This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/bf90eb-15c8-40d8-a220-5c945468c475/1/k4KIfhkEky8RhsLDHGqS_17GQ4c.mft File: k4KIfhkEky8RhsLDHGqS_17GQ4c.mft (raw, json) Hash identifier: 5KLgA0NqxnCjKctoE7ggd4OVGTGAXE+H0qbrk6cyq1w= Subject key identifier: 53:D7:CF:D1:19:C4:7B:16:39:F6:3B:24:AF:B7:D1:DB:75:77:F9:2F Authority key identifier: 93:82:88:7E:19:04:93:2F:11:86:C2:C3:1C:6A:92:FF:5E:C6:43:87 Certificate issuer: /CN=9382887e1904932f1186c2c31c6a92ff5ec64387 Certificate serial: 019AF12D72E9CF28676E68BB5C00517F91E7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k4KIfhkEky8RhsLDHGqS_17GQ4c.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/bf90eb-15c8-40d8-a220-5c945468c475/1/k4KIfhkEky8RhsLDHGqS_17GQ4c.mft Manifest number: 0490 Signing time: Sat 06 Dec 2025 01:01:18 +0000 Manifest this update: Sat 06 Dec 2025 01:01:18 +0000 Manifest next update: Sun 07 Dec 2025 01:01:18 +0000 Files and hashes: 1: k4KIfhkEky8RhsLDHGqS_17GQ4c.crl (hash: ci+4+2X2rZA5i4vHEA8wsxEqgdSSp3xON99RmYLUdHU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/bf90eb-15c8-40d8-a220-5c945468c475/1/k4KIfhkEky8RhsLDHGqS_17GQ4c.crl rsync://rpki.ripe.net/repository/DEFAULT/dc/bf90eb-15c8-40d8-a220-5c945468c475/1/k4KIfhkEky8RhsLDHGqS_17GQ4c.mft rsync://rpki.ripe.net/repository/DEFAULT/k4KIfhkEky8RhsLDHGqS_17GQ4c.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:01:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2d:72:e9:cf:28:67:6e:68:bb:5c:00:51:7f:91:e7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9382887e1904932f1186c2c31c6a92ff5ec64387 Validity Not Before: Dec 6 01:01:18 2025 GMT Not After : Dec 7 01:01:18 2025 GMT Subject: CN=53d7cfd119c47b1639f63b24afb7d1db7577f92f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:04:f2:10:ba:e4:fd:35:d4:5a:30:de:17:6d: b9:9b:37:39:48:ed:b1:fd:d8:84:8f:4a:e4:2f:a2: 81:43:39:9a:37:6e:05:30:d4:75:48:1c:37:71:46: 8e:9f:2e:e9:0c:61:99:ab:c9:dd:dc:b0:a0:f8:45: 8d:7f:3e:e4:88:94:9d:f5:d8:ec:53:1b:c5:70:9d: 64:9f:11:97:4c:38:6c:bd:2a:57:e1:a3:c1:eb:09: dd:0c:ca:ae:48:dc:8e:77:93:cb:f6:03:ca:e6:57: c5:db:81:bf:2c:21:a0:ac:f6:1b:28:68:5c:ca:10: 66:2b:d1:89:8e:24:f8:c7:3a:6f:2b:66:b4:3d:c0: 40:64:ff:b8:1d:2e:78:47:61:e5:78:65:18:10:50: 64:95:88:42:6f:cf:da:7d:a1:8f:0a:b3:47:d9:ce: 89:d3:d6:0b:ec:96:9c:4a:f1:a7:d5:57:4d:4a:13: a5:58:96:5a:02:d0:1a:3d:ee:7c:c3:32:fa:ce:4d: dc:24:7d:69:f5:8c:ef:37:68:84:c4:73:8e:74:f2: 79:87:df:e6:ab:17:b5:88:04:07:bd:98:a2:46:82: c8:4e:3f:91:39:b1:8f:0c:f4:7c:fb:fc:a4:96:9d: 94:dc:17:48:c4:10:c3:3a:ec:f2:98:74:e9:b2:f1: 90:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 53:D7:CF:D1:19:C4:7B:16:39:F6:3B:24:AF:B7:D1:DB:75:77:F9:2F X509v3 Authority Key Identifier: keyid:93:82:88:7E:19:04:93:2F:11:86:C2:C3:1C:6A:92:FF:5E:C6:43:87 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k4KIfhkEky8RhsLDHGqS_17GQ4c.