This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/3e43b1-4d08-4846-a393-5236acc0a166/1/4hFKMKZ-PPs8rbY2jtICxIzSm6c.mft File: 4hFKMKZ-PPs8rbY2jtICxIzSm6c.mft (raw, json) Hash identifier: tXUT3qnNJ0A8wB7zeIdzqI4kl4erGsB34uEcWG5VAZo= Subject key identifier: 5D:9B:FE:CA:D2:EA:47:0E:1E:71:41:C2:9F:6F:EB:C2:7B:A9:71:49 Authority key identifier: E2:11:4A:30:A6:7E:3C:FB:3C:AD:B6:36:8E:D2:02:C4:8C:D2:9B:A7 Certificate issuer: /CN=e2114a30a67e3cfb3cadb6368ed202c48cd29ba7 Certificate serial: 019B3042C92C61E52CC49AC959920963E2C2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4hFKMKZ-PPs8rbY2jtICxIzSm6c.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/3e43b1-4d08-4846-a393-5236acc0a166/1/4hFKMKZ-PPs8rbY2jtICxIzSm6c.mft Manifest number: 12B3 Signing time: Thu 18 Dec 2025 07:00:41 +0000 Manifest this update: Thu 18 Dec 2025 07:00:41 +0000 Manifest next update: Fri 19 Dec 2025 07:00:41 +0000 Files and hashes: 1: 4hFKMKZ-PPs8rbY2jtICxIzSm6c.crl (hash: takA0z3kpO4TrgSUMLnf1dbBsx6F2chwFzpxbyzPHoI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/3e43b1-4d08-4846-a393-5236acc0a166/1/4hFKMKZ-PPs8rbY2jtICxIzSm6c.crl rsync://rpki.ripe.net/repository/DEFAULT/ac/3e43b1-4d08-4846-a393-5236acc0a166/1/4hFKMKZ-PPs8rbY2jtICxIzSm6c.mft rsync://rpki.ripe.net/repository/DEFAULT/4hFKMKZ-PPs8rbY2jtICxIzSm6c.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 04:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:30:42:c9:2c:61:e5:2c:c4:9a:c9:59:92:09:63:e2:c2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e2114a30a67e3cfb3cadb6368ed202c48cd29ba7 Validity Not Before: Dec 18 07:00:41 2025 GMT Not After : Dec 19 07:00:41 2025 GMT Subject: CN=5d9bfecad2ea470e1e7141c29f6febc27ba97149 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:1b:79:f9:e6:a1:52:8b:a2:00:62:d0:5f:46: 39:0a:ae:9b:9d:5e:70:a5:d5:c8:ab:70:5c:f7:eb: b3:aa:eb:2c:f6:a3:a0:0c:a6:7a:e4:bc:71:53:ee: d4:e3:3d:84:57:01:8c:6c:ff:1a:9c:fa:0e:16:78: 51:1b:8b:72:13:29:5d:54:7b:b3:0c:4b:50:3c:2b: 2a:3d:fb:4b:7e:c0:df:10:86:c1:2f:d0:f5:f9:45: 49:34:48:b2:8e:94:62:fb:d0:ac:31:30:1e:ed:ef: 72:7c:af:c8:b8:8e:82:e8:43:d2:05:1e:b9:a6:c6: 6c:bc:48:85:12:bb:d3:ce:e7:58:d4:e7:0a:f6:57: 1b:bd:e5:76:e0:8f:eb:f0:91:67:ea:ee:3e:41:2e: 22:07:d5:d2:03:22:bc:69:be:60:19:96:41:df:64: fe:4e:b2:12:9d:69:83:52:9d:7e:c0:08:2c:7e:bf: 5b:18:ab:4a:c2:79:01:ec:82:64:a1:54:9d:a7:73: e6:b0:dc:4c:c9:1e:c2:ac:08:d1:45:23:fb:64:95: 14:6f:87:0f:c4:02:f3:1a:9d:4a:63:1a:88:f8:d3: 7b:f3:a0:e1:7f:fa:e6:ef:d1:74:09:08:82:a2:81: b3:fb:91:a6:3a:91:50:83:37:c3:c9:80:56:e8:b3: ea:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:9B:FE:CA:D2:EA:47:0E:1E:71:41:C2:9F:6F:EB:C2:7B:A9:71:49 X509v3 Authority Key Identifier: keyid:E2:11:4A:30:A6:7E:3C:FB:3C:AD:B6:36:8E:D2:02:C4:8C:D2:9B:A7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4hFKMKZ-PPs8rbY2jtICxIzSm6c.