This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/317cc1-64c2-472e-914b-0bfb86884404/1/4kycUM9OLawF4fBDKCJOIKRgXXc.mft File: 4kycUM9OLawF4fBDKCJOIKRgXXc.mft (raw, json) Hash identifier: 9fBm99Jl51/iDByySuDDN/I7JvqsmpivukaAVzrWAV0= Subject key identifier: DF:AF:D9:AB:45:4F:BA:AE:F0:92:FE:6E:3A:1E:1F:07:72:52:BE:B0 Authority key identifier: E2:4C:9C:50:CF:4E:2D:AC:05:E1:F0:43:28:22:4E:20:A4:60:5D:77 Certificate issuer: /CN=e24c9c50cf4e2dac05e1f04328224e20a4605d77 Certificate serial: 019AF2ADA2EDBFFCE5A5FBCCFC651CE050AB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4kycUM9OLawF4fBDKCJOIKRgXXc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/317cc1-64c2-472e-914b-0bfb86884404/1/4kycUM9OLawF4fBDKCJOIKRgXXc.mft Manifest number: 0E4A Signing time: Sat 06 Dec 2025 08:00:56 +0000 Manifest this update: Sat 06 Dec 2025 08:00:56 +0000 Manifest next update: Sun 07 Dec 2025 08:00:56 +0000 Files and hashes: 1: 4kycUM9OLawF4fBDKCJOIKRgXXc.crl (hash: GjAJZDBAxZaU2P8EO72aFbos1n7TEXu2APIZRdSRonE=) 2: nmDQ5sn6P7ecn55KSWAGIphgo6U.roa (hash: fC95GsgDpVAuW+5RC4Zgw8UvFD2E/5JtR14wL2gAYEM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/317cc1-64c2-472e-914b-0bfb86884404/1/4kycUM9OLawF4fBDKCJOIKRgXXc.crl rsync://rpki.ripe.net/repository/DEFAULT/f4/317cc1-64c2-472e-914b-0bfb86884404/1/4kycUM9OLawF4fBDKCJOIKRgXXc.mft rsync://rpki.ripe.net/repository/DEFAULT/4kycUM9OLawF4fBDKCJOIKRgXXc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:ad:a2:ed:bf:fc:e5:a5:fb:cc:fc:65:1c:e0:50:ab Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e24c9c50cf4e2dac05e1f04328224e20a4605d77 Validity Not Before: Dec 6 08:00:56 2025 GMT Not After : Dec 7 08:00:56 2025 GMT Subject: CN=dfafd9ab454fbaaef092fe6e3a1e1f077252beb0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:d2:02:fb:7d:b8:7c:5f:78:62:82:57:d3:c2: aa:71:40:60:ba:55:9a:e4:6c:20:2a:a7:2a:f4:84: 05:ad:43:3b:24:a1:ef:2b:34:19:db:f7:24:2f:f3: 1b:c9:74:83:f2:f5:0d:d4:d7:4e:c6:34:c8:17:6f: 55:b3:0b:09:a0:3e:9a:39:88:98:19:5e:be:28:e7: 2c:55:27:01:5a:fb:66:52:56:b6:92:78:e2:27:27: 63:cc:36:38:0c:fd:cd:bc:b3:81:65:49:5e:62:35: f4:8f:d4:8b:00:c5:b0:d7:db:2b:d7:60:4f:dc:3c: 72:78:ab:14:c9:69:92:1f:11:f5:5a:64:6f:17:cf: 26:33:d0:b2:c5:d2:f4:d4:58:21:ef:94:a8:1d:07: 41:1d:7e:e4:13:a3:a4:40:9b:8f:ad:43:69:be:d2: bc:9b:8d:23:88:a4:33:24:a4:11:b3:f1:3b:36:4d: 93:f3:01:b3:6b:29:05:b3:91:6b:b0:da:c7:cf:4e: f6:48:d6:4b:06:d3:3a:e6:37:07:65:b6:ec:ff:94: 89:97:6d:7c:8e:d8:15:a2:f5:49:20:7b:db:02:25: a5:95:87:b6:de:5b:49:24:b0:29:8e:24:a9:c7:bc: 7e:fa:44:50:00:e2:c0:ac:7f:4f:44:a6:f5:58:05: 35:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:AF:D9:AB:45:4F:BA:AE:F0:92:FE:6E:3A:1E:1F:07:72:52:BE:B0 X509v3 Authority Key Identifier: keyid:E2:4C:9C:50:CF:4E:2D:AC:05:E1:F0:43:28:22:4E:20:A4:60:5D:77 