This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/9a08b0-cfec-4c91-b8eb-4abadb5aea9a/1/TQiJTKQFMefSApQJEojnetEsKXk.mft File: TQiJTKQFMefSApQJEojnetEsKXk.mft (raw, json) Hash identifier: bve6hs1vDEWwjueEgjpqbeYFbaKJrOu4ov98qpRsFtI= Subject key identifier: BA:A9:42:17:41:38:54:28:53:A0:CD:8E:5F:AE:AD:45:1A:4E:C3:DA Authority key identifier: 4D:08:89:4C:A4:05:31:E7:D2:02:94:09:12:88:E7:7A:D1:2C:29:79 Certificate issuer: /CN=4d08894ca40531e7d20294091288e77ad12c2979 Certificate serial: 019B33440F9D942B7E64BB5C164A7B05A453 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TQiJTKQFMefSApQJEojnetEsKXk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/9a08b0-cfec-4c91-b8eb-4abadb5aea9a/1/TQiJTKQFMefSApQJEojnetEsKXk.mft Manifest number: 084A Signing time: Thu 18 Dec 2025 21:00:56 +0000 Manifest this update: Thu 18 Dec 2025 21:00:56 +0000 Manifest next update: Fri 19 Dec 2025 21:00:56 +0000 Files and hashes: 1: 9vSYuCdAG_e0E6RGGzb6agTE0BM.roa (hash: QacZLKOpB/Eo9Q8tjYWI0KN++SKGpTz/tW+UR9tDqD0=) 2: TQiJTKQFMefSApQJEojnetEsKXk.crl (hash: umhfSOFwyRWmLYSaU4ZplU1xjx7SMft0A4uQEcZvUCQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/9a08b0-cfec-4c91-b8eb-4abadb5aea9a/1/TQiJTKQFMefSApQJEojnetEsKXk.crl rsync://rpki.ripe.net/repository/DEFAULT/35/9a08b0-cfec-4c91-b8eb-4abadb5aea9a/1/TQiJTKQFMefSApQJEojnetEsKXk.mft rsync://rpki.ripe.net/repository/DEFAULT/TQiJTKQFMefSApQJEojnetEsKXk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 20:16:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:33:44:0f:9d:94:2b:7e:64:bb:5c:16:4a:7b:05:a4:53 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4d08894ca40531e7d20294091288e77ad12c2979 Validity Not Before: Dec 18 21:00:56 2025 GMT Not After : Dec 19 21:00:56 2025 GMT Subject: CN=baa942174138542853a0cd8e5faead451a4ec3da Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f5:ef:8f:55:20:4d:01:8e:6c:8c:3f:1b:08:53: 77:58:9b:52:ea:75:7a:06:28:7a:b4:a9:85:dc:25: 82:e4:27:91:d2:7f:90:6b:1d:71:51:51:1a:4f:f6: 77:75:34:0e:ac:9b:2c:42:21:3b:3f:17:f3:d0:2b: f7:67:4d:b2:1c:9c:3e:2a:b8:56:af:21:66:54:9f: 03:ee:cf:86:b3:bd:20:1b:94:fe:14:00:b9:fd:9b: be:0a:13:b8:8e:f3:49:02:eb:82:ec:3c:c2:03:2a: a8:50:24:3e:55:22:f5:1b:b7:de:9f:b7:57:86:75: d2:4d:ea:31:f6:69:d4:53:10:c9:c9:3d:87:19:63: 96:1b:c7:6f:1b:ad:f6:23:7c:24:6b:83:13:ba:9c: 49:4d:75:3a:d4:1d:55:60:1c:66:e5:30:e9:3b:aa: e6:d2:3b:ba:13:96:a8:bf:13:fc:66:9b:60:1a:a1: 47:4f:b0:0d:44:a6:da:ae:25:6a:33:9b:29:23:ae: 41:c9:f1:c6:3b:fd:7d:2b:a0:92:7d:20:cd:42:b5: 05:3a:d4:e5:ab:fa:2f:71:0d:a8:a8:24:ea:12:e3: 46:eb:47:f5:87:bd:e9:b0:e3:73:ea:b5:85:46:fc: 6d:b1:41:5d:f9:31:c7:46:3e:64:b2:aa:d3:67:f5: b4:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:A9:42:17:41:38:54:28:53:A0:CD:8E:5F:AE:AD:45:1A:4E:C3:DA X509v3 Authority Key Identifier: keyid:4D:08:89:4C:A4:05:31:E7:D2:02:94:09:12:88:E7:7A:D1:2C:29:79 