This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/feaa30-142a-4fe0-aab9-907a58c994c2/1/4tNxxKeqqFX4zDsa6oAilCCoDyA.mft File: 4tNxxKeqqFX4zDsa6oAilCCoDyA.mft (raw, json) Hash identifier: NnbS7h86+vJpfStN+G1bC11vLtIN3Ht0dpilXjA0uaA= Subject key identifier: E5:90:22:1C:7B:7E:2A:02:0E:F3:E6:04:8B:C2:A9:A7:0E:03:D6:67 Authority key identifier: E2:D3:71:C4:A7:AA:A8:55:F8:CC:3B:1A:EA:80:22:94:20:A8:0F:20 Certificate issuer: /CN=e2d371c4a7aaa855f8cc3b1aea80229420a80f20 Certificate serial: 019B59E3F9321221AF863B43D9C1FE593819 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4tNxxKeqqFX4zDsa6oAilCCoDyA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/feaa30-142a-4fe0-aab9-907a58c994c2/1/4tNxxKeqqFX4zDsa6oAilCCoDyA.mft Manifest number: 1799 Signing time: Fri 26 Dec 2025 09:01:11 +0000 Manifest this update: Fri 26 Dec 2025 09:01:11 +0000 Manifest next update: Sat 27 Dec 2025 09:01:11 +0000 Files and hashes: 1: 4tNxxKeqqFX4zDsa6oAilCCoDyA.crl (hash: vw6zkgtQMxsS+Q1QNCcz/fF4LfPGLNbJfaaZrvlkphA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/feaa30-142a-4fe0-aab9-907a58c994c2/1/4tNxxKeqqFX4zDsa6oAilCCoDyA.crl rsync://rpki.ripe.net/repository/DEFAULT/53/feaa30-142a-4fe0-aab9-907a58c994c2/1/4tNxxKeqqFX4zDsa6oAilCCoDyA.mft rsync://rpki.ripe.net/repository/DEFAULT/4tNxxKeqqFX4zDsa6oAilCCoDyA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:e3:f9:32:12:21:af:86:3b:43:d9:c1:fe:59:38:19 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e2d371c4a7aaa855f8cc3b1aea80229420a80f20 Validity Not Before: Dec 26 09:01:11 2025 GMT Not After : Dec 27 09:01:11 2025 GMT Subject: CN=e590221c7b7e2a020ef3e6048bc2a9a70e03d667 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f1:35:b0:c6:c5:0f:18:e1:78:8d:fe:03:d6:42: 6e:5d:e9:72:34:81:2a:9c:d7:73:29:62:cb:05:eb: 8b:44:45:f7:0a:5c:08:1a:ee:eb:7b:96:70:61:57: b6:a8:03:ba:74:3b:ba:7a:2d:55:49:86:c3:0e:d8: 4c:c4:76:82:5e:6b:50:f8:cc:95:91:2d:06:8c:5d: 46:ea:7a:3d:69:52:3c:30:cf:74:e5:e5:04:d1:56: 3b:b0:07:67:a2:d3:f5:53:c9:83:ff:4f:a1:c9:63: 0a:f2:22:5e:4a:5b:bd:12:a5:a0:d6:bd:69:27:88: 4b:9b:46:29:68:70:3e:99:5e:70:e1:17:57:5f:48: 34:a1:ef:c9:7b:cc:0f:52:b3:8c:04:38:14:60:e8: fe:46:62:7e:97:4d:6b:18:9a:96:6c:76:5c:bc:9b: 35:a5:be:a3:bf:8c:61:39:b6:28:21:46:1e:a6:62: 32:85:30:2b:89:15:19:5c:c2:52:75:31:ef:b9:bb: 09:a6:f7:39:34:dc:d4:ff:7e:90:d1:47:95:d8:dc: 6a:e5:48:2c:74:a5:cf:2d:b6:e8:27:1d:59:14:24: 19:99:fc:de:0e:11:02:46:1f:b6:6b:f8:b7:bb:96: f4:3a:19:31:5f:a6:2d:0b:33:07:d2:f0:ff:91:b9: a1:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E5:90:22:1C:7B:7E:2A:02:0E:F3:E6:04:8B:C2:A9:A7:0E:03:D6:67 X509v3 Authority Key Identifier: keyid:E2:D3:71:C4:A7:AA:A8:55:F8:CC:3B:1A:EA:80:22:94:20:A8:0F:20 