOhN/oiDH1PN8MoLPRlOHpMazXO2f QrQNIa9l9oslamnrshCCXiJxxgrTas+1bJUfgiRvwYhm5fulRhn/8XF0RNbwT42N myel3BlOEZ8eF3hGXwnVkRWZRd+2Dtgc81ofunUuESJc9pDNo5zblJ4jvP7qyyhZ L64gVlCPNYlHDIOOVHKxq67h+Tpg2fQXto41JEVpQsigMX/eGgiA84syNwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKjaYycaEtxgojrWeXyogCJLHmkJMB8GA1UdIwQY MBaAFE2BBikqUKyv6mgXy6HM5neid+DhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVFlFR0tTcFFyS19xYUJmTG9jem1kNkozNE9FLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9mNTQxZDEtNWNmOS00NDgxLThhMDct M2E1YjM2OTY4MTdkLzEvVFlFR0tTcFFyS19xYUJmTG9jem1kNkozNE9FLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Yy9mNTQxZDEtNWNmOS00NDgxLThhMDctM2E1YjM2OTY4MTdk LzEvVFlFR0tTcFFyS19xYUJmTG9jem1kNkozNE9FLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAN6TBSh61 gFbN+FMsjjCmREySd3Pur04zMSwxfKwFJdgEQzuKg6exf2x6nV7e/9wkhB/x/V2/ aqnSnxiZq4N8xKBKxQEOUqSG8B0Av8+jXVDqjRKKveN60NQapjVPM9mUYTAg+UV8 4CRvmUK7+F3Pm+f2ebyjlpjoOu7ysKqtwKKZ02QX37oc07Sp0yXwacpf3JIVoeEf lLgh9Fpc7fQNAxM3G6fYRifxWB+oFL7KkS6d2meW6/o7DvziIuHRJ17NbwzWs3I1 XruEgmC3BSFADEIFtJqL7jKXRzih/c7Vn4Xx5QciLCs3c+YdOAZG29b4Evn6Iq37 RTfl/gQuaxDqiA== -----END CERTIFICATE-----Generated at Sun Dec 14 00:03:17 2025 by rpki-client