This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/4e3fc3-048d-4b66-a951-3e2534583611/1/epHmw2HvM-JQ3YijH32Sfq03Xtk.mft File: epHmw2HvM-JQ3YijH32Sfq03Xtk.mft (raw, json) Hash identifier: FkuCIMZm7+91LiekKrtMAn30jdNne1xhtVnU1OZkPxc= Subject key identifier: A4:D3:19:35:B2:E2:52:BC:95:07:62:3F:F9:82:EA:0E:32:C8:D5:DF Authority key identifier: 7A:91:E6:C3:61:EF:33:E2:50:DD:88:A3:1F:7D:92:7E:AD:37:5E:D9 Certificate issuer: /CN=7a91e6c361ef33e250dd88a31f7d927ead375ed9 Certificate serial: 019AF31BC1C91947AA1D0A98FA868E453A19 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/epHmw2HvM-JQ3YijH32Sfq03Xtk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/4e3fc3-048d-4b66-a951-3e2534583611/1/epHmw2HvM-JQ3YijH32Sfq03Xtk.mft Manifest number: 06DE Signing time: Sat 06 Dec 2025 10:01:13 +0000 Manifest this update: Sat 06 Dec 2025 10:01:13 +0000 Manifest next update: Sun 07 Dec 2025 10:01:13 +0000 Files and hashes: 1: epHmw2HvM-JQ3YijH32Sfq03Xtk.crl (hash: +SeC0ka3/Gd2QOyTeqS2kUMRuKxn+fKXBCRlJj9VgOE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/4e3fc3-048d-4b66-a951-3e2534583611/1/epHmw2HvM-JQ3YijH32Sfq03Xtk.crl rsync://rpki.ripe.net/repository/DEFAULT/a9/4e3fc3-048d-4b66-a951-3e2534583611/1/epHmw2HvM-JQ3YijH32Sfq03Xtk.mft rsync://rpki.ripe.net/repository/DEFAULT/epHmw2HvM-JQ3YijH32Sfq03Xtk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1b:c1:c9:19:47:aa:1d:0a:98:fa:86:8e:45:3a:19 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7a91e6c361ef33e250dd88a31f7d927ead375ed9 Validity Not Before: Dec 6 10:01:13 2025 GMT Not After : Dec 7 10:01:13 2025 GMT Subject: CN=a4d31935b2e252bc9507623ff982ea0e32c8d5df Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:29:23:52:e6:dc:d6:a6:19:ec:81:b3:38:a3: 14:36:93:25:d7:68:ed:1c:1a:61:a3:ee:0c:5f:db: f7:ad:8b:d3:fe:7e:ab:76:7d:5e:70:11:3a:53:3b: 46:a3:6b:5f:fa:10:1f:55:09:87:dd:51:66:e1:3e: 2f:27:7b:82:d8:cd:10:1f:79:df:69:1f:42:0b:4a: d8:e1:fa:bf:3a:cd:d2:28:ca:a3:cd:81:b2:09:b9: c6:e7:72:ae:94:8b:1a:05:e4:98:db:94:98:b0:90: a1:4a:56:9d:e3:08:92:0e:35:28:1c:88:fb:4c:17: f2:bd:95:e7:1c:e5:68:24:83:b0:58:72:e7:99:6c: 2a:2b:fa:42:a2:97:13:15:d9:ed:f3:f4:e9:7b:8a: f0:e0:c2:5d:b5:e7:0a:09:eb:bf:4d:35:d7:c5:25: 40:1a:11:56:6c:75:3e:e1:d2:81:84:1f:b4:25:3e: 4b:37:e9:cf:2d:c1:d7:a9:a7:e4:7c:27:1e:6b:fd: 84:b4:08:22:3e:8c:5b:4d:1a:c5:eb:09:bb:13:b1: 19:ce:be:34:68:a2:0a:65:57:e7:63:ae:b7:78:25: 75:5b:6a:37:38:99:d0:69:80:7e:15:22:34:55:57: b3:2a:c3:5a:65:21:4a:56:35:2d:7c:60:02:bc:d7: 06:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A4:D3:19:35:B2:E2:52:BC:95:07:62:3F:F9:82:EA:0E:32:C8:D5:DF X509v3 Authority Key Identifier: