This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.mft File: 4VW0MN7doRMQ9shzieMgj8ZSnps.mft (raw, json) Hash identifier: E86WTvUVzULVuf0ohll4ZLqfg5EoLsK7VJmd7p9wrFo= Subject key identifier: 36:5A:51:B1:20:F9:42:C6:47:2F:45:92:8A:AA:06:A6:E7:FF:C4:96 Authority key identifier: E1:55:B4:30:DE:DD:A1:13:10:F6:C8:73:89:E3:20:8F:C6:52:9E:9B Certificate issuer: /CN=e155b430dedda11310f6c87389e3208fc6529e9b Certificate serial: 019AF19B6B3861A86F123456114C36F4AC8C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4VW0MN7doRMQ9shzieMgj8ZSnps.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.mft Manifest number: 108A Signing time: Sat 06 Dec 2025 03:01:25 +0000 Manifest this update: Sat 06 Dec 2025 03:01:25 +0000 Manifest next update: Sun 07 Dec 2025 03:01:25 +0000 Files and hashes: 1: 4VW0MN7doRMQ9shzieMgj8ZSnps.crl (hash: OaRMA51oViDM9TqpE36NZ7JwTmsk8muNoKIHKz63IOA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.crl rsync://rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.mft rsync://rpki.ripe.net/repository/DEFAULT/4VW0MN7doRMQ9shzieMgj8ZSnps.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:9b:6b:38:61:a8:6f:12:34:56:11:4c:36:f4:ac:8c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e155b430dedda11310f6c87389e3208fc6529e9b Validity Not Before: Dec 6 03:01:25 2025 GMT Not After : Dec 7 03:01:25 2025 GMT Subject: CN=365a51b120f942c6472f45928aaa06a6e7ffc496 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:e5:7e:62:38:ea:03:9c:39:43:fa:0f:03:59: a7:20:cd:76:cc:ea:29:d8:7d:bf:69:46:c7:8d:8c: 16:bc:83:62:31:9d:72:89:47:d5:a5:86:b3:9b:7f: 5f:7d:13:e1:2a:b3:cf:88:fc:64:20:74:5b:5c:90: 54:9f:98:54:48:c7:b7:b7:f1:ca:28:70:97:a9:58: 86:58:e9:dd:ae:40:b6:2b:04:b1:9f:ad:46:51:c6: 18:63:23:e2:65:73:51:07:0d:8e:dd:2d:8d:ed:38: 32:ac:13:5e:12:da:d0:6e:03:16:6c:31:7c:ca:9b: 2d:ce:d2:b4:d8:20:38:65:97:ec:38:49:98:69:b9: 9c:1a:3d:9f:73:b1:7b:5f:54:d3:fd:cd:84:53:19: db:4d:66:5a:5b:df:57:c5:d7:8c:a8:b0:21:f7:0a: 56:bc:a4:be:ad:4b:64:56:46:07:9b:56:c8:a7:df: ec:eb:30:7a:d5:97:e4:cb:45:02:ec:9a:62:e7:81: 23:08:82:7d:71:83:5e:b6:24:b2:05:29:7d:a6:96: 80:44:86:9f:d2:dd:69:f2:d1:d6:d4:9a:59:89:42: a9:a9:bc:d2:d5:05:1b:e9:9c:22:38:dc:54:97:67: fe:f6:8c:82:69:b1:0f:4b:1d:33:df:55:47:12:2a: bc:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 36:5A:51:B1:20:F9:42:C6:47:2F:45:92:8A:AA:06:A6:E7:FF:C4:96 X509v3 Authority Key Identifier: keyid:E1:55:B4:30:DE:DD:A1:13:10:F6:C8:73:89:E3:20:8F:C6:52:9E:9B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4VW0MN7doRMQ9shzieMgj8ZSnps.