This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/95746e-be52-42ee-9cc8-c3edb4d8f71e/1/4KM3CoQbiT57aPhqOTNjWC4QVkg.mft File: 4KM3CoQbiT57aPhqOTNjWC4QVkg.mft (raw, json) Hash identifier: rZbn/dXvaPTO13p8Jb5c4c6lT2r+F/ise2FutIKPMns= Subject key identifier: A4:2A:49:60:45:CC:3E:EA:B7:BF:27:54:9F:CA:CC:BF:B8:F2:59:DF Authority key identifier: E0:A3:37:0A:84:1B:89:3E:7B:68:F8:6A:39:33:63:58:2E:10:56:48 Certificate issuer: /CN=e0a3370a841b893e7b68f86a393363582e105648 Certificate serial: 019AF19B75224039C7EFD8E6CB82200B698B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4KM3CoQbiT57aPhqOTNjWC4QVkg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/95746e-be52-42ee-9cc8-c3edb4d8f71e/1/4KM3CoQbiT57aPhqOTNjWC4QVkg.mft Manifest number: 0C3B Signing time: Sat 06 Dec 2025 03:01:28 +0000 Manifest this update: Sat 06 Dec 2025 03:01:28 +0000 Manifest next update: Sun 07 Dec 2025 03:01:28 +0000 Files and hashes: 1: 4KM3CoQbiT57aPhqOTNjWC4QVkg.crl (hash: 31ULyp7cKsWf3B0MILJkBJ9db3X8fUeAfEBI3dgJKIA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/95746e-be52-42ee-9cc8-c3edb4d8f71e/1/4KM3CoQbiT57aPhqOTNjWC4QVkg.crl rsync://rpki.ripe.net/repository/DEFAULT/40/95746e-be52-42ee-9cc8-c3edb4d8f71e/1/4KM3CoQbiT57aPhqOTNjWC4QVkg.mft rsync://rpki.ripe.net/repository/DEFAULT/4KM3CoQbiT57aPhqOTNjWC4QVkg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:9b:75:22:40:39:c7:ef:d8:e6:cb:82:20:0b:69:8b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e0a3370a841b893e7b68f86a393363582e105648 Validity Not Before: Dec 6 03:01:28 2025 GMT Not After : Dec 7 03:01:28 2025 GMT Subject: CN=a42a496045cc3eeab7bf27549fcaccbfb8f259df Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:7d:1b:df:65:14:a2:51:01:b7:84:ce:14:3f: 90:dc:5e:a2:19:d2:7e:90:93:36:7f:44:b5:77:63: bc:9e:58:f2:95:2f:a7:99:d9:89:51:c7:61:b1:4e: 81:e7:6c:06:7d:ac:4c:0f:40:9b:5f:77:0d:04:60: ec:93:0c:95:48:79:e7:cb:10:0b:b3:d3:ed:f6:68: e5:81:4c:46:eb:82:db:c5:b7:12:bc:b7:ed:96:c9: bf:6b:98:7a:91:f4:b1:31:46:68:3f:35:64:0f:82: 50:ea:1c:82:10:44:d9:21:1c:c1:df:a3:4d:39:68: 47:5d:ca:9e:12:24:10:73:05:ad:56:5b:73:ce:b0: e2:e0:db:72:36:41:43:12:01:50:bf:a4:e2:75:a3: 6f:93:fd:24:f6:61:53:3a:01:ff:85:1e:5a:39:de: a9:b5:fa:d1:4d:23:7e:de:3d:fa:b7:4b:46:54:40: 87:79:e0:41:5e:88:ef:ee:ee:19:87:62:32:44:a0: 39:8d:2a:36:9b:4c:99:72:14:af:f1:ab:f8:21:07: d5:fd:66:e9:e3:ae:7d:eb:d6:01:a6:87:24:27:c0: d6:03:b8:83:5b:c4:6f:b6:31:82:6b:99:d6:f8:64: 60:15:16:80:47:e7:87:a6:5d:11:f1:c9:17:84:74: 0b:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A4:2A:49:60:45:CC:3E:EA:B7:BF:27:54:9F:CA:CC:BF:B8:F2:59:DF X509v3 Authority Key Identifier: keyid:E0:A3:37:0A:84:1B:89:3E:7B:68:F8:6A:39:33:63:58:2E:10:56:48 