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/3e43b1-4d08-4846-a393-5236acc0a166/1/4hFKMKZ-PPs8rbY2jtICxIzSm6c.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/3e43b1-4d08-4846-a393-5236acc0a166/1/4hFKMKZ-PPs8rbY2jtICxIzSm6c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 52:9e:66:28:e4:b4:ef:db:05:ab:e9:01:33:b7:72:39:8a:fb: a4:e3:71:d1:b9:a8:4f:88:4e:3f:c4:4d:bb:6f:c8:af:ac:93: a3:48:b4:d2:be:ee:96:64:b3:65:b4:bc:70:bb:35:f5:aa:95: aa:a2:06:a8:78:0b:e6:ec:b4:3f:f9:b2:84:1d:40:61:40:28: a3:3a:ce:ff:a6:40:45:3d:67:93:6e:ef:55:82:36:0a:69:32: 0c:15:f1:e1:95:3d:7d:aa:a7:c5:7c:e7:b1:f8:0b:41:a3:24: 1e:26:09:a3:77:1e:6c:1b:1d:d7:d2:ea:ea:5d:a3:28:38:92: 6b:0b:a3:d2:32:44:99:5f:4b:6f:3a:47:36:4e:2d:b3:bd:87: 27:b8:a0:0f:8c:cd:83:2c:b8:ab:63:75:d3:76:2a:f3:3a:35: 06:c8:7a:c1:21:8d:ab:e6:66:9e:b0:49:35:4b:d5:61:a9:34: 09:39:f8:5b:af:cd:e4:80:16:2a:51:14:22:a7:18:0d:d4:72: da:bb:0f:76:42:7f:96:d9:a0:cb:bf:28:8f:5e:94:3a:6d:9b: cc:2b:7c:b7:c3:fb:2c:58:18:79:7f:1a:5e:a4:3f:ca:23:ef: bc:97:e6:49:a3:2f:de:f7:e4:ab:5f:b7:7e:f3:ef:44:74:da: cb:da:ba:77 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZswQsksYeUsxJrJWZIJY+LCMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGUyMTE0YTMwYTY3ZTNjZmIzY2FkYjYzNjhlZDIwMmM0OGNk MjliYTcwHhcNMjUxMjE4MDcwMDQxWhcNMjUxMjE5MDcwMDQxWjAzMTEwLwYDVQQD Eyg1ZDliZmVjYWQyZWE0NzBlMWU3MTQxYzI5ZjZmZWJjMjdiYTk3MTQ5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsBt5+eahUouiAGLQX0Y5Cq6bnV5w pdXIq3Bc9+uzquss9qOgDKZ65LxxU+7U4z2EVwGMbP8anPoOFnhRG4tyEyldVHuz DEtQPCsqPftLfsDfEIbBL9D1+UVJNEiyjpRi+9CsMTAe7e9yfK/IuI6C6EPSBR65 psZsvEiFErvTzudY1OcK9lcbveV24I/r8JFn6u4+QS4iB9XSAyK8ab5gGZZB32T+ TrISnWmDUp1+wAgsfr9bGKtKwnkB7IJkoVSdp3PmsNxMyR7CrAjRRSP7ZJUUb4cP xALzGp1KYxqI+NN786Dhf/rm79F0CQiCooGz+5GmOpFQgzfDyYBW6LPq/QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFF2b/srS6kcOHnFBwp9v68J7qXFJMB8GA1UdIwQY MBaAFOIRSjCmfjz7PK22No7SAsSM0punMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNGhGS01LWi1QUHM4cmJZMmp0SUN4SXpTbTZjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy8zZTQzYjEtNGQwOC00ODQ2LWEzOTMt NTIzNmFjYzBhMTY2LzEvNGhGS01LWi1QUHM4cmJZMmp0SUN4SXpTbTZjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hYy8zZTQzYjEtNGQwOC00ODQ2LWEzOTMtNTIzNmFjYzBhMTY2 LzEvNGhGS01LWi1QUHM4cmJZMmp0SUN4SXpTbTZjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUp5mKOS0 79sFq+kBM7dyOYr7pONx0bmoT4hOP8RNu2/Ir6yTo0i00r7ulmSzZbS8cLs19aqV qqIGqHgL5uy0P/myhB1AYUAoozrO/6ZART1nk27vVYI2CmkyDBXx4ZU9faqnxXzn sfgLQaMkHiYJo3cebBsd19Lq6l2jKDiSawuj0jJEmV9LbzpHNk4ts72HJ7igD4zN gyy4q2N103Yq8zo1Bsh6wSGNq+ZmnrBJNUvVYak0CTn4W6/N5IAWKlEUIqcYDdRy 2rsPdkJ/ltmgy78oj16UOm2bzCt8t8P7LFgYeX8aXqQ/yiPvvJfmSaMv3vfkq1+3 fvPvRHTay9q6dw== -----END CERTIFICATE-----Generated at Thu Dec 18 11:24:44 2025 by rpki-client