This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/bdbee9-5eee-4561-a523-9435159c93eb/1/4CzXYQ92Hg7SUq57ufMPHisXtec.mft File: 4CzXYQ92Hg7SUq57ufMPHisXtec.mft (raw, json) Hash identifier: E/lasp9b0XNWj0dnboVUMEMVmFrnHk0s3PrwY69VYho= Subject key identifier: A5:91:93:2E:3B:E9:25:15:F7:06:22:A4:E0:CF:CF:3F:22:D7:96:AD Authority key identifier: E0:2C:D7:61:0F:76:1E:0E:D2:52:AE:7B:B9:F3:0F:1E:2B:17:B5:E7 Certificate issuer: /CN=e02cd7610f761e0ed252ae7bb9f30f1e2b17b5e7 Certificate serial: 019AF5787D712E3D798E218FE1380C7B61E3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4CzXYQ92Hg7SUq57ufMPHisXtec.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/bdbee9-5eee-4561-a523-9435159c93eb/1/4CzXYQ92Hg7SUq57ufMPHisXtec.mft Manifest number: 13F4 Signing time: Sat 06 Dec 2025 21:01:45 +0000 Manifest this update: Sat 06 Dec 2025 21:01:45 +0000 Manifest next update: Sun 07 Dec 2025 21:01:45 +0000 Files and hashes: 1: 4CzXYQ92Hg7SUq57ufMPHisXtec.crl (hash: 0O8KLTN51berU+o+K0kInuXW63QRla5TweU8fcOPeQE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/94/bdbee9-5eee-4561-a523-9435159c93eb/1/4CzXYQ92Hg7SUq57ufMPHisXtec.crl rsync://rpki.ripe.net/repository/DEFAULT/94/bdbee9-5eee-4561-a523-9435159c93eb/1/4CzXYQ92Hg7SUq57ufMPHisXtec.mft rsync://rpki.ripe.net/repository/DEFAULT/4CzXYQ92Hg7SUq57ufMPHisXtec.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 21:01:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:78:7d:71:2e:3d:79:8e:21:8f:e1:38:0c:7b:61:e3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e02cd7610f761e0ed252ae7bb9f30f1e2b17b5e7 Validity Not Before: Dec 6 21:01:45 2025 GMT Not After : Dec 7 21:01:45 2025 GMT Subject: CN=a591932e3be92515f70622a4e0cfcf3f22d796ad Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:86:e2:23:66:7d:7f:a2:9f:31:91:00:43:f6: 6b:be:cb:1e:51:73:ac:02:35:8d:0e:46:8a:af:0d: 0e:b5:60:5d:bc:1e:ae:b6:c7:58:10:a4:26:85:e2: f3:12:a3:54:d6:ab:82:e6:b9:80:c2:85:3b:c5:81: 6a:8e:e9:66:21:d5:4a:56:a5:ef:8a:e5:a5:65:94: b4:25:b3:6d:d1:6b:9c:ff:ea:e1:dd:07:fc:f8:8d: 68:9a:0c:0a:da:8b:3e:0f:23:a9:86:bf:06:a4:b0: 28:bc:4a:8b:33:dd:31:fe:88:d7:18:f4:55:48:64: 14:c6:f7:2b:73:5c:c7:6f:05:be:5d:e8:3c:5a:45: b0:6d:55:d2:52:b4:6b:8d:24:96:bd:e0:c3:6f:17: 3c:4a:ca:40:d3:14:2e:cf:71:17:1e:cd:7e:ad:37: a9:33:b7:32:b5:a1:ac:57:82:53:35:8b:f0:09:ee: b6:d0:7e:b8:d9:9d:78:f5:fe:7b:c8:87:89:ab:02: 5a:be:af:b9:93:3b:dc:4c:f3:cc:f7:90:b4:ca:2d: 8d:14:21:86:29:fb:e9:07:71:49:ec:8e:65:fd:9f: 2f:1e:90:0a:f2:07:ed:ad:22:10:90:a2:fd:d9:c2: 7f:bd:9a:a6:c7:55:1e:bd:b1:6d:44:d4:87:24:24: d1:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A5:91:93:2E:3B:E9:25:15:F7:06:22:A4:E0:CF:CF:3F:22:D7:96:AD X509v3 Authority Key Identifier: keyid:E0:2C:D7:61:0F:76:1E:0E:D2:52:AE:7B:B9:F3:0F:1E:2B:17:B5:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4CzXYQ92Hg7SUq57ufMPHisXtec.