This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/6a9378-2fa7-482d-8c7c-69ca4cb65f97/1/TNkIkaeTL3NWqAMznaDM32OtLTU.mft File: TNkIkaeTL3NWqAMznaDM32OtLTU.mft (raw, json) Hash identifier: 194xbxR7BQPadB2O/PWNYEybnoKoJmezjekxsTJ7vLI= Subject key identifier: D3:73:A6:2F:7F:07:7E:79:09:3D:5A:BD:30:C2:AF:24:A7:D1:46:DE Authority key identifier: 4C:D9:08:91:A7:93:2F:73:56:A8:03:33:9D:A0:CC:DF:63:AD:2D:35 Certificate issuer: /CN=4cd90891a7932f7356a803339da0ccdf63ad2d35 Certificate serial: 019B31C3A1F2755173DE2B039B2CD1B582EE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TNkIkaeTL3NWqAMznaDM32OtLTU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/6a9378-2fa7-482d-8c7c-69ca4cb65f97/1/TNkIkaeTL3NWqAMznaDM32OtLTU.mft Manifest number: 026D Signing time: Thu 18 Dec 2025 14:01:03 +0000 Manifest this update: Thu 18 Dec 2025 14:01:03 +0000 Manifest next update: Fri 19 Dec 2025 14:01:03 +0000 Files and hashes: 1: GPp0CA4dJEmXPt3FvKOuB6Y1Ajo.roa (hash: /WVZb52tGGnvS1Lpmu++5VCxojp2nMgaocCDFVDfPQY=) 2: TNkIkaeTL3NWqAMznaDM32OtLTU.crl (hash: xOZyOS07zxHoK2/reLPWfRFLysgLwTcCvEtW90pbf+Q=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5e/6a9378-2fa7-482d-8c7c-69ca4cb65f97/1/TNkIkaeTL3NWqAMznaDM32OtLTU.crl rsync://rpki.ripe.net/repository/DEFAULT/5e/6a9378-2fa7-482d-8c7c-69ca4cb65f97/1/TNkIkaeTL3NWqAMznaDM32OtLTU.mft rsync://rpki.ripe.net/repository/DEFAULT/TNkIkaeTL3NWqAMznaDM32OtLTU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 14:01:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:31:c3:a1:f2:75:51:73:de:2b:03:9b:2c:d1:b5:82:ee Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4cd90891a7932f7356a803339da0ccdf63ad2d35 Validity Not Before: Dec 18 14:01:03 2025 GMT Not After : Dec 19 14:01:03 2025 GMT Subject: CN=d373a62f7f077e79093d5abd30c2af24a7d146de Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:c5:1b:4c:4e:cb:12:6a:7f:81:64:6f:42:ab: 8c:d6:d2:8e:bb:76:8e:83:5b:96:52:d5:11:be:a8: c6:3a:a1:43:83:2d:e7:a1:c8:d3:33:04:9f:7f:50: ab:08:49:e8:fe:65:50:ec:c2:30:96:09:83:c1:f3: 32:1e:af:c0:88:ff:da:0f:0b:7e:63:46:cc:f8:65: c0:da:6a:ec:30:64:61:4b:c8:b5:3a:16:d6:e5:9e: 40:b1:36:f3:4e:b7:26:79:62:78:40:99:9d:b7:06: 50:38:0e:b9:4d:8c:18:a2:05:2f:c0:87:a9:85:a0: f9:1a:89:6d:fb:df:c0:42:f7:11:cd:7c:0d:9a:17: 6a:26:b3:60:4c:4e:6a:b9:94:58:be:e9:8f:75:07: 85:bd:ea:f0:6e:5a:f5:5f:50:0d:c1:41:bc:15:17: b9:39:8d:25:b9:56:c4:2a:6d:a2:e3:00:08:8e:0a: 30:15:d8:b7:32:43:6e:c6:9f:6c:bb:f3:ed:3d:64: 97:6c:fd:94:4a:09:c6:82:2a:1b:5d:f7:fa:3b:bd: 31:7c:15:1d:4b:11:35:48:fc:07:7c:c7:05:63:91: 22:b7:9d:6f:5d:03:b4:79:af:ed:24:45:b2:36:1f: 09:d2:2a:aa:5c:0a:f9:0a:91:0c:a4:5f:d3:4b:ed: e1:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D3:73:A6:2F:7F:07:7E:79:09:3D:5A:BD:30:C2:AF:24:A7:D1:46:DE X509v3 Authority Key Identifier: keyid:4C:D9:08:91:A7:93:2F:73:56:A8:03:33:9D:A0:CC:DF:63:AD:2D:35 