This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.mft File: 4BpLB7xMpvoFciL96uhg9kRAR-A.mft (raw, json) Hash identifier: c2cX3QDUVbH6fQMaxInByq+cUy7D6i7an9DLLXLRoIU= Subject key identifier: A8:91:14:D6:F3:32:E9:FB:01:3D:08:3E:52:36:24:D5:B5:2D:32:84 Authority key identifier: E0:1A:4B:07:BC:4C:A6:FA:05:72:22:FD:EA:E8:60:F6:44:40:47:E0 Certificate issuer: /CN=e01a4b07bc4ca6fa057222fdeae860f6444047e0 Certificate serial: 019AF2ADDED621591BC5DD830FD49B3386F6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4BpLB7xMpvoFciL96uhg9kRAR-A.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.mft Manifest number: 0533 Signing time: Sat 06 Dec 2025 08:01:12 +0000 Manifest this update: Sat 06 Dec 2025 08:01:12 +0000 Manifest next update: Sun 07 Dec 2025 08:01:12 +0000 Files and hashes: 1: 4BpLB7xMpvoFciL96uhg9kRAR-A.crl (hash: PowbrlxGdDtBN8AWbZJLQqhJCKVBdc1MaIsQkl1dK80=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.crl rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.mft rsync://rpki.ripe.net/repository/DEFAULT/4BpLB7xMpvoFciL96uhg9kRAR-A.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:ad:de:d6:21:59:1b:c5:dd:83:0f:d4:9b:33:86:f6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e01a4b07bc4ca6fa057222fdeae860f6444047e0 Validity Not Before: Dec 6 08:01:12 2025 GMT Not After : Dec 7 08:01:12 2025 GMT Subject: CN=a89114d6f332e9fb013d083e523624d5b52d3284 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:74:ed:b4:63:16:98:db:2a:66:22:5d:ac:da: eb:e9:ee:26:fb:04:1c:cb:2b:0c:d5:1c:b4:ca:64: 1f:9a:2a:bc:c1:bd:6e:90:bf:8b:12:6c:4b:4b:a2: 1f:d2:08:be:40:cd:91:5f:e6:1b:d7:18:6f:39:ca: e0:2c:78:8b:23:c6:e6:12:20:db:b7:5d:06:16:5b: 23:6d:ab:04:c8:d6:24:12:95:05:a0:e5:7b:ef:51: 89:d9:a3:bf:b2:61:2d:d4:20:32:03:00:b1:f2:db: 0d:a3:0c:09:9b:0a:ac:7f:ec:54:af:f3:82:12:39: 53:62:b9:32:53:8d:43:02:31:b5:94:e1:ed:1a:96: 6f:ac:22:04:f9:e8:38:3a:59:7b:73:f8:fc:8e:db: 0f:f5:e7:94:63:cb:2d:3e:06:95:93:14:0b:20:2f: 7c:d3:cf:b2:3c:a2:0e:9e:15:f4:98:ab:c5:f9:6e: 43:48:bd:69:0c:ed:39:9c:aa:a5:3b:ba:3a:e5:ef: a2:be:a8:cc:1a:ad:22:ad:ef:12:60:bd:81:99:2b: 40:0c:83:29:9d:a6:23:42:45:07:d9:8a:09:1a:49: da:90:47:5a:63:ab:46:fc:40:da:c8:a9:17:3b:24: 75:e7:ac:98:f4:0c:3e:7b:38:88:b1:e5:01:0a:44: 76:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A8:91:14:D6:F3:32:E9:FB:01:3D:08:3E:52:36:24:D5:B5:2D:32:84 X509v3 Authority Key Identifier: keyid:E0:1A:4B:07:BC:4C:A6:FA:05:72:22:FD:EA:E8:60:F6:44:40:47:E0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4BpLB7xMpvoFciL96uhg9kRAR-A.