This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/b689fd-b13e-4332-9eb7-65cb63afce5e/1/if4_e4M8MGAut5hY5-r67VVPTFs.mft File: if4_e4M8MGAut5hY5-r67VVPTFs.mft (raw, json) Hash identifier: XhhFEA9XtANrGWrQ0sG4wTj8ZM7mRa0QO90gqvuQx0M= Subject key identifier: CC:B3:B2:A6:17:B0:7D:F1:DB:AA:E4:34:33:D6:73:E7:CF:82:FE:84 Authority key identifier: 89:FE:3F:7B:83:3C:30:60:2E:B7:98:58:E7:EA:FA:ED:55:4F:4C:5B Certificate issuer: /CN=89fe3f7b833c30602eb79858e7eafaed554f4c5b Certificate serial: 019AF19BD0D29B313E692D8DF754564435C2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/if4_e4M8MGAut5hY5-r67VVPTFs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/b689fd-b13e-4332-9eb7-65cb63afce5e/1/if4_e4M8MGAut5hY5-r67VVPTFs.mft Manifest number: 09BD Signing time: Sat 06 Dec 2025 03:01:51 +0000 Manifest this update: Sat 06 Dec 2025 03:01:51 +0000 Manifest next update: Sun 07 Dec 2025 03:01:51 +0000 Files and hashes: 1: if4_e4M8MGAut5hY5-r67VVPTFs.crl (hash: PymDseLsl9vuFvrne8YnSOMbhrxG7n6+rLHVRAURCBs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/b689fd-b13e-4332-9eb7-65cb63afce5e/1/if4_e4M8MGAut5hY5-r67VVPTFs.crl rsync://rpki.ripe.net/repository/DEFAULT/14/b689fd-b13e-4332-9eb7-65cb63afce5e/1/if4_e4M8MGAut5hY5-r67VVPTFs.mft rsync://rpki.ripe.net/repository/DEFAULT/if4_e4M8MGAut5hY5-r67VVPTFs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 03:01:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:9b:d0:d2:9b:31:3e:69:2d:8d:f7:54:56:44:35:c2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=89fe3f7b833c30602eb79858e7eafaed554f4c5b Validity Not Before: Dec 6 03:01:51 2025 GMT Not After : Dec 7 03:01:51 2025 GMT Subject: CN=ccb3b2a617b07df1dbaae43433d673e7cf82fe84 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8e:be:f8:0f:9e:1c:d6:9f:ac:c0:7d:86:26:c4: 89:c0:f5:bd:d9:f3:69:ef:9a:f1:38:a1:d9:32:dc: a5:c6:89:47:1d:e9:b8:89:cc:2d:13:f1:6e:3c:89: d6:ca:4a:04:11:da:21:00:4a:39:bb:9e:28:37:c9: 08:d0:c1:9d:37:b3:93:5e:7e:22:2f:fd:d2:b9:35: ec:e7:04:2c:42:83:29:94:21:67:00:8c:be:1b:15: 73:ca:20:12:4d:02:1f:1e:eb:c1:ec:98:19:db:13: 47:07:d7:27:90:1c:7b:3c:bb:83:13:96:28:fe:74: 50:5f:46:75:e3:fb:9a:d9:38:9d:9f:f3:ba:62:2f: 96:3a:68:79:3d:8d:a4:bb:9a:44:bb:e4:6a:d7:c2: 93:42:ee:18:8a:fc:f6:1e:fa:15:6d:87:07:64:12: 2a:26:e0:94:27:d0:f3:43:b4:60:23:31:2d:28:7d: 40:6a:36:1d:39:9e:5e:3c:45:15:bd:14:21:1b:a6: fe:c0:25:b4:5a:e9:95:a8:0f:90:8c:8a:58:68:f7: 20:cc:58:5e:6d:9f:0e:30:22:08:f7:59:b9:c0:5f: c7:48:71:80:0a:5e:31:92:f9:67:72:18:93:4d:61: 48:2e:30:61:dc:d3:f9:83:9a:ca:2c:13:f6:26:1b: 33:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CC:B3:B2:A6:17:B0:7D:F1:DB:AA:E4:34:33:D6:73:E7:CF:82:FE:84 X509v3 Authority Key Identifier: keyid:89:FE:3F:7B:83:3C:30:60:2E:B7:98:58:E7:EA:FA:ED:55:4F:4C:5B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/if4_e4M8MGAut5hY5-r67VVPTFs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/b689fd-b13e-4332-9eb7-65cb63afce5e/1/if4_e4M8MGAut5hY5-r67VVPTFs.