This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.mft File: 4MQ8pMSc9lLWDM3zZuYBFQ0PALk.mft (raw, json) Hash identifier: 41KqR+BB4rxV4BbRIGC+A2b7pI28YZCFKJBoCMOg1O0= Subject key identifier: 37:7E:25:41:8E:2F:8E:E3:46:EB:BB:6D:10:CC:12:5B:5E:D5:3A:1E Authority key identifier: E0:C4:3C:A4:C4:9C:F6:52:D6:0C:CD:F3:66:E6:01:15:0D:0F:00:B9 Certificate issuer: /CN=e0c43ca4c49cf652d60ccdf366e601150d0f00b9 Certificate serial: 019B34565209CA0C3B9C06FA52B40E79C2DC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.mft Manifest number: 065D Signing time: Fri 19 Dec 2025 02:00:30 +0000 Manifest this update: Fri 19 Dec 2025 02:00:30 +0000 Manifest next update: Sat 20 Dec 2025 02:00:30 +0000 Files and hashes: 1: 4MQ8pMSc9lLWDM3zZuYBFQ0PALk.crl (hash: WXK2+yGh371o1wOrBHgcohiCgU+NZ1NFnJvq2ZD0vBI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.crl rsync://rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.mft rsync://rpki.ripe.net/repository/DEFAULT/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:34:56:52:09:ca:0c:3b:9c:06:fa:52:b4:0e:79:c2:dc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e0c43ca4c49cf652d60ccdf366e601150d0f00b9 Validity Not Before: Dec 19 02:00:30 2025 GMT Not After : Dec 20 02:00:30 2025 GMT Subject: CN=377e25418e2f8ee346ebbb6d10cc125b5ed53a1e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:4b:2a:d1:97:a9:c6:4e:cc:9b:33:8a:0f:b5: 3e:1e:36:cb:52:1a:6b:cf:ff:19:2a:6f:59:58:fc: bb:f3:0e:5f:e7:d5:8c:34:cb:e3:ea:0a:63:ed:cb: bb:76:4f:8d:25:25:6e:51:f9:26:06:cd:89:71:ac: 41:9a:e6:94:e0:ab:c3:e6:f6:5b:ba:ec:22:cd:71: f9:72:4e:ab:d8:83:62:eb:50:a4:94:0e:6b:c5:1d: 52:47:d5:66:17:b2:13:3a:cd:06:da:97:10:46:2a: 39:ad:29:d7:b1:e5:88:95:e1:25:68:b8:e8:15:32: 7e:7c:f2:67:29:d2:2a:52:03:da:f4:2a:31:a2:0c: 9b:a6:41:2b:1c:c3:52:2c:48:3d:be:c8:23:74:a9: 2d:7e:e2:99:f9:75:57:a5:91:b7:7d:ed:b9:16:c9: 3e:da:28:1c:ac:8e:12:cf:d9:c4:c6:2f:d3:8b:6e: 12:8f:fb:dd:20:a2:f9:4b:56:34:bd:f1:d7:9a:01: 6f:be:1b:67:c4:12:c5:3d:e9:7a:8a:fc:f0:29:ff: c6:fc:4c:4b:65:ed:3e:4f:47:da:44:15:96:99:68: 2c:a1:38:b5:22:ff:cd:5c:44:45:94:f3:0d:4a:e3: c2:1c:d3:00:d2:08:83:01:4a:bc:6d:c6:92:a8:1a: 15:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 37:7E:25:41:8E:2F:8E:E3:46:EB:BB:6D:10:CC:12:5B:5E:D5:3A:1E X509v3 Authority Key Identifier: keyid:E0:C4:3C:A4:C4:9C:F6:52:D6:0C:CD:F3:66:E6:01:15:0D:0F:00:B9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b5:e0:3a:04:80:be:9e:6b:04:36:04:81:d1:82:13:07:1e:19: 