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TNkIkaeTL3NWqAMznaDM32OtLTU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/6a9378-2fa7-482d-8c7c-69ca4cb65f97/1/TNkIkaeTL3NWqAMznaDM32OtLTU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/6a9378-2fa7-482d-8c7c-69ca4cb65f97/1/TNkIkaeTL3NWqAMznaDM32OtLTU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 29:32:9d:ec:b4:71:48:8a:6b:0e:6f:17:53:2e:70:4a:72:dd: 7d:89:cb:c7:1a:1e:d5:19:15:21:ae:87:ce:31:f2:15:5a:41: 4c:8c:bc:c1:f0:6e:37:05:15:3a:d6:f5:5f:ce:ff:31:34:e0: 00:c5:94:26:57:af:db:b4:13:79:52:c0:1c:85:10:5f:b3:2a: 5e:41:69:18:4d:4b:d4:9e:e5:44:0f:f4:9e:f8:20:07:2d:4b: c8:96:6d:31:2d:8a:b8:fb:e1:c6:7c:c7:80:7f:c3:81:f7:9f: ee:7d:62:90:77:c5:bc:a9:94:86:70:39:bf:60:a6:17:ce:47: 27:84:f8:f2:e8:87:4b:e1:ae:4a:39:5a:7f:88:61:e5:7f:ec: f6:18:a6:4a:09:cd:e9:1b:49:a8:b4:75:0c:4b:2b:dd:d1:c0: 51:13:79:78:7f:b5:43:72:12:cd:f9:45:e5:04:13:21:39:76: 20:19:00:c6:65:12:c3:50:2d:98:21:04:2e:d9:71:8e:1b:ab: dd:83:e2:ab:39:ec:b5:90:47:45:a4:e1:79:5b:25:4b:05:0e: 7c:e0:9e:5b:22:d0:ba:d9:ad:88:56:ad:e9:49:2d:fe:5c:ab: 61:df:d5:3a:0c:e8:ae:5a:c9:c4:b4:d5:9a:c6:65:4a:90:b7: 6c:64:88:1b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsxw6HydVFz3isDmyzRtYLuMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRjZDkwODkxYTc5MzJmNzM1NmE4MDMzMzlkYTBjY2RmNjNh ZDJkMzUwHhcNMjUxMjE4MTQwMTAzWhcNMjUxMjE5MTQwMTAzWjAzMTEwLwYDVQQD EyhkMzczYTYyZjdmMDc3ZTc5MDkzZDVhYmQzMGMyYWYyNGE3ZDE0NmRlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsMUbTE7LEmp/gWRvQquM1tKOu3aO g1uWUtURvqjGOqFDgy3nocjTMwSff1CrCEno/mVQ7MIwlgmDwfMyHq/AiP/aDwt+ Y0bM+GXA2mrsMGRhS8i1OhbW5Z5AsTbzTrcmeWJ4QJmdtwZQOA65TYwYogUvwIep haD5Golt+9/AQvcRzXwNmhdqJrNgTE5quZRYvumPdQeFverwblr1X1ANwUG8FRe5 OY0luVbEKm2i4wAIjgowFdi3MkNuxp9su/PtPWSXbP2USgnGgiobXff6O70xfBUd SxE1SPwHfMcFY5Eit51vXQO0ea/tJEWyNh8J0iqqXAr5CpEMpF/TS+3hfwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNNzpi9/B355CT1avTDCrySn0UbeMB8GA1UdIwQY MBaAFEzZCJGnky9zVqgDM52gzN9jrS01MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVE5rSWthZVRMM05XcUFNem5hRE0zMk90TFRVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS82YTkzNzgtMmZhNy00ODJkLThjN2Mt NjljYTRjYjY1Zjk3LzEvVE5rSWthZVRMM05XcUFNem5hRE0zMk90TFRVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81ZS82YTkzNzgtMmZhNy00ODJkLThjN2MtNjljYTRjYjY1Zjk3 LzEvVE5rSWthZVRMM05XcUFNem5hRE0zMk90TFRVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKTKd7LRx SIprDm8XUy5wSnLdfYnLxxoe1RkVIa6HzjHyFVpBTIy8wfBuNwUVOtb1X87/MTTg AMWUJlev27QTeVLAHIUQX7MqXkFpGE1L1J7lRA/0nvggBy1LyJZtMS2KuPvhxnzH gH/Dgfef7n1ikHfFvKmUhnA5v2CmF85HJ4T48uiHS+GuSjlaf4hh5X/s9himSgnN 6RtJqLR1DEsr3dHAURN5eH+1Q3ISzflF5QQTITl2IBkAxmUSw1AtmCEELtlxjhur 3YPiqznstZBHRaTheVslSwUOfOCeWyLQutmtiFat6Ukt/lyrYd/VOgzorlrJxLTV msZlSpC3bGSIGw== -----END CERTIFICATE-----Generated at Fri Dec 19 00:12:57 2025 by rpki-client