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/bf90eb-15c8-40d8-a220-5c945468c475/1/k4KIfhkEky8RhsLDHGqS_17GQ4c.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/bf90eb-15c8-40d8-a220-5c945468c475/1/k4KIfhkEky8RhsLDHGqS_17GQ4c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1d:db:02:c5:f7:3e:af:b3:d7:70:ac:3d:51:a5:4d:2a:b1:a8: 79:72:30:40:6e:8f:84:fd:61:b5:8b:ba:fe:de:2f:e0:c2:1f: 65:fa:c5:3f:64:54:35:78:7b:03:ad:df:cb:fa:c6:98:9b:3b: 7f:a9:9c:49:6b:4a:91:e9:a9:c3:80:14:e2:c7:0c:12:b5:4b: 8f:48:38:04:c3:7d:c8:b0:9e:5a:d3:7b:6d:1a:d0:a9:f1:fe: 50:88:b1:e5:35:4a:48:74:e9:14:b3:33:9b:0a:68:02:e5:0d: cd:c9:14:ef:5a:e4:08:64:58:26:1d:9b:1a:1b:8f:b5:0a:ad: d3:f7:18:18:94:bb:eb:b8:fd:ea:ab:5f:68:16:f7:91:f4:03: e2:de:8e:39:90:e3:7e:7b:4a:01:a6:52:12:56:90:e4:fd:7e: 86:e7:35:89:14:6a:94:80:13:60:a6:63:20:93:ff:59:ab:1e: 3b:f6:9e:58:f4:d0:2b:30:6e:5e:e5:77:da:2c:c9:f3:eb:9c: 26:95:e7:6a:a9:7b:93:90:97:01:50:ce:af:6f:99:d3:e9:57: ab:a0:9e:cb:89:5c:7e:83:91:61:3a:ce:49:9b:ab:1d:4d:78: 0c:b1:73:a2:1a:bd:2f:65:f3:05:af:ee:29:77:a8:f3:17:14: ca:e5:ff:3b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLXLpzyhnbmi7XABRf5HnMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkzODI4ODdlMTkwNDkzMmYxMTg2YzJjMzFjNmE5MmZmNWVj NjQzODcwHhcNMjUxMjA2MDEwMTE4WhcNMjUxMjA3MDEwMTE4WjAzMTEwLwYDVQQD Eyg1M2Q3Y2ZkMTE5YzQ3YjE2MzlmNjNiMjRhZmI3ZDFkYjc1NzdmOTJmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4ATyELrk/TXUWjDeF225mzc5SO2x /diEj0rkL6KBQzmaN24FMNR1SBw3cUaOny7pDGGZq8nd3LCg+EWNfz7kiJSd9djs UxvFcJ1knxGXTDhsvSpX4aPB6wndDMquSNyOd5PL9gPK5lfF24G/LCGgrPYbKGhc yhBmK9GJjiT4xzpvK2a0PcBAZP+4HS54R2HleGUYEFBklYhCb8/afaGPCrNH2c6J 09YL7JacSvGn1VdNShOlWJZaAtAaPe58wzL6zk3cJH1p9YzvN2iExHOOdPJ5h9/m qxe1iAQHvZiiRoLITj+RObGPDPR8+/yklp2U3BdIxBDDOuzymHTpsvGQ6QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFPXz9EZxHsWOfY7JK+30dt1d/kvMB8GA1UdIwQY MBaAFJOCiH4ZBJMvEYbCwxxqkv9exkOHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvazRLSWZoa0VreThSaHNMREhHcVNfMTdHUTRjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9iZjkwZWItMTVjOC00MGQ4LWEyMjAt NWM5NDU0NjhjNDc1LzEvazRLSWZoa0VreThSaHNMREhHcVNfMTdHUTRjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kYy9iZjkwZWItMTVjOC00MGQ4LWEyMjAtNWM5NDU0NjhjNDc1 LzEvazRLSWZoa0VreThSaHNMREhHcVNfMTdHUTRjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHdsCxfc+ r7PXcKw9UaVNKrGoeXIwQG6PhP1htYu6/t4v4MIfZfrFP2RUNXh7A63fy/rGmJs7 f6mcSWtKkempw4AU4scMErVLj0g4BMN9yLCeWtN7bRrQqfH+UIix5TVKSHTpFLMz mwpoAuUNzckU71rkCGRYJh2bGhuPtQqt0/cYGJS767j96qtfaBb3kfQD4t6OOZDj fntKAaZSElaQ5P1+huc1iRRqlIATYKZjIJP/WaseO/aeWPTQKzBuXuV32izJ8+uc JpXnaql7k5CXAVDOr2+Z0+lXq6Cey4lcfoORYTrOSZurHU14DLFzohq9L2XzBa/u KXeo8xcUyuX/Ow== -----END CERTIFICATE-----Generated at Sat Dec 6 09:25:02 2025 by rpki-client