This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/d520c4-deb4-438b-93bf-768f3d6ee19e/1/4Genud52frl9tk5RZHhJRjO9VOo.mft File: 4Genud52frl9tk5RZHhJRjO9VOo.mft (raw, json) Hash identifier: 0thpfYLpplnXO69JrKZ4e2xsfhYj4oPDdvn6bzI2jcU= Subject key identifier: 2B:36:54:D6:01:CD:FE:82:AA:2A:EF:E0:8E:A9:3F:E7:32:06:1D:45 Authority key identifier: E0:67:A7:B9:DE:76:7E:B9:7D:B6:4E:51:64:78:49:46:33:BD:54:EA Certificate issuer: /CN=e067a7b9de767eb97db64e516478494633bd54ea Certificate serial: 019AF08802F3DBA8CE75A95CFDE9BA24A361 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4Genud52frl9tk5RZHhJRjO9VOo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/d520c4-deb4-438b-93bf-768f3d6ee19e/1/4Genud52frl9tk5RZHhJRjO9VOo.mft Manifest number: 0D61 Signing time: Fri 05 Dec 2025 22:00:36 +0000 Manifest this update: Fri 05 Dec 2025 22:00:36 +0000 Manifest next update: Sat 06 Dec 2025 22:00:36 +0000 Files and hashes: 1: 4Genud52frl9tk5RZHhJRjO9VOo.crl (hash: gSg0K5V1rmoFAfGI36uqBNGQALi0yh21w8DeS1GSyIg=) 2: DQo4EErqs46yA4QIpyLHGlOprVU.roa (hash: jpEUtUNk7NIqvU0XQCmCZgYXNkApAZ2zVdQgWdhDGWc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/d520c4-deb4-438b-93bf-768f3d6ee19e/1/4Genud52frl9tk5RZHhJRjO9VOo.crl rsync://rpki.ripe.net/repository/DEFAULT/2f/d520c4-deb4-438b-93bf-768f3d6ee19e/1/4Genud52frl9tk5RZHhJRjO9VOo.mft rsync://rpki.ripe.net/repository/DEFAULT/4Genud52frl9tk5RZHhJRjO9VOo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 22:00:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f0:88:02:f3:db:a8:ce:75:a9:5c:fd:e9:ba:24:a3:61 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e067a7b9de767eb97db64e516478494633bd54ea Validity Not Before: Dec 5 22:00:36 2025 GMT Not After : Dec 6 22:00:36 2025 GMT Subject: CN=2b3654d601cdfe82aa2aefe08ea93fe732061d45 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:2d:d6:4b:40:c0:f1:e3:bf:30:b0:28:ed:10: 8c:3d:3e:81:d2:b7:46:b8:a6:02:5b:de:be:da:e2: c7:69:d5:af:05:e3:03:ed:8e:a0:d5:b5:3c:d5:1b: 74:f1:29:1c:d3:25:68:c0:24:95:c7:9b:83:e6:75: 19:34:ba:e2:7e:6f:73:20:e9:5c:72:58:e4:83:53: 7e:58:77:31:a0:4f:13:ba:97:97:fe:d5:b7:f5:90: 57:00:37:c2:49:5c:f2:46:73:4a:d2:8f:fa:13:19: 50:03:e3:0e:e2:7e:66:09:7a:eb:81:9f:f0:4e:83: 3a:d7:51:94:52:b9:40:df:cc:b2:e8:bc:d4:26:af: 05:fe:9b:99:73:35:4f:8c:79:20:c9:e5:c3:3a:15: 6f:6b:f5:47:b4:20:d1:e0:35:b6:29:73:6b:04:79: 38:23:cd:06:fa:8d:6d:61:cb:05:a1:bb:57:68:a1: 28:74:7c:29:47:36:0a:51:4b:46:88:fc:a2:51:a5: c2:55:a7:7b:6e:c8:74:48:7a:41:ed:3b:09:1c:76: b7:2f:52:15:f5:f9:6f:09:f2:76:c6:5d:73:ee:5f: 81:a6:9d:80:e5:58:f7:45:f3:d3:fe:3d:de:94:f5: 8c:5c:06:06:62:62:ae:e4:0d:a0:01:83:be:ae:65: 02:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:36:54:D6:01:CD:FE:82:AA:2A:EF:E0:8E:A9:3F:E7:32:06:1D:45 X509v3 Authority Key Identifier: keyid:E0:67:A7:B9:DE:76:7E:B9:7D:B6:4E:51:64:78:49:46:33:BD:54:EA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4Genud52frl9tk5RZHhJRjO9VOo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/d520c4-deb4-438b-93bf-768f3d6ee19e/1/4Genud52frl9tk5RZHhJRjO9VOo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/d520c4-deb4-438b-93bf-768f3d6ee19e/1/4Genud52frl9tk5RZHhJRjO9VOo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 77:58:44:5f:48:ae:cd:2e:18:50:ed:13:4f:08:ac:8f:d2:75: 29:af:0c:7c:15:4a:20:b3:b5:dc:2e:10:fe:4f:5d:ca:ba:de: ce:fb:5a:76:3c:45:da:2d:ea:89:42:98:b3:ec:f7:8c:75:07: f0:fd:64:72:07:41:12:97:b5:d7:60:24:39:ce:b7:da:3c:bd: d5:94:99:91:85:7d:c3:3a:39:ab:dc:79:07:98:a2:97:00:d5: 0d:9a:c3:e5:9b:40:a3:85:62:ee:20:a3:37:d1:44:31:93:5a: 13:2d:f1:b3:f9:2d:de:db:c7:54:4a:f3:93:4a:a0:6c:57:4f: d9:fe:b6:f2:ce:3f:19:e4:8a:b4:da:cb:f0:0e:67:3e:90:d4: aa:10:06:98:64:3a:a9:99:35:6d:94:cd:4d:a2:56:93:45:c5: 6c:e4:e1:49:d1:b2:7b:2a:74:e4:9f:5d:d9:29:f3:1b:13:84: 45:07:dd:87:f5:93:12:cb:0a:15:67:b3:82:3e:f5:6f:67:0f: 54:5e:60:bf:94:ff:07:16:7d:28:d4:0e:f5:51:16:aa:4b:55: a6:05:81:68:69:48:bf:fa:57:1c:85:a0:ef:dd:ab:f2:69:a9: e0:20:4a:af:9b:39:1c:2b:b7:9d:ec:2c:aa:9f:61:d9:2c:37: f1:b3:6b:b9 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrwiALz26jOdalc/em6JKNhMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGUwNjdhN2I5ZGU3NjdlYjk3ZGI2NGU1MTY0Nzg0OTQ2MzNi ZDU0ZWEwHhcNMjUxMjA1MjIwMDM2WhcNMjUxMjA2MjIwMDM2WjAzMTEwLwYDVQQD EygyYjM2NTRkNjAxY2RmZTgyYWEyYWVmZTA4ZWE5M2ZlNzMyMDYxZDQ1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmi3WS0DA8eO/MLAo7RCMPT6B0rdG uKYCW96+2uLHadWvBeMD7Y6g1bU81Rt08Skc0yVowCSVx5uD5nUZNLrifm9zIOlc cljkg1N+WHcxoE8TupeX/tW39ZBXADfCSVzyRnNK0o/6ExlQA+MO4n5mCXrrgZ/w ToM611GUUrlA38yy6LzUJq8F/puZczVPjHkgyeXDOhVva/VHtCDR4DW2KXNrBHk4 I80G+o1tYcsFobtXaKEodHwpRzYKUUtGiPyiUaXCVad7bsh0SHpB7TsJHHa3L1IV 9flvCfJ2xl1z7l+Bpp2A5Vj3RfPT/j3elPWMXAYGYmKu5A2gAYO+rmUC7wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCs2VNYBzf6Cqirv4I6pP+cyBh1FMB8GA1UdIwQY MBaAFOBnp7nedn65fbZOUWR4SUYzvVTqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNEdlbnVkNTJmcmw5dGs1UlpIaEpSak85Vk9vLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9kNTIwYzQtZGViNC00MzhiLTkzYmYt NzY4ZjNkNmVlMTllLzEvNEdlbnVkNTJmcmw5dGs1UlpIaEpSak85Vk9vLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yZi9kNTIwYzQtZGViNC00MzhiLTkzYmYtNzY4ZjNkNmVlMTll LzEvNEdlbnVkNTJmcmw5dGs1UlpIaEpSak85Vk9vLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAd1hEX0iu zS4YUO0TTwisj9J1Ka8MfBVKILO13C4Q/k9dyrrezvtadjxF2i3qiUKYs+z3jHUH 8P1kcgdBEpe112AkOc632jy91ZSZkYV9wzo5q9x5B5iilwDVDZrD5ZtAo4Vi7iCj N9FEMZNaEy3xs/kt3tvHVErzk0qgbFdP2f628s4/GeSKtNrL8A5nPpDUqhAGmGQ6 qZk1bZTNTaJWk0XFbOThSdGyeyp05J9d2SnzGxOERQfdh/WTEssKFWezgj71b2cP VF5gv5T/BxZ9KNQO9VEWqktVpgWBaGlIv/pXHIWg792r8mmp4CBKr5s5HCu3news qp9h2Sw38bNruQ== -----END CERTIFICATE-----Generated at Sat Dec 6 07:45:58 2025 by rpki-client