This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/63fae9-499f-43d5-8768-f9811ee3fa87/1/4iUB2aQBcJg48z0a4nm85xALPM8.mft File: 4iUB2aQBcJg48z0a4nm85xALPM8.mft (raw, json) Hash identifier: q5LAxNL+2YF5m4V3r8E9LTzbVINgKohy7wZFgN9b83M= Subject key identifier: 7F:22:9F:28:6A:3D:A5:53:9E:CD:11:75:08:B0:BA:AD:70:A4:4C:33 Authority key identifier: E2:25:01:D9:A4:01:70:98:38:F3:3D:1A:E2:79:BC:E7:10:0B:3C:CF Certificate issuer: /CN=e22501d9a401709838f33d1ae279bce7100b3ccf Certificate serial: 019B462718FF1A595B03727217617846A818 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4iUB2aQBcJg48z0a4nm85xALPM8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/63fae9-499f-43d5-8768-f9811ee3fa87/1/4iUB2aQBcJg48z0a4nm85xALPM8.mft Manifest number: 1204 Signing time: Mon 22 Dec 2025 13:02:05 +0000 Manifest this update: Mon 22 Dec 2025 13:02:05 +0000 Manifest next update: Tue 23 Dec 2025 13:02:05 +0000 Files and hashes: 1: 4iUB2aQBcJg48z0a4nm85xALPM8.crl (hash: +cFkuspJLGNbZ3mmatO80PGzLDDlJDd0xgH+jn00XqA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/73/63fae9-499f-43d5-8768-f9811ee3fa87/1/4iUB2aQBcJg48z0a4nm85xALPM8.crl rsync://rpki.ripe.net/repository/DEFAULT/73/63fae9-499f-43d5-8768-f9811ee3fa87/1/4iUB2aQBcJg48z0a4nm85xALPM8.mft rsync://rpki.ripe.net/repository/DEFAULT/4iUB2aQBcJg48z0a4nm85xALPM8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 13:02:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:46:27:18:ff:1a:59:5b:03:72:72:17:61:78:46:a8:18 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e22501d9a401709838f33d1ae279bce7100b3ccf Validity Not Before: Dec 22 13:02:05 2025 GMT Not After : Dec 23 13:02:05 2025 GMT Subject: CN=7f229f286a3da5539ecd117508b0baad70a44c33 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:cf:df:d8:4a:12:00:f8:b8:9a:95:b6:44:d0: 3d:a8:77:73:c2:30:1f:03:d7:73:e6:19:e2:27:62: 57:9b:84:75:8b:e2:67:ae:03:d4:e6:01:06:03:0d: 5d:8c:d1:d3:b5:36:57:43:68:e7:a6:34:8c:4a:eb: e4:eb:8b:13:37:92:a1:7f:2a:04:1e:d7:e2:93:f5: e2:24:9a:59:16:62:dd:e1:79:da:ea:4d:98:5a:1c: 24:1a:d0:07:ec:14:6c:87:05:66:d4:4c:43:da:ef: 01:7f:d4:19:7c:e9:dd:b4:6a:49:51:c2:a0:65:c6: d9:10:62:38:5c:48:16:42:d1:66:98:b8:70:43:c6: 0e:35:65:51:ea:97:ce:fe:6f:08:af:b3:c2:ec:c6: f9:7e:7a:9d:de:33:c8:e9:66:e6:9a:43:28:9b:58: 21:a6:df:64:01:89:1e:56:42:23:33:89:2c:0b:38: 37:33:79:de:b7:23:b0:8f:a6:97:dd:e1:24:c8:b2: 68:6c:cf:18:be:e1:63:15:f0:64:e2:b6:3c:bb:55: 6f:6e:b1:7d:9e:5e:34:59:43:d0:34:44:8f:0b:af: d7:06:ea:4d:73:44:c0:6f:27:6b:9a:69:84:ee:26: 89:62:de:43:f4:4f:88:f3:b4:e1:ee:34:b5:d6:12: 30:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7F:22:9F:28:6A:3D:A5:53:9E:CD:11:75:08:B0:BA:AD:70:A4:4C:33 X509v3 Authority Key Identifier: keyid:E2:25:01:D9:A4:01:70:98:38:F3:3D:1A:E2:79:BC:E7:10:0B:3C:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4iUB2aQBcJg48z0a4nm85xALPM8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/63fae9-499f-43d5-8768-f9811ee3fa87/1/4iUB2aQBcJg48z0a4nm85xALPM8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/73/63fae9-499f-43d5-8768-f9811ee3fa87/1/4iUB2aQBcJg48z0a4nm85xALPM8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 23:bf:04:f6:21:59:6e:b5:4e:63:f0:15:55:ac:de:7c:97:4a: f0:d4:21:7f:8a:53:ea:bc:3b:2f:6a:f8:92:85:1d:d0:22:33: c7:25:a3:85:d2:7c:43:9d:c5:ae:61:3c:7a:0a:69:99:6a:c9: ea:39:b6:9c:67:c4:d5:49:f2:6c:9d:e9:3e:48:72:ca:2b:c2: 9f:78:e3:a7:10:42:f8:ef:45:2e:59:d0:23:06:94:0d:b7:d2: 84:32:5c:27:a2:b3:b2:2c:ec:7d:59:f9:ad:43:5a:27:cd:37: fc:2c:c2:8b:bd:f3:b9:90:c4:50:7c:93:c2:85:02:36:9e:66: 4e:b5:ad:64:55:df:d5:98:3c:7b:44:64:88:d2:41:66:3d:8a: f0:43:ab:cc:ef:55:c9:c6:26:4a:0f:d5:1d:2e:7f:94:21:04: e5:23:65:fb:57:ab:11:2d:52:87:ce:d6:d9:d2:3d:40:1d:0c: df:4c:bd:00:82:36:22:34:8e:e2:31:f4:ea:55:3b:f2:8e:72: 6f:df:17:95:5b:60:de:10:d8:d3:1b:4e:7b:1f:80:74:d2:25: 6f:cf:74:1d:8b:c1:74:9d:ac:b7:97:11:7b:01:ff:29:a5:13: 34:6e:84:6c:ff:52:75:ef:a7:9b:3b:d8:64:1a:a0:c6:2e:a0: 4c:f1:80:92 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtGJxj/GllbA3JyF2F4RqgYMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGUyMjUwMWQ5YTQwMTcwOTgzOGYzM2QxYWUyNzliY2U3MTAw YjNjY2YwHhcNMjUxMjIyMTMwMjA1WhcNMjUxMjIzMTMwMjA1WjAzMTEwLwYDVQQD Eyg3ZjIyOWYyODZhM2RhNTUzOWVjZDExNzUwOGIwYmFhZDcwYTQ0YzMzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAns/f2EoSAPi4mpW2RNA9qHdzwjAf A9dz5hniJ2JXm4R1i+JnrgPU5gEGAw1djNHTtTZXQ2jnpjSMSuvk64sTN5KhfyoE Htfik/XiJJpZFmLd4Xna6k2YWhwkGtAH7BRshwVm1ExD2u8Bf9QZfOndtGpJUcKg ZcbZEGI4XEgWQtFmmLhwQ8YONWVR6pfO/m8Ir7PC7Mb5fnqd3jPI6WbmmkMom1gh pt9kAYkeVkIjM4ksCzg3M3netyOwj6aX3eEkyLJobM8YvuFjFfBk4rY8u1VvbrF9 nl40WUPQNESPC6/XBupNc0TAbydrmmmE7iaJYt5D9E+I87Th7jS11hIwcwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFH8inyhqPaVTns0RdQiwuq1wpEwzMB8GA1UdIwQY MBaAFOIlAdmkAXCYOPM9GuJ5vOcQCzzPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNGlVQjJhUUJjSmc0OHowYTRubTg1eEFMUE04LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My82M2ZhZTktNDk5Zi00M2Q1LTg3Njgt Zjk4MTFlZTNmYTg3LzEvNGlVQjJhUUJjSmc0OHowYTRubTg1eEFMUE04Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83My82M2ZhZTktNDk5Zi00M2Q1LTg3NjgtZjk4MTFlZTNmYTg3 LzEvNGlVQjJhUUJjSmc0OHowYTRubTg1eEFMUE04LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAI78E9iFZ brVOY/AVVazefJdK8NQhf4pT6rw7L2r4koUd0CIzxyWjhdJ8Q53FrmE8egppmWrJ 6jm2nGfE1UnybJ3pPkhyyivCn3jjpxBC+O9FLlnQIwaUDbfShDJcJ6KzsizsfVn5 rUNaJ803/CzCi73zuZDEUHyTwoUCNp5mTrWtZFXf1Zg8e0RkiNJBZj2K8EOrzO9V ycYmSg/VHS5/lCEE5SNl+1erES1Sh87W2dI9QB0M30y9AII2IjSO4jH06lU78o5y b98XlVtg3hDY0xtOex+AdNIlb890HYvBdJ2st5cRewH/KaUTNG6EbP9Sde+nmzvY ZBqgxi6gTPGAkg== -----END CERTIFICATE-----Generated at Mon Dec 22 20:43:20 2025 by rpki-client