This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/6ec943-70e2-4335-84fe-c79d4eeb5ad6/1/4kCgJeDmGkTZPkqAHjiIsm570kE.mft File: 4kCgJeDmGkTZPkqAHjiIsm570kE.mft (raw, json) Hash identifier: DhWosAnsdwni5pAn4SE/0uBr4vCqXMpPfhqq3joiK6Q= Subject key identifier: 90:E9:2F:8B:A2:6A:B1:66:0C:AD:A3:09:17:2E:B7:DE:13:E8:EF:22 Authority key identifier: E2:40:A0:25:E0:E6:1A:44:D9:3E:4A:80:1E:38:88:B2:6E:7B:D2:41 Certificate issuer: /CN=e240a025e0e61a44d93e4a801e3888b26e7bd241 Certificate serial: 019AF276CB4C807AE5D44D39B5572B8F8793 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4kCgJeDmGkTZPkqAHjiIsm570kE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/6ec943-70e2-4335-84fe-c79d4eeb5ad6/1/4kCgJeDmGkTZPkqAHjiIsm570kE.mft Manifest number: 1764 Signing time: Sat 06 Dec 2025 07:01:02 +0000 Manifest this update: Sat 06 Dec 2025 07:01:02 +0000 Manifest next update: Sun 07 Dec 2025 07:01:02 +0000 Files and hashes: 1: 4kCgJeDmGkTZPkqAHjiIsm570kE.crl (hash: I27vMjmsNLjXOM+4+lCvSHZ/cs+uqHWtJICJhv5BX/I=) 2: K7SH4zYCXr-cp1q6N2Mp-Gdj1PU.roa (hash: fOTEXpl4gYkXzMjvkhlooQdp3U8U0Z9lMps20TcryK0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/6ec943-70e2-4335-84fe-c79d4eeb5ad6/1/4kCgJeDmGkTZPkqAHjiIsm570kE.crl rsync://rpki.ripe.net/repository/DEFAULT/1a/6ec943-70e2-4335-84fe-c79d4eeb5ad6/1/4kCgJeDmGkTZPkqAHjiIsm570kE.mft rsync://rpki.ripe.net/repository/DEFAULT/4kCgJeDmGkTZPkqAHjiIsm570kE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:76:cb:4c:80:7a:e5:d4:4d:39:b5:57:2b:8f:87:93 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e240a025e0e61a44d93e4a801e3888b26e7bd241 Validity Not Before: Dec 6 07:01:02 2025 GMT Not After : Dec 7 07:01:02 2025 GMT Subject: CN=90e92f8ba26ab1660cada309172eb7de13e8ef22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:40:c2:e3:7e:d5:c4:64:73:39:46:2b:e3:89: be:43:0b:4f:10:d9:5a:58:6b:54:ae:a4:f7:a3:84: 18:d6:7e:b1:ea:00:b5:7a:02:7d:89:aa:ad:1f:3b: a1:d9:59:7a:36:a9:79:45:b9:3f:9e:d6:a6:55:7e: 3e:23:6d:cd:0f:c6:ca:a5:53:ca:2e:da:09:41:2f: 3b:cd:67:b2:82:75:1b:a3:f0:dd:4d:55:c4:fe:94: dc:cb:8e:3f:87:fd:ce:50:ab:27:94:7a:22:b3:50: f1:0a:4b:58:54:8e:85:60:5b:a2:0d:4d:24:5f:2a: a4:63:3a:15:a6:ec:d6:d6:6b:96:ab:64:18:6b:75: 95:67:ee:8f:f1:a8:f6:21:20:24:aa:f7:14:18:45: 95:df:8e:ff:63:cf:dc:35:9a:34:e7:b4:c7:38:a7: b6:5c:4f:aa:4b:23:b5:63:c1:78:36:45:7d:c9:3c: 18:72:42:7a:88:e0:8e:c0:68:63:3d:fc:3e:0c:f4: 57:9f:07:42:f4:ab:f3:48:39:3a:18:63:c5:a0:b8: 25:13:88:38:f2:5f:17:1b:46:7a:4a:73:dd:71:65: 64:06:5c:55:3c:cc:60:ec:83:dd:6b:aa:9c:fb:e1: d0:eb:88:c2:ac:f1:89:7b:de:80:3d:c5:21:4e:9d: 1a:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:E9:2F:8B:A2:6A:B1:66:0C:AD:A3:09:17:2E:B7:DE:13:E8:EF:22 X509v3 Authority Key Identifier: keyid:E2:40:A0:25:E0:E6:1A:44:D9:3E:4A:80:1E:38:88:B2:6E:7B:D2:41 