This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/b81460-e06c-4352-ab1b-bb380bcabd28/1/4HG570GlOChYzZ7vmKf7nRJqpK4.mft File: 4HG570GlOChYzZ7vmKf7nRJqpK4.mft (raw, json) Hash identifier: Z5qE/NHWJsF8/+YZguBJxvlQyTF5PHQ788eqnV7oQHM= Subject key identifier: C3:D7:3C:76:52:0B:1C:4C:67:81:9C:FC:24:BB:A6:BF:FD:CA:4A:40 Authority key identifier: E0:71:B9:EF:41:A5:38:28:58:CD:9E:EF:98:A7:FB:9D:12:6A:A4:AE Certificate issuer: /CN=e071b9ef41a5382858cd9eef98a7fb9d126aa4ae Certificate serial: 019AF12EBB077101BA89B9D8AC2CF15C3C7F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4HG570GlOChYzZ7vmKf7nRJqpK4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/b81460-e06c-4352-ab1b-bb380bcabd28/1/4HG570GlOChYzZ7vmKf7nRJqpK4.mft Manifest number: 048A Signing time: Sat 06 Dec 2025 01:02:42 +0000 Manifest this update: Sat 06 Dec 2025 01:02:42 +0000 Manifest next update: Sun 07 Dec 2025 01:02:42 +0000 Files and hashes: 1: 4HG570GlOChYzZ7vmKf7nRJqpK4.crl (hash: j4CxoZqT+3K4aQ4OzhfD6GLQ1T/4VZ1I6vq6q5YGGJM=) 2: YBfLAkuYURNDoMTvjD2hLc0uuNc.roa (hash: gM7Y+qrK9OGNkcbA31bQAYiigRBUM5Di4cIR3nOhPM8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/b81460-e06c-4352-ab1b-bb380bcabd28/1/4HG570GlOChYzZ7vmKf7nRJqpK4.crl rsync://rpki.ripe.net/repository/DEFAULT/8d/b81460-e06c-4352-ab1b-bb380bcabd28/1/4HG570GlOChYzZ7vmKf7nRJqpK4.mft rsync://rpki.ripe.net/repository/DEFAULT/4HG570GlOChYzZ7vmKf7nRJqpK4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:02:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2e:bb:07:71:01:ba:89:b9:d8:ac:2c:f1:5c:3c:7f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e071b9ef41a5382858cd9eef98a7fb9d126aa4ae Validity Not Before: Dec 6 01:02:42 2025 GMT Not After : Dec 7 01:02:42 2025 GMT Subject: CN=c3d73c76520b1c4c67819cfc24bba6bffdca4a40 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f8:1b:92:87:57:01:4f:e3:40:5d:c2:8c:6e:99: ac:ac:63:94:d6:dc:dc:48:66:f7:5c:43:ff:20:9b: 13:55:5a:a4:c9:5b:df:52:41:cb:91:ee:33:b4:ef: fa:5e:38:a7:4b:3c:96:27:13:46:da:71:98:f7:0f: 1c:b7:d6:37:d6:f7:9c:fd:f9:1d:6c:73:fb:fc:ee: b1:0c:40:7d:2b:c9:8d:1e:26:f2:78:5b:43:dc:f2: 35:5a:b3:10:be:a7:b3:94:af:f7:3f:e8:f2:40:75: 8b:15:9d:bf:67:a4:ee:aa:dd:d5:38:e5:b8:e6:d8: 73:b9:c9:63:12:21:ab:17:ab:4d:ac:a3:c1:9b:bf: a1:79:c2:69:6c:52:10:14:89:eb:32:41:1a:f1:2f: e6:6e:fb:8b:3f:a0:ba:80:eb:cf:f0:f2:ae:b1:87: 3d:be:28:f3:2a:f4:f6:f7:6f:33:d3:36:e3:51:f7: 8f:24:d9:bd:3c:32:5a:16:6d:b8:0b:fa:04:c8:ce: dd:ba:14:2d:95:d0:3a:d7:65:16:0d:68:96:49:98: a9:f2:fa:00:4a:81:b3:f9:6d:06:73:af:33:c5:5a: 5b:e4:70:c2:06:6b:3d:9f:50:ee:8d:41:36:c5:99: 37:06:bd:f5:22:57:36:c3:0d:9f:7d:b9:4f:0d:c7: 7e:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C3:D7:3C:76:52:0B:1C:4C:67:81:9C:FC:24:BB:A6:BF:FD:CA:4A:40 X509v3 Authority Key Identifier: keyid:E0:71:B9:EF:41:A5:38:28:58:CD:9E:EF:98:A7:FB:9D:12:6A:A4:AE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4HG570GlOChYzZ7vmKf7nRJqpK4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/b81460-e06c-4352-ab1b-bb380bcabd28/1/4HG570GlOChYzZ7vmKf7nRJqpK4.