This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/0d1089-d967-43b5-bc30-17502d3df95f/1/rwlQP8rAF2lRWhny3CZX2S_TUN8.mft File: rwlQP8rAF2lRWhny3CZX2S_TUN8.mft (raw, json) Hash identifier: eM1YFuJDdgzZc5r4gLNhXyge1tGuDaEtJxe7fT7YaII= Subject key identifier: 24:7B:C9:4A:AB:EC:B4:99:82:4D:EB:67:D2:64:F7:70:E3:11:3D:59 Authority key identifier: AF:09:50:3F:CA:C0:17:69:51:5A:19:F2:DC:26:57:D9:2F:D3:50:DF Certificate issuer: /CN=af09503fcac01769515a19f2dc2657d92fd350df Certificate serial: 019B3AFDA3EE4AFBB56947856B652A9AEA30 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rwlQP8rAF2lRWhny3CZX2S_TUN8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/0d1089-d967-43b5-bc30-17502d3df95f/1/rwlQP8rAF2lRWhny3CZX2S_TUN8.mft Manifest number: 171A Signing time: Sat 20 Dec 2025 09:00:59 +0000 Manifest this update: Sat 20 Dec 2025 09:00:59 +0000 Manifest next update: Sun 21 Dec 2025 09:00:59 +0000 Files and hashes: 1: bI5hqVT8m0qS2JmySaAVyieiKDc.roa (hash: Ur47592mLsTtDVQWZDc8e3eMtHnqyDHoxs3kpjL/ez4=) 2: rwlQP8rAF2lRWhny3CZX2S_TUN8.crl (hash: /cIvcfK8GhciFBPaPLG1+17+v5yjYAS9SmgSDCYXGNY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/0d1089-d967-43b5-bc30-17502d3df95f/1/rwlQP8rAF2lRWhny3CZX2S_TUN8.crl rsync://rpki.ripe.net/repository/DEFAULT/5c/0d1089-d967-43b5-bc30-17502d3df95f/1/rwlQP8rAF2lRWhny3CZX2S_TUN8.mft rsync://rpki.ripe.net/repository/DEFAULT/rwlQP8rAF2lRWhny3CZX2S_TUN8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 09:00:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3a:fd:a3:ee:4a:fb:b5:69:47:85:6b:65:2a:9a:ea:30 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=af09503fcac01769515a19f2dc2657d92fd350df Validity Not Before: Dec 20 09:00:59 2025 GMT Not After : Dec 21 09:00:59 2025 GMT Subject: CN=247bc94aabecb499824deb67d264f770e3113d59 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:e4:56:ef:04:47:cd:30:54:3d:9e:e1:38:06: 8a:49:96:df:54:89:c7:47:0f:bb:4c:04:07:76:f2: 4f:6d:a9:8a:95:ff:cf:53:a1:b0:fa:76:42:36:99: 9a:d9:f4:62:0b:04:d2:e3:07:c1:33:5d:eb:7a:c2: c3:36:e2:7d:b0:ce:44:1c:11:44:42:f0:10:4c:ee: d0:17:9b:25:2f:fc:e2:fd:35:04:26:8c:e9:27:1e: 58:15:b9:a9:54:7a:1d:4d:61:5d:c2:34:1c:5e:cd: 18:49:a2:6f:c7:f0:04:ce:33:3e:47:47:7a:09:1e: 11:e8:03:a8:ec:ec:aa:eb:03:a9:c2:dc:0b:55:99: 28:4d:4b:0b:f9:8e:ae:98:f5:a5:44:8a:53:15:ae: 66:32:09:c5:c2:a4:13:63:16:ec:35:96:ff:09:dc: ad:03:38:0c:59:07:c6:4c:8c:6d:c9:f1:e7:df:e9: eb:81:a0:45:8f:a5:4e:0b:68:a6:c0:e4:06:2f:ce: 04:5e:a9:e7:bb:7c:95:de:9a:06:de:71:0a:2f:37: b2:f7:22:cb:5f:30:95:8d:d1:bd:af:77:6d:9b:1b: db:da:5f:ab:80:d7:b6:8b:eb:25:be:b0:29:0b:9f: be:06:72:51:95:5d:9f:ef:9d:49:51:44:43:61:22: 5b:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 24:7B:C9:4A:AB:EC:B4:99:82:4D:EB:67:D2:64:F7:70:E3:11:3D:59 X509v3 Authority Key Identifier: keyid:AF:09:50:3F:CA:C0:17:69:51:5A:19:F2:DC:26:57:D9:2F:D3:50:DF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rwlQP8rAF2lRWhny3CZX2S_TUN8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/0d1089-d967-43b5-bc30-17502d3df95f/1/rwlQP8rAF2lRWhny3CZX2S_TUN8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/0d1089-d967-43b5-bc30-17502d3df95f/1/rwlQP8rAF2lRWhny3CZX2S_TUN8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 67:cd:a2:27:f7:94:2c:92:09:5a:3c:ed:89:eb:e7:37:e4:75: 91:b0:46:ad:ef:f8:74:a9:c7:4e:76:4f:b0:98:ea:99:90:fa: 2d:5a:ef:dc:da:eb:43:53:e9:ef:78:fa:1f:5c:4c:db:76:62: f0:75:33:85:7e:71:6c:f2:a0:9d:61:3c:3d:d6:d7:f8:8e:87: f4:22:95:31:ed:c1:ea:aa:61:06:b6:79:19:65:92:03:45:6d: 49:74:be:a0:cd:66:0b:28:b5:c1:e0:8b:bc:24:83:ca:b8:78: a3:c8:2a:49:7d:9a:31:c0:f1:4f:e8:97:fb:37:50:08:47:bf: d0:4f:be:70:8a:88:bc:c5:ff:58:a6:a7:9f:c5:de:c5:0f:56: 44:3b:15:a8:73:8d:3a:24:1a:51:bd:d4:90:84:df:69:06:24: f3:1e:70:57:04:bb:64:e8:32:06:45:2f:be:b4:a9:2a:52:1d: 68:34:d4:68:0c:ee:4b:ce:bb:81:14:19:00:d8:e1:a4:fd:a0: 03:bf:b2:1c:60:b7:5b:ae:06:57:12:46:46:50:f0:7d:24:ee: dd:d0:82:3a:29:f7:87:f6:c7:a6:83:21:fe:b2:1e:d0:bf:0c: 10:c1:25:57:c8:34:93:b7:68:3c:d2:0a:cc:94:5e:5d:72:d0: 71:1f:35:4c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs6/aPuSvu1aUeFa2UqmuowMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFmMDk1MDNmY2FjMDE3Njk1MTVhMTlmMmRjMjY1N2Q5MmZk MzUwZGYwHhcNMjUxMjIwMDkwMDU5WhcNMjUxMjIxMDkwMDU5WjAzMTEwLwYDVQQD EygyNDdiYzk0YWFiZWNiNDk5ODI0ZGViNjdkMjY0Zjc3MGUzMTEzZDU5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyeRW7wRHzTBUPZ7hOAaKSZbfVInH Rw+7TAQHdvJPbamKlf/PU6Gw+nZCNpma2fRiCwTS4wfBM13resLDNuJ9sM5EHBFE QvAQTO7QF5slL/zi/TUEJozpJx5YFbmpVHodTWFdwjQcXs0YSaJvx/AEzjM+R0d6 CR4R6AOo7Oyq6wOpwtwLVZkoTUsL+Y6umPWlRIpTFa5mMgnFwqQTYxbsNZb/Cdyt AzgMWQfGTIxtyfHn3+nrgaBFj6VOC2imwOQGL84EXqnnu3yV3poG3nEKLzey9yLL XzCVjdG9r3dtmxvb2l+rgNe2i+slvrApC5++BnJRlV2f751JUURDYSJbiwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCR7yUqr7LSZgk3rZ9Jk93DjET1ZMB8GA1UdIwQY MBaAFK8JUD/KwBdpUVoZ8twmV9kv01DfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcndsUVA4ckFGMmxSV2hueTNDWlgyU19UVU44LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy8wZDEwODktZDk2Ny00M2I1LWJjMzAt MTc1MDJkM2RmOTVmLzEvcndsUVA4ckFGMmxSV2hueTNDWlgyU19UVU44Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Yy8wZDEwODktZDk2Ny00M2I1LWJjMzAtMTc1MDJkM2RmOTVm LzEvcndsUVA4ckFGMmxSV2hueTNDWlgyU19UVU44LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ82iJ/eU LJIJWjztievnN+R1kbBGre/4dKnHTnZPsJjqmZD6LVrv3NrrQ1Pp73j6H1xM23Zi 8HUzhX5xbPKgnWE8PdbX+I6H9CKVMe3B6qphBrZ5GWWSA0VtSXS+oM1mCyi1weCL vCSDyrh4o8gqSX2aMcDxT+iX+zdQCEe/0E++cIqIvMX/WKann8XexQ9WRDsVqHON OiQaUb3UkITfaQYk8x5wVwS7ZOgyBkUvvrSpKlIdaDTUaAzuS867gRQZANjhpP2g A7+yHGC3W64GVxJGRlDwfSTu3dCCOin3h/bHpoMh/rIe0L8MEMElV8g0k7doPNIK zJReXXLQcR81TA== -----END CERTIFICATE-----Generated at Sat Dec 20 13:03:26 2025 by rpki-client