This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.mft File: 4BpLB7xMpvoFciL96uhg9kRAR-A.mft (raw, json) Hash identifier: HflPQ+mVHLSlOu6zxU4Ym7JczVt/neCqQfRwQs1xhug= Subject key identifier: FC:5F:4E:90:46:39:CB:91:6D:1F:70:7A:79:E1:7F:A6:44:B1:67:73 Authority key identifier: E0:1A:4B:07:BC:4C:A6:FA:05:72:22:FD:EA:E8:60:F6:44:40:47:E0 Certificate issuer: /CN=e01a4b07bc4ca6fa057222fdeae860f6444047e0 Certificate serial: 019B47A6E9EAD237D94BC8ADC1D8A17FB60E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4BpLB7xMpvoFciL96uhg9kRAR-A.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.mft Manifest number: 055F Signing time: Mon 22 Dec 2025 20:01:19 +0000 Manifest this update: Mon 22 Dec 2025 20:01:19 +0000 Manifest next update: Tue 23 Dec 2025 20:01:19 +0000 Files and hashes: 1: 4BpLB7xMpvoFciL96uhg9kRAR-A.crl (hash: k8Xq4lCsZbmZcNt60ZW8VHGfnwTknEkzKfeZGsWGRio=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.crl rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.mft rsync://rpki.ripe.net/repository/DEFAULT/4BpLB7xMpvoFciL96uhg9kRAR-A.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 20:01:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:47:a6:e9:ea:d2:37:d9:4b:c8:ad:c1:d8:a1:7f:b6:0e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e01a4b07bc4ca6fa057222fdeae860f6444047e0 Validity Not Before: Dec 22 20:01:19 2025 GMT Not After : Dec 23 20:01:19 2025 GMT Subject: CN=fc5f4e904639cb916d1f707a79e17fa644b16773 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:c1:21:be:f0:24:ff:55:fd:16:5f:0e:e9:71: ba:51:03:d6:6b:84:a3:31:5e:14:ef:ae:54:99:01: da:a9:65:01:5d:26:5f:b8:38:96:87:d1:da:31:1a: d5:ea:77:89:6e:db:7c:d4:e4:d9:87:4b:3d:e1:76: 3d:b0:0c:26:95:41:a9:f0:62:db:cc:9d:1f:78:77: eb:e7:10:06:99:62:22:7c:3b:93:d7:27:8b:c5:32: b8:ef:ee:f8:1d:2b:d0:51:80:c3:46:21:0b:78:d1: 72:54:77:27:af:55:39:04:34:84:a8:7c:43:73:e1: 12:93:2e:cd:78:9c:da:8a:b3:c6:a0:13:3c:2e:22: a4:99:a8:e5:de:7a:dc:42:df:c5:c0:d0:04:f7:68: 69:f4:e9:ef:96:8f:f4:94:1f:3d:e8:91:06:4d:98: 95:b0:f6:d5:1d:19:cb:f7:15:34:05:ce:bb:8a:23: ee:0d:dc:20:66:35:3d:cb:7a:52:22:db:d1:39:bf: 20:ac:ae:bd:1b:a3:12:b3:3e:94:87:b6:4a:c4:60: d6:73:f9:a3:1c:25:06:2f:da:5c:de:06:94:67:07: 9b:10:e9:a7:8f:da:6a:45:c7:7c:b5:30:99:c2:5b: 8a:d2:46:91:50:c1:d9:a9:d1:af:32:a2:2c:27:41: 46:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FC:5F:4E:90:46:39:CB:91:6D:1F:70:7A:79:E1:7F:A6:44:B1:67:73 X509v3 Authority Key Identifier: keyid:E0:1A:4B:07:BC:4C:A6:FA:05:72:22:FD:EA:E8:60:F6:44:40:47:E0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4BpLB7xMpvoFciL96uhg9kRAR-A.