This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/4239e9-e670-44f1-868e-f3f581dfc648/1/TQ8lfzOc-54nVLbMJDZPDxKQWNs.mft File: TQ8lfzOc-54nVLbMJDZPDxKQWNs.mft (raw, json) Hash identifier: lsVA7K7nfhadUkvnPzm93JktExV6VpK8GqXwfqIdLJU= Subject key identifier: 86:35:12:46:B2:0C:FF:55:F8:13:BE:F8:68:C8:94:54:64:6A:52:FF Authority key identifier: 4D:0F:25:7F:33:9C:FB:9E:27:54:B6:CC:24:36:4F:0F:12:90:58:DB Certificate issuer: /CN=4d0f257f339cfb9e2754b6cc24364f0f129058db Certificate serial: 019B40C86A1DAC513A33B3126929BB08526A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TQ8lfzOc-54nVLbMJDZPDxKQWNs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/4239e9-e670-44f1-868e-f3f581dfc648/1/TQ8lfzOc-54nVLbMJDZPDxKQWNs.mft Manifest number: 15C3 Signing time: Sun 21 Dec 2025 12:00:34 +0000 Manifest this update: Sun 21 Dec 2025 12:00:34 +0000 Manifest next update: Mon 22 Dec 2025 12:00:34 +0000 Files and hashes: 1: TQ8lfzOc-54nVLbMJDZPDxKQWNs.crl (hash: xEdSMHdjFJrckPbDlknQIk45NLz/GMUGNNhWzL25hgY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/4239e9-e670-44f1-868e-f3f581dfc648/1/TQ8lfzOc-54nVLbMJDZPDxKQWNs.crl rsync://rpki.ripe.net/repository/DEFAULT/dd/4239e9-e670-44f1-868e-f3f581dfc648/1/TQ8lfzOc-54nVLbMJDZPDxKQWNs.mft rsync://rpki.ripe.net/repository/DEFAULT/TQ8lfzOc-54nVLbMJDZPDxKQWNs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 12:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:40:c8:6a:1d:ac:51:3a:33:b3:12:69:29:bb:08:52:6a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4d0f257f339cfb9e2754b6cc24364f0f129058db Validity Not Before: Dec 21 12:00:34 2025 GMT Not After : Dec 22 12:00:34 2025 GMT Subject: CN=86351246b20cff55f813bef868c89454646a52ff Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:da:c5:c4:8d:a1:4d:21:20:f9:82:d0:ba:17: e4:31:43:34:65:03:4c:76:8e:a7:8d:4b:db:dd:ed: fe:78:c2:b3:f6:a8:bf:07:e8:f2:13:c9:84:35:de: 7c:f0:57:34:49:cb:a3:cb:8b:35:d5:1e:bd:43:08: 78:6d:cb:8d:f5:77:0c:b8:1c:60:76:bb:7c:94:b5: 82:9a:fa:82:49:22:09:bc:ab:68:ae:4a:a4:7f:cd: e6:21:16:2d:4e:ad:75:84:fe:9f:28:9f:d9:2b:ca: 6a:af:a2:70:e8:8e:49:9e:1e:1b:97:7b:52:b8:ac: 46:2e:9e:83:44:87:11:b0:b3:73:93:d1:3f:85:d3: b1:7b:1d:65:5a:0b:0f:50:f9:cb:67:99:f9:61:9b: 79:72:e1:ef:92:eb:dd:a6:d4:0b:fc:2c:16:e5:b1: b2:af:80:ab:1b:b9:36:0b:76:3e:99:83:44:35:c5: 08:f6:cf:40:5c:f9:c9:64:3d:29:82:6d:7d:c7:98: e1:17:52:f0:47:d6:20:46:58:3a:17:86:f8:d3:78: fa:65:d0:a0:0a:d5:6e:6d:32:b5:1f:95:3c:d8:41: bd:59:42:63:85:d6:94:ce:5b:6a:20:cd:48:a2:c0: d3:b4:fd:34:a6:c1:62:a6:c4:43:a2:1e:54:77:d1: 77:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:35:12:46:B2:0C:FF:55:F8:13:BE:F8:68:C8:94:54:64:6A:52:FF X509v3 Authority Key Identifier: keyid:4D:0F:25:7F:33:9C:FB:9E:27:54:B6:CC:24:36:4F:0F:12:90:58:DB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TQ8lfzOc-54nVLbMJDZPDxKQWNs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/4239e9-e670-44f1-868e-f3f581dfc648/1/TQ8lfzOc-54nVLbMJDZPDxKQWNs.