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4kycUM9OLawF4fBDKCJOIKRgXXc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/317cc1-64c2-472e-914b-0bfb86884404/1/4kycUM9OLawF4fBDKCJOIKRgXXc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/317cc1-64c2-472e-914b-0bfb86884404/1/4kycUM9OLawF4fBDKCJOIKRgXXc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2a:ed:eb:85:6c:e1:51:2d:b4:c1:fc:78:37:f2:c1:69:ce:b7: b2:e7:f4:9f:70:d9:4c:5c:84:58:ad:cb:81:c0:3b:f7:9a:1c: 22:c6:03:d7:74:ab:69:38:a1:79:de:28:26:74:99:bb:7e:b0: 08:d1:f9:83:5e:fd:ac:04:d5:7f:fc:9f:63:90:9f:ca:67:e0: 79:c2:ff:18:43:f4:8f:7e:76:de:91:d0:a4:83:91:cf:7f:7c: 8f:ba:79:df:f3:fb:61:02:7e:ad:9b:ac:2e:5a:6a:0d:af:7e: 5e:ee:54:f6:1f:11:cd:81:be:80:9d:d8:39:2d:6d:a0:e3:12: 20:1a:c9:70:53:24:d3:31:76:02:f5:c1:b1:40:8a:3f:c8:ec: 2b:ab:d5:ef:c9:0d:8a:e8:a8:6b:e1:77:cf:12:3b:da:51:59: c0:f1:a4:7b:d7:16:90:94:22:7e:5f:8e:9a:9e:b4:73:10:9e: e9:a8:e9:41:b4:c6:76:47:0d:ba:94:b5:f4:29:2a:6a:48:98: f7:ab:db:5f:6a:3f:5a:a1:df:87:7b:2b:bf:06:5a:c9:fd:5a: ef:8a:bf:5e:17:c1:4f:c1:45:99:68:72:12:c1:a5:d4:f5:ee: a8:c7:7e:76:5a:2f:61:f8:be:59:9c:b8:fb:6b:a5:72:66:77: 9c:eb:04:3c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryraLtv/zlpfvM/GUc4FCrMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGUyNGM5YzUwY2Y0ZTJkYWMwNWUxZjA0MzI4MjI0ZTIwYTQ2 MDVkNzcwHhcNMjUxMjA2MDgwMDU2WhcNMjUxMjA3MDgwMDU2WjAzMTEwLwYDVQQD EyhkZmFmZDlhYjQ1NGZiYWFlZjA5MmZlNmUzYTFlMWYwNzcyNTJiZWIwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmdIC+324fF94YoJX08KqcUBgulWa 5GwgKqcq9IQFrUM7JKHvKzQZ2/ckL/MbyXSD8vUN1NdOxjTIF29VswsJoD6aOYiY GV6+KOcsVScBWvtmUla2knjiJydjzDY4DP3NvLOBZUleYjX0j9SLAMWw19sr12BP 3DxyeKsUyWmSHxH1WmRvF88mM9CyxdL01Fgh75SoHQdBHX7kE6OkQJuPrUNpvtK8 m40jiKQzJKQRs/E7Nk2T8wGzaykFs5FrsNrHz072SNZLBtM65jcHZbbs/5SJl218 jtgVovVJIHvbAiWllYe23ltJJLApjiSpx7x++kRQAOLArH9PRKb1WAU1PwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFN+v2atFT7qu8JL+bjoeHwdyUr6wMB8GA1UdIwQY MBaAFOJMnFDPTi2sBeHwQygiTiCkYF13MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNGt5Y1VNOU9MYXdGNGZCREtDSk9JS1JnWFhjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC8zMTdjYzEtNjRjMi00NzJlLTkxNGIt MGJmYjg2ODg0NDA0LzEvNGt5Y1VNOU9MYXdGNGZCREtDSk9JS1JnWFhjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mNC8zMTdjYzEtNjRjMi00NzJlLTkxNGItMGJmYjg2ODg0NDA0 LzEvNGt5Y1VNOU9MYXdGNGZCREtDSk9JS1JnWFhjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKu3rhWzh US20wfx4N/LBac63suf0n3DZTFyEWK3LgcA795ocIsYD13SraTihed4oJnSZu36w CNH5g179rATVf/yfY5CfymfgecL/GEP0j3523pHQpIORz398j7p53/P7YQJ+rZus LlpqDa9+Xu5U9h8RzYG+gJ3YOS1toOMSIBrJcFMk0zF2AvXBsUCKP8jsK6vV78kN iuioa+F3zxI72lFZwPGke9cWkJQifl+Omp60cxCe6ajpQbTGdkcNupS19CkqakiY 96vbX2o/WqHfh3srvwZayf1a74q/XhfBT8FFmWhyEsGl1PXuqMd+dlovYfi+WZy4 +2ulcmZ3nOsEPA== -----END CERTIFICATE-----Generated at Sat Dec 6 12:26:53 2025 by rpki-client