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/b81460-e06c-4352-ab1b-bb380bcabd28/1/4HG570GlOChYzZ7vmKf7nRJqpK4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 70:82:e4:f9:8e:b5:e7:88:a0:7a:5b:de:03:6e:a2:10:f7:06: 43:12:f2:54:b2:91:06:2c:fa:7f:99:09:1d:2a:95:c6:46:b3: 1d:e6:c8:0e:1d:4d:06:44:ec:39:69:22:ff:64:92:cd:6c:13: 2c:39:26:1b:bc:26:34:67:b6:c5:8a:e6:9a:36:5e:a5:e6:8f: 73:1e:d3:97:77:db:8f:00:9c:5f:a7:d0:58:ec:b8:50:f2:61: aa:a1:bd:73:48:c5:c2:2e:e8:dc:50:be:c6:a3:7e:c4:b9:20: d9:c2:b7:02:7b:3e:dd:7c:0d:9f:10:c9:84:eb:f3:30:61:3b: c0:1c:bf:bc:7e:e1:5a:e6:33:c4:3b:bf:8a:c9:a8:a3:c2:4c: cd:8d:f9:2b:52:3d:a7:b3:a8:28:66:9c:80:be:c1:ce:99:b5: c0:c4:a8:07:23:15:b1:b8:07:ba:80:e5:79:c4:df:e9:8d:66: 9c:a9:fa:2f:c0:99:55:b9:3c:d4:c6:32:20:18:20:b3:4f:18: 3e:88:3e:5b:7b:57:a6:7e:b6:fb:74:f1:be:f2:70:17:cc:04: e1:85:82:bb:86:07:a4:ca:2f:4a:12:80:c6:a1:eb:87:44:59: 66:29:2d:0d:db:28:0e:75:ba:64:60:10:27:10:0b:86:f6:e2: 92:74:29:e2 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLrsHcQG6ibnYrCzxXDx/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGUwNzFiOWVmNDFhNTM4Mjg1OGNkOWVlZjk4YTdmYjlkMTI2 YWE0YWUwHhcNMjUxMjA2MDEwMjQyWhcNMjUxMjA3MDEwMjQyWjAzMTEwLwYDVQQD EyhjM2Q3M2M3NjUyMGIxYzRjNjc4MTljZmMyNGJiYTZiZmZkY2E0YTQwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+BuSh1cBT+NAXcKMbpmsrGOU1tzc SGb3XEP/IJsTVVqkyVvfUkHLke4ztO/6XjinSzyWJxNG2nGY9w8ct9Y31vec/fkd bHP7/O6xDEB9K8mNHibyeFtD3PI1WrMQvqezlK/3P+jyQHWLFZ2/Z6Tuqt3VOOW4 5thzucljEiGrF6tNrKPBm7+hecJpbFIQFInrMkEa8S/mbvuLP6C6gOvP8PKusYc9 vijzKvT2928z0zbjUfePJNm9PDJaFm24C/oEyM7duhQtldA612UWDWiWSZip8voA SoGz+W0Gc68zxVpb5HDCBms9n1DujUE2xZk3Br31Ilc2ww2ffblPDcd+2QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMPXPHZSCxxMZ4Gc/CS7pr/9ykpAMB8GA1UdIwQY MBaAFOBxue9BpTgoWM2e75in+50SaqSuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNEhHNTcwR2xPQ2hZelo3dm1LZjduUkpxcEs0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9iODE0NjAtZTA2Yy00MzUyLWFiMWIt YmIzODBiY2FiZDI4LzEvNEhHNTcwR2xPQ2hZelo3dm1LZjduUkpxcEs0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84ZC9iODE0NjAtZTA2Yy00MzUyLWFiMWItYmIzODBiY2FiZDI4 LzEvNEhHNTcwR2xPQ2hZelo3dm1LZjduUkpxcEs0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcILk+Y61 54igelveA26iEPcGQxLyVLKRBiz6f5kJHSqVxkazHebIDh1NBkTsOWki/2SSzWwT LDkmG7wmNGe2xYrmmjZepeaPcx7Tl3fbjwCcX6fQWOy4UPJhqqG9c0jFwi7o3FC+ xqN+xLkg2cK3Ans+3XwNnxDJhOvzMGE7wBy/vH7hWuYzxDu/ismoo8JMzY35K1I9 p7OoKGacgL7Bzpm1wMSoByMVsbgHuoDlecTf6Y1mnKn6L8CZVbk81MYyIBggs08Y Pog+W3tXpn62+3TxvvJwF8wE4YWCu4YHpMovShKAxqHrh0RZZiktDdsoDnW6ZGAQ JxALhvbiknQp4g== -----END CERTIFICATE-----Generated at Sat Dec 6 11:11:44 2025 by rpki-client