This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/745024-9e37-4790-86ac-7de8d8c2e930/1/4imzfrYwaGsTKDOEcbUtqV0gSRE.mft File: 4imzfrYwaGsTKDOEcbUtqV0gSRE.mft (raw, json) Hash identifier: XefN2ZixeSjjq7aqE0FMiqOGxqJ5zpCn7um9h8mf1kM= Subject key identifier: 53:F5:C1:A1:D3:10:FF:53:B6:F8:DF:72:B3:6B:76:F3:23:40:BA:14 Authority key identifier: E2:29:B3:7E:B6:30:68:6B:13:28:33:84:71:B5:2D:A9:5D:20:49:11 Certificate issuer: /CN=e229b37eb630686b1328338471b52da95d204911 Certificate serial: 019AF31BCEBB7FFA0B5399918D4CF4F8FA53 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4imzfrYwaGsTKDOEcbUtqV0gSRE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/745024-9e37-4790-86ac-7de8d8c2e930/1/4imzfrYwaGsTKDOEcbUtqV0gSRE.mft Manifest number: 0C73 Signing time: Sat 06 Dec 2025 10:01:17 +0000 Manifest this update: Sat 06 Dec 2025 10:01:17 +0000 Manifest next update: Sun 07 Dec 2025 10:01:17 +0000 Files and hashes: 1: 4imzfrYwaGsTKDOEcbUtqV0gSRE.crl (hash: FZ7/B0t1AVjIZUBE9cSUyj8ENM9jir1tQGw29Vrxvxg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/745024-9e37-4790-86ac-7de8d8c2e930/1/4imzfrYwaGsTKDOEcbUtqV0gSRE.crl rsync://rpki.ripe.net/repository/DEFAULT/29/745024-9e37-4790-86ac-7de8d8c2e930/1/4imzfrYwaGsTKDOEcbUtqV0gSRE.mft rsync://rpki.ripe.net/repository/DEFAULT/4imzfrYwaGsTKDOEcbUtqV0gSRE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1b:ce:bb:7f:fa:0b:53:99:91:8d:4c:f4:f8:fa:53 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e229b37eb630686b1328338471b52da95d204911 Validity Not Before: Dec 6 10:01:17 2025 GMT Not After : Dec 7 10:01:17 2025 GMT Subject: CN=53f5c1a1d310ff53b6f8df72b36b76f32340ba14 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:2f:6c:3d:da:03:3b:cb:43:55:1e:69:29:fb: a2:56:af:22:86:d3:af:a6:b6:45:93:eb:f3:b6:68: 1d:ed:d2:49:d8:14:98:71:29:6a:5c:aa:8b:cb:a2: 0c:18:cf:a2:77:8a:b2:8c:25:5d:9f:af:bd:9b:d9: 9b:66:4d:b6:3f:68:72:4b:85:aa:05:4b:1f:07:38: 16:8f:b0:d4:25:c2:0c:d1:32:fd:21:0e:0d:77:c6: b4:6b:2d:90:25:10:f9:88:5f:b5:d8:74:50:ca:20: a8:f2:7f:25:aa:15:e8:9e:b3:db:66:ac:96:ff:2c: 64:21:ba:96:a8:5b:bc:1f:e6:b7:d1:d2:3a:6e:d9: 7c:60:11:bb:d6:3e:04:54:a5:2a:63:51:ec:8d:1b: f4:c6:88:28:1e:3e:ab:e8:9c:71:d8:56:94:43:20: df:b6:1d:11:79:25:8d:ca:19:90:bf:c1:9b:35:11: b3:5d:b3:ae:48:9c:15:ba:07:cb:71:0d:ec:34:9f: 11:6d:af:d3:2b:ff:f6:bd:43:81:f1:25:f5:69:23: e7:3f:fd:21:4a:18:6d:b4:fd:80:83:22:e1:7a:cb: ee:b7:fe:53:6c:d8:64:2b:fd:bf:a9:a8:f1:74:d3: 0c:44:74:14:c9:64:91:03:a8:a8:9a:00:6b:22:91: 12:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 53:F5:C1:A1:D3:10:FF:53:B6:F8:DF:72:B3:6B:76:F3:23:40:BA:14 X509v3 Authority Key Identifier: keyid:E2:29:B3:7E:B6:30:68:6B:13:28:33:84:71:B5:2D:A9:5D:20:49:11 