This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/e85418-64b3-444b-913a-63c2ba4c996c/1/t4Xsc9wYH5k1ZZ9YrtIIUyosKmo.mft File: t4Xsc9wYH5k1ZZ9YrtIIUyosKmo.mft (raw, json) Hash identifier: xxdnMeVgl+h+rIcK8QQkqSJejB5vffeSXPVxA8uiaWI= Subject key identifier: 7D:6D:C0:38:8E:C8:BA:A6:B5:9A:01:45:03:C7:A5:44:93:FC:F2:FD Authority key identifier: B7:85:EC:73:DC:18:1F:99:35:65:9F:58:AE:D2:08:53:2A:2C:2A:6A Certificate issuer: /CN=b785ec73dc181f9935659f58aed208532a2c2a6a Certificate serial: 019AF12E52882F527AA3D8F7573630FE67AD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t4Xsc9wYH5k1ZZ9YrtIIUyosKmo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/e85418-64b3-444b-913a-63c2ba4c996c/1/t4Xsc9wYH5k1ZZ9YrtIIUyosKmo.mft Manifest number: 02ED Signing time: Sat 06 Dec 2025 01:02:15 +0000 Manifest this update: Sat 06 Dec 2025 01:02:15 +0000 Manifest next update: Sun 07 Dec 2025 01:02:15 +0000 Files and hashes: 1: t4Xsc9wYH5k1ZZ9YrtIIUyosKmo.crl (hash: JJ1PlKgN/OnBnnd15GYr3jatnyP6tMn2plsGj1ykMiU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/e85418-64b3-444b-913a-63c2ba4c996c/1/t4Xsc9wYH5k1ZZ9YrtIIUyosKmo.crl rsync://rpki.ripe.net/repository/DEFAULT/47/e85418-64b3-444b-913a-63c2ba4c996c/1/t4Xsc9wYH5k1ZZ9YrtIIUyosKmo.mft rsync://rpki.ripe.net/repository/DEFAULT/t4Xsc9wYH5k1ZZ9YrtIIUyosKmo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:02:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2e:52:88:2f:52:7a:a3:d8:f7:57:36:30:fe:67:ad Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b785ec73dc181f9935659f58aed208532a2c2a6a Validity Not Before: Dec 6 01:02:15 2025 GMT Not After : Dec 7 01:02:15 2025 GMT Subject: CN=7d6dc0388ec8baa6b59a014503c7a54493fcf2fd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:bb:30:78:db:9e:74:41:8e:9d:ee:f5:bc:70: 7d:48:dd:96:aa:7f:e8:eb:f9:6d:07:04:99:8a:b3: 51:d8:01:0e:ac:26:a9:f7:0a:5a:cb:51:17:70:60: 0a:3c:eb:de:fe:40:54:64:24:44:d1:f1:49:7c:ab: 66:eb:eb:2e:e6:d8:f1:f0:5e:2d:11:e2:81:c2:d6: 5d:e5:e2:ac:0c:61:d4:84:7a:68:5a:80:6c:3b:18: 6f:f6:a0:96:de:bc:d2:3f:a2:08:dc:cd:80:b3:18: d6:c2:e7:5a:86:c1:d9:b2:03:f7:76:10:bf:52:a5: cd:4b:f0:85:01:f9:b0:9d:f9:1b:4e:35:08:95:68: 45:ee:a7:c7:41:76:42:62:3b:4e:ce:66:76:b6:ae: 6d:f5:13:92:d4:dc:2c:7e:10:a5:93:d0:18:70:35: 6e:f4:a9:01:88:55:64:d4:78:2f:a4:65:ab:8e:5a: 39:60:ce:e4:27:81:f6:d4:cd:29:5a:59:e7:e0:c0: 29:a5:9b:cb:40:72:be:09:d8:3e:f1:9e:af:07:5e: 5d:94:53:79:44:e7:59:f4:72:d5:82:11:bc:e0:0c: 23:60:d1:68:50:ab:78:9a:c3:ee:59:21:7b:3c:78: 6e:b6:13:87:22:ba:3b:8a:55:bb:d4:08:4a:aa:c7: 75:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7D:6D:C0:38:8E:C8:BA:A6:B5:9A:01:45:03:C7:A5:44:93:FC:F2:FD X509v3 Authority Key Identifier: keyid:B7:85:EC:73:DC:18:1F:99:35:65:9F:58:AE:D2:08:53:2A:2C:2A:6A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t4Xsc9wYH5k1ZZ9YrtIIUyosKmo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/e85418-64b3-444b-913a-63c2ba4c996c/1/t4Xsc9wYH5k1ZZ9YrtIIUyosKmo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/47/e85418-64b3-444b-913a-63c2ba4c996c/1/t4Xsc9wYH5k1ZZ9YrtIIUyosKmo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 05:b1:8c:30:73:1c:e4:b5:72:d1:e1:fb:fd:74:f9:20:29:e1: 9b:0d:53:0c:f6:e8:83:77:81:69:3f:69:1f:8b:73:cb:81:f9: 4a:4e:b8:cb:64:9e:f0:c6:51:0a:3b:bd:fd:a9:aa:8e:f4:14: c2:b8:0f:fb:7b:71:99:e4:7c:85:63:e1:c1:d3:e4:a6:63:29: 2d:d7:96:66:49:a4:33:fb:48:c7:51:61:22:d2:c3:d1:c9:b9: d4:57:d7:8e:ac:2a:e5:bd:69:75:a5:0e:4e:bf:19:22:3c:43: 0a:d4:94:60:70:22:f0:30:52:34:cd:ff:16:fe:26:3e:72:f6: 36:66:b3:ee:cf:17:38:47:0c:c9:bf:35:e7:70:dd:8b:35:8a: 90:07:93:29:f1:54:c6:4d:ac:96:8b:3b:66:48:dc:96:d6:e1: 2b:8b:d5:00:99:11:9b:35:f4:08:87:89:f2:6a:a0:f9:fc:13: 17:77:60:3b:e1:6c:fd:60:98:df:e2:18:a4:a0:ff:fa:70:6f: d6:20:44:c8:01:58:c0:de:d6:31:59:fd:26:5f:cf:e6:e3:09: 05:a7:d4:ea:9a:75:4c:70:58:4b:24:ef:05:fc:e2:d2:63:4d: 5a:0c:65:33:12:24:00:57:5b:6c:10:b3:e7:49:10:7b:89:5c: 60:ff:db:9b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLlKIL1J6o9j3VzYw/metMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI3ODVlYzczZGMxODFmOTkzNTY1OWY1OGFlZDIwODUzMmEy YzJhNmEwHhcNMjUxMjA2MDEwMjE1WhcNMjUxMjA3MDEwMjE1WjAzMTEwLwYDVQQD Eyg3ZDZkYzAzODhlYzhiYWE2YjU5YTAxNDUwM2M3YTU0NDkzZmNmMmZkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs7sweNuedEGOne71vHB9SN2Wqn/o 6/ltBwSZirNR2AEOrCap9wpay1EXcGAKPOve/kBUZCRE0fFJfKtm6+su5tjx8F4t EeKBwtZd5eKsDGHUhHpoWoBsOxhv9qCW3rzSP6II3M2AsxjWwudahsHZsgP3dhC/ UqXNS/CFAfmwnfkbTjUIlWhF7qfHQXZCYjtOzmZ2tq5t9ROS1NwsfhClk9AYcDVu 9KkBiFVk1HgvpGWrjlo5YM7kJ4H21M0pWlnn4MAppZvLQHK+Cdg+8Z6vB15dlFN5 ROdZ9HLVghG84AwjYNFoUKt4msPuWSF7PHhuthOHIro7ilW71AhKqsd1qQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFH1twDiOyLqmtZoBRQPHpUST/PL9MB8GA1UdIwQY MBaAFLeF7HPcGB+ZNWWfWK7SCFMqLCpqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdDRYc2M5d1lINWsxWlo5WXJ0SUlVeW9zS21vLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9lODU0MTgtNjRiMy00NDRiLTkxM2Et NjNjMmJhNGM5OTZjLzEvdDRYc2M5d1lINWsxWlo5WXJ0SUlVeW9zS21vLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Ny9lODU0MTgtNjRiMy00NDRiLTkxM2EtNjNjMmJhNGM5OTZj LzEvdDRYc2M5d1lINWsxWlo5WXJ0SUlVeW9zS21vLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABbGMMHMc 5LVy0eH7/XT5ICnhmw1TDPbog3eBaT9pH4tzy4H5Sk64y2Se8MZRCju9/amqjvQU wrgP+3txmeR8hWPhwdPkpmMpLdeWZkmkM/tIx1FhItLD0cm51FfXjqwq5b1pdaUO Tr8ZIjxDCtSUYHAi8DBSNM3/Fv4mPnL2Nmaz7s8XOEcMyb8153DdizWKkAeTKfFU xk2slos7ZkjcltbhK4vVAJkRmzX0CIeJ8mqg+fwTF3dgO+Fs/WCY3+IYpKD/+nBv 1iBEyAFYwN7WMVn9Jl/P5uMJBafU6pp1THBYSyTvBfzi0mNNWgxlMxIkAFdbbBCz 50kQe4lcYP/bmw== -----END CERTIFICATE-----Generated at Sat Dec 6 07:26:32 2025 by rpki-client