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4kCgJeDmGkTZPkqAHjiIsm570kE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/6ec943-70e2-4335-84fe-c79d4eeb5ad6/1/4kCgJeDmGkTZPkqAHjiIsm570kE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/6ec943-70e2-4335-84fe-c79d4eeb5ad6/1/4kCgJeDmGkTZPkqAHjiIsm570kE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 27:ee:70:9e:12:44:b2:d8:34:40:8a:8e:b1:81:a7:cb:bc:fe: f6:37:ac:58:45:c2:7b:4b:ee:6e:cb:27:3d:a4:3b:1a:f4:fe: f7:c6:02:ee:b3:01:af:04:54:58:a5:b5:4d:b6:c1:c4:4c:94: b4:85:31:d2:aa:f7:1d:ca:26:e2:42:68:fd:a1:7b:3b:03:c9: 9d:43:b7:b9:3c:b5:98:42:c1:e6:fa:53:21:ac:6c:95:82:3d: 4b:66:1b:82:43:67:b6:88:c6:3c:b4:b8:9b:36:3d:fd:de:ff: 1b:05:7f:94:09:1e:4e:74:d0:05:2b:75:8a:e5:2a:d1:df:53: 4c:0f:d8:b9:10:9c:ae:b3:7e:c1:13:50:2e:77:e0:4b:e8:80: 67:51:bc:ef:65:14:d6:9a:f2:b3:da:8a:76:c9:24:6b:32:ef: 72:8b:16:fe:73:ac:10:e0:02:4c:77:bb:fc:e5:82:b1:d1:dc: fd:16:39:9b:8d:22:5b:7a:bf:38:f4:1d:54:85:1d:54:5a:8a: 9b:c8:72:cf:20:5d:52:5b:82:b6:02:a4:3c:e4:cb:56:4e:39: 6d:3b:9b:f8:ef:1c:44:b9:b8:90:a6:b6:64:6e:d1:a7:92:7b: 6d:5e:5e:91:9d:93:46:a4:1c:eb:3a:47:cf:ec:68:6f:7e:ec: c8:ba:45:35 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrydstMgHrl1E05tVcrj4eTMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGUyNDBhMDI1ZTBlNjFhNDRkOTNlNGE4MDFlMzg4OGIyNmU3 YmQyNDEwHhcNMjUxMjA2MDcwMTAyWhcNMjUxMjA3MDcwMTAyWjAzMTEwLwYDVQQD Eyg5MGU5MmY4YmEyNmFiMTY2MGNhZGEzMDkxNzJlYjdkZTEzZThlZjIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArEDC437VxGRzOUYr44m+QwtPENla WGtUrqT3o4QY1n6x6gC1egJ9iaqtHzuh2Vl6Nql5Rbk/ntamVX4+I23ND8bKpVPK LtoJQS87zWeygnUbo/DdTVXE/pTcy44/h/3OUKsnlHois1DxCktYVI6FYFuiDU0k XyqkYzoVpuzW1muWq2QYa3WVZ+6P8aj2ISAkqvcUGEWV347/Y8/cNZo057THOKe2 XE+qSyO1Y8F4NkV9yTwYckJ6iOCOwGhjPfw+DPRXnwdC9KvzSDk6GGPFoLglE4g4 8l8XG0Z6SnPdcWVkBlxVPMxg7IPda6qc++HQ64jCrPGJe96APcUhTp0a8QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJDpL4uiarFmDK2jCRcut94T6O8iMB8GA1UdIwQY MBaAFOJAoCXg5hpE2T5KgB44iLJue9JBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNGtDZ0plRG1Ha1RaUGtxQUhqaUlzbTU3MGtFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS82ZWM5NDMtNzBlMi00MzM1LTg0ZmUt Yzc5ZDRlZWI1YWQ2LzEvNGtDZ0plRG1Ha1RaUGtxQUhqaUlzbTU3MGtFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xYS82ZWM5NDMtNzBlMi00MzM1LTg0ZmUtYzc5ZDRlZWI1YWQ2 LzEvNGtDZ0plRG1Ha1RaUGtxQUhqaUlzbTU3MGtFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJ+5wnhJE stg0QIqOsYGny7z+9jesWEXCe0vubssnPaQ7GvT+98YC7rMBrwRUWKW1TbbBxEyU tIUx0qr3Hcom4kJo/aF7OwPJnUO3uTy1mELB5vpTIaxslYI9S2YbgkNntojGPLS4 mzY9/d7/GwV/lAkeTnTQBSt1iuUq0d9TTA/YuRCcrrN+wRNQLnfgS+iAZ1G872UU 1prys9qKdskkazLvcosW/nOsEOACTHe7/OWCsdHc/RY5m40iW3q/OPQdVIUdVFqK m8hyzyBdUluCtgKkPOTLVk45bTub+O8cRLm4kKa2ZG7Rp5J7bV5ekZ2TRqQc6zpH z+xob37syLpFNQ== -----END CERTIFICATE-----Generated at Sat Dec 6 10:14:42 2025 by rpki-client