This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/2e65c9-a04e-4b87-a3fe-6503648711ba/1/l4ag6hgbRs2isjOCKvEAPBuxz40.mft File: l4ag6hgbRs2isjOCKvEAPBuxz40.mft (raw, json) Hash identifier: ZRgENqAsSdV5I0UinZ0Y1W9tQH47oiun7urg7AAJa0k= Subject key identifier: EA:95:79:07:A4:61:91:A1:4A:47:53:7B:80:F6:18:22:68:38:10:79 Authority key identifier: 97:86:A0:EA:18:1B:46:CD:A2:B2:33:82:2A:F1:00:3C:1B:B1:CF:8D Certificate issuer: /CN=9786a0ea181b46cda2b233822af1003c1bb1cf8d Certificate serial: 019AF1D239A9A00F18AC7F8E787FE443EFD0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l4ag6hgbRs2isjOCKvEAPBuxz40.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/2e65c9-a04e-4b87-a3fe-6503648711ba/1/l4ag6hgbRs2isjOCKvEAPBuxz40.mft Manifest number: F8 Signing time: Sat 06 Dec 2025 04:01:17 +0000 Manifest this update: Sat 06 Dec 2025 04:01:17 +0000 Manifest next update: Sun 07 Dec 2025 04:01:17 +0000 Files and hashes: 1: l4ag6hgbRs2isjOCKvEAPBuxz40.crl (hash: TN+xu/pxBgQ+Bh+pr8BMjSO+2P0fEelTxmVWxSkAFK4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/2e65c9-a04e-4b87-a3fe-6503648711ba/1/l4ag6hgbRs2isjOCKvEAPBuxz40.crl rsync://rpki.ripe.net/repository/DEFAULT/5f/2e65c9-a04e-4b87-a3fe-6503648711ba/1/l4ag6hgbRs2isjOCKvEAPBuxz40.mft rsync://rpki.ripe.net/repository/DEFAULT/l4ag6hgbRs2isjOCKvEAPBuxz40.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:d2:39:a9:a0:0f:18:ac:7f:8e:78:7f:e4:43:ef:d0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9786a0ea181b46cda2b233822af1003c1bb1cf8d Validity Not Before: Dec 6 04:01:17 2025 GMT Not After : Dec 7 04:01:17 2025 GMT Subject: CN=ea957907a46191a14a47537b80f6182268381079 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:ee:2a:58:51:4e:66:25:24:ae:ec:ad:0a:2b: 9f:ab:58:0d:25:a4:be:0b:a8:9a:c6:ae:61:99:a3: d5:6d:51:96:04:21:92:f1:69:fe:b8:21:30:9c:46: 74:b3:29:3d:43:85:8d:9e:4e:cb:de:7a:d0:49:4b: 6e:5e:d3:98:96:ba:d0:d9:1d:65:7d:eb:41:87:1a: 38:13:4e:bb:49:93:b1:4f:78:b9:db:74:e5:84:d7: f3:4b:f1:75:9d:26:b3:ca:82:b0:ee:8f:9c:ec:5a: e3:4e:23:66:3a:6b:ed:49:06:b1:d9:33:06:b2:78: ae:c7:3e:d8:a0:eb:12:32:2b:18:6c:89:bd:00:f8: 9b:e1:fd:3b:0a:13:fd:26:95:58:56:f1:a5:59:f0: d5:04:2b:72:92:6d:74:1f:83:7d:67:e2:58:ce:e3: b0:3f:35:26:9d:a0:bf:68:ad:99:b6:8c:45:8d:aa: 3b:60:98:ab:ff:41:71:ae:c8:1d:78:72:12:f9:49: fd:5f:b0:d7:d9:09:96:08:eb:15:88:1c:aa:a6:79: b6:21:a5:6c:ea:bc:3d:6e:24:b2:60:ac:44:70:fc: d2:0f:57:66:5b:09:3b:22:d2:72:33:b2:08:e0:09: 8d:5c:13:42:e4:16:c0:81:ab:1d:1e:81:8b:b6:49: 4d:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EA:95:79:07:A4:61:91:A1:4A:47:53:7B:80:F6:18:22:68:38:10:79 X509v3 Authority Key Identifier: keyid:97:86:A0:EA:18:1B:46:CD:A2:B2:33:82:2A:F1:00:3C:1B:B1:CF:8D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l4ag6hgbRs2isjOCKvEAPBuxz40.