This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/0a131e-37c6-45cb-9682-0b0c12b22bf9/1/TKUJs1AR7XFmOVK6Dgw8OEV_nQc.mft File: TKUJs1AR7XFmOVK6Dgw8OEV_nQc.mft (raw, json) Hash identifier: ExN//glIzWlNqTly9RnZr2olxGx8CUhZboQCWxSq+hk= Subject key identifier: AE:AE:8D:4D:A4:38:98:64:4C:53:E3:DC:64:90:AD:17:70:C4:7F:A5 Authority key identifier: 4C:A5:09:B3:50:11:ED:71:66:39:52:BA:0E:0C:3C:38:45:7F:9D:07 Certificate issuer: /CN=4ca509b35011ed71663952ba0e0c3c38457f9d07 Certificate serial: 019B3D238BBA14B4ACE2B7E8708FE9DD1E47 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TKUJs1AR7XFmOVK6Dgw8OEV_nQc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/0a131e-37c6-45cb-9682-0b0c12b22bf9/1/TKUJs1AR7XFmOVK6Dgw8OEV_nQc.mft Manifest number: 171A Signing time: Sat 20 Dec 2025 19:01:38 +0000 Manifest this update: Sat 20 Dec 2025 19:01:38 +0000 Manifest next update: Sun 21 Dec 2025 19:01:38 +0000 Files and hashes: 1: TKUJs1AR7XFmOVK6Dgw8OEV_nQc.crl (hash: jA9Dm19c82XoW0YYw73ZqH2Rm7o0zJaf/vqc1z066bo=) 2: ilNe5KDmG0o6LZVjHMLtOGd-0DQ.roa (hash: JkEgQ36ayeHC4m0mo3MRV7E4gABrbKLeaaxVJdDM2eE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/0a131e-37c6-45cb-9682-0b0c12b22bf9/1/TKUJs1AR7XFmOVK6Dgw8OEV_nQc.crl rsync://rpki.ripe.net/repository/DEFAULT/21/0a131e-37c6-45cb-9682-0b0c12b22bf9/1/TKUJs1AR7XFmOVK6Dgw8OEV_nQc.mft rsync://rpki.ripe.net/repository/DEFAULT/TKUJs1AR7XFmOVK6Dgw8OEV_nQc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 15:46:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3d:23:8b:ba:14:b4:ac:e2:b7:e8:70:8f:e9:dd:1e:47 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4ca509b35011ed71663952ba0e0c3c38457f9d07 Validity Not Before: Dec 20 19:01:38 2025 GMT Not After : Dec 21 19:01:38 2025 GMT Subject: CN=aeae8d4da43898644c53e3dc6490ad1770c47fa5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:26:83:cd:c6:92:5a:f9:db:b7:0d:94:9b:9e: a6:36:6b:e3:07:5f:8b:91:42:c2:96:3b:ca:6c:05: 3b:82:3d:b7:bc:51:ca:06:a3:75:dd:f5:e2:2e:a5: fa:23:87:67:6a:8a:f4:3d:a5:02:1b:c8:47:34:41: 4f:ff:a3:7a:b1:74:e0:be:db:57:48:54:92:8a:a1: 5e:10:1b:8e:ce:e7:31:ea:99:8f:01:03:e8:69:5c: 86:93:ad:e8:7a:73:0e:97:69:40:43:f0:76:f5:fe: 7e:a0:b6:71:50:be:e5:36:d3:b2:33:26:16:f5:00: 89:70:18:72:04:c1:07:1b:7d:e2:f0:c6:23:96:7d: 8e:73:ca:65:5e:a8:66:d4:ab:79:48:4c:05:59:98: cc:38:20:5d:55:e4:bf:00:53:95:ce:12:26:88:91: 58:a6:6e:c4:f4:7f:4b:9b:26:ac:d0:68:2d:c1:e5: 96:d5:11:0d:88:dd:27:86:ca:46:de:d0:1c:0c:16: bd:a0:fc:ae:00:d1:b4:72:73:e3:6f:df:26:9a:04: 72:5b:b3:e3:63:8d:59:4f:f5:2d:96:1c:1f:68:90: 8f:bd:1a:bf:56:77:25:53:fd:0c:34:04:b1:31:64: fb:12:fe:9e:e5:30:60:d9:99:62:d5:c2:ec:80:ba: ca:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AE:AE:8D:4D:A4:38:98:64:4C:53:E3:DC:64:90:AD:17:70:C4:7F:A5 X509v3 Authority Key Identifier: keyid:4C:A5:09:B3:50:11:ED:71:66:39:52:BA:0E:0C:3C:38:45:7F:9D:07 