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/bdbee9-5eee-4561-a523-9435159c93eb/1/4CzXYQ92Hg7SUq57ufMPHisXtec.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/94/bdbee9-5eee-4561-a523-9435159c93eb/1/4CzXYQ92Hg7SUq57ufMPHisXtec.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 50:58:6f:d4:c2:fe:70:93:59:de:10:73:1b:d6:2b:4a:11:85: a6:11:cb:66:a8:f6:66:a8:54:08:aa:bc:7c:80:ff:6b:3f:8e: 12:1e:6b:80:a9:de:36:28:1c:5f:23:7e:28:ea:09:a2:49:05: 75:15:20:5d:8b:93:bb:b4:99:7c:85:0e:2c:52:2e:64:c2:fa: 23:7c:b5:55:b1:aa:c0:40:63:94:55:f5:ab:2c:4a:68:72:66: b8:22:db:9a:6c:8b:d5:d9:dd:ca:dd:f5:46:c4:86:ef:95:88: 04:09:75:0e:e0:c8:a4:e9:52:13:0f:4f:4c:fb:c8:e7:df:a4: 51:60:26:12:de:7d:cc:2c:2a:69:0e:77:af:fb:06:3a:a0:c7: 87:ea:da:ab:60:54:d4:24:21:d3:fa:81:e9:92:d2:5c:db:cc: 30:17:45:6e:5a:5b:94:80:5a:fc:59:7c:8b:b3:c0:b1:92:5b: 07:81:17:14:31:db:b2:b8:cb:59:64:98:a1:04:20:36:8f:9f: 6d:af:c9:4f:37:7a:28:66:1a:4d:9a:47:74:71:ff:d2:be:76: c7:74:c1:54:21:23:3b:ff:ce:2b:02:66:f8:7f:7d:47:61:42: b9:6e:9f:99:21:1c:6b:22:f7:c0:95:f0:46:af:3d:ac:4f:e1: 0b:d4:94:f9 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr1eH1xLj15jiGP4TgMe2HjMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGUwMmNkNzYxMGY3NjFlMGVkMjUyYWU3YmI5ZjMwZjFlMmIx N2I1ZTcwHhcNMjUxMjA2MjEwMTQ1WhcNMjUxMjA3MjEwMTQ1WjAzMTEwLwYDVQQD EyhhNTkxOTMyZTNiZTkyNTE1ZjcwNjIyYTRlMGNmY2YzZjIyZDc5NmFkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA24biI2Z9f6KfMZEAQ/ZrvsseUXOs AjWNDkaKrw0OtWBdvB6utsdYEKQmheLzEqNU1quC5rmAwoU7xYFqjulmIdVKVqXv iuWlZZS0JbNt0Wuc/+rh3Qf8+I1omgwK2os+DyOphr8GpLAovEqLM90x/ojXGPRV SGQUxvcrc1zHbwW+Xeg8WkWwbVXSUrRrjSSWveDDbxc8SspA0xQuz3EXHs1+rTep M7cytaGsV4JTNYvwCe620H642Z149f57yIeJqwJavq+5kzvcTPPM95C0yi2NFCGG KfvpB3FJ7I5l/Z8vHpAK8gftrSIQkKL92cJ/vZqmx1UevbFtRNSHJCTRAwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKWRky476SUV9wYipODPzz8i15atMB8GA1UdIwQY MBaAFOAs12EPdh4O0lKue7nzDx4rF7XnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNEN6WFlROTJIZzdTVXE1N3VmTVBIaXNYdGVjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9iZGJlZTktNWVlZS00NTYxLWE1MjMt OTQzNTE1OWM5M2ViLzEvNEN6WFlROTJIZzdTVXE1N3VmTVBIaXNYdGVjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85NC9iZGJlZTktNWVlZS00NTYxLWE1MjMtOTQzNTE1OWM5M2Vi LzEvNEN6WFlROTJIZzdTVXE1N3VmTVBIaXNYdGVjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUFhv1ML+ cJNZ3hBzG9YrShGFphHLZqj2ZqhUCKq8fID/az+OEh5rgKneNigcXyN+KOoJokkF dRUgXYuTu7SZfIUOLFIuZML6I3y1VbGqwEBjlFX1qyxKaHJmuCLbmmyL1dndyt31 RsSG75WIBAl1DuDIpOlSEw9PTPvI59+kUWAmEt59zCwqaQ53r/sGOqDHh+raq2BU 1CQh0/qB6ZLSXNvMMBdFblpblIBa/Fl8i7PAsZJbB4EXFDHbsrjLWWSYoQQgNo+f ba/JTzd6KGYaTZpHdHH/0r52x3TBVCEjO//OKwJm+H99R2FCuW6fmSEcayL3wJXw Rq89rE/hC9SU+Q== -----END CERTIFICATE-----Generated at Sun Dec 7 02:43:31 2025 by rpki-client