This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/aaf36c-666d-4ac4-b0f3-4bb37b18b9fe/1/tTrKNoRtLTAjZI6sWBx9m2MX7tw.mft File: tTrKNoRtLTAjZI6sWBx9m2MX7tw.mft (raw, json) Hash identifier: pHqxKD979JYgukpgEvCqTJBnpuziPAUcDqbTTS2SLNs= Subject key identifier: BF:EC:53:4D:10:8E:FF:91:30:E7:E4:AB:CD:F1:77:F0:B3:33:42:B3 Authority key identifier: B5:3A:CA:36:84:6D:2D:30:23:64:8E:AC:58:1C:7D:9B:63:17:EE:DC Certificate issuer: /CN=b53aca36846d2d3023648eac581c7d9b6317eedc Certificate serial: 019B717E80BA78E9407C5D2931A206434736 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tTrKNoRtLTAjZI6sWBx9m2MX7tw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/aaf36c-666d-4ac4-b0f3-4bb37b18b9fe/1/tTrKNoRtLTAjZI6sWBx9m2MX7tw.mft Manifest number: 03A2 Signing time: Tue 30 Dec 2025 23:01:14 +0000 Manifest this update: Tue 30 Dec 2025 23:01:14 +0000 Manifest next update: Wed 31 Dec 2025 23:01:14 +0000 Files and hashes: 1: tTrKNoRtLTAjZI6sWBx9m2MX7tw.crl (hash: LrFwW5FQC5rWYvjtAz509EOGubNu/DLTAhylNFh6oTU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/aaf36c-666d-4ac4-b0f3-4bb37b18b9fe/1/tTrKNoRtLTAjZI6sWBx9m2MX7tw.crl rsync://rpki.ripe.net/repository/DEFAULT/fe/aaf36c-666d-4ac4-b0f3-4bb37b18b9fe/1/tTrKNoRtLTAjZI6sWBx9m2MX7tw.mft rsync://rpki.ripe.net/repository/DEFAULT/tTrKNoRtLTAjZI6sWBx9m2MX7tw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 31 Dec 2025 23:01:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:71:7e:80:ba:78:e9:40:7c:5d:29:31:a2:06:43:47:36 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b53aca36846d2d3023648eac581c7d9b6317eedc Validity Not Before: Dec 30 23:01:14 2025 GMT Not After : Dec 31 23:01:14 2025 GMT Subject: CN=bfec534d108eff9130e7e4abcdf177f0b33342b3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:77:cd:7e:41:2d:18:6d:0d:cd:df:4d:f3:fa: 06:23:02:4d:ef:99:fe:70:dd:dc:f7:51:94:fa:cb: 42:28:71:97:da:88:0e:2d:18:57:ec:47:ef:c6:2f: d1:f2:bc:bb:b4:f0:25:26:ec:c9:48:22:41:76:97: 03:86:84:26:dd:37:5b:0c:81:89:38:47:36:0d:ee: 6a:74:60:af:06:55:ac:53:84:02:78:d4:b7:5b:15: 50:2e:d5:7e:ac:4b:cb:7b:7b:a3:ea:e4:c5:61:e7: db:c4:f4:bc:8c:4f:78:95:78:be:3b:8a:53:a8:63: 5a:c9:2c:0c:64:1c:aa:06:1b:ad:5d:8e:e8:b7:ee: 56:06:9d:6f:9a:d5:f1:71:19:93:53:d2:9c:76:4e: 81:12:84:4f:86:05:41:70:b6:1b:c2:1e:11:36:ac: 18:53:36:52:0b:38:68:23:12:81:2f:25:6a:82:c9: 10:68:57:5c:13:73:eb:71:a7:c9:34:7f:19:31:63: e9:12:fd:bf:7e:09:86:84:02:e0:ba:ca:f5:ed:01: d4:6f:e6:ba:a8:21:c8:50:7b:e5:fc:41:d7:b7:80: d1:bb:1e:6e:0f:3d:f4:84:21:ca:a1:99:50:7e:a5: 78:c9:9d:8f:65:0a:36:e3:0c:e1:72:9d:5a:26:21: 49:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BF:EC:53:4D:10:8E:FF:91:30:E7:E4:AB:CD:F1:77:F0:B3:33:42:B3 X509v3 Authority Key Identifier: keyid:B5:3A:CA:36:84:6D:2D:30:23:64:8E:AC:58:1C:7D:9B:63:17:EE:DC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tTrKNoRtLTAjZI6sWBx9m2MX7tw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/aaf36c-666d-4ac4-b0f3-4bb37b18b9fe/1/tTrKNoRtLTAjZI6sWBx9m2MX7tw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/aaf36c-666d-4ac4-b0f3-4bb37b18b9fe/1/tTrKNoRtLTAjZI6sWBx9m2MX7tw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0d:c1:26:c3:9f:f0:14:77:cc:d9:c0:d4:f5:1e:65:d1:7d:b0: e5:37:48:32:90:48:d0:4c:bd:80:78:ee:28:ff:4b:04:81:bc: 06:15:0e:7a:54:ca:a7:c5:57:a5:a4:37:93:08:7a:75:bd:73: c1:70:9e:bf:94:6a:35:94:6c:03:7f:f0:12:9d:12:87:36:ac: c6:e4:ae:9f:91:c4:3b:b4:4f:41:8c:c4:1b:8b:d5:c8:f0:ff: 45:90:6b:28:c8:11:d4:a8:2d:ca:04:6a:0f:d5:55:92:69:1a: 3b:89:4d:91:60:e4:bc:b9:77:26:ac:23:da:79:9c:c7:5c:37: e1:26:fb:eb:19:58:48:a6:0f:73:17:95:fb:8b:bd:33:a1:73: 75:df:b8:81:81:1d:a5:da:20:c1:db:93:a1:d1:a4:53:e5:37: 68:30:69:db:8d:aa:e7:63:53:de:d4:52:ca:a2:55:a3:4f:f2: f5:a0:1e:b8:e2:b1:0f:83:da:a0:f6:e4:69:b1:4b:da:8c:7d: f6:5e:77:42:2c:aa:59:67:54:69:64:17:ae:81:42:7c:b1:af: c6:d7:3c:61:07:81:7a:37:4c:50:24:9f:67:18:8f:d0:76:3e: 31:fc:a4:88:a4:4d:6c:cd:1c:ce:e6:6f:0d:75:6f:12:ea:08: 83:fc:0d:35 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtxfoC6eOlAfF0pMaIGQ0c2MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI1M2FjYTM2ODQ2ZDJkMzAyMzY0OGVhYzU4MWM3ZDliNjMx N2VlZGMwHhcNMjUxMjMwMjMwMTE0WhcNMjUxMjMxMjMwMTE0WjAzMTEwLwYDVQQD EyhiZmVjNTM0ZDEwOGVmZjkxMzBlN2U0YWJjZGYxNzdmMGIzMzM0MmIzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3HfNfkEtGG0Nzd9N8/oGIwJN75n+ cN3c91GU+stCKHGX2ogOLRhX7Efvxi/R8ry7tPAlJuzJSCJBdpcDhoQm3TdbDIGJ OEc2De5qdGCvBlWsU4QCeNS3WxVQLtV+rEvLe3uj6uTFYefbxPS8jE94lXi+O4pT qGNaySwMZByqBhutXY7ot+5WBp1vmtXxcRmTU9Kcdk6BEoRPhgVBcLYbwh4RNqwY UzZSCzhoIxKBLyVqgskQaFdcE3PrcafJNH8ZMWPpEv2/fgmGhALgusr17QHUb+a6 qCHIUHvl/EHXt4DRux5uDz30hCHKoZlQfqV4yZ2PZQo24wzhcp1aJiFJlQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFL/sU00Qjv+RMOfkq83xd/CzM0KzMB8GA1UdIwQY MBaAFLU6yjaEbS0wI2SOrFgcfZtjF+7cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdFRyS05vUnRMVEFqWkk2c1dCeDltMk1YN3R3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9hYWYzNmMtNjY2ZC00YWM0LWIwZjMt NGJiMzdiMThiOWZlLzEvdFRyS05vUnRMVEFqWkk2c1dCeDltMk1YN3R3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZS9hYWYzNmMtNjY2ZC00YWM0LWIwZjMtNGJiMzdiMThiOWZl LzEvdFRyS05vUnRMVEFqWkk2c1dCeDltMk1YN3R3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADcEmw5/w FHfM2cDU9R5l0X2w5TdIMpBI0Ey9gHjuKP9LBIG8BhUOelTKp8VXpaQ3kwh6db1z wXCev5RqNZRsA3/wEp0ShzasxuSun5HEO7RPQYzEG4vVyPD/RZBrKMgR1KgtygRq D9VVkmkaO4lNkWDkvLl3Jqwj2nmcx1w34Sb76xlYSKYPcxeV+4u9M6Fzdd+4gYEd pdogwduTodGkU+U3aDBp242q52NT3tRSyqJVo0/y9aAeuOKxD4PaoPbkabFL2ox9 9l53QiyqWWdUaWQXroFCfLGvxtc8YQeBejdMUCSfZxiP0HY+MfykiKRNbM0czuZv DXVvEuoIg/wNNQ== -----END CERTIFICATE-----Generated at Wed Dec 31 02:00:50 2025 by rpki-client