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/4239e9-e670-44f1-868e-f3f581dfc648/1/TQ8lfzOc-54nVLbMJDZPDxKQWNs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 48:c4:bb:d4:cc:d0:16:e3:ba:cd:b8:c4:cc:85:94:53:76:59: f6:75:c2:7c:c8:35:4f:25:44:58:df:86:6d:d9:b2:35:df:76: fd:b2:0d:29:55:7b:2e:27:b7:57:01:46:31:d9:3d:92:34:9f: d4:74:10:c0:66:9d:ba:15:da:26:8e:2a:09:ed:9d:16:9a:4e: 4c:1b:2e:cd:a9:b9:1e:ee:3a:84:1f:e6:7f:74:80:47:af:85: f3:d3:86:8e:18:49:99:75:b5:2f:f5:02:8a:aa:4d:8a:3d:3c: a6:6e:74:52:13:54:11:ee:d5:03:94:cb:84:74:81:da:f5:45: 54:f5:fd:fe:98:0c:b9:5d:85:53:0a:80:5e:25:50:96:d5:47: c5:63:f3:6d:20:4f:ab:64:dc:c7:75:09:a8:b4:c1:7d:8c:39: 70:4c:dc:d4:6b:e4:76:cb:0e:3b:6b:88:8e:9a:ae:a4:9e:0e: 20:6e:3f:6f:e7:ff:0f:10:f6:7b:39:3d:a3:2f:a4:2a:88:02: 3d:49:2c:08:d2:39:d8:78:3c:4c:90:7a:d9:87:bc:5c:23:93: 4a:37:41:a6:e5:1a:b0:ed:2c:3d:0e:ef:79:6f:3c:65:22:67: 5c:75:1f:74:29:fe:f8:55:81:a9:c7:8b:4e:b6:93:ac:ef:0a: 3f:3d:a6:b9 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtAyGodrFE6M7MSaSm7CFJqMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRkMGYyNTdmMzM5Y2ZiOWUyNzU0YjZjYzI0MzY0ZjBmMTI5 MDU4ZGIwHhcNMjUxMjIxMTIwMDM0WhcNMjUxMjIyMTIwMDM0WjAzMTEwLwYDVQQD Eyg4NjM1MTI0NmIyMGNmZjU1ZjgxM2JlZjg2OGM4OTQ1NDY0NmE1MmZmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAotrFxI2hTSEg+YLQuhfkMUM0ZQNM do6njUvb3e3+eMKz9qi/B+jyE8mENd588Fc0Scujy4s11R69Qwh4bcuN9XcMuBxg drt8lLWCmvqCSSIJvKtorkqkf83mIRYtTq11hP6fKJ/ZK8pqr6Jw6I5Jnh4bl3tS uKxGLp6DRIcRsLNzk9E/hdOxex1lWgsPUPnLZ5n5YZt5cuHvkuvdptQL/CwW5bGy r4CrG7k2C3Y+mYNENcUI9s9AXPnJZD0pgm19x5jhF1LwR9YgRlg6F4b403j6ZdCg CtVubTK1H5U82EG9WUJjhdaUzltqIM1IosDTtP00psFipsRDoh5Ud9F3LQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIY1EkayDP9V+BO++GjIlFRkalL/MB8GA1UdIwQY MBaAFE0PJX8znPueJ1S2zCQ2Tw8SkFjbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVFE4bGZ6T2MtNTRuVkxiTUpEWlBEeEtRV05zLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC80MjM5ZTktZTY3MC00NGYxLTg2OGUt ZjNmNTgxZGZjNjQ4LzEvVFE4bGZ6T2MtNTRuVkxiTUpEWlBEeEtRV05zLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZC80MjM5ZTktZTY3MC00NGYxLTg2OGUtZjNmNTgxZGZjNjQ4 LzEvVFE4bGZ6T2MtNTRuVkxiTUpEWlBEeEtRV05zLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASMS71MzQ FuO6zbjEzIWUU3ZZ9nXCfMg1TyVEWN+GbdmyNd92/bINKVV7Lie3VwFGMdk9kjSf 1HQQwGaduhXaJo4qCe2dFppOTBsuzam5Hu46hB/mf3SAR6+F89OGjhhJmXW1L/UC iqpNij08pm50UhNUEe7VA5TLhHSB2vVFVPX9/pgMuV2FUwqAXiVQltVHxWPzbSBP q2Tcx3UJqLTBfYw5cEzc1GvkdssOO2uIjpqupJ4OIG4/b+f/DxD2ezk9oy+kKogC PUksCNI52Hg8TJB62Ye8XCOTSjdBpuUasO0sPQ7veW88ZSJnXHUfdCn++FWBqceL TraTrO8KPz2muQ== -----END CERTIFICATE-----Generated at Sun Dec 21 18:55:30 2025 by rpki-client