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4imzfrYwaGsTKDOEcbUtqV0gSRE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/745024-9e37-4790-86ac-7de8d8c2e930/1/4imzfrYwaGsTKDOEcbUtqV0gSRE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/29/745024-9e37-4790-86ac-7de8d8c2e930/1/4imzfrYwaGsTKDOEcbUtqV0gSRE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 59:a9:69:87:29:97:33:bb:6c:4a:69:15:8d:e9:77:96:33:3d: b5:5c:18:4e:86:42:c4:63:71:ed:df:30:af:8e:a7:f5:8e:14: c2:ea:39:0f:03:c8:95:42:ad:2b:a1:6a:f4:74:6f:e6:f4:d0: 43:84:75:94:e4:51:df:4d:2e:c9:37:d1:e1:bb:25:dd:b0:ca: 30:6c:55:bb:65:0b:b7:b0:77:f4:23:df:fa:6f:f3:3f:ec:ed: 34:17:03:6b:11:47:ed:b9:05:1b:b5:64:af:ab:e6:69:a0:eb: 07:f7:f8:06:2a:fc:bf:3c:b1:f9:f5:89:d4:50:ed:80:ef:31: d6:b7:07:f6:ad:4f:93:a2:5d:c9:1b:2d:67:eb:ca:4e:7c:a0: 65:23:c3:c3:47:62:b6:e2:ee:a9:ee:fa:0d:10:0e:b3:e4:d7: 46:bf:7c:55:ad:bd:0a:96:d6:85:2b:cf:25:74:fa:40:73:71: b9:a5:be:da:2f:90:f7:dc:d1:46:14:a1:f3:32:1d:4e:b3:f3: ca:1e:e1:f7:b6:82:a8:ac:a9:f0:72:2b:2f:31:b6:c5:cb:27: b1:06:03:d6:24:f0:38:f0:29:a9:af:9d:9f:b7:81:f3:da:16: ae:32:1a:7b:7b:db:60:a8:39:79:9a:98:02:74:d0:57:f5:9e: 33:03:38:d5 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzG867f/oLU5mRjUz0+PpTMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGUyMjliMzdlYjYzMDY4NmIxMzI4MzM4NDcxYjUyZGE5NWQy MDQ5MTEwHhcNMjUxMjA2MTAwMTE3WhcNMjUxMjA3MTAwMTE3WjAzMTEwLwYDVQQD Eyg1M2Y1YzFhMWQzMTBmZjUzYjZmOGRmNzJiMzZiNzZmMzIzNDBiYTE0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnC9sPdoDO8tDVR5pKfuiVq8ihtOv prZFk+vztmgd7dJJ2BSYcSlqXKqLy6IMGM+id4qyjCVdn6+9m9mbZk22P2hyS4Wq BUsfBzgWj7DUJcIM0TL9IQ4Nd8a0ay2QJRD5iF+12HRQyiCo8n8lqhXonrPbZqyW /yxkIbqWqFu8H+a30dI6btl8YBG71j4EVKUqY1HsjRv0xogoHj6r6Jxx2FaUQyDf th0ReSWNyhmQv8GbNRGzXbOuSJwVugfLcQ3sNJ8Rba/TK//2vUOB8SX1aSPnP/0h ShhttP2AgyLhesvut/5TbNhkK/2/qajxdNMMRHQUyWSRA6iomgBrIpESgwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFP1waHTEP9TtvjfcrNrdvMjQLoUMB8GA1UdIwQY MBaAFOIps362MGhrEygzhHG1LaldIEkRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNGltemZyWXdhR3NUS0RPRWNiVXRxVjBnU1JFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS83NDUwMjQtOWUzNy00NzkwLTg2YWMt N2RlOGQ4YzJlOTMwLzEvNGltemZyWXdhR3NUS0RPRWNiVXRxVjBnU1JFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yOS83NDUwMjQtOWUzNy00NzkwLTg2YWMtN2RlOGQ4YzJlOTMw LzEvNGltemZyWXdhR3NUS0RPRWNiVXRxVjBnU1JFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWalphymX M7tsSmkVjel3ljM9tVwYToZCxGNx7d8wr46n9Y4Uwuo5DwPIlUKtK6Fq9HRv5vTQ Q4R1lORR300uyTfR4bsl3bDKMGxVu2ULt7B39CPf+m/zP+ztNBcDaxFH7bkFG7Vk r6vmaaDrB/f4Bir8vzyx+fWJ1FDtgO8x1rcH9q1Pk6JdyRstZ+vKTnygZSPDw0di tuLuqe76DRAOs+TXRr98Va29CpbWhSvPJXT6QHNxuaW+2i+Q99zRRhSh8zIdTrPz yh7h97aCqKyp8HIrLzG2xcsnsQYD1iTwOPApqa+dn7eB89oWrjIae3vbYKg5eZqY AnTQV/WeMwM41Q== -----END CERTIFICATE-----Generated at Sat Dec 6 13:53:55 2025 by rpki-client