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/2e65c9-a04e-4b87-a3fe-6503648711ba/1/l4ag6hgbRs2isjOCKvEAPBuxz40.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/2e65c9-a04e-4b87-a3fe-6503648711ba/1/l4ag6hgbRs2isjOCKvEAPBuxz40.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 70:bd:c1:66:ca:38:d3:8d:74:75:fe:02:ff:e0:9a:ca:a9:b1: b9:28:c7:da:3b:30:c4:a2:e2:b0:7d:42:71:11:5e:ff:0e:78: ef:b7:1f:dd:e6:a9:cb:bc:e6:b9:a9:94:c2:3e:b8:8e:14:15: 4d:15:4d:af:63:99:95:20:89:7a:ec:31:dd:10:d5:6d:a1:4f: 17:cf:48:83:40:07:6b:89:05:14:28:a1:07:53:66:00:d7:ac: f1:8d:41:9b:02:e3:32:d5:a8:72:8e:8a:8c:0e:52:71:f5:ae: 7d:e5:df:d4:b8:8b:0d:d4:ce:73:90:0c:01:6e:b6:44:0a:a1: c0:e2:d1:1e:84:80:29:ad:72:bd:2e:0e:2a:db:eb:9b:f2:21: b8:16:a1:bb:6c:47:90:e0:0e:35:1a:f8:4f:29:e4:9c:58:56: 87:82:73:67:03:d3:cb:c1:ea:17:13:35:1f:f2:2c:a8:7e:e0: 06:db:75:48:97:59:49:1d:d6:99:3e:d8:1f:79:c0:47:5c:ab: f2:42:9b:71:5b:bd:f9:e4:eb:ed:37:8d:63:08:2e:5f:b3:b3: d2:6e:a4:97:e8:49:2a:e0:80:12:20:62:34:15:af:04:df:e9: f0:99:5c:ad:08:22:86:ac:d2:25:9a:0c:70:ca:23:f6:1f:2f: 00:57:b2:67 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrx0jmpoA8YrH+OeH/kQ+/QMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk3ODZhMGVhMTgxYjQ2Y2RhMmIyMzM4MjJhZjEwMDNjMWJi MWNmOGQwHhcNMjUxMjA2MDQwMTE3WhcNMjUxMjA3MDQwMTE3WjAzMTEwLwYDVQQD EyhlYTk1NzkwN2E0NjE5MWExNGE0NzUzN2I4MGY2MTgyMjY4MzgxMDc5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsO4qWFFOZiUkruytCiufq1gNJaS+ C6iaxq5hmaPVbVGWBCGS8Wn+uCEwnEZ0syk9Q4WNnk7L3nrQSUtuXtOYlrrQ2R1l fetBhxo4E067SZOxT3i523TlhNfzS/F1nSazyoKw7o+c7FrjTiNmOmvtSQax2TMG sniuxz7YoOsSMisYbIm9APib4f07ChP9JpVYVvGlWfDVBCtykm10H4N9Z+JYzuOw PzUmnaC/aK2ZtoxFjao7YJir/0FxrsgdeHIS+Un9X7DX2QmWCOsViByqpnm2IaVs 6rw9biSyYKxEcPzSD1dmWwk7ItJyM7II4AmNXBNC5BbAgasdHoGLtklN5QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOqVeQekYZGhSkdTe4D2GCJoOBB5MB8GA1UdIwQY MBaAFJeGoOoYG0bNorIzgirxADwbsc+NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbDRhZzZoZ2JSczJpc2pPQ0t2RUFQQnV4ejQwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi8yZTY1YzktYTA0ZS00Yjg3LWEzZmUt NjUwMzY0ODcxMWJhLzEvbDRhZzZoZ2JSczJpc2pPQ0t2RUFQQnV4ejQwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Zi8yZTY1YzktYTA0ZS00Yjg3LWEzZmUtNjUwMzY0ODcxMWJh LzEvbDRhZzZoZ2JSczJpc2pPQ0t2RUFQQnV4ejQwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcL3BZso4 0410df4C/+CayqmxuSjH2jswxKLisH1CcRFe/w5477cf3eapy7zmuamUwj64jhQV TRVNr2OZlSCJeuwx3RDVbaFPF89Ig0AHa4kFFCihB1NmANes8Y1BmwLjMtWoco6K jA5ScfWufeXf1LiLDdTOc5AMAW62RAqhwOLRHoSAKa1yvS4OKtvrm/IhuBahu2xH kOAONRr4TynknFhWh4JzZwPTy8HqFxM1H/IsqH7gBtt1SJdZSR3WmT7YH3nAR1yr 8kKbcVu9+eTr7TeNYwguX7Oz0m6kl+hJKuCAEiBiNBWvBN/p8JlcrQgihqzSJZoM cMoj9h8vAFeyZw== -----END CERTIFICATE-----Generated at Sat Dec 6 08:20:38 2025 by rpki-client