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TKUJs1AR7XFmOVK6Dgw8OEV_nQc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/0a131e-37c6-45cb-9682-0b0c12b22bf9/1/TKUJs1AR7XFmOVK6Dgw8OEV_nQc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/21/0a131e-37c6-45cb-9682-0b0c12b22bf9/1/TKUJs1AR7XFmOVK6Dgw8OEV_nQc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 75:e1:e2:bf:8f:c7:ee:b7:b8:5f:42:db:d3:9e:df:85:51:50: ec:e4:55:bb:16:b8:5c:98:e6:eb:ce:56:c9:37:88:e9:ac:37: 9f:48:01:28:0e:c8:02:7b:3c:15:df:c7:7d:00:6d:7f:be:8a: c0:25:49:ee:db:b3:ed:1d:f7:45:4e:4a:23:80:4f:af:f3:4f: 34:3e:73:ac:a9:75:ca:79:4b:85:a7:f4:dc:17:0b:a0:8a:61: 47:25:9c:3c:45:eb:ef:d2:70:a7:7f:92:c5:06:47:12:12:03: 94:3d:ff:7e:9f:f9:e7:01:be:a8:84:61:f2:5c:e4:ca:7e:ee: fd:d1:52:8b:74:18:5f:64:f2:37:3b:7c:94:2d:25:a8:0c:4c: 03:04:ff:08:d0:94:7d:6e:fc:63:31:37:81:76:b3:f9:5c:05: f9:20:2b:46:9a:3b:3c:26:f4:ed:16:e2:1b:e9:e9:89:6f:47: 86:82:12:94:18:6a:af:ac:25:7c:4e:a4:83:c5:d4:f1:a8:c0: 04:a8:99:fd:82:f2:8b:c2:11:16:ae:97:f4:06:90:c4:f8:0a: 5d:98:09:bb:4f:3f:bc:6a:5f:4f:1c:2a:8b:ce:7d:4c:82:dd: c6:7d:94:a1:72:62:de:0c:f8:1d:11:09:bb:5d:eb:3d:5b:c0: fb:9d:f5:54 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs9I4u6FLSs4rfocI/p3R5HMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRjYTUwOWIzNTAxMWVkNzE2NjM5NTJiYTBlMGMzYzM4NDU3 ZjlkMDcwHhcNMjUxMjIwMTkwMTM4WhcNMjUxMjIxMTkwMTM4WjAzMTEwLwYDVQQD EyhhZWFlOGQ0ZGE0Mzg5ODY0NGM1M2UzZGM2NDkwYWQxNzcwYzQ3ZmE1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmyaDzcaSWvnbtw2Um56mNmvjB1+L kULCljvKbAU7gj23vFHKBqN13fXiLqX6I4dnaor0PaUCG8hHNEFP/6N6sXTgvttX SFSSiqFeEBuOzucx6pmPAQPoaVyGk63oenMOl2lAQ/B29f5+oLZxUL7lNtOyMyYW 9QCJcBhyBMEHG33i8MYjln2Oc8plXqhm1Kt5SEwFWZjMOCBdVeS/AFOVzhImiJFY pm7E9H9Lmyas0GgtweWW1RENiN0nhspG3tAcDBa9oPyuANG0cnPjb98mmgRyW7Pj Y41ZT/UtlhwfaJCPvRq/VnclU/0MNASxMWT7Ev6e5TBg2Zli1cLsgLrKpQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFK6ujU2kOJhkTFPj3GSQrRdwxH+lMB8GA1UdIwQY MBaAFEylCbNQEe1xZjlSug4MPDhFf50HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVEtVSnMxQVI3WEZtT1ZLNkRndzhPRVZfblFjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8wYTEzMWUtMzdjNi00NWNiLTk2ODIt MGIwYzEyYjIyYmY5LzEvVEtVSnMxQVI3WEZtT1ZLNkRndzhPRVZfblFjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMS8wYTEzMWUtMzdjNi00NWNiLTk2ODItMGIwYzEyYjIyYmY5 LzEvVEtVSnMxQVI3WEZtT1ZLNkRndzhPRVZfblFjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdeHiv4/H 7re4X0Lb057fhVFQ7ORVuxa4XJjm685WyTeI6aw3n0gBKA7IAns8Fd/HfQBtf76K wCVJ7tuz7R33RU5KI4BPr/NPND5zrKl1ynlLhaf03BcLoIphRyWcPEXr79Jwp3+S xQZHEhIDlD3/fp/55wG+qIRh8lzkyn7u/dFSi3QYX2TyNzt8lC0lqAxMAwT/CNCU fW78YzE3gXaz+VwF+SArRpo7PCb07RbiG+npiW9HhoISlBhqr6wlfE6kg8XU8ajA BKiZ/YLyi8IRFq6X9AaQxPgKXZgJu08/vGpfTxwqi859TILdxn2UoXJi3gz4HREJ u13rPVvA+531VA== -----END CERTIFICATE-----Generated at Sun Dec 21 00:39:38 2025 by rpki-client