This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/_4fgqwMrDAXrXnTMLAhpjdMk2WM.mft File: _4fgqwMrDAXrXnTMLAhpjdMk2WM.mft (raw, json) Hash identifier: h9xRiTbg68Yk4uvV5EjzATllw972QacnBXelE9wsdzs= Subject key identifier: 0A:04:AE:17:F7:2A:D1:77:8B:8A:5E:ED:FB:33:BF:88:B1:83:88:DD Authority key identifier: FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63 Certificate issuer: /CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963 Certificate serial: 019B1B3C18202C714B48E08E10092055DDF4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/_4fgqwMrDAXrXnTMLAhpjdMk2WM.mft Manifest number: 17B3 Signing time: Sun 14 Dec 2025 05:01:21 +0000 Manifest this update: Sun 14 Dec 2025 05:01:21 +0000 Manifest next update: Mon 15 Dec 2025 05:01:21 +0000 Files and hashes: 1: 6ytibQXjOjv-ZANwibgbWAzZG2U.roa (hash: Y/Z/9OvD6QNjfuwrTmUdgOamFL52z6ksqnz9FZTa6JU=) 2: _4fgqwMrDAXrXnTMLAhpjdMk2WM.crl (hash: fojRVMP4GLrRV0/ysz6hXwOM2qbRi9pIRZfPaj96svw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/_4fgqwMrDAXrXnTMLAhpjdMk2WM.crl rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/_4fgqwMrDAXrXnTMLAhpjdMk2WM.mft rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 15 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:1b:3c:18:20:2c:71:4b:48:e0:8e:10:09:20:55:dd:f4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ff87e0ab032b0c05eb5e74cc2c08698dd324d963 Validity Not Before: Dec 14 05:01:21 2025 GMT Not After : Dec 15 05:01:21 2025 GMT Subject: CN=0a04ae17f72ad1778b8a5eedfb33bf88b18388dd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:bd:0b:ae:8d:12:a3:ee:ec:6a:54:65:93:8a: 18:c6:1a:33:d4:d4:dc:ac:ba:dd:29:86:a8:4e:32: a6:f7:43:ce:cf:5d:57:96:e5:de:fb:21:10:72:93: 04:76:2e:bf:1b:56:cc:4a:08:e6:3b:a5:3d:90:60: b5:2a:06:73:28:e1:b7:1c:6c:67:fb:d2:f1:0a:95: 9e:53:39:29:b2:d3:d1:36:67:b9:c6:8c:a9:f2:6a: 4e:87:02:1c:45:95:02:ee:95:fc:a5:f7:d1:a8:c2: e3:c0:84:0b:bf:9d:13:38:25:a1:44:05:b1:a0:49: 97:32:80:67:c1:dc:43:1e:81:06:01:19:f1:df:fc: 91:b1:75:2e:6a:6c:00:ea:c5:60:14:ba:db:2f:01: ab:ab:4f:38:cf:93:79:fd:bf:fe:69:70:9a:9e:c4: f6:4e:f7:3f:c6:14:62:c8:a6:b5:cf:a9:68:21:d3: 4b:4f:57:98:b4:fe:80:19:21:9b:c2:c4:e0:bd:65: d3:dd:4e:f9:8f:cd:33:c6:ac:ec:13:d3:ec:51:72: c8:40:d8:d5:01:37:32:6b:4e:43:f8:a9:50:2e:3e: 8f:34:08:79:8e:58:a6:b4:85:bd:82:5c:6a:53:32: 73:a5:9c:02:20:61:f8:ee:dd:86:8d:1d:87:55:53: 18:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:04:AE:17:F7:2A:D1:77:8B:8A:5E:ED:FB:33:BF:88:B1:83:88:DD X509v3 Authority Key Identifier: keyid:FF:87:E0:AB:03:2B:0C:05:EB:5E:74:CC:2C:08:69:8D:D3:24:D9:63 