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 82:ba:2d:5c:2d:0e:ad:98:59:be:f6:6f:16:a8:2b:b6:a8:49: f0:b8:6f:3f:ba:75:70:64:db:49:d5:22:d1:e2:da:cd:d6:27: 4a:40:f9:eb:93:3b:51:4d:d6:13:76:a8:1e:de:d1:9c:d8:9a: ae:15:d5:d2:ab:c2:31:0d:a2:c1:0c:4a:36:4e:a3:35:60:ee: 3d:d9:0e:05:25:85:b4:7d:96:21:a4:23:fb:84:da:8a:15:72: 6d:a6:20:8e:61:1d:df:ec:17:b8:ba:56:8d:e5:33:f0:c1:ef: 7e:00:bc:6d:10:f9:3d:cc:b4:65:50:dd:94:77:22:b2:2f:b8: e6:7b:61:40:72:be:6e:58:02:a5:55:1d:d2:b7:83:00:cf:78: af:2e:3b:b6:36:fa:1a:61:76:77:20:23:66:c1:b4:81:1a:8e: 1d:9a:62:4e:d4:68:a0:77:29:79:32:52:a0:41:5a:55:95:a4: 9d:dd:da:45:59:ad:69:59:67:01:f7:21:19:09:1b:d9:13:0e: 81:68:34:02:97:51:e0:b8:25:7c:fb:3a:67:62:25:cb:39:71: 38:1a:64:54:08:92:63:4a:8a:e7:c7:1b:c9:f3:0a:4e:bb:56: 55:1c:ca:98:bd:5a:ea:af:45:fc:0b:a8:ce:b2:94:f2:88:26: 95:71:a0:85 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryrd7WIVkbxd2DD9SbM4b2MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGUwMWE0YjA3YmM0Y2E2ZmEwNTcyMjJmZGVhZTg2MGY2NDQ0 MDQ3ZTAwHhcNMjUxMjA2MDgwMTEyWhcNMjUxMjA3MDgwMTEyWjAzMTEwLwYDVQQD EyhhODkxMTRkNmYzMzJlOWZiMDEzZDA4M2U1MjM2MjRkNWI1MmQzMjg0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0HTttGMWmNsqZiJdrNrr6e4m+wQc yysM1Ry0ymQfmiq8wb1ukL+LEmxLS6If0gi+QM2RX+Yb1xhvOcrgLHiLI8bmEiDb t10GFlsjbasEyNYkEpUFoOV771GJ2aO/smEt1CAyAwCx8tsNowwJmwqsf+xUr/OC EjlTYrkyU41DAjG1lOHtGpZvrCIE+eg4Oll7c/j8jtsP9eeUY8stPgaVkxQLIC98 08+yPKIOnhX0mKvF+W5DSL1pDO05nKqlO7o65e+ivqjMGq0ire8SYL2BmStADIMp naYjQkUH2YoJGknakEdaY6tG/EDayKkXOyR156yY9Aw+eziIseUBCkR2JQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKiRFNbzMun7AT0IPlI2JNW1LTKEMB8GA1UdIwQY MBaAFOAaSwe8TKb6BXIi/eroYPZEQEfgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNEJwTEI3eE1wdm9GY2lMOTZ1aGc5a1JBUi1BLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My85NDRjOGYtZjBmOC00YzcxLTllZGUt N2EzYzUzMmQzYTU1LzEvNEJwTEI3eE1wdm9GY2lMOTZ1aGc5a1JBUi1BLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80My85NDRjOGYtZjBmOC00YzcxLTllZGUtN2EzYzUzMmQzYTU1 LzEvNEJwTEI3eE1wdm9GY2lMOTZ1aGc5a1JBUi1BLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgrotXC0O rZhZvvZvFqgrtqhJ8LhvP7p1cGTbSdUi0eLazdYnSkD565M7UU3WE3aoHt7RnNia rhXV0qvCMQ2iwQxKNk6jNWDuPdkOBSWFtH2WIaQj+4TaihVybaYgjmEd3+wXuLpW jeUz8MHvfgC8bRD5Pcy0ZVDdlHcisi+45nthQHK+blgCpVUd0reDAM94ry47tjb6 GmF2dyAjZsG0gRqOHZpiTtRooHcpeTJSoEFaVZWknd3aRVmtaVlnAfchGQkb2RMO gWg0ApdR4LglfPs6Z2IlyzlxOBpkVAiSY0qK58cbyfMKTrtWVRzKmL1a6q9F/Auo zrKU8ogmlXGghQ== -----END CERTIFICATE-----Generated at Sat Dec 6 14:53:19 2025 by rpki-client