This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/63fae9-499f-43d5-8768-f9811ee3fa87/1/4iUB2aQBcJg48z0a4nm85xALPM8.mft File: 4iUB2aQBcJg48z0a4nm85xALPM8.mft (raw, json) Hash identifier: l8kIV7UOBLWtSRlaTS5R0DIoTr2taVca4csNwrRHBt4= Subject key identifier: 2C:DD:C6:0D:B2:37:FE:84:5C:2A:ED:72:29:2E:13:86:F6:CB:FE:84 Authority key identifier: E2:25:01:D9:A4:01:70:98:38:F3:3D:1A:E2:79:BC:E7:10:0B:3C:CF Certificate issuer: /CN=e22501d9a401709838f33d1ae279bce7100b3ccf Certificate serial: 019AF50A161A16FEB9E57DFB7D2635783269 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4iUB2aQBcJg48z0a4nm85xALPM8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/63fae9-499f-43d5-8768-f9811ee3fa87/1/4iUB2aQBcJg48z0a4nm85xALPM8.mft Manifest number: 11DA Signing time: Sat 06 Dec 2025 19:01:10 +0000 Manifest this update: Sat 06 Dec 2025 19:01:10 +0000 Manifest next update: Sun 07 Dec 2025 19:01:10 +0000 Files and hashes: 1: 4iUB2aQBcJg48z0a4nm85xALPM8.crl (hash: 5qawAZGsDeOFofiGtaI7MZfxFLTz82bk5pwMjGE+6ng=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/73/63fae9-499f-43d5-8768-f9811ee3fa87/1/4iUB2aQBcJg48z0a4nm85xALPM8.crl rsync://rpki.ripe.net/repository/DEFAULT/73/63fae9-499f-43d5-8768-f9811ee3fa87/1/4iUB2aQBcJg48z0a4nm85xALPM8.mft rsync://rpki.ripe.net/repository/DEFAULT/4iUB2aQBcJg48z0a4nm85xALPM8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 19:01:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:0a:16:1a:16:fe:b9:e5:7d:fb:7d:26:35:78:32:69 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e22501d9a401709838f33d1ae279bce7100b3ccf Validity Not Before: Dec 6 19:01:10 2025 GMT Not After : Dec 7 19:01:10 2025 GMT Subject: CN=2cddc60db237fe845c2aed72292e1386f6cbfe84 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:7d:12:f3:91:36:cd:80:88:44:f3:5c:4b:ab: 43:b3:02:8e:7f:dd:83:3a:14:a5:d2:a5:03:53:59: 44:be:ea:46:0d:26:48:7f:9b:f6:9b:18:6c:ee:1a: 8b:9e:ff:23:a4:bb:b1:b5:6e:65:5b:68:00:f9:13: 11:70:a1:b3:32:69:de:fb:32:32:58:79:0b:98:3f: c8:e8:f2:7e:7d:73:50:27:36:c5:3c:60:db:24:da: 67:d3:85:ce:60:95:d8:0d:95:b9:5d:8c:7d:fa:65: 08:17:c8:b8:35:98:94:be:3f:26:2a:59:c8:02:92: 55:e4:46:8d:b4:ff:c3:f5:7e:e5:15:51:95:77:01: d8:2c:87:f0:57:c7:06:af:a2:ab:b6:5c:44:f8:d0: 2d:bb:28:0f:67:bf:c1:32:4d:d6:22:1f:5e:4f:3b: 10:fc:7f:a2:cd:98:ca:94:2d:55:8c:2a:43:06:0d: 9a:c8:91:e6:d7:fc:ac:ea:be:1c:62:3b:23:98:13: e0:07:8f:14:2e:aa:4c:ac:0c:3a:09:63:bc:fd:28: 24:51:72:f6:db:b1:9c:6f:7d:32:00:bd:c7:6c:b3: 9d:28:ce:4c:90:b7:73:8e:31:d1:46:97:d8:02:d3: ce:d4:01:8b:d9:5c:49:fe:eb:47:b9:a5:b9:7f:34: 37:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2C:DD:C6:0D:B2:37:FE:84:5C:2A:ED:72:29:2E:13:86:F6:CB:FE:84 X509v3 Authority Key Identifier: keyid:E2:25:01:D9:A4:01:70:98:38:F3:3D:1A:E2:79:BC:E7:10:0B:3C:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4iUB2aQBcJg48z0a4nm85xALPM8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/63fae9-499f-43d5-8768-f9811ee3fa87/1/4iUB2aQBcJg48z0a4nm85xALPM8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/73/63fae9-499f-43d5-8768-f9811ee3fa87/1/4iUB2aQBcJg48z0a4nm85xALPM8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 54:63:76:11:52:6c:bf:ca:4b:43:89:05:6c:31:75:ca:1d:98: 1e:1b:5b:ce:6d:86:32:92:c2:38:a9:95:f0:41:25:f5:e3:50: 06:63:09:2a:50:cd:0c:cd:76:21:d4:7d:97:ce:84:e5:7b:e2: aa:a9:b2:4b:c9:e8:de:9f:ac:30:37:f4:55:d1:15:46:43:c7: ce:cb:17:0a:4a:dd:b9:48:e6:e6:bb:56:09:3c:3c:86:36:40: de:40:97:62:b6:3c:2e:c1:77:fd:11:92:cd:7c:f6:6e:4f:51: d6:cc:fc:8c:12:4f:56:a2:e5:06:e0:3d:26:64:94:41:3b:8a: d1:1d:08:ef:1b:13:07:cc:18:7f:9b:99:79:08:cd:ee:05:a5: 28:3b:3a:5a:b2:52:a7:e6:db:f7:2c:b1:26:2c:78:9d:9e:69: 4f:09:8a:a9:0a:13:88:4c:0b:bc:af:a2:74:8a:03:25:df:d1: 43:22:ba:be:85:80:34:21:e2:36:94:73:3d:5e:20:34:23:80: 46:23:2e:22:7e:37:c2:42:39:4d:00:fa:e9:bc:bb:2f:14:e5: 0f:9b:42:78:95:fc:a3:53:23:ed:f5:4c:0b:b0:95:64:02:0d: eb:db:94:9e:67:f6:75:10:0f:e6:8b:b7:4a:7e:06:16:d9:17: 68:89:b9:6d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr1ChYaFv655X37fSY1eDJpMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGUyMjUwMWQ5YTQwMTcwOTgzOGYzM2QxYWUyNzliY2U3MTAw YjNjY2YwHhcNMjUxMjA2MTkwMTEwWhcNMjUxMjA3MTkwMTEwWjAzMTEwLwYDVQQD EygyY2RkYzYwZGIyMzdmZTg0NWMyYWVkNzIyOTJlMTM4NmY2Y2JmZTg0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtX0S85E2zYCIRPNcS6tDswKOf92D OhSl0qUDU1lEvupGDSZIf5v2mxhs7hqLnv8jpLuxtW5lW2gA+RMRcKGzMmne+zIy WHkLmD/I6PJ+fXNQJzbFPGDbJNpn04XOYJXYDZW5XYx9+mUIF8i4NZiUvj8mKlnI ApJV5EaNtP/D9X7lFVGVdwHYLIfwV8cGr6KrtlxE+NAtuygPZ7/BMk3WIh9eTzsQ /H+izZjKlC1VjCpDBg2ayJHm1/ys6r4cYjsjmBPgB48ULqpMrAw6CWO8/SgkUXL2 27Gcb30yAL3HbLOdKM5MkLdzjjHRRpfYAtPO1AGL2VxJ/utHuaW5fzQ3/wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCzdxg2yN/6EXCrtcikuE4b2y/6EMB8GA1UdIwQY MBaAFOIlAdmkAXCYOPM9GuJ5vOcQCzzPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNGlVQjJhUUJjSmc0OHowYTRubTg1eEFMUE04LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My82M2ZhZTktNDk5Zi00M2Q1LTg3Njgt Zjk4MTFlZTNmYTg3LzEvNGlVQjJhUUJjSmc0OHowYTRubTg1eEFMUE04Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83My82M2ZhZTktNDk5Zi00M2Q1LTg3NjgtZjk4MTFlZTNmYTg3 LzEvNGlVQjJhUUJjSmc0OHowYTRubTg1eEFMUE04LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVGN2EVJs v8pLQ4kFbDF1yh2YHhtbzm2GMpLCOKmV8EEl9eNQBmMJKlDNDM12IdR9l86E5Xvi qqmyS8no3p+sMDf0VdEVRkPHzssXCkrduUjm5rtWCTw8hjZA3kCXYrY8LsF3/RGS zXz2bk9R1sz8jBJPVqLlBuA9JmSUQTuK0R0I7xsTB8wYf5uZeQjN7gWlKDs6WrJS p+bb9yyxJix4nZ5pTwmKqQoTiEwLvK+idIoDJd/RQyK6voWANCHiNpRzPV4gNCOA RiMuIn43wkI5TQD66by7LxTlD5tCeJX8o1Mj7fVMC7CVZAIN69uUnmf2dRAP5ou3 Sn4GFtkXaIm5bQ== -----END CERTIFICATE-----Generated at Sun Dec 7 02:10:48 2025 by rpki-client