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tNxxKeqqFX4zDsa6oAilCCoDyA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/feaa30-142a-4fe0-aab9-907a58c994c2/1/4tNxxKeqqFX4zDsa6oAilCCoDyA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/53/feaa30-142a-4fe0-aab9-907a58c994c2/1/4tNxxKeqqFX4zDsa6oAilCCoDyA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a2:25:b0:1f:a5:ef:86:82:10:cd:73:64:83:bb:4a:7e:81:dd: c8:ba:ab:af:c4:5e:bf:9c:ae:ff:de:87:08:cf:e5:db:78:df: db:a2:6a:02:42:33:27:8b:02:54:e7:a8:35:86:96:fa:d6:c3: e2:ce:dc:05:7e:d2:67:db:d1:bd:11:29:d0:cd:88:34:6e:a1: f6:ef:e6:a6:a0:10:ee:60:9f:51:d3:f9:51:84:6d:36:95:f9: e8:4c:3e:a6:a4:37:c6:d3:68:38:f8:14:ae:5f:95:b3:cf:bd: 94:61:ca:06:95:32:3d:94:cc:bf:c0:fd:0b:63:48:fe:df:bb: 9e:77:d1:d4:58:a1:a5:51:3c:61:f8:7e:be:8d:39:57:3b:89: c5:f5:4b:ef:46:3a:70:d8:fe:42:44:88:5c:b5:d0:52:96:e6: 8a:07:66:86:e0:e5:10:1e:da:24:70:04:b5:d2:40:1f:43:9f: 5f:0a:62:49:e9:02:be:76:85:28:c1:26:e6:4d:2f:13:a4:44: 99:fb:1c:28:cc:30:d1:a2:52:e3:d2:ae:c5:5e:9f:b6:bd:79: 0c:4e:c7:1b:57:c9:ba:0c:02:cb:3d:12:d9:85:7c:c5:c0:24: 48:d8:4c:53:19:9e:ec:8d:d4:29:0b:fa:3d:49:09:be:85:84: c3:b0:97:d9 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZ4/kyEiGvhjtD2cH+WTgZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGUyZDM3MWM0YTdhYWE4NTVmOGNjM2IxYWVhODAyMjk0MjBh ODBmMjAwHhcNMjUxMjI2MDkwMTExWhcNMjUxMjI3MDkwMTExWjAzMTEwLwYDVQQD EyhlNTkwMjIxYzdiN2UyYTAyMGVmM2U2MDQ4YmMyYTlhNzBlMDNkNjY3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8TWwxsUPGOF4jf4D1kJuXelyNIEq nNdzKWLLBeuLREX3ClwIGu7re5ZwYVe2qAO6dDu6ei1VSYbDDthMxHaCXmtQ+MyV kS0GjF1G6no9aVI8MM905eUE0VY7sAdnotP1U8mD/0+hyWMK8iJeSlu9EqWg1r1p J4hLm0YpaHA+mV5w4RdXX0g0oe/Je8wPUrOMBDgUYOj+RmJ+l01rGJqWbHZcvJs1 pb6jv4xhObYoIUYepmIyhTAriRUZXMJSdTHvubsJpvc5NNzU/36Q0UeV2Nxq5Ugs dKXPLbboJx1ZFCQZmfzeDhECRh+2a/i3u5b0OhkxX6YtCzMH0vD/kbmh7QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOWQIhx7fioCDvPmBIvCqacOA9ZnMB8GA1UdIwQY MBaAFOLTccSnqqhV+Mw7GuqAIpQgqA8gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNHROeHhLZXFxRlg0ekRzYTZvQWlsQ0NvRHlBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9mZWFhMzAtMTQyYS00ZmUwLWFhYjkt OTA3YTU4Yzk5NGMyLzEvNHROeHhLZXFxRlg0ekRzYTZvQWlsQ0NvRHlBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81My9mZWFhMzAtMTQyYS00ZmUwLWFhYjktOTA3YTU4Yzk5NGMy LzEvNHROeHhLZXFxRlg0ekRzYTZvQWlsQ0NvRHlBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoiWwH6Xv hoIQzXNkg7tKfoHdyLqrr8Rev5yu/96HCM/l23jf26JqAkIzJ4sCVOeoNYaW+tbD 4s7cBX7SZ9vRvREp0M2ING6h9u/mpqAQ7mCfUdP5UYRtNpX56Ew+pqQ3xtNoOPgU rl+Vs8+9lGHKBpUyPZTMv8D9C2NI/t+7nnfR1FihpVE8Yfh+vo05VzuJxfVL70Y6 cNj+QkSIXLXQUpbmigdmhuDlEB7aJHAEtdJAH0OfXwpiSekCvnaFKMEm5k0vE6RE mfscKMww0aJS49KuxV6ftr15DE7HG1fJugwCyz0S2YV8xcAkSNhMUxme7I3UKQv6 PUkJvoWEw7CX2Q== -----END CERTIFICATE-----Generated at Fri Dec 26 16:03:53 2025 by rpki-client