33:a7:58:f1:8e:e9:e9:ef:66:62:55:d6:96:2d:91:db:84:ea: 89:fa:77:41:26:7f:2a:3b:ec:35:a2:21:69:ef:a1:c5:31:32: 88:93:61:0a:1d:6e:31:ae:03:8b:8f:de:8c:25:46:50:38:f1: 56:86:79:8e:7b:28:6c:99:7f:51:af:de:ed:e5:6c:c2:f8:d2: f6:88:c1:6f:d6:3b:69:a4:2a:1b:37:a3:17:cc:a6:80:76:97: f2:37:e9:49:be:47:9c:59:2c:d9:05:51:b3:e6:23:a9:69:d5: e2:1d:ec:a8:6f:7e:d8:96:f4:bb:15:59:13:d5:43:4b:4c:ce: d6:55:c2:d8:d6:2d:fb:9c:8a:07:64:e4:f0:3a:db:88:c0:ba: f4:8e:bf:20:6b:c5:1f:95:ed:f4:a9:dd:6b:5f:30:77:52:0c: e4:ed:f0:2a:d5:a7:67:14:61:26:3b:9f:38:f8:c2:8b:ac:dc: 6e:46:39:87:41:ba:2d:4c:c7:b4:e8:6e:33:36:96:97:c3:ad: 9b:50:7e:31:54:80:f7:ba:25:97:f1:4c:16:fd:f3:71:89:dd: af:fe:45:a5:64:59:56:87:6d:dc:dc:e4:75:6e:a6:6b:a3:94: 5a:3f:dc:b2 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs0VlIJygw7nAb6UrQOecLcMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGUwYzQzY2E0YzQ5Y2Y2NTJkNjBjY2RmMzY2ZTYwMTE1MGQw ZjAwYjkwHhcNMjUxMjE5MDIwMDMwWhcNMjUxMjIwMDIwMDMwWjAzMTEwLwYDVQQD EygzNzdlMjU0MThlMmY4ZWUzNDZlYmJiNmQxMGNjMTI1YjVlZDUzYTFlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvEsq0Zepxk7MmzOKD7U+HjbLUhpr z/8ZKm9ZWPy78w5f59WMNMvj6gpj7cu7dk+NJSVuUfkmBs2JcaxBmuaU4KvD5vZb uuwizXH5ck6r2INi61CklA5rxR1SR9VmF7ITOs0G2pcQRio5rSnXseWIleElaLjo FTJ+fPJnKdIqUgPa9CoxogybpkErHMNSLEg9vsgjdKktfuKZ+XVXpZG3fe25Fsk+ 2igcrI4Sz9nExi/Ti24Sj/vdIKL5S1Y0vfHXmgFvvhtnxBLFPel6ivzwKf/G/ExL Ze0+T0faRBWWmWgsoTi1Iv/NXERFlPMNSuPCHNMA0giDAUq8bcaSqBoVwwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDd+JUGOL47jRuu7bRDMElte1ToeMB8GA1UdIwQY MBaAFODEPKTEnPZS1gzN82bmARUNDwC5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNE1ROHBNU2M5bExXRE0zelp1WUJGUTBQQUxrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9lODFmOGYtNmRmZi00OTdmLTgxMjUt MDVmYTQ5MThjNDEwLzEvNE1ROHBNU2M5bExXRE0zelp1WUJGUTBQQUxrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNy9lODFmOGYtNmRmZi00OTdmLTgxMjUtMDVmYTQ5MThjNDEw LzEvNE1ROHBNU2M5bExXRE0zelp1WUJGUTBQQUxrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAteA6BIC+ nmsENgSB0YITBx4ZM6dY8Y7p6e9mYlXWli2R24Tqifp3QSZ/KjvsNaIhae+hxTEy iJNhCh1uMa4Di4/ejCVGUDjxVoZ5jnsobJl/Ua/e7eVswvjS9ojBb9Y7aaQqGzej F8ymgHaX8jfpSb5HnFks2QVRs+YjqWnV4h3sqG9+2Jb0uxVZE9VDS0zO1lXC2NYt +5yKB2Tk8DrbiMC69I6/IGvFH5Xt9Knda18wd1IM5O3wKtWnZxRhJjufOPjCi6zc bkY5h0G6LUzHtOhuMzaWl8Otm1B+MVSA97oll/FMFv3zcYndr/5FpWRZVodt3Nzk dW6ma6OUWj/csg== -----END CERTIFICATE-----Generated at Fri Dec 19 06:41:42 2025 by rpki-client