This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/6a4b86-32b4-405f-bd65-68083709a4b5/1/TUknoUH7JbdYJMa-rvBnnTT8Sb0.mft File: TUknoUH7JbdYJMa-rvBnnTT8Sb0.mft (raw, json) Hash identifier: 2wwpZ/kygvr8CJEvi30psNvRR2wy6LUyjm1Q5ATPaIM= Subject key identifier: 04:31:53:A5:2B:B8:28:19:5E:52:3B:1B:A6:F6:7C:3B:B0:0E:5A:D2 Authority key identifier: 4D:49:27:A1:41:FB:25:B7:58:24:C6:BE:AE:F0:67:9D:34:FC:49:BD Certificate issuer: /CN=4d4927a141fb25b75824c6beaef0679d34fc49bd Certificate serial: 019B5A513A90368BB4A42478C3FA69C4A9E5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TUknoUH7JbdYJMa-rvBnnTT8Sb0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/6a4b86-32b4-405f-bd65-68083709a4b5/1/TUknoUH7JbdYJMa-rvBnnTT8Sb0.mft Manifest number: 048C Signing time: Fri 26 Dec 2025 11:00:31 +0000 Manifest this update: Fri 26 Dec 2025 11:00:31 +0000 Manifest next update: Sat 27 Dec 2025 11:00:31 +0000 Files and hashes: 1: TUknoUH7JbdYJMa-rvBnnTT8Sb0.crl (hash: e0MP4pyvJFi78L09sNqnNObRZu9RkXnVilbFyT6bA+0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9c/6a4b86-32b4-405f-bd65-68083709a4b5/1/TUknoUH7JbdYJMa-rvBnnTT8Sb0.crl rsync://rpki.ripe.net/repository/DEFAULT/9c/6a4b86-32b4-405f-bd65-68083709a4b5/1/TUknoUH7JbdYJMa-rvBnnTT8Sb0.mft rsync://rpki.ripe.net/repository/DEFAULT/TUknoUH7JbdYJMa-rvBnnTT8Sb0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:51:3a:90:36:8b:b4:a4:24:78:c3:fa:69:c4:a9:e5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4d4927a141fb25b75824c6beaef0679d34fc49bd Validity Not Before: Dec 26 11:00:31 2025 GMT Not After : Dec 27 11:00:31 2025 GMT Subject: CN=043153a52bb828195e523b1ba6f67c3bb00e5ad2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:0f:72:0c:c9:79:96:f3:0b:4d:38:ab:98:da: f6:93:50:9d:25:3f:a8:9a:9f:7d:47:cf:87:ba:55: ef:39:45:e6:22:a8:6f:cd:5f:dd:1f:ec:28:c5:8c: fd:dc:12:1b:3f:c3:3b:df:3a:17:85:18:7d:72:12: 2e:ec:93:3a:60:cd:40:61:ce:fc:28:a6:dc:fa:75: 24:58:cc:a3:09:61:e9:d1:48:f6:20:d8:32:03:5e: 1f:df:69:d5:2a:17:3d:3c:20:0c:24:23:74:bb:ea: cf:26:47:78:6d:e4:79:cf:0d:22:98:cd:f9:bd:ec: 58:55:33:3c:14:8b:2a:4f:7a:ed:52:02:06:37:15: bc:da:94:fa:f4:a4:50:aa:39:54:fc:1d:25:f1:be: de:91:7d:4a:11:d7:b1:19:d4:82:1c:8a:16:24:0f: fb:68:53:62:4e:91:dd:db:d6:d1:dd:3f:f8:bb:20: ef:c9:61:8b:53:3f:bf:19:e2:4a:aa:49:4c:35:a0: 38:95:22:90:a3:73:b8:4f:8c:6a:88:2b:24:50:3f: d1:9c:8b:51:eb:60:65:dc:7b:64:36:5a:13:e6:a1: 59:a0:f0:f6:94:e2:ab:a8:ab:75:a7:4a:71:28:f0: 33:19:91:a5:ec:a0:d0:e4:3c:f4:ec:0f:0b:a0:bf: ad:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 04:31:53:A5:2B:B8:28:19:5E:52:3B:1B:A6:F6:7C:3B:B0:0E:5A:D2 X509v3 Authority Key Identifier: keyid:4D:49:27:A1:41:FB:25:B7:58:24:C6:BE:AE:F0:67:9D:34:FC:49:BD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TUknoUH7JbdYJMa-rvBnnTT8Sb0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/6a4b86-32b4-405f-bd65-68083709a4b5/1/TUknoUH7JbdYJMa-rvBnnTT8Sb0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/6a4b86-32b4-405f-bd65-68083709a4b5/1/TUknoUH7JbdYJMa-rvBnnTT8Sb0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 62:ae:72:cc:0a:52:94:6c:9d:6c:83:fc:35:bf:48:18:e7:f4: 38:01:03:b0:b1:9f:f1:bb:df:d5:ab:4c:4e:a5:dc:2c:8c:16: 21:4e:f6:9d:92:ad:6a:a3:63:25:b8:98:bc:1a:b5:17:8f:b3: 05:24:e3:e1:cf:82:fe:59:61:82:06:4e:fb:18:16:67:1a:d1: dd:e0:f7:c7:88:31:7b:4b:92:95:1e:4e:33:43:f1:0e:99:05: d4:a1:ed:fb:b9:0b:52:d1:11:f1:ba:ba:06:4d:0f:3c:18:a5: a0:4e:3a:34:70:88:d0:cc:21:72:c6:a9:f0:1b:ae:9c:46:b5: 4c:b8:d6:03:7b:02:16:75:4e:88:66:54:c8:f5:0f:ba:17:9f: d1:97:1c:e2:8e:86:3c:f6:a1:25:b8:c2:3e:f3:8c:a6:4d:3a: 0c:22:e6:36:78:97:68:f9:6d:d4:44:72:32:a0:1c:c6:b4:67: 53:ba:45:44:9a:70:f5:75:04:a9:72:b8:b2:9d:60:44:2e:9a: 5e:9c:b7:cf:78:02:53:c0:9a:b4:7b:89:82:4d:9b:4e:ec:96: f8:c6:77:31:44:b5:82:dc:63:54:55:3e:33:42:9e:50:68:3f: cd:65:32:9c:8f:fe:0d:66:cb:f0:d8:97:3d:5a:3f:ae:89:c1: e7:fd:db:97 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtaUTqQNou0pCR4w/ppxKnlMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRkNDkyN2ExNDFmYjI1Yjc1ODI0YzZiZWFlZjA2NzlkMzRm YzQ5YmQwHhcNMjUxMjI2MTEwMDMxWhcNMjUxMjI3MTEwMDMxWjAzMTEwLwYDVQQD EygwNDMxNTNhNTJiYjgyODE5NWU1MjNiMWJhNmY2N2MzYmIwMGU1YWQyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlg9yDMl5lvMLTTirmNr2k1CdJT+o mp99R8+HulXvOUXmIqhvzV/dH+woxYz93BIbP8M73zoXhRh9chIu7JM6YM1AYc78 KKbc+nUkWMyjCWHp0Uj2INgyA14f32nVKhc9PCAMJCN0u+rPJkd4beR5zw0imM35 vexYVTM8FIsqT3rtUgIGNxW82pT69KRQqjlU/B0l8b7ekX1KEdexGdSCHIoWJA/7 aFNiTpHd29bR3T/4uyDvyWGLUz+/GeJKqklMNaA4lSKQo3O4T4xqiCskUD/RnItR 62Bl3HtkNloT5qFZoPD2lOKrqKt1p0pxKPAzGZGl7KDQ5Dz07A8LoL+tZQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAQxU6UruCgZXlI7G6b2fDuwDlrSMB8GA1UdIwQY MBaAFE1JJ6FB+yW3WCTGvq7wZ500/Em9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVFVrbm9VSDdKYmRZSk1hLXJ2Qm5uVFQ4U2IwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy82YTRiODYtMzJiNC00MDVmLWJkNjUt NjgwODM3MDlhNGI1LzEvVFVrbm9VSDdKYmRZSk1hLXJ2Qm5uVFQ4U2IwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85Yy82YTRiODYtMzJiNC00MDVmLWJkNjUtNjgwODM3MDlhNGI1 LzEvVFVrbm9VSDdKYmRZSk1hLXJ2Qm5uVFQ4U2IwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYq5yzApS lGydbIP8Nb9IGOf0OAEDsLGf8bvf1atMTqXcLIwWIU72nZKtaqNjJbiYvBq1F4+z BSTj4c+C/llhggZO+xgWZxrR3eD3x4gxe0uSlR5OM0PxDpkF1KHt+7kLUtER8bq6 Bk0PPBiloE46NHCI0Mwhcsap8BuunEa1TLjWA3sCFnVOiGZUyPUPuhef0Zcc4o6G PPahJbjCPvOMpk06DCLmNniXaPlt1ERyMqAcxrRnU7pFRJpw9XUEqXK4sp1gRC6a Xpy3z3gCU8CatHuJgk2bTuyW+MZ3MUS1gtxjVFU+M0KeUGg/zWUynI/+DWbL8NiX PVo/ronB5/3blw== -----END CERTIFICATE-----Generated at Fri Dec 26 14:18:18 2025 by rpki-client