This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.mft File: 4xubYpkE1DhFESeFW1L4guvhYqo.mft (raw, json) Hash identifier: Htap8sdMH457nL+LLpvbOW6vF6mffiSrfAPXi7hPDzw= Subject key identifier: A9:39:B1:CA:3F:C5:46:48:1A:02:B0:04:A8:14:9B:8B:17:52:6C:19 Authority key identifier: E3:1B:9B:62:99:04:D4:38:45:11:27:85:5B:52:F8:82:EB:E1:62:AA Certificate issuer: /CN=e31b9b629904d438451127855b52f882ebe162aa Certificate serial: 019B3BD902990B278847298FDC4BFFF3E938 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4xubYpkE1DhFESeFW1L4guvhYqo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.mft Manifest number: 10B9 Signing time: Sat 20 Dec 2025 13:00:35 +0000 Manifest this update: Sat 20 Dec 2025 13:00:35 +0000 Manifest next update: Sun 21 Dec 2025 13:00:35 +0000 Files and hashes: 1: 4xubYpkE1DhFESeFW1L4guvhYqo.crl (hash: J9Zajt7gg61aJb2s5rlEnylgqfu5P/dnzRuBOazo/U4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.crl rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.mft rsync://rpki.ripe.net/repository/DEFAULT/4xubYpkE1DhFESeFW1L4guvhYqo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 13:00:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3b:d9:02:99:0b:27:88:47:29:8f:dc:4b:ff:f3:e9:38 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e31b9b629904d438451127855b52f882ebe162aa Validity Not Before: Dec 20 13:00:35 2025 GMT Not After : Dec 21 13:00:35 2025 GMT Subject: CN=a939b1ca3fc546481a02b004a8149b8b17526c19 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:9f:ef:9b:f0:50:4e:1b:69:82:9e:6a:d0:25: 78:24:0d:c7:ff:cb:d8:59:cd:c2:ac:73:e5:f8:e9: ed:f8:13:a1:ab:74:c8:44:14:1b:16:22:30:16:da: 1c:5c:e3:bf:3e:b7:02:3a:95:85:5e:f4:04:89:5c: 5f:b8:ab:2a:d0:6a:16:03:b9:ba:57:9a:a6:c8:5d: 1d:3e:9f:fa:e8:05:c0:d4:f0:fd:b0:16:b3:d7:a0: f6:76:be:da:88:5a:6c:97:33:f9:4a:7f:a3:75:0c: 3a:19:68:1f:29:c0:ce:2e:32:ef:ad:ed:13:ef:a6: f0:60:26:17:df:17:57:45:0a:36:0a:5c:ec:90:6d: 01:06:e9:4e:06:d1:fc:90:16:1c:fc:3e:d7:19:b4: 0c:d3:de:f2:2d:a8:28:c2:e4:93:aa:57:8e:40:01: c5:5d:7d:91:f1:62:0d:5a:f8:21:03:de:1b:c2:dc: 2f:b5:8d:a7:98:59:f0:4b:4f:73:75:c9:5b:1b:27: 13:ee:be:c7:bc:7e:52:32:40:bf:90:14:a6:a4:51: 3f:0a:05:23:17:4d:3b:55:21:a3:18:93:2f:7f:02: c9:c0:7e:04:23:f0:36:d6:42:87:56:8e:63:40:91: ff:5b:42:2c:e8:a5:9e:d0:c0:e4:6e:cb:16:80:24: 5a:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A9:39:B1:CA:3F:C5:46:48:1A:02:B0:04:A8:14:9B:8B:17:52:6C:19 X509v3 Authority Key Identifier: keyid:E3:1B:9B:62:99:04:D4:38:45:11:27:85:5B:52:F8:82:EB:E1:62:AA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4xubYpkE1DhFESeFW1L4guvhYqo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/57/dfecaa-050d-409b-887e-ded7ad5a8870/1/4xubYpkE1DhFESeFW1L4guvhYqo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 