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4KM3CoQbiT57aPhqOTNjWC4QVkg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/95746e-be52-42ee-9cc8-c3edb4d8f71e/1/4KM3CoQbiT57aPhqOTNjWC4QVkg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/40/95746e-be52-42ee-9cc8-c3edb4d8f71e/1/4KM3CoQbiT57aPhqOTNjWC4QVkg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 64:48:b5:f6:8c:19:af:62:61:da:eb:61:54:b2:72:22:7b:17: 82:95:a0:89:ad:e3:80:b0:32:40:af:7f:81:d9:16:be:2d:a3: 3a:fe:4d:88:61:44:5e:5a:71:6c:ff:65:95:cd:55:2d:00:28: 7a:a1:57:e9:82:40:a1:7d:a4:c3:83:fd:c2:ad:1c:d0:4c:20: b3:5c:6f:0e:1a:45:e1:a4:1c:3c:5f:7f:46:22:17:a5:ae:c6: d7:ee:32:ff:ff:06:65:c5:e1:d4:1d:ac:94:2b:fc:a3:39:85: 7d:31:19:1c:1a:39:7f:73:95:00:d7:e9:cb:86:aa:3d:c7:e2: ad:5f:68:41:14:69:3a:1e:7f:90:67:2e:f4:62:44:c0:9e:5a: cb:17:e7:42:2e:7d:52:57:8d:15:94:8b:32:ee:10:15:a0:81: aa:41:8d:34:37:42:a6:98:3d:b4:8f:77:c4:ef:f0:ca:6d:fd: 1e:36:d9:20:0d:cb:63:6f:aa:e8:e1:bf:3d:37:3f:0d:a8:cf: 4e:e5:fa:40:7f:5f:03:02:21:e1:57:15:44:45:4a:e7:90:fc: 29:0c:85:07:d8:c8:94:ec:80:21:6a:a0:86:b6:9e:4a:95:b3: 3f:21:84:9e:68:98:27:5b:74:db:1b:b5:ba:59:35:96:98:ed: 28:49:e2:68 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxm3UiQDnH79jmy4IgC2mLMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGUwYTMzNzBhODQxYjg5M2U3YjY4Zjg2YTM5MzM2MzU4MmUx MDU2NDgwHhcNMjUxMjA2MDMwMTI4WhcNMjUxMjA3MDMwMTI4WjAzMTEwLwYDVQQD EyhhNDJhNDk2MDQ1Y2MzZWVhYjdiZjI3NTQ5ZmNhY2NiZmI4ZjI1OWRmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArH0b32UUolEBt4TOFD+Q3F6iGdJ+ kJM2f0S1d2O8nljylS+nmdmJUcdhsU6B52wGfaxMD0CbX3cNBGDskwyVSHnnyxAL s9Pt9mjlgUxG64LbxbcSvLftlsm/a5h6kfSxMUZoPzVkD4JQ6hyCEETZIRzB36NN OWhHXcqeEiQQcwWtVltzzrDi4NtyNkFDEgFQv6TidaNvk/0k9mFTOgH/hR5aOd6p tfrRTSN+3j36t0tGVECHeeBBXojv7u4Zh2IyRKA5jSo2m0yZchSv8av4IQfV/Wbp 465969YBpockJ8DWA7iDW8RvtjGCa5nW+GRgFRaAR+eHpl0R8ckXhHQLiQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKQqSWBFzD7qt78nVJ/KzL+48lnfMB8GA1UdIwQY MBaAFOCjNwqEG4k+e2j4ajkzY1guEFZIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNEtNM0NvUWJpVDU3YVBocU9UTmpXQzRRVmtnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC85NTc0NmUtYmU1Mi00MmVlLTljYzgt YzNlZGI0ZDhmNzFlLzEvNEtNM0NvUWJpVDU3YVBocU9UTmpXQzRRVmtnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80MC85NTc0NmUtYmU1Mi00MmVlLTljYzgtYzNlZGI0ZDhmNzFl LzEvNEtNM0NvUWJpVDU3YVBocU9UTmpXQzRRVmtnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZEi19owZ r2Jh2uthVLJyInsXgpWgia3jgLAyQK9/gdkWvi2jOv5NiGFEXlpxbP9llc1VLQAo eqFX6YJAoX2kw4P9wq0c0Ewgs1xvDhpF4aQcPF9/RiIXpa7G1+4y//8GZcXh1B2s lCv8ozmFfTEZHBo5f3OVANfpy4aqPcfirV9oQRRpOh5/kGcu9GJEwJ5ayxfnQi59 UleNFZSLMu4QFaCBqkGNNDdCppg9tI93xO/wym39HjbZIA3LY2+q6OG/PTc/DajP TuX6QH9fAwIh4VcVREVK55D8KQyFB9jIlOyAIWqghraeSpWzPyGEnmiYJ1t02xu1 ulk1lpjtKEniaA== -----END CERTIFICATE-----Generated at Sat Dec 6 08:22:58 2025 by rpki-client