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/14/b689fd-b13e-4332-9eb7-65cb63afce5e/1/if4_e4M8MGAut5hY5-r67VVPTFs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 03:12:2c:19:7a:68:31:c2:cc:84:ef:73:7a:34:0c:3b:9e:ef: be:d5:d4:38:36:d6:da:ce:02:8b:de:4c:fe:8c:9f:de:16:ee: f7:75:c1:5d:6e:55:92:f3:0b:2f:fc:e7:98:fa:30:28:bd:ce: 73:73:23:06:01:14:ce:c8:79:9d:4f:dd:c8:a8:f2:2d:3d:a6: 4b:4c:20:d5:5c:11:0d:c3:51:4a:8c:c2:bf:0f:c5:8a:5d:13: 1c:38:89:df:95:71:31:37:a4:af:5d:6a:88:21:79:cb:32:e6: 07:04:54:a2:7f:29:f6:1c:fd:95:9e:30:54:a0:da:71:60:e7: 4f:eb:43:f5:e6:d1:d3:98:bc:62:e5:15:d4:2d:2a:7a:e4:ec: a1:cd:b2:0f:9f:d9:ca:1b:70:7d:4e:0b:94:86:f2:47:e2:7c: 06:69:5f:90:67:0b:31:16:7d:ba:d9:d2:28:77:b4:d9:96:b8: ce:d4:20:1c:60:35:09:57:c6:19:ca:8e:ad:47:6d:5e:76:8c: 64:27:0a:36:0d:09:d5:0c:ec:ef:be:df:74:c3:82:8c:ea:3e: 16:af:b4:22:7d:5f:69:91:3e:c8:a6:9a:f7:6d:07:52:02:a2: be:06:d0:76:b1:e9:08:76:2d:32:38:6b:79:16:53:af:84:3c: f3:44:7a:48 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxm9DSmzE+aS2N91RWRDXCMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg5ZmUzZjdiODMzYzMwNjAyZWI3OTg1OGU3ZWFmYWVkNTU0 ZjRjNWIwHhcNMjUxMjA2MDMwMTUxWhcNMjUxMjA3MDMwMTUxWjAzMTEwLwYDVQQD EyhjY2IzYjJhNjE3YjA3ZGYxZGJhYWU0MzQzM2Q2NzNlN2NmODJmZTg0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjr74D54c1p+swH2GJsSJwPW92fNp 75rxOKHZMtylxolHHem4icwtE/FuPInWykoEEdohAEo5u54oN8kI0MGdN7OTXn4i L/3SuTXs5wQsQoMplCFnAIy+GxVzyiASTQIfHuvB7JgZ2xNHB9cnkBx7PLuDE5Yo /nRQX0Z14/ua2Tidn/O6Yi+WOmh5PY2ku5pEu+Rq18KTQu4Yivz2HvoVbYcHZBIq JuCUJ9DzQ7RgIzEtKH1AajYdOZ5ePEUVvRQhG6b+wCW0WumVqA+QjIpYaPcgzFhe bZ8OMCII91m5wF/HSHGACl4xkvlnchiTTWFILjBh3NP5g5rKLBP2JhszcQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMyzsqYXsH3x26rkNDPWc+fPgv6EMB8GA1UdIwQY MBaAFIn+P3uDPDBgLreYWOfq+u1VT0xbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaWY0X2U0TThNR0F1dDVoWTUtcjY3VlZQVEZzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC9iNjg5ZmQtYjEzZS00MzMyLTllYjct NjVjYjYzYWZjZTVlLzEvaWY0X2U0TThNR0F1dDVoWTUtcjY3VlZQVEZzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNC9iNjg5ZmQtYjEzZS00MzMyLTllYjctNjVjYjYzYWZjZTVl LzEvaWY0X2U0TThNR0F1dDVoWTUtcjY3VlZQVEZzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAxIsGXpo McLMhO9zejQMO57vvtXUODbW2s4Ci95M/oyf3hbu93XBXW5VkvMLL/znmPowKL3O c3MjBgEUzsh5nU/dyKjyLT2mS0wg1VwRDcNRSozCvw/Fil0THDiJ35VxMTekr11q iCF5yzLmBwRUon8p9hz9lZ4wVKDacWDnT+tD9ebR05i8YuUV1C0qeuTsoc2yD5/Z yhtwfU4LlIbyR+J8BmlfkGcLMRZ9utnSKHe02Za4ztQgHGA1CVfGGcqOrUdtXnaM ZCcKNg0J1Qzs777fdMOCjOo+Fq+0In1faZE+yKaa920HUgKivgbQdrHpCHYtMjhr eRZTr4Q880R6SA== -----END CERTIFICATE-----Generated at Sat Dec 6 11:08:11 2025 by rpki-client