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/60/bf9d55-b0d5-4b07-92b0-0d74060a16dd/1/4VW0MN7doRMQ9shzieMgj8ZSnps.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a9:f3:78:ea:7d:65:3e:2a:6d:94:b2:f0:9e:c0:d1:13:31:d2: 91:85:8c:85:7f:5d:fb:ad:ac:9e:a1:10:9f:a5:73:00:aa:25: 3f:59:7d:5d:5e:04:32:cd:c1:77:de:39:45:be:b4:28:6d:65: db:2d:0d:ec:b0:c8:d4:ef:02:95:c8:3c:39:95:3c:2d:f9:53: aa:d5:1f:ae:f3:0e:40:52:ad:72:7e:72:2a:12:e8:6b:ec:32: 54:c1:06:e4:50:6e:29:76:cb:9c:1c:98:94:d7:72:5f:86:70: ca:b5:d3:10:9d:c8:4c:7b:2a:d0:31:1e:9f:0f:65:9e:f0:45: 40:d1:e7:51:2c:37:b4:fb:fb:f4:18:2a:e8:34:55:70:b7:94: 18:1e:fb:d6:a2:c3:8e:49:52:14:a5:49:7f:96:60:f4:26:f8: 5d:86:c2:c8:c2:45:5f:be:eb:d9:77:77:84:14:ec:b5:8d:73: 1d:9e:5d:47:45:7f:53:80:f1:c9:ea:a0:2f:01:c6:91:33:75: e7:79:84:2c:f0:26:2a:b8:80:5a:f5:18:bf:e3:81:d1:78:c7: 0c:f5:c5:a1:d6:d0:42:15:8d:22:fd:79:7d:79:e8:47:4d:61: b7:b1:f7:fe:2d:b0:54:7a:5e:95:0b:fd:88:84:fb:c9:93:36: 25:b1:78:f1 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxm2s4YahvEjRWEUw29KyMMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGUxNTViNDMwZGVkZGExMTMxMGY2Yzg3Mzg5ZTMyMDhmYzY1 MjllOWIwHhcNMjUxMjA2MDMwMTI1WhcNMjUxMjA3MDMwMTI1WjAzMTEwLwYDVQQD EygzNjVhNTFiMTIwZjk0MmM2NDcyZjQ1OTI4YWFhMDZhNmU3ZmZjNDk2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAruV+YjjqA5w5Q/oPA1mnIM12zOop 2H2/aUbHjYwWvINiMZ1yiUfVpYazm39ffRPhKrPPiPxkIHRbXJBUn5hUSMe3t/HK KHCXqViGWOndrkC2KwSxn61GUcYYYyPiZXNRBw2O3S2N7TgyrBNeEtrQbgMWbDF8 ypstztK02CA4ZZfsOEmYabmcGj2fc7F7X1TT/c2EUxnbTWZaW99XxdeMqLAh9wpW vKS+rUtkVkYHm1bIp9/s6zB61Zfky0UC7Jpi54EjCIJ9cYNetiSyBSl9ppaARIaf 0t1p8tHW1JpZiUKpqbzS1QUb6ZwiONxUl2f+9oyCabEPSx0z31VHEiq8LQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDZaUbEg+ULGRy9FkoqqBqbn/8SWMB8GA1UdIwQY MBaAFOFVtDDe3aETEPbIc4njII/GUp6bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNFZXME1ON2RvUk1ROXNoemllTWdqOFpTbnBzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9iZjlkNTUtYjBkNS00YjA3LTkyYjAt MGQ3NDA2MGExNmRkLzEvNFZXME1ON2RvUk1ROXNoemllTWdqOFpTbnBzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82MC9iZjlkNTUtYjBkNS00YjA3LTkyYjAtMGQ3NDA2MGExNmRk LzEvNFZXME1ON2RvUk1ROXNoemllTWdqOFpTbnBzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqfN46n1l PiptlLLwnsDREzHSkYWMhX9d+62snqEQn6VzAKolP1l9XV4EMs3Bd945Rb60KG1l 2y0N7LDI1O8Clcg8OZU8LflTqtUfrvMOQFKtcn5yKhLoa+wyVMEG5FBuKXbLnByY lNdyX4ZwyrXTEJ3ITHsq0DEenw9lnvBFQNHnUSw3tPv79Bgq6DRVcLeUGB771qLD jklSFKVJf5Zg9Cb4XYbCyMJFX77r2Xd3hBTstY1zHZ5dR0V/U4DxyeqgLwHGkTN1 53mELPAmKriAWvUYv+OB0XjHDPXFodbQQhWNIv15fXnoR01ht7H3/i2wVHpelQv9 iIT7yZM2JbF48Q== -----END CERTIFICATE-----Generated at Sat Dec 6 09:18:14 2025 by rpki-client