This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/34819d-e231-4060-9f12-7c36ef613a8f/1/ta0JZ8oAAt2c5FvEO7cBtBc9eb0.mft File: ta0JZ8oAAt2c5FvEO7cBtBc9eb0.mft (raw, json) Hash identifier: VRAMRpmb6z5bleC7bi4KAMANDQCr3hES0vBMcwWbU9k= Subject key identifier: 09:4B:66:30:19:1C:B1:A7:EE:7E:1C:03:A8:8B:6B:28:0C:7F:B9:F0 Authority key identifier: B5:AD:09:67:CA:00:02:DD:9C:E4:5B:C4:3B:B7:01:B4:17:3D:79:BD Certificate issuer: /CN=b5ad0967ca0002dd9ce45bc43bb701b4173d79bd Certificate serial: 019B3DC79343DD81903E20D4411D812DF461 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ta0JZ8oAAt2c5FvEO7cBtBc9eb0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/34819d-e231-4060-9f12-7c36ef613a8f/1/ta0JZ8oAAt2c5FvEO7cBtBc9eb0.mft Manifest number: 0DAD Signing time: Sat 20 Dec 2025 22:00:48 +0000 Manifest this update: Sat 20 Dec 2025 22:00:48 +0000 Manifest next update: Sun 21 Dec 2025 22:00:48 +0000 Files and hashes: 1: ta0JZ8oAAt2c5FvEO7cBtBc9eb0.crl (hash: bH8WPwma5DDe0378w5lgNTIHtbcKpX5A+f+yGVrsznA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/34819d-e231-4060-9f12-7c36ef613a8f/1/ta0JZ8oAAt2c5FvEO7cBtBc9eb0.crl rsync://rpki.ripe.net/repository/DEFAULT/40/34819d-e231-4060-9f12-7c36ef613a8f/1/ta0JZ8oAAt2c5FvEO7cBtBc9eb0.mft rsync://rpki.ripe.net/repository/DEFAULT/ta0JZ8oAAt2c5FvEO7cBtBc9eb0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 15:46:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3d:c7:93:43:dd:81:90:3e:20:d4:41:1d:81:2d:f4:61 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b5ad0967ca0002dd9ce45bc43bb701b4173d79bd Validity Not Before: Dec 20 22:00:48 2025 GMT Not After : Dec 21 22:00:48 2025 GMT Subject: CN=094b6630191cb1a7ee7e1c03a88b6b280c7fb9f0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:87:d2:f1:2e:03:64:f7:7f:b2:ab:59:a1:02: 4d:2e:3f:4a:d1:35:c9:40:32:09:9c:83:67:39:3b: c9:ff:67:fe:9e:9a:4c:f0:04:51:b4:94:59:a9:e1: 59:70:d0:21:c0:3f:47:6c:53:5a:a0:1f:f9:13:bd: 92:5c:f7:97:28:90:1c:20:a9:10:15:d0:2d:9a:30: 75:9d:57:8f:65:9b:ba:f0:e1:55:fe:e4:68:b3:04: 1a:3b:6b:a8:4c:02:5a:b1:0b:66:a5:18:e3:52:1b: a7:fb:19:86:4e:e3:27:1f:ea:73:35:4a:41:11:36: 9d:38:86:db:37:62:60:91:e9:44:20:03:13:54:c9: ac:13:e2:57:50:db:75:3d:d9:5f:8b:f6:3d:b2:c9: 04:a0:7d:4a:dc:fe:32:86:42:e3:91:ec:23:55:30: a4:79:4c:d0:ae:52:f7:58:89:5b:c9:91:a5:86:8f: 4c:68:de:47:2b:b7:36:e6:72:84:d0:8d:55:9b:37: f3:90:12:45:c0:bb:84:0f:63:37:f0:18:4f:f5:33: 39:0f:c0:b2:3a:a4:5a:18:29:8e:49:f8:d6:9b:66: 53:21:db:fe:4a:fe:c3:88:92:20:4e:53:63:f0:4e: 16:20:f9:01:28:d1:ee:9e:06:d3:56:6e:74:23:8c: 4c:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:4B:66:30:19:1C:B1:A7:EE:7E:1C:03:A8:8B:6B:28:0C:7F:B9:F0 X509v3 Authority Key Identifier: keyid:B5:AD:09:67:CA:00:02:DD:9C:E4:5B:C4:3B:B7:01:B4:17:3D:79:BD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ta0JZ8oAAt2c5FvEO7cBtBc9eb0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/34819d-e231-4060-9f12-7c36ef613a8f/1/ta0JZ8oAAt2c5FvEO7cBtBc9eb0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/40/34819d-e231-4060-9f12-7c36ef613a8f/1/ta0JZ8oAAt2c5FvEO7cBtBc9eb0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 29:7a:5d:9f:c3:61:37:dc:8b:29:1c:69:4a:de:de:a6:4a:0a: 2e:12:e5:43:1e:a7:c6:ad:06:2b:c4:85:61:66:f2:34:ea:7e: 4e:16:75:b9:52:86:58:39:3f:47:68:7f:b1:b5:a1:1a:0e:9b: cf:81:30:51:1c:c1:56:6a:03:3c:7c:cd:61:f4:f0:de:8b:b3: 74:3e:a7:66:11:f8:21:5f:9d:8d:8c:24:38:98:62:a0:71:4e: fc:56:df:51:37:16:72:d6:4b:06:73:d1:35:7a:72:8d:54:c2: 5c:36:e1:a3:31:f1:f1:98:3a:72:97:f9:bd:a0:c3:f6:16:1b: e7:f1:06:39:52:86:48:93:4e:47:62:d0:b1:47:ec:c2:b9:2b: 13:6d:93:20:8d:a1:45:ae:fe:6a:b6:2f:d3:79:b4:ab:eb:91: 54:90:a8:c6:6c:12:a5:0f:5d:f4:5d:7a:be:19:eb:87:57:3a: 1b:2c:58:f4:50:ef:61:01:c7:c2:b9:e2:6f:69:2b:12:16:20: ce:3e:59:88:0a:24:49:f0:87:56:ca:e8:ad:d5:45:2e:a7:95: 03:0d:4e:51:6a:d0:b5:7f:24:11:7f:64:5e:53:e4:39:77:ac: 3a:d7:92:64:83:39:0c:95:67:38:63:e4:06:40:02:ca:2e:88: cd:f0:3e:a5 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs9x5ND3YGQPiDUQR2BLfRhMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI1YWQwOTY3Y2EwMDAyZGQ5Y2U0NWJjNDNiYjcwMWI0MTcz ZDc5YmQwHhcNMjUxMjIwMjIwMDQ4WhcNMjUxMjIxMjIwMDQ4WjAzMTEwLwYDVQQD EygwOTRiNjYzMDE5MWNiMWE3ZWU3ZTFjMDNhODhiNmIyODBjN2ZiOWYwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr4fS8S4DZPd/sqtZoQJNLj9K0TXJ QDIJnINnOTvJ/2f+nppM8ARRtJRZqeFZcNAhwD9HbFNaoB/5E72SXPeXKJAcIKkQ FdAtmjB1nVePZZu68OFV/uRoswQaO2uoTAJasQtmpRjjUhun+xmGTuMnH+pzNUpB ETadOIbbN2JgkelEIAMTVMmsE+JXUNt1Pdlfi/Y9sskEoH1K3P4yhkLjkewjVTCk eUzQrlL3WIlbyZGlho9MaN5HK7c25nKE0I1VmzfzkBJFwLuED2M38BhP9TM5D8Cy OqRaGCmOSfjWm2ZTIdv+Sv7DiJIgTlNj8E4WIPkBKNHungbTVm50I4xMywIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAlLZjAZHLGn7n4cA6iLaygMf7nwMB8GA1UdIwQY MBaAFLWtCWfKAALdnORbxDu3AbQXPXm9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdGEwSlo4b0FBdDJjNUZ2RU83Y0J0QmM5ZWIwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zNDgxOWQtZTIzMS00MDYwLTlmMTIt N2MzNmVmNjEzYThmLzEvdGEwSlo4b0FBdDJjNUZ2RU83Y0J0QmM5ZWIwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80MC8zNDgxOWQtZTIzMS00MDYwLTlmMTItN2MzNmVmNjEzYThm LzEvdGEwSlo4b0FBdDJjNUZ2RU83Y0J0QmM5ZWIwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKXpdn8Nh N9yLKRxpSt7epkoKLhLlQx6nxq0GK8SFYWbyNOp+ThZ1uVKGWDk/R2h/sbWhGg6b z4EwURzBVmoDPHzNYfTw3ouzdD6nZhH4IV+djYwkOJhioHFO/FbfUTcWctZLBnPR NXpyjVTCXDbhozHx8Zg6cpf5vaDD9hYb5/EGOVKGSJNOR2LQsUfswrkrE22TII2h Ra7+arYv03m0q+uRVJCoxmwSpQ9d9F16vhnrh1c6GyxY9FDvYQHHwrnib2krEhYg zj5ZiAokSfCHVsrordVFLqeVAw1OUWrQtX8kEX9kXlPkOXesOteSZIM5DJVnOGPk BkACyi6IzfA+pQ== -----END CERTIFICATE-----Generated at Sun Dec 21 00:11:13 2025 by rpki-client