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3a:60:1d:01:ca:6f:f3:e3:cd:22:78:a0:bd:39:d5:ff:39:e4: ea:d0:7e:9f:a3:05:bd:f4:b8:a5:a3:58:c7:1c:60:28:2c:41: ff:ab:60:09:9a:0b:57:41:21:60:b2:9b:59:92:48:e5:05:a0: 37:1d:23:1a:db:86:cf:ee:ff:ff:63:4c:fa:c9:17:14:89:0f: a5:95:2d:39:d5:87:0e:c0:55:17:38:7e:d0:0a:b2:0a:ee:98: 2d:4e:da:ba:cb:2a:a6:15:00:1a:52:0d:76:6b:a0:ca:3e:f3: f5:4a:38:0a:d8:c2:19:4a:8f:e5:c4:23:ca:25:fe:c7:2c:26: 07:1d:63:79:cb:62:ca:a9:a9:7c:aa:06:61:c8:85:ae:ab:a9: 5b:12:b2:c1:d1:36:cc:67:41:4e:ba:dd:6b:f4:22:a1:67:06: c3:a6:b6:44:15:aa:74:71:c9:9e:12:77:3c:55:74:58:91:90: 0c:fd:e9:66:d2:06:ff:2b:4a:08:03:c1:db:c0:8c:61:09:62: b3:e0:53:2d:c4:08:e8:d2:33:bd:3b:8a:a0:67:91:96:9d:67: 28:60:90:f3:80:ed:7b:0d:11:a3:e2:83:bc:6b:1b:2b:d4:e3: 6b:dd:72:5e:ef:a5:35:d1:06:e4:6d:34:d6:b2:10:e7:9b:d8: e0:30:3c:d0 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtHpunq0jfZS8itwdihf7YOMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGUwMWE0YjA3YmM0Y2E2ZmEwNTcyMjJmZGVhZTg2MGY2NDQ0 MDQ3ZTAwHhcNMjUxMjIyMjAwMTE5WhcNMjUxMjIzMjAwMTE5WjAzMTEwLwYDVQQD EyhmYzVmNGU5MDQ2MzljYjkxNmQxZjcwN2E3OWUxN2ZhNjQ0YjE2NzczMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvMEhvvAk/1X9Fl8O6XG6UQPWa4Sj MV4U765UmQHaqWUBXSZfuDiWh9HaMRrV6neJbtt81OTZh0s94XY9sAwmlUGp8GLb zJ0feHfr5xAGmWIifDuT1yeLxTK47+74HSvQUYDDRiELeNFyVHcnr1U5BDSEqHxD c+ESky7NeJzairPGoBM8LiKkmajl3nrcQt/FwNAE92hp9Onvlo/0lB896JEGTZiV sPbVHRnL9xU0Bc67iiPuDdwgZjU9y3pSItvROb8grK69G6MSsz6Uh7ZKxGDWc/mj HCUGL9pc3gaUZwebEOmnj9pqRcd8tTCZwluK0kaRUMHZqdGvMqIsJ0FGbQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPxfTpBGOcuRbR9wennhf6ZEsWdzMB8GA1UdIwQY MBaAFOAaSwe8TKb6BXIi/eroYPZEQEfgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNEJwTEI3eE1wdm9GY2lMOTZ1aGc5a1JBUi1BLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My85NDRjOGYtZjBmOC00YzcxLTllZGUt N2EzYzUzMmQzYTU1LzEvNEJwTEI3eE1wdm9GY2lMOTZ1aGc5a1JBUi1BLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80My85NDRjOGYtZjBmOC00YzcxLTllZGUtN2EzYzUzMmQzYTU1 LzEvNEJwTEI3eE1wdm9GY2lMOTZ1aGc5a1JBUi1BLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOmAdAcpv 8+PNInigvTnV/znk6tB+n6MFvfS4paNYxxxgKCxB/6tgCZoLV0EhYLKbWZJI5QWg Nx0jGtuGz+7//2NM+skXFIkPpZUtOdWHDsBVFzh+0AqyCu6YLU7aussqphUAGlIN dmugyj7z9Uo4CtjCGUqP5cQjyiX+xywmBx1jectiyqmpfKoGYciFrqupWxKywdE2 zGdBTrrda/QioWcGw6a2RBWqdHHJnhJ3PFV0WJGQDP3pZtIG/ytKCAPB28CMYQli s+BTLcQI6NIzvTuKoGeRlp1nKGCQ84Dtew0Ro+KDvGsbK9Tja91yXu+lNdEG5G00 1rIQ55vY4DA80A== -----END CERTIFICATE-----Generated at Tue Dec 23 06:05:01 2025 by rpki-client