This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/670b10-10eb-476f-84ef-156eda2b55b6/1/tdh_3Ccq4Fhhh4bnQXB1V79OGjM.mft File: tdh_3Ccq4Fhhh4bnQXB1V79OGjM.mft (raw, json) Hash identifier: bVCL/JK0oe9XiSCJEJg70LAde5O7qXaAELulKZKDSJE= Subject key identifier: 9D:A4:8A:18:8A:13:4F:F9:59:59:BB:70:E7:58:3B:C4:27:43:66:FA Authority key identifier: B5:D8:7F:DC:27:2A:E0:58:61:87:86:E7:41:70:75:57:BF:4E:1A:33 Certificate issuer: /CN=b5d87fdc272ae058618786e741707557bf4e1a33 Certificate serial: 019B41DB0D1FFC8AC4DFD4290C666BBBB6BB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tdh_3Ccq4Fhhh4bnQXB1V79OGjM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/670b10-10eb-476f-84ef-156eda2b55b6/1/tdh_3Ccq4Fhhh4bnQXB1V79OGjM.mft Manifest number: 0526 Signing time: Sun 21 Dec 2025 17:00:33 +0000 Manifest this update: Sun 21 Dec 2025 17:00:33 +0000 Manifest next update: Mon 22 Dec 2025 17:00:33 +0000 Files and hashes: 1: qQy9nbutIB840i93Gc6Vw1Yt6lA.roa (hash: 65g5a8+QhFyUXfSxWzLsMCFvk+W/xMxKhOR8kW2aeMw=) 2: tdh_3Ccq4Fhhh4bnQXB1V79OGjM.crl (hash: vY8GS4o9u5UjFiLKVkqzsuXQ9ioqdN0mmwz4d3LreKg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/670b10-10eb-476f-84ef-156eda2b55b6/1/tdh_3Ccq4Fhhh4bnQXB1V79OGjM.crl rsync://rpki.ripe.net/repository/DEFAULT/b0/670b10-10eb-476f-84ef-156eda2b55b6/1/tdh_3Ccq4Fhhh4bnQXB1V79OGjM.mft rsync://rpki.ripe.net/repository/DEFAULT/tdh_3Ccq4Fhhh4bnQXB1V79OGjM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 13:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:41:db:0d:1f:fc:8a:c4:df:d4:29:0c:66:6b:bb:b6:bb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b5d87fdc272ae058618786e741707557bf4e1a33 Validity Not Before: Dec 21 17:00:33 2025 GMT Not After : Dec 22 17:00:33 2025 GMT Subject: CN=9da48a188a134ff95959bb70e7583bc4274366fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:a4:05:ef:bc:17:24:df:90:1c:36:a1:36:b3: b3:10:56:fa:c3:74:eb:8a:ef:b9:83:b9:9c:2a:39: 7f:8d:5c:ff:46:83:ff:ec:3e:f1:51:1a:6e:5a:d0: 15:ac:55:53:c9:9e:04:f6:25:4f:29:3c:d3:0b:ef: 83:9e:a9:3f:ea:06:59:c8:d1:9d:52:d3:5e:0c:8b: b6:ee:c5:12:b5:11:2d:c3:f6:53:6c:ef:ac:14:9c: 1d:f0:cd:eb:86:8e:3c:ed:3f:4e:b3:06:f5:09:f4: 6c:9e:19:76:ed:57:1f:51:0e:b3:aa:2f:c7:44:71: ee:20:3a:f4:ee:97:0f:79:37:56:af:6d:fe:f1:7e: 6a:29:d2:56:9a:ba:82:73:b2:23:a5:f9:f3:8f:97: 59:64:80:a7:83:e3:0d:7b:f3:28:8b:5b:f7:6e:c9: 16:02:6a:71:2f:8a:b8:78:74:43:d0:80:87:54:2a: 93:03:8e:c1:15:80:bf:be:71:1d:5a:90:4e:11:54: c0:35:0b:91:50:dd:d9:6a:8e:f0:40:ee:4c:3f:c5: bb:82:d0:8e:73:aa:47:47:69:23:33:70:31:c5:f4: 68:5c:04:66:f1:8d:a4:bf:94:0f:df:b1:02:7b:30: 34:e0:01:1c:89:94:b5:88:5c:36:ea:b2:80:bf:34: 1c:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9D:A4:8A:18:8A:13:4F:F9:59:59:BB:70:E7:58:3B:C4:27:43:66:FA X509v3 Authority Key Identifier: keyid:B5:D8:7F:DC:27:2A:E0:58:61:87:86:E7:41:70:75:57:BF:4E:1A:33 