This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/30a2bf-b51e-4d72-b409-ca8b2758be15/1/T1Cg3MccQpI-QHARvSEq-lxi5Z0.mft File: T1Cg3MccQpI-QHARvSEq-lxi5Z0.mft (raw, json) Hash identifier: S0suURlKl3hzYJCO3k2YaWPrm5v8nPH+qYAQAQjCs8c= Subject key identifier: 52:4C:33:94:C8:2C:CB:3A:62:C6:1A:6C:97:37:D2:78:33:B8:52:5F Authority key identifier: 4F:50:A0:DC:C7:1C:42:92:3E:40:70:11:BD:21:2A:FA:5C:62:E5:9D Certificate issuer: /CN=4f50a0dcc71c42923e407011bd212afa5c62e59d Certificate serial: 019B0F6E875DCC90F7DA0479CC2005F4BC76 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T1Cg3MccQpI-QHARvSEq-lxi5Z0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/30a2bf-b51e-4d72-b409-ca8b2758be15/1/T1Cg3MccQpI-QHARvSEq-lxi5Z0.mft Manifest number: 08BA Signing time: Thu 11 Dec 2025 22:01:00 +0000 Manifest this update: Thu 11 Dec 2025 22:01:00 +0000 Manifest next update: Fri 12 Dec 2025 22:01:00 +0000 Files and hashes: 1: O4ZnlVhhx3zd5V2McWkK5lXbTfU.roa (hash: 1/S6pfTZfcr0nY65o+eT5Gg2Gukw2uRx/s1OdeKWKmE=) 2: T1Cg3MccQpI-QHARvSEq-lxi5Z0.crl (hash: kzoI9yGOfQtYXToacSSttZ78BLkXlHSbLsEMrgV15RU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/60/30a2bf-b51e-4d72-b409-ca8b2758be15/1/T1Cg3MccQpI-QHARvSEq-lxi5Z0.crl rsync://rpki.ripe.net/repository/DEFAULT/60/30a2bf-b51e-4d72-b409-ca8b2758be15/1/T1Cg3MccQpI-QHARvSEq-lxi5Z0.mft rsync://rpki.ripe.net/repository/DEFAULT/T1Cg3MccQpI-QHARvSEq-lxi5Z0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 12 Dec 2025 19:27:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:0f:6e:87:5d:cc:90:f7:da:04:79:cc:20:05:f4:bc:76 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4f50a0dcc71c42923e407011bd212afa5c62e59d Validity Not Before: Dec 11 22:01:00 2025 GMT Not After : Dec 12 22:01:00 2025 GMT Subject: CN=524c3394c82ccb3a62c61a6c9737d27833b8525f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:74:31:54:88:89:dc:ad:f4:be:17:1b:20:4c: 17:e3:a7:c7:55:7e:c9:a8:5c:15:b8:94:14:73:1c: 1d:10:e6:86:a6:dd:ba:2e:88:96:5a:ac:cf:89:54: c1:60:4d:f5:63:f7:1d:0c:94:de:f8:94:5d:8f:95: 51:7e:07:53:73:9b:88:b6:d8:69:5a:a9:bb:f7:35: 85:d3:66:2d:07:12:75:00:09:e3:2e:f9:4a:0f:c0: 7b:32:40:b1:7e:c1:31:14:e2:eb:3a:ff:28:99:b8: ca:60:2e:db:41:30:81:37:c4:41:80:73:7b:8b:1b: 16:12:2d:7a:e5:ea:70:a5:cb:90:93:5a:e0:2a:5b: 07:36:ea:02:29:47:58:51:85:aa:b9:9c:1c:90:ca: 7b:35:35:a2:b9:10:95:c9:7d:78:6b:df:81:2d:b2: 74:c7:17:a0:92:58:2c:c8:5d:9b:a1:9e:6c:89:e2: 41:a5:39:bc:44:88:c3:24:8f:c1:7b:ef:a1:4b:fd: c3:45:a3:73:48:bb:47:8e:ac:e8:8d:ae:47:71:57: d8:c0:8b:fd:04:43:4b:f0:28:88:eb:a9:d8:1c:39: ae:49:42:64:03:94:e6:45:a3:f3:35:29:ff:d4:b1: 7b:cd:85:4e:5c:8b:23:9c:37:74:73:45:87:3d:ed: 16:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 52:4C:33:94:C8:2C:CB:3A:62:C6:1A:6C:97:37:D2:78:33:B8:52:5F X509v3 Authority Key Identifier: keyid:4F:50:A0:DC:C7:1C:42:92:3E:40:70:11:BD:21:2A:FA:5C:62:E5:9D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T1Cg3MccQpI-QHARvSEq-lxi5Z0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/30a2bf-b51e-4d72-b409-ca8b2758be15/1/T1Cg3MccQpI-QHARvSEq-lxi5Z0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/60/30a2bf-b51e-4d72-b409-ca8b2758be15/1/T1Cg3MccQpI-QHARvSEq-lxi5Z0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9d:87:a5:26:07:11:c9:a0:68:0b:41:bd:87:6c:42:1e:43:19: 19:3d:e2:04:6f:62:f9:af:56:9e:7c:7b:04:9e:2a:1d:72:e0: 03:3b:b1:5b:ce:25:18:07:c4:e2:52:65:91:8f:b5:b9:af:74: 4b:d9:16:fc:32:d2:57:0c:2d:8b:84:9d:0b:2d:57:01:54:52: 8a:46:47:af:5a:f8:4c:e3:6a:32:30:ff:52:87:6a:31:e1:7f: 51:67:55:5b:3e:ce:62:26:1a:fd:c3:bb:fb:f5:8c:5c:ad:88: fb:45:f0:1f:c5:37:d1:1b:85:96:9e:cd:db:8d:2a:69:6e:39: e3:0f:d8:5f:a7:57:72:c6:f4:e5:5d:94:16:d1:41:4b:d2:1c: db:65:7a:9a:3d:36:5a:73:c8:b2:99:6c:90:74:f6:1a:80:d4: 44:8b:f7:b1:ee:95:0c:3e:ef:de:19:d3:47:a3:65:18:c1:85: ae:58:22:da:ba:60:df:75:f5:c1:4a:f9:33:5d:40:7e:e5:59: a1:3e:7c:d8:61:13:63:87:d2:4a:ff:8e:e5:75:a7:c0:d1:e7: 9f:c8:37:4f:ae:05:05:9f:33:a7:38:bd:f5:68:89:2f:19:4c: 45:46:27:d2:c6:58:70:b8:c9:59:a9:ce:36:ad:9e:f8:cb:32: dc:e3:09:75 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsPboddzJD32gR5zCAF9Lx2MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRmNTBhMGRjYzcxYzQyOTIzZTQwNzAxMWJkMjEyYWZhNWM2 MmU1OWQwHhcNMjUxMjExMjIwMTAwWhcNMjUxMjEyMjIwMTAwWjAzMTEwLwYDVQQD Eyg1MjRjMzM5NGM4MmNjYjNhNjJjNjFhNmM5NzM3ZDI3ODMzYjg1MjVmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo3QxVIiJ3K30vhcbIEwX46fHVX7J qFwVuJQUcxwdEOaGpt26LoiWWqzPiVTBYE31Y/cdDJTe+JRdj5VRfgdTc5uItthp Wqm79zWF02YtBxJ1AAnjLvlKD8B7MkCxfsExFOLrOv8ombjKYC7bQTCBN8RBgHN7 ixsWEi165epwpcuQk1rgKlsHNuoCKUdYUYWquZwckMp7NTWiuRCVyX14a9+BLbJ0 xxegklgsyF2boZ5sieJBpTm8RIjDJI/Be++hS/3DRaNzSLtHjqzoja5HcVfYwIv9 BENL8CiI66nYHDmuSUJkA5TmRaPzNSn/1LF7zYVOXIsjnDd0c0WHPe0WaQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFJMM5TILMs6YsYabJc30ngzuFJfMB8GA1UdIwQY MBaAFE9QoNzHHEKSPkBwEb0hKvpcYuWdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVDFDZzNNY2NRcEktUUhBUnZTRXEtbHhpNVowLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC8zMGEyYmYtYjUxZS00ZDcyLWI0MDkt Y2E4YjI3NThiZTE1LzEvVDFDZzNNY2NRcEktUUhBUnZTRXEtbHhpNVowLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82MC8zMGEyYmYtYjUxZS00ZDcyLWI0MDktY2E4YjI3NThiZTE1 LzEvVDFDZzNNY2NRcEktUUhBUnZTRXEtbHhpNVowLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnYelJgcR yaBoC0G9h2xCHkMZGT3iBG9i+a9Wnnx7BJ4qHXLgAzuxW84lGAfE4lJlkY+1ua90 S9kW/DLSVwwti4SdCy1XAVRSikZHr1r4TONqMjD/UodqMeF/UWdVWz7OYiYa/cO7 +/WMXK2I+0XwH8U30RuFlp7N240qaW454w/YX6dXcsb05V2UFtFBS9Ic22V6mj02 WnPIsplskHT2GoDURIv3se6VDD7v3hnTR6NlGMGFrlgi2rpg33X1wUr5M11AfuVZ oT582GETY4fSSv+O5XWnwNHnn8g3T64FBZ8zpzi99WiJLxlMRUYn0sZYcLjJWanO Nq2e+Msy3OMJdQ== -----END CERTIFICATE-----Generated at Fri Dec 12 04:03:00 2025 by rpki-client