This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/dd4148-89ab-48f8-8d6f-33cfa511b0c7/1/tKOpvnfi2f3n_-H1Fin5TpjqPNg.mft File: tKOpvnfi2f3n_-H1Fin5TpjqPNg.mft (raw, json) Hash identifier: u4zUjqw1vxu/oz5zIBE71qG3EF8+f8dlx2DHAcYBIBY= Subject key identifier: 46:FB:82:B8:52:12:3A:2D:5F:D3:A5:54:51:72:B6:66:9E:9B:44:E8 Authority key identifier: B4:A3:A9:BE:77:E2:D9:FD:E7:FF:E1:F5:16:29:F9:4E:98:EA:3C:D8 Certificate issuer: /CN=b4a3a9be77e2d9fde7ffe1f51629f94e98ea3cd8 Certificate serial: 019B3EDA26B2FF529EE2A71F6BA794A4F837 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tKOpvnfi2f3n_-H1Fin5TpjqPNg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/dd4148-89ab-48f8-8d6f-33cfa511b0c7/1/tKOpvnfi2f3n_-H1Fin5TpjqPNg.mft Manifest number: 099E Signing time: Sun 21 Dec 2025 03:00:42 +0000 Manifest this update: Sun 21 Dec 2025 03:00:42 +0000 Manifest next update: Mon 22 Dec 2025 03:00:42 +0000 Files and hashes: 1: tKOpvnfi2f3n_-H1Fin5TpjqPNg.crl (hash: gLyarDIU3ypvEERPYxQri7kdgdoAPAPtFrfFutogI2k=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/dd4148-89ab-48f8-8d6f-33cfa511b0c7/1/tKOpvnfi2f3n_-H1Fin5TpjqPNg.crl rsync://rpki.ripe.net/repository/DEFAULT/0c/dd4148-89ab-48f8-8d6f-33cfa511b0c7/1/tKOpvnfi2f3n_-H1Fin5TpjqPNg.mft rsync://rpki.ripe.net/repository/DEFAULT/tKOpvnfi2f3n_-H1Fin5TpjqPNg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3e:da:26:b2:ff:52:9e:e2:a7:1f:6b:a7:94:a4:f8:37 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b4a3a9be77e2d9fde7ffe1f51629f94e98ea3cd8 Validity Not Before: Dec 21 03:00:42 2025 GMT Not After : Dec 22 03:00:42 2025 GMT Subject: CN=46fb82b852123a2d5fd3a5545172b6669e9b44e8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:38:43:98:cb:1a:c2:98:c4:5e:d7:1a:68:4f: bc:52:b5:42:12:5b:8b:61:e5:13:f1:73:55:d7:cd: 33:1c:2f:ca:c1:db:d5:bd:61:f6:c4:47:b7:f8:67: 4b:b3:34:1a:0b:ee:50:5e:dc:d2:11:cd:07:65:7e: a9:80:f1:07:43:74:ef:0b:29:19:d8:79:f7:e5:d0: 37:8d:6f:e7:9d:43:e9:e9:13:f7:2a:6d:c4:5c:6c: 6a:a6:ef:f8:69:da:14:32:26:c0:0f:9a:f0:94:42: 2f:3a:96:6d:46:b7:db:1b:54:c7:34:6e:cb:33:ee: b3:57:11:6a:75:1a:b2:29:2a:d9:83:51:cd:c2:eb: 6f:fc:d3:3a:2b:7a:19:57:bf:1e:91:7c:64:2d:e0: 3d:a9:5f:44:c6:50:c5:53:bb:35:2c:5e:ed:d4:da: 59:45:ba:08:71:fd:d5:68:cf:82:a3:43:4d:c3:5c: 21:40:9e:39:a2:3c:71:11:ab:98:d3:ed:c2:3b:84: 71:12:f6:f3:40:34:05:a0:86:13:82:f3:5a:ac:30: 6a:74:2c:05:93:ab:43:a3:21:93:b6:37:55:72:cf: b5:1e:f4:f3:38:fc:9c:78:96:7a:67:95:89:12:cf: cf:c4:27:fd:d8:dc:28:f4:8e:c7:0a:32:6c:bc:c1: 55:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 46:FB:82:B8:52:12:3A:2D:5F:D3:A5:54:51:72:B6:66:9E:9B:44:E8 X509v3 Authority Key Identifier: keyid:B4:A3:A9:BE:77:E2:D9:FD:E7:FF:E1:F5:16:29:F9:4E:98:EA:3C:D8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tKOpvnfi2f3n_-H1Fin5TpjqPNg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/dd4148-89ab-48f8-8d6f-33cfa511b0c7/1/tKOpvnfi2f3n_-H1Fin5TpjqPNg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/dd4148-89ab-48f8-8d6f-33cfa511b0c7/1/tKOpvnfi2f3n_-H1Fin5TpjqPNg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 93:3a:14:49:f6:71:80:8d:7d:04:05:f1:10:dc:30:39:7f:b0: b3:a2:a0:84:37:80:c8:e5:11:21:94:7f:1e:cc:87:11:80:8c: 4f:10:5d:8f:23:47:5e:15:25:b5:c4:51:08:d6:34:4d:f8:aa: 4c:d2:73:49:06:de:11:e4:ca:c6:19:c9:61:52:be:ae:60:f0: 01:73:5d:a5:d3:e6:88:aa:2e:f3:1f:02:1a:f8:53:aa:d4:ca: f9:ab:13:d2:75:d0:f8:11:c7:0f:6a:4c:db:98:da:51:19:6a: be:3f:68:b2:ae:d7:93:8d:47:ef:38:fb:3e:74:53:9d:77:fe: 9c:14:8d:44:d5:da:f1:c2:e4:22:b4:62:90:31:4d:a0:52:3c: af:44:34:59:f9:3b:c4:f9:63:5c:24:39:75:77:44:aa:f3:b2: 89:de:ef:84:c6:fd:34:34:11:18:2a:4a:48:fd:63:fd:5a:c2: ca:7a:b8:54:dc:31:9d:ca:b6:76:6b:0b:37:b7:cb:2b:75:0d: 6f:be:38:23:98:92:db:1d:b5:04:0e:f0:84:14:18:31:97:d1: 2b:04:c6:36:63:9e:a5:5d:f1:a5:69:a1:8e:30:09:15:a0:7e: 81:c4:99:c1:10:d1:27:81:bc:93:7b:67:d1:34:c3:05:17:93: 83:97:f5:47 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs+2iay/1Ke4qcfa6eUpPg3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI0YTNhOWJlNzdlMmQ5ZmRlN2ZmZTFmNTE2MjlmOTRlOThl YTNjZDgwHhcNMjUxMjIxMDMwMDQyWhcNMjUxMjIyMDMwMDQyWjAzMTEwLwYDVQQD Eyg0NmZiODJiODUyMTIzYTJkNWZkM2E1NTQ1MTcyYjY2NjllOWI0NGU4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjhDmMsawpjEXtcaaE+8UrVCEluL YeUT8XNV180zHC/KwdvVvWH2xEe3+GdLszQaC+5QXtzSEc0HZX6pgPEHQ3TvCykZ 2Hn35dA3jW/nnUPp6RP3Km3EXGxqpu/4adoUMibAD5rwlEIvOpZtRrfbG1THNG7L M+6zVxFqdRqyKSrZg1HNwutv/NM6K3oZV78ekXxkLeA9qV9ExlDFU7s1LF7t1NpZ RboIcf3VaM+Co0NNw1whQJ45ojxxEauY0+3CO4RxEvbzQDQFoIYTgvNarDBqdCwF k6tDoyGTtjdVcs+1HvTzOPyceJZ6Z5WJEs/PxCf92Nwo9I7HCjJsvMFVmwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEb7grhSEjotX9OlVFFytmaem0ToMB8GA1UdIwQY MBaAFLSjqb534tn95//h9RYp+U6Y6jzYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdEtPcHZuZmkyZjNuXy1IMUZpbjVUcGpxUE5nLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9kZDQxNDgtODlhYi00OGY4LThkNmYt MzNjZmE1MTFiMGM3LzEvdEtPcHZuZmkyZjNuXy1IMUZpbjVUcGpxUE5nLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wYy9kZDQxNDgtODlhYi00OGY4LThkNmYtMzNjZmE1MTFiMGM3 LzEvdEtPcHZuZmkyZjNuXy1IMUZpbjVUcGpxUE5nLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkzoUSfZx gI19BAXxENwwOX+ws6KghDeAyOURIZR/HsyHEYCMTxBdjyNHXhUltcRRCNY0Tfiq TNJzSQbeEeTKxhnJYVK+rmDwAXNdpdPmiKou8x8CGvhTqtTK+asT0nXQ+BHHD2pM 25jaURlqvj9osq7Xk41H7zj7PnRTnXf+nBSNRNXa8cLkIrRikDFNoFI8r0Q0Wfk7 xPljXCQ5dXdEqvOyid7vhMb9NDQRGCpKSP1j/VrCynq4VNwxncq2dmsLN7fLK3UN b744I5iS2x21BA7whBQYMZfRKwTGNmOepV3xpWmhjjAJFaB+gcSZwRDRJ4G8k3tn 0TTDBReTg5f1Rw== -----END CERTIFICATE-----Generated at Sun Dec 21 05:37:36 2025 by rpki-client