keyid:7A:91:E6:C3:61:EF:33:E2:50:DD:88:A3:1F:7D:92:7E:AD:37:5E:D9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/epHmw2HvM-JQ3YijH32Sfq03Xtk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/4e3fc3-048d-4b66-a951-3e2534583611/1/epHmw2HvM-JQ3YijH32Sfq03Xtk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/4e3fc3-048d-4b66-a951-3e2534583611/1/epHmw2HvM-JQ3YijH32Sfq03Xtk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7a:61:db:c0:e8:a3:75:ea:f3:53:06:c6:0f:8e:19:74:ff:ea: 77:a0:03:2f:6a:ea:d8:fc:c0:02:ae:db:6f:1a:71:be:db:a5: 23:a0:ac:d2:96:01:96:58:c9:1e:96:dc:87:f0:7e:f0:a6:13: 25:b5:46:2d:23:99:f4:e1:ea:be:6b:7c:40:c9:f8:28:17:13: 32:73:0e:52:80:23:6b:0b:f0:a4:34:ce:8d:2e:8e:a0:b1:6a: f2:3a:54:ef:33:a9:cd:5a:48:d0:e2:c0:dc:27:78:36:cf:6b: 97:d7:40:6e:88:d5:72:5d:8a:45:cd:06:e7:c2:b8:93:fd:e4: c6:62:62:bb:aa:5c:b9:a4:94:d8:7d:26:ed:a9:8d:28:5d:2b: 62:c1:b3:b6:26:e4:c4:fa:48:e9:c7:d8:97:16:41:45:d8:1e: 45:e4:45:07:44:c6:43:1a:00:f6:09:cb:e4:f1:cd:81:e1:4a: 6e:9c:fa:08:20:0f:f4:14:4d:2c:c2:97:d0:53:94:6a:29:31: 15:92:df:3a:72:08:34:df:cc:8c:ec:f1:0c:35:1d:3c:2b:19: cc:df:4c:f4:ee:e8:df:b1:1e:60:a0:07:0a:e0:19:48:c4:9e: 9f:b3:d2:5d:3b:23:bf:99:3f:40:b9:47:bc:1b:12:02:16:b6: 62:64:df:d4 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzG8HJGUeqHQqY+oaORToZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDdhOTFlNmMzNjFlZjMzZTI1MGRkODhhMzFmN2Q5MjdlYWQz NzVlZDkwHhcNMjUxMjA2MTAwMTEzWhcNMjUxMjA3MTAwMTEzWjAzMTEwLwYDVQQD EyhhNGQzMTkzNWIyZTI1MmJjOTUwNzYyM2ZmOTgyZWEwZTMyYzhkNWRmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ykjUubc1qYZ7IGzOKMUNpMl12jt HBpho+4MX9v3rYvT/n6rdn1ecBE6UztGo2tf+hAfVQmH3VFm4T4vJ3uC2M0QH3nf aR9CC0rY4fq/Os3SKMqjzYGyCbnG53KulIsaBeSY25SYsJChSlad4wiSDjUoHIj7 TBfyvZXnHOVoJIOwWHLnmWwqK/pCopcTFdnt8/Tpe4rw4MJdtecKCeu/TTXXxSVA GhFWbHU+4dKBhB+0JT5LN+nPLcHXqafkfCcea/2EtAgiPoxbTRrF6wm7E7EZzr40 aKIKZVfnY663eCV1W2o3OJnQaYB+FSI0VVezKsNaZSFKVjUtfGACvNcGvwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKTTGTWy4lK8lQdiP/mC6g4yyNXfMB8GA1UdIwQY MBaAFHqR5sNh7zPiUN2Iox99kn6tN17ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZXBIbXcySHZNLUpRM1lpakgzMlNmcTAzWHRrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS80ZTNmYzMtMDQ4ZC00YjY2LWE5NTEt M2UyNTM0NTgzNjExLzEvZXBIbXcySHZNLUpRM1lpakgzMlNmcTAzWHRrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hOS80ZTNmYzMtMDQ4ZC00YjY2LWE5NTEtM2UyNTM0NTgzNjEx LzEvZXBIbXcySHZNLUpRM1lpakgzMlNmcTAzWHRrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAemHbwOij derzUwbGD44ZdP/qd6ADL2rq2PzAAq7bbxpxvtulI6Cs0pYBlljJHpbch/B+8KYT JbVGLSOZ9OHqvmt8QMn4KBcTMnMOUoAjawvwpDTOjS6OoLFq8jpU7zOpzVpI0OLA 3Cd4Ns9rl9dAbojVcl2KRc0G58K4k/3kxmJiu6pcuaSU2H0m7amNKF0rYsGztibk xPpI6cfYlxZBRdgeReRFB0TGQxoA9gnL5PHNgeFKbpz6CCAP9BRNLMKX0FOUaikx FZLfOnIINN/MjOzxDDUdPCsZzN9M9O7o37EeYKAHCuAZSMSen7PSXTsjv5k/QLlH vBsSAha2YmTf1A== -----END CERTIFICATE-----Generated at Sat Dec 6 14:00:44 2025 by rpki-client