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TQiJTKQFMefSApQJEojnetEsKXk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9a08b0-cfec-4c91-b8eb-4abadb5aea9a/1/TQiJTKQFMefSApQJEojnetEsKXk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9a08b0-cfec-4c91-b8eb-4abadb5aea9a/1/TQiJTKQFMefSApQJEojnetEsKXk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 98:2b:5b:67:cf:5e:e0:5b:72:84:19:6d:3c:22:f4:59:ce:7d: 7e:b8:a6:c7:aa:85:67:d6:56:05:83:45:23:28:b6:4d:70:86: f5:44:e3:c2:a0:e2:78:c1:01:67:dd:22:98:7f:9c:07:fb:73: 70:1c:15:ce:88:64:48:78:d3:38:60:cf:b1:9e:77:b6:a6:eb: b0:81:99:9c:6f:8d:e8:4d:4b:65:bd:03:67:a7:cd:75:2b:14: 6b:e9:c1:34:0f:4f:73:d7:08:07:5f:86:17:78:fd:e2:ff:66: 49:89:19:33:b2:97:18:14:bd:82:c9:f7:aa:f8:31:b8:d1:42: 95:4c:04:83:00:5c:78:8e:01:94:e3:94:7f:d1:30:97:fe:3a: 2d:97:ba:fc:dd:f9:e6:3c:cf:75:8b:2a:c6:72:52:25:04:10: 69:6d:fd:06:b1:76:68:a3:a6:4e:bd:32:b2:eb:9d:42:be:68: b7:10:a9:37:85:7f:27:56:de:a2:01:3d:50:51:59:c5:53:2f: 3b:82:b7:12:73:2c:6c:b6:c0:40:57:29:79:72:5e:12:c6:06: 6b:62:f5:26:a8:00:9c:ad:68:9a:d4:b4:c4:12:22:e2:f0:4b: ad:6a:1a:ee:47:03:e2:2e:97:41:62:cf:42:08:00:e7:a5:db: 14:1f:5f:24 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZszRA+dlCt+ZLtcFkp7BaRTMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRkMDg4OTRjYTQwNTMxZTdkMjAyOTQwOTEyODhlNzdhZDEy YzI5NzkwHhcNMjUxMjE4MjEwMDU2WhcNMjUxMjE5MjEwMDU2WjAzMTEwLwYDVQQD EyhiYWE5NDIxNzQxMzg1NDI4NTNhMGNkOGU1ZmFlYWQ0NTFhNGVjM2RhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9e+PVSBNAY5sjD8bCFN3WJtS6nV6 Bih6tKmF3CWC5CeR0n+Qax1xUVEaT/Z3dTQOrJssQiE7Pxfz0Cv3Z02yHJw+KrhW ryFmVJ8D7s+Gs70gG5T+FAC5/Zu+ChO4jvNJAuuC7DzCAyqoUCQ+VSL1G7fen7dX hnXSTeox9mnUUxDJyT2HGWOWG8dvG632I3wka4MTupxJTXU61B1VYBxm5TDpO6rm 0ju6E5aovxP8ZptgGqFHT7ANRKbariVqM5spI65ByfHGO/19K6CSfSDNQrUFOtTl q/ovcQ2oqCTqEuNG60f1h73psONz6rWFRvxtsUFd+THHRj5ksqrTZ/W0RQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLqpQhdBOFQoU6DNjl+urUUaTsPaMB8GA1UdIwQY MBaAFE0IiUykBTHn0gKUCRKI53rRLCl5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVFFpSlRLUUZNZWZTQXBRSkVvam5ldEVzS1hrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS85YTA4YjAtY2ZlYy00YzkxLWI4ZWIt NGFiYWRiNWFlYTlhLzEvVFFpSlRLUUZNZWZTQXBRSkVvam5ldEVzS1hrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNS85YTA4YjAtY2ZlYy00YzkxLWI4ZWItNGFiYWRiNWFlYTlh LzEvVFFpSlRLUUZNZWZTQXBRSkVvam5ldEVzS1hrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmCtbZ89e 4FtyhBltPCL0Wc59frimx6qFZ9ZWBYNFIyi2TXCG9UTjwqDieMEBZ90imH+cB/tz cBwVzohkSHjTOGDPsZ53tqbrsIGZnG+N6E1LZb0DZ6fNdSsUa+nBNA9Pc9cIB1+G F3j94v9mSYkZM7KXGBS9gsn3qvgxuNFClUwEgwBceI4BlOOUf9Ewl/46LZe6/N35 5jzPdYsqxnJSJQQQaW39BrF2aKOmTr0ysuudQr5otxCpN4V/J1beogE9UFFZxVMv O4K3EnMsbLbAQFcpeXJeEsYGa2L1JqgAnK1omtS0xBIi4vBLrWoa7kcD4i6XQWLP QggA56XbFB9fJA== -----END CERTIFICATE-----Generated at Fri Dec 19 00:14:45 2025 by rpki-client