97:1d:ef:ce:b8:86:32:0f:a3:f9:65:45:68:30:e4:66:a1:38: 35:21:5b:42:0b:9c:62:ae:48:8a:ab:d1:4b:b7:58:9e:8d:bc: f7:6e:d0:f8:51:6c:e2:60:71:b7:85:c2:5d:7c:07:40:e0:94: ee:c3:97:a5:bd:2f:85:78:19:a1:ec:3d:44:9b:6f:ef:f2:32: 60:f6:d7:10:88:c2:69:ad:2d:6c:44:77:2f:cc:32:38:db:1f: 89:67:88:51:fe:ef:57:d4:48:75:fc:a8:33:5e:f5:8b:b2:b9: f6:d9:94:f5:cc:67:0b:37:06:1f:85:69:ca:fe:51:0b:17:be: ee:5e:b3:19:23:af:e1:31:aa:25:0f:27:32:93:ca:61:b7:48: e0:51:c9:e1:f2:6f:0f:11:cb:09:f5:23:57:79:3c:fa:a3:ac: b7:97:ea:a1:5b:f8:27:b5:0f:f9:68:fe:8b:6c:25:5f:0a:74: ea:29:0c:33:8b:17:0b:7c:90:38:da:12:38:59:7d:d0:77:11: 3a:b8:8f:c6:36:f8:31:c9:6c:46:b8:57:d6:a0:c2:2d:3a:ae: ff:c1:b1:90:78:47:f1:15:69:1c:d7:47:6c:25:30:6d:4b:78: 54:9c:08:c4:32:47:63:4a:9c:54:e7:74:28:f5:63:b3:74:59: 63:3a:6f:62 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs72QKZCyeIRymP3Ev/8+k4MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGUzMWI5YjYyOTkwNGQ0Mzg0NTExMjc4NTViNTJmODgyZWJl MTYyYWEwHhcNMjUxMjIwMTMwMDM1WhcNMjUxMjIxMTMwMDM1WjAzMTEwLwYDVQQD EyhhOTM5YjFjYTNmYzU0NjQ4MWEwMmIwMDRhODE0OWI4YjE3NTI2YzE5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy5/vm/BQThtpgp5q0CV4JA3H/8vY Wc3CrHPl+Ont+BOhq3TIRBQbFiIwFtocXOO/PrcCOpWFXvQEiVxfuKsq0GoWA7m6 V5qmyF0dPp/66AXA1PD9sBaz16D2dr7aiFpslzP5Sn+jdQw6GWgfKcDOLjLvre0T 76bwYCYX3xdXRQo2ClzskG0BBulOBtH8kBYc/D7XGbQM097yLagowuSTqleOQAHF XX2R8WINWvghA94bwtwvtY2nmFnwS09zdclbGycT7r7HvH5SMkC/kBSmpFE/CgUj F007VSGjGJMvfwLJwH4EI/A21kKHVo5jQJH/W0Is6KWe0MDkbssWgCRaNQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKk5sco/xUZIGgKwBKgUm4sXUmwZMB8GA1UdIwQY MBaAFOMbm2KZBNQ4RREnhVtS+ILr4WKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNHh1Yllwa0UxRGhGRVNlRlcxTDRndXZoWXFvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9kZmVjYWEtMDUwZC00MDliLTg4N2Ut ZGVkN2FkNWE4ODcwLzEvNHh1Yllwa0UxRGhGRVNlRlcxTDRndXZoWXFvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Ny9kZmVjYWEtMDUwZC00MDliLTg4N2UtZGVkN2FkNWE4ODcw LzEvNHh1Yllwa0UxRGhGRVNlRlcxTDRndXZoWXFvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlx3vzriG Mg+j+WVFaDDkZqE4NSFbQgucYq5IiqvRS7dYno28927Q+FFs4mBxt4XCXXwHQOCU 7sOXpb0vhXgZoew9RJtv7/IyYPbXEIjCaa0tbER3L8wyONsfiWeIUf7vV9RIdfyo M171i7K59tmU9cxnCzcGH4Vpyv5RCxe+7l6zGSOv4TGqJQ8nMpPKYbdI4FHJ4fJv DxHLCfUjV3k8+qOst5fqoVv4J7UP+Wj+i2wlXwp06ikMM4sXC3yQONoSOFl90HcR OriPxjb4MclsRrhX1qDCLTqu/8GxkHhH8RVpHNdHbCUwbUt4VJwIxDJHY0qcVOd0 KPVjs3RZYzpvYg== -----END CERTIFICATE-----Generated at Sat Dec 20 22:37:51 2025 by rpki-client