This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/2bea8f-9fbc-4765-93bc-222252929873/1/TKha1Dt7R-dSh4MHGEeU1woCdmw.mft File: TKha1Dt7R-dSh4MHGEeU1woCdmw.mft (raw, json) Hash identifier: JT22otLF3GsqXrzMGBc834zti46h9VbwC3aXwvlOKkI= Subject key identifier: 1C:AC:4B:A8:C3:90:D2:D4:2F:03:31:A9:55:1F:68:64:3D:D2:12:79 Authority key identifier: 4C:A8:5A:D4:3B:7B:47:E7:52:87:83:07:18:47:94:D7:0A:02:76:6C Certificate issuer: /CN=4ca85ad43b7b47e752878307184794d70a02766c Certificate serial: 019B3FB64E85C9D961BC7E7A7492DB76C38F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TKha1Dt7R-dSh4MHGEeU1woCdmw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/2bea8f-9fbc-4765-93bc-222252929873/1/TKha1Dt7R-dSh4MHGEeU1woCdmw.mft Manifest number: 030F Signing time: Sun 21 Dec 2025 07:01:10 +0000 Manifest this update: Sun 21 Dec 2025 07:01:10 +0000 Manifest next update: Mon 22 Dec 2025 07:01:10 +0000 Files and hashes: 1: TKha1Dt7R-dSh4MHGEeU1woCdmw.crl (hash: vk0ByJdlVMr4110q6aeLxQ+RJrWdP34OVp2NejiztI8=) 2: cpRFayTuWEzodEO-QznXVMR-alE.roa (hash: wcJbOFjwwy8ZnD5yiXe5CzeprbHM7YA3HHhv8zEs++s=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/2bea8f-9fbc-4765-93bc-222252929873/1/TKha1Dt7R-dSh4MHGEeU1woCdmw.crl rsync://rpki.ripe.net/repository/DEFAULT/20/2bea8f-9fbc-4765-93bc-222252929873/1/TKha1Dt7R-dSh4MHGEeU1woCdmw.mft rsync://rpki.ripe.net/repository/DEFAULT/TKha1Dt7R-dSh4MHGEeU1woCdmw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3f:b6:4e:85:c9:d9:61:bc:7e:7a:74:92:db:76:c3:8f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4ca85ad43b7b47e752878307184794d70a02766c Validity Not Before: Dec 21 07:01:10 2025 GMT Not After : Dec 22 07:01:10 2025 GMT Subject: CN=1cac4ba8c390d2d42f0331a9551f68643dd21279 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:14:4d:f4:66:3c:f8:9f:1d:64:3c:b8:c0:87: 92:d1:19:4a:c9:88:bb:c9:53:53:cf:0c:4d:11:e2: 9a:67:55:11:04:4f:c6:c8:a6:4e:65:16:b6:75:e0: c3:71:96:57:db:a9:16:7c:48:e9:5a:7e:c0:90:f5: b7:9e:57:ff:64:ef:f2:2a:e2:12:ae:88:c3:11:bf: 26:6c:16:8b:c2:24:4f:0b:da:61:33:26:50:30:cb: de:04:1d:48:99:3e:ee:01:73:71:63:5f:88:c9:dc: 59:67:f1:5a:15:5a:29:3f:28:fb:32:f3:e1:d0:db: 04:28:e1:ac:8b:cc:4e:07:63:8b:c7:f2:d5:b2:d7: 81:76:7b:b8:5f:d0:7d:dc:19:6e:6a:72:db:e9:74: e1:6b:4b:2a:a4:5b:6c:d5:cb:6e:c1:42:57:5e:70: 22:32:03:11:36:8c:63:ad:71:26:68:7e:0b:ab:d7: a2:8c:3e:41:76:5d:55:7a:47:8b:56:8c:5c:78:ee: e9:7c:6a:a7:3f:c7:2b:b8:98:f8:e8:90:ff:e3:e7: 75:e6:aa:e0:2b:0a:45:7d:38:e9:0e:8c:59:8b:3f: b5:47:37:09:24:6c:79:81:65:ab:94:60:b1:8f:b2: 9e:18:65:54:7a:3a:94:3d:8f:60:c9:22:22:07:62: 59:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1C:AC:4B:A8:C3:90:D2:D4:2F:03:31:A9:55:1F:68:64:3D:D2:12:79 X509v3 Authority Key Identifier: keyid:4C:A8:5A:D4:3B:7B:47:E7:52:87:83:07:18:47:94:D7:0A:02:76:6C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TKha1Dt7R-dSh4MHGEeU1woCdmw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/2bea8f-9fbc-4765-93bc-222252929873/1/TKha1Dt7R-dSh4MHGEeU1woCdmw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/20/2bea8f-9fbc-4765-93bc-222252929873/1/TKha1Dt7R-dSh4MHGEeU1woCdmw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 02:95:63:88:08:f7:5e:7d:32:f5:43:8d:1a:0e:04:df:67:c8: ca:71:ff:25:31:1d:a4:dc:12:e2:9b:66:4a:ac:95:07:f7:ca: 85:25:f0:6f:68:89:fb:34:d6:79:44:89:10:e7:66:02:43:0e: aa:fd:a7:f4:57:4e:62:3a:b0:6e:57:35:99:82:f9:48:a9:e4: 4f:69:b4:8f:12:89:57:43:01:0c:81:b9:ce:7e:75:98:63:4e: f0:9a:5f:05:81:95:14:f0:2b:f6:3f:27:f6:9a:96:25:59:fb: 0d:d0:89:30:c7:4d:57:7e:62:de:90:1e:1d:5f:7e:26:7e:85: 77:88:15:bf:7e:b4:c6:e1:89:46:0e:b2:dc:ac:c4:65:83:c2: c8:1c:ff:8f:9f:49:73:71:98:4f:45:f7:c0:a5:13:3b:d6:8a: f0:d0:6d:79:e1:e1:b4:20:ea:97:6c:f7:b2:29:a5:d2:c1:bf: 4a:a2:33:a2:28:d0:02:1b:4f:93:3e:ff:d8:5c:61:8e:46:fd: c0:eb:00:00:45:88:bd:40:83:47:31:27:a6:4a:fa:e6:c7:25: 04:cd:d0:64:28:b5:28:6c:dd:82:ae:cd:d2:2f:50:78:77:ba: 5d:f1:21:95:81:e1:94:be:6c:1d:31:dc:a4:cb:32:26:06:fc: cd:0e:f3:8b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs/tk6FydlhvH56dJLbdsOPMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRjYTg1YWQ0M2I3YjQ3ZTc1Mjg3ODMwNzE4NDc5NGQ3MGEw Mjc2NmMwHhcNMjUxMjIxMDcwMTEwWhcNMjUxMjIyMDcwMTEwWjAzMTEwLwYDVQQD EygxY2FjNGJhOGMzOTBkMmQ0MmYwMzMxYTk1NTFmNjg2NDNkZDIxMjc5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4RRN9GY8+J8dZDy4wIeS0RlKyYi7 yVNTzwxNEeKaZ1URBE/GyKZOZRa2deDDcZZX26kWfEjpWn7AkPW3nlf/ZO/yKuIS rojDEb8mbBaLwiRPC9phMyZQMMveBB1ImT7uAXNxY1+IydxZZ/FaFVopPyj7MvPh 0NsEKOGsi8xOB2OLx/LVsteBdnu4X9B93BluanLb6XTha0sqpFts1ctuwUJXXnAi MgMRNoxjrXEmaH4Lq9eijD5Bdl1VekeLVoxceO7pfGqnP8cruJj46JD/4+d15qrg KwpFfTjpDoxZiz+1RzcJJGx5gWWrlGCxj7KeGGVUejqUPY9gySIiB2JZFQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBysS6jDkNLULwMxqVUfaGQ90hJ5MB8GA1UdIwQY MBaAFEyoWtQ7e0fnUoeDBxhHlNcKAnZsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVEtoYTFEdDdSLWRTaDRNSEdFZVUxd29DZG13LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8yYmVhOGYtOWZiYy00NzY1LTkzYmMt MjIyMjUyOTI5ODczLzEvVEtoYTFEdDdSLWRTaDRNSEdFZVUxd29DZG13Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMC8yYmVhOGYtOWZiYy00NzY1LTkzYmMtMjIyMjUyOTI5ODcz LzEvVEtoYTFEdDdSLWRTaDRNSEdFZVUxd29DZG13LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAApVjiAj3 Xn0y9UONGg4E32fIynH/JTEdpNwS4ptmSqyVB/fKhSXwb2iJ+zTWeUSJEOdmAkMO qv2n9FdOYjqwblc1mYL5SKnkT2m0jxKJV0MBDIG5zn51mGNO8JpfBYGVFPAr9j8n 9pqWJVn7DdCJMMdNV35i3pAeHV9+Jn6Fd4gVv360xuGJRg6y3KzEZYPCyBz/j59J c3GYT0X3wKUTO9aK8NBteeHhtCDql2z3siml0sG/SqIzoijQAhtPkz7/2Fxhjkb9 wOsAAEWIvUCDRzEnpkr65sclBM3QZCi1KGzdgq7N0i9QeHe6XfEhlYHhlL5sHTHc pMsyJgb8zQ7ziw== -----END CERTIFICATE-----Generated at Sun Dec 21 09:34:33 2025 by rpki-client