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4fgqwMrDAXrXnTMLAhpjdMk2WM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/_4fgqwMrDAXrXnTMLAhpjdMk2WM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/33/1df18e-6c4d-434b-8e31-71eb95f50e5b/1/_4fgqwMrDAXrXnTMLAhpjdMk2WM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0a:cb:82:d7:f6:f0:d3:c6:1d:40:47:da:20:2b:cc:42:70:2d: 44:f6:bf:b9:f2:34:96:3a:29:e9:76:52:c9:a2:62:30:de:c3: c2:dd:d7:28:5e:1a:a0:90:87:fe:5e:33:f6:0b:67:9d:87:9e: 30:2f:c5:69:bc:71:2e:f4:39:e5:73:42:81:2d:fc:4a:62:68: 35:fb:1c:3a:ee:8d:72:87:77:6c:7b:6a:3f:d6:52:80:50:de: d8:5b:b6:2b:f3:89:da:55:f4:98:f2:ab:2d:24:90:37:06:52: f7:43:7f:83:23:f5:c3:e4:19:3e:37:91:76:8d:cf:cd:d4:59: 80:c1:ee:f9:83:08:54:ae:8c:d6:3c:5d:13:e3:95:6f:b3:e7: 52:1c:57:62:72:33:9f:22:d0:d1:95:31:b4:70:8c:d6:07:a0: 6b:64:72:9f:b3:bd:4b:24:56:9c:b7:54:fe:01:ff:56:cf:41: 6e:0f:3b:6f:4c:df:f4:0e:4b:54:1a:58:7c:69:0f:4b:6e:58: d0:ac:aa:dd:de:03:00:0f:00:21:1e:b8:c6:7e:24:da:86:cb: a7:03:2d:82:e8:13:ee:5c:c6:d9:39:c6:76:c1:b4:44:96:32: bf:d7:e2:1b:7b:82:95:b2:e0:90:0e:5a:b0:4d:46:85:f7:1f: 84:a5:4d:ce -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsbPBggLHFLSOCOEAkgVd30MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGZmODdlMGFiMDMyYjBjMDVlYjVlNzRjYzJjMDg2OThkZDMy NGQ5NjMwHhcNMjUxMjE0MDUwMTIxWhcNMjUxMjE1MDUwMTIxWjAzMTEwLwYDVQQD EygwYTA0YWUxN2Y3MmFkMTc3OGI4YTVlZWRmYjMzYmY4OGIxODM4OGRkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4L0Lro0So+7salRlk4oYxhoz1NTc rLrdKYaoTjKm90POz11XluXe+yEQcpMEdi6/G1bMSgjmO6U9kGC1KgZzKOG3HGxn +9LxCpWeUzkpstPRNme5xoyp8mpOhwIcRZUC7pX8pffRqMLjwIQLv50TOCWhRAWx oEmXMoBnwdxDHoEGARnx3/yRsXUuamwA6sVgFLrbLwGrq084z5N5/b/+aXCansT2 Tvc/xhRiyKa1z6loIdNLT1eYtP6AGSGbwsTgvWXT3U75j80zxqzsE9PsUXLIQNjV ATcya05D+KlQLj6PNAh5jlimtIW9glxqUzJzpZwCIGH47t2GjR2HVVMYcwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAoErhf3KtF3i4pe7fszv4ixg4jdMB8GA1UdIwQY MBaAFP+H4KsDKwwF6150zCwIaY3TJNljMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEt NzFlYjk1ZjUwZTViLzEvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMy8xZGYxOGUtNmM0ZC00MzRiLThlMzEtNzFlYjk1ZjUwZTVi LzEvXzRmZ3F3TXJEQVhyWG5UTUxBaHBqZE1rMldNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEACsuC1/bw 08YdQEfaICvMQnAtRPa/ufI0ljop6XZSyaJiMN7Dwt3XKF4aoJCH/l4z9gtnnYee MC/FabxxLvQ55XNCgS38SmJoNfscOu6Ncod3bHtqP9ZSgFDe2Fu2K/OJ2lX0mPKr LSSQNwZS90N/gyP1w+QZPjeRdo3PzdRZgMHu+YMIVK6M1jxdE+OVb7PnUhxXYnIz nyLQ0ZUxtHCM1gega2Ryn7O9SyRWnLdU/gH/Vs9Bbg87b0zf9A5LVBpYfGkPS25Y 0Kyq3d4DAA8AIR64xn4k2obLpwMtgugT7lzG2TnGdsG0RJYyv9fiG3uClbLgkA5a sE1GhfcfhKVNzg== -----END CERTIFICATE-----Generated at Sun Dec 14 07:46:59 2025 by rpki-client