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tdh_3Ccq4Fhhh4bnQXB1V79OGjM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/670b10-10eb-476f-84ef-156eda2b55b6/1/tdh_3Ccq4Fhhh4bnQXB1V79OGjM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/670b10-10eb-476f-84ef-156eda2b55b6/1/tdh_3Ccq4Fhhh4bnQXB1V79OGjM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 35:be:f5:0c:28:3c:4c:b7:2f:d7:7d:9f:06:09:eb:2e:e9:61: dc:b9:bb:7d:81:59:4d:af:26:6e:0f:9b:12:01:26:e6:71:9d: 69:ed:85:68:c1:b1:8f:d7:7b:52:98:ed:e2:fb:e1:9b:a1:d7: 4d:67:dd:0e:2b:a8:53:c1:64:d6:d6:3a:47:4d:07:80:62:de: 61:3e:4d:85:c3:14:1b:89:7d:9c:95:ee:b8:28:a6:51:6f:21: 0e:e8:f1:04:1b:c5:f0:e6:13:34:72:ae:7a:7e:e9:3a:7c:19: 7a:6d:d1:2e:9d:5f:6f:5a:b0:72:fd:a6:5c:64:a4:0f:c5:01: d8:79:c0:6c:66:5a:79:22:0e:8c:2b:42:9f:77:0a:a2:51:e7: 99:89:84:5a:5f:e7:c0:e7:ca:06:3a:7c:7b:fa:52:d7:69:fc: dc:b4:22:80:27:64:85:7d:a7:b4:34:a8:db:19:66:fc:9f:86: 09:44:af:d6:8f:b2:d3:6c:a0:a4:4c:b9:1e:4d:1e:b8:d0:86: 2c:a0:03:18:be:46:11:0d:4a:b8:a5:d2:32:20:e7:b7:d1:18: 8e:64:27:d8:c9:5d:30:2a:df:7b:35:86:a5:e3:b0:2d:89:37: 25:e4:e3:b0:f2:e6:79:56:6f:1a:bd:47:b4:1b:ad:7b:84:6f: 09:90:e9:62 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtB2w0f/IrE39QpDGZru7a7MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI1ZDg3ZmRjMjcyYWUwNTg2MTg3ODZlNzQxNzA3NTU3YmY0 ZTFhMzMwHhcNMjUxMjIxMTcwMDMzWhcNMjUxMjIyMTcwMDMzWjAzMTEwLwYDVQQD Eyg5ZGE0OGExODhhMTM0ZmY5NTk1OWJiNzBlNzU4M2JjNDI3NDM2NmZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA36QF77wXJN+QHDahNrOzEFb6w3Tr iu+5g7mcKjl/jVz/RoP/7D7xURpuWtAVrFVTyZ4E9iVPKTzTC++Dnqk/6gZZyNGd UtNeDIu27sUStREtw/ZTbO+sFJwd8M3rho487T9Oswb1CfRsnhl27VcfUQ6zqi/H RHHuIDr07pcPeTdWr23+8X5qKdJWmrqCc7Ijpfnzj5dZZICng+MNe/Moi1v3bskW AmpxL4q4eHRD0ICHVCqTA47BFYC/vnEdWpBOEVTANQuRUN3Zao7wQO5MP8W7gtCO c6pHR2kjM3AxxfRoXARm8Y2kv5QP37ECezA04AEciZS1iFw26rKAvzQcpQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJ2kihiKE0/5WVm7cOdYO8QnQ2b6MB8GA1UdIwQY MBaAFLXYf9wnKuBYYYeG50FwdVe/ThozMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdGRoXzNDY3E0RmhoaDRiblFYQjFWNzlPR2pNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC82NzBiMTAtMTBlYi00NzZmLTg0ZWYt MTU2ZWRhMmI1NWI2LzEvdGRoXzNDY3E0RmhoaDRiblFYQjFWNzlPR2pNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMC82NzBiMTAtMTBlYi00NzZmLTg0ZWYtMTU2ZWRhMmI1NWI2 LzEvdGRoXzNDY3E0RmhoaDRiblFYQjFWNzlPR2pNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANb71DCg8 TLcv132fBgnrLulh3Lm7fYFZTa8mbg+bEgEm5nGdae2FaMGxj9d7Upjt4vvhm6HX TWfdDiuoU8Fk1tY6R00HgGLeYT5NhcMUG4l9nJXuuCimUW8hDujxBBvF8OYTNHKu en7pOnwZem3RLp1fb1qwcv2mXGSkD8UB2HnAbGZaeSIOjCtCn3cKolHnmYmEWl/n wOfKBjp8e/pS12n83LQigCdkhX2ntDSo2xlm/J+GCUSv1o+y02ygpEy5Hk0euNCG LKADGL5GEQ1KuKXSMiDnt9EYjmQn2MldMCrfezWGpeOwLYk3JeTjsPLmeVZvGr1H tBute4RvCZDpYg== -----END CERTIFICATE-----Generated at Sun Dec 21 22:55:12 2025 by rpki-client