This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.mft File: 4HDNq3OhLa82gGsOFgLI2vuQk7s.mft (raw, json) Hash identifier: bds2x3YjHBU6i1md7ZjFOUsZSm+aXaT8xOd573Q9fe8= Subject key identifier: DB:99:F9:97:91:D5:58:12:C1:3D:0C:7C:80:B5:0F:C3:3F:C3:8E:29 Authority key identifier: E0:70:CD:AB:73:A1:2D:AF:36:80:6B:0E:16:02:C8:DA:FB:90:93:BB Certificate issuer: /CN=e070cdab73a12daf36806b0e1602c8dafb9093bb Certificate serial: 019AF509CB68BB67C09C56F224E137A7A965 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4HDNq3OhLa82gGsOFgLI2vuQk7s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.mft Manifest number: 0CAD Signing time: Sat 06 Dec 2025 19:00:50 +0000 Manifest this update: Sat 06 Dec 2025 19:00:50 +0000 Manifest next update: Sun 07 Dec 2025 19:00:50 +0000 Files and hashes: 1: 4HDNq3OhLa82gGsOFgLI2vuQk7s.crl (hash: rb8vrE56tyo0rnxMPtFf/ujlEpKd1TeqdNWxSoHVWzw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.crl rsync://rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.mft rsync://rpki.ripe.net/repository/DEFAULT/4HDNq3OhLa82gGsOFgLI2vuQk7s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 14:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:09:cb:68:bb:67:c0:9c:56:f2:24:e1:37:a7:a9:65 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e070cdab73a12daf36806b0e1602c8dafb9093bb Validity Not Before: Dec 6 19:00:50 2025 GMT Not After : Dec 7 19:00:50 2025 GMT Subject: CN=db99f99791d55812c13d0c7c80b50fc33fc38e29 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:a4:b4:64:16:09:7b:b7:32:b5:8f:44:9f:6f: 9b:57:96:cb:65:ea:13:3e:ed:e3:e5:7f:51:d4:18: 60:e8:89:4d:2d:b9:df:e8:52:fa:01:14:5d:ee:34: 58:f1:a3:38:0b:f5:2e:8b:b9:50:3c:eb:9a:1e:33: c4:37:0a:5d:8d:4d:d2:61:5d:63:64:c1:24:3d:18: 33:33:6b:f6:a7:f7:b9:34:f8:38:82:81:8b:96:fd: 91:5e:53:67:92:cd:50:29:29:6c:e8:3c:2a:3b:5c: b8:ff:eb:c4:24:2b:5b:20:b5:52:da:ac:b8:a0:89: 3b:01:b9:b3:5d:00:59:6a:3b:5a:2d:99:1c:67:8a: 1d:c7:66:ca:ec:d5:1c:75:6c:17:01:db:ce:77:75: 0a:dc:f0:bd:e0:9e:f5:56:f8:bc:50:d1:ba:d8:62: 25:36:6b:69:a8:1c:17:40:fe:94:38:58:64:38:70: 65:80:58:9d:76:5c:1b:5e:4c:4c:32:c7:eb:45:fb: a6:cd:c6:a2:ea:6f:63:6f:ca:d4:99:65:92:6a:c0: 4b:d7:3e:10:85:1b:bd:d1:ab:ec:4e:41:f4:f4:56: 77:f5:df:5b:22:9f:f2:64:cd:07:ad:e3:08:9d:4e: 22:95:6d:23:b1:83:73:72:26:53:1f:b1:49:86:f2: a1:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DB:99:F9:97:91:D5:58:12:C1:3D:0C:7C:80:B5:0F:C3:3F:C3:8E:29 X509v3 Authority Key Identifier: keyid:E0:70:CD:AB:73:A1:2D:AF:36:80:6B:0E:16:02:C8:DA:FB:90:93:BB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4HDNq3OhLa82gGsOFgLI2vuQk7s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/8e01ca-2ccf-4912-914b-9168826cd355/1/4HDNq3OhLa82gGsOFgLI2vuQk7s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6d:9b:e2:05:7f:26:ae:76:63:e3:ee:9e:52:77:03:a3:15:fc: 2f:ee:0d:1e:a5:42:52:27:15:b7:3b:e0:dc:ed:f5:4a:69:43: 8c:83:a2:cc:2a:f3:e2:f7:23:d4:a6:45:c2:f1:60:90:4e:7c: da:79:12:5f:7e:f6:ff:95:42:92:cb:e6:72:80:1b:de:e4:3a: d8:1b:37:41:ce:82:31:f5:a6:db:70:0f:6d:55:31:f7:a7:04: 2a:8c:df:18:68:21:ef:b5:ad:41:12:81:bd:cb:1e:52:59:76: 4b:a7:a1:31:46:3e:02:da:70:86:ae:22:ef:12:00:80:42:88: a8:84:84:a0:62:10:b7:21:cc:de:e7:d7:02:5a:56:43:c9:c4: 79:0a:72:89:ef:3f:eb:90:38:96:e4:1e:c8:56:ce:60:31:ba: 99:6d:d8:08:d8:ba:2a:5c:58:99:e4:5b:36:77:aa:34:20:15: 0c:68:f3:b7:b6:12:b5:de:e4:2f:fd:a2:53:9e:6f:91:78:b7: e6:2e:31:ec:dc:76:a2:a3:1d:6e:b8:d1:3c:3d:e5:0d:09:e0: e2:81:42:52:75:3b:91:d1:2f:b7:71:fd:a4:e6:bc:12:c8:a6: 9d:56:b4:d6:09:89:b7:4c:ed:00:ec:bb:ed:45:0c:f9:86:b6: 46:f6:dc:15 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr1Cctou2fAnFbyJOE3p6llMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGUwNzBjZGFiNzNhMTJkYWYzNjgwNmIwZTE2MDJjOGRhZmI5 MDkzYmIwHhcNMjUxMjA2MTkwMDUwWhcNMjUxMjA3MTkwMDUwWjAzMTEwLwYDVQQD EyhkYjk5Zjk5NzkxZDU1ODEyYzEzZDBjN2M4MGI1MGZjMzNmYzM4ZTI5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzqS0ZBYJe7cytY9En2+bV5bLZeoT Pu3j5X9R1Bhg6IlNLbnf6FL6ARRd7jRY8aM4C/Uui7lQPOuaHjPENwpdjU3SYV1j ZMEkPRgzM2v2p/e5NPg4goGLlv2RXlNnks1QKSls6DwqO1y4/+vEJCtbILVS2qy4 oIk7AbmzXQBZajtaLZkcZ4odx2bK7NUcdWwXAdvOd3UK3PC94J71Vvi8UNG62GIl NmtpqBwXQP6UOFhkOHBlgFiddlwbXkxMMsfrRfumzcai6m9jb8rUmWWSasBL1z4Q hRu90avsTkH09FZ39d9bIp/yZM0HreMInU4ilW0jsYNzciZTH7FJhvKhaQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNuZ+ZeR1VgSwT0MfIC1D8M/w44pMB8GA1UdIwQY MBaAFOBwzatzoS2vNoBrDhYCyNr7kJO7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNEhETnEzT2hMYTgyZ0dzT0ZnTEkydnVRazdzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84ZTAxY2EtMmNjZi00OTEyLTkxNGIt OTE2ODgyNmNkMzU1LzEvNEhETnEzT2hMYTgyZ0dzT0ZnTEkydnVRazdzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYS84ZTAxY2EtMmNjZi00OTEyLTkxNGItOTE2ODgyNmNkMzU1 LzEvNEhETnEzT2hMYTgyZ0dzT0ZnTEkydnVRazdzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbZviBX8m rnZj4+6eUncDoxX8L+4NHqVCUicVtzvg3O31SmlDjIOizCrz4vcj1KZFwvFgkE58 2nkSX372/5VCksvmcoAb3uQ62Bs3Qc6CMfWm23APbVUx96cEKozfGGgh77WtQRKB vcseUll2S6ehMUY+Atpwhq4i7xIAgEKIqISEoGIQtyHM3ufXAlpWQ8nEeQpyie8/ 65A4luQeyFbOYDG6mW3YCNi6KlxYmeRbNneqNCAVDGjzt7YStd7kL/2iU55vkXi3 5i4x7Nx2oqMdbrjRPD3lDQng4oFCUnU7kdEvt3H9pOa8EsimnVa01gmJt0ztAOy7 7UUM+Ya2RvbcFQ== -----END CERTIFICATE-----Generated at Sat Dec 6 23:16:40 2025 by rpki-client