This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/7d26b8-f747-4d9a-9aa2-6e2c053d9993/1/4WU0PZW9Tbww89ciSVQanUfnbZE.mft File: 4WU0PZW9Tbww89ciSVQanUfnbZE.mft (raw, json) Hash identifier: 3OXzRQdV4//J7Ps+45XpT/NHoJP09HzZJz9SqkW3YQA= Subject key identifier: 3B:4C:E0:B0:62:0C:D9:6C:34:0E:FD:11:D1:87:0B:02:2C:E6:B8:83 Authority key identifier: E1:65:34:3D:95:BD:4D:BC:30:F3:D7:22:49:54:1A:9D:47:E7:6D:91 Certificate issuer: /CN=e165343d95bd4dbc30f3d72249541a9d47e76d91 Certificate serial: 019B2175D2038AC1F1E36E387A324E05DD34 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4WU0PZW9Tbww89ciSVQanUfnbZE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/7d26b8-f747-4d9a-9aa2-6e2c053d9993/1/4WU0PZW9Tbww89ciSVQanUfnbZE.mft Manifest number: 107D Signing time: Mon 15 Dec 2025 10:02:08 +0000 Manifest this update: Mon 15 Dec 2025 10:02:08 +0000 Manifest next update: Tue 16 Dec 2025 10:02:08 +0000 Files and hashes: 1: 4WU0PZW9Tbww89ciSVQanUfnbZE.crl (hash: x1CGH0WFBqoflwTnbVzc6tc8dL/a5OSl6hP7MzZHM7s=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/74/7d26b8-f747-4d9a-9aa2-6e2c053d9993/1/4WU0PZW9Tbww89ciSVQanUfnbZE.crl rsync://rpki.ripe.net/repository/DEFAULT/74/7d26b8-f747-4d9a-9aa2-6e2c053d9993/1/4WU0PZW9Tbww89ciSVQanUfnbZE.mft rsync://rpki.ripe.net/repository/DEFAULT/4WU0PZW9Tbww89ciSVQanUfnbZE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 10:02:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:21:75:d2:03:8a:c1:f1:e3:6e:38:7a:32:4e:05:dd:34 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e165343d95bd4dbc30f3d72249541a9d47e76d91 Validity Not Before: Dec 15 10:02:08 2025 GMT Not After : Dec 16 10:02:08 2025 GMT Subject: CN=3b4ce0b0620cd96c340efd11d1870b022ce6b883 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:db:2c:cb:24:3d:13:e3:ae:da:a9:a8:b3:1d: ac:60:5e:66:9e:a2:9d:41:7f:b8:ac:72:6c:51:cf: e4:1f:32:46:5b:27:10:74:c8:b7:fc:0c:e2:d0:02: d6:50:aa:d6:b4:3c:e9:33:79:97:e5:da:50:a3:66: f7:41:9b:5b:23:59:ac:6f:50:b5:24:a0:e5:74:66: aa:ec:a7:6e:a8:2d:5b:16:0f:11:f6:5d:19:e4:ab: c8:78:23:38:f4:ef:17:d1:3a:7a:a8:ab:a7:43:ba: 45:e6:1b:3b:85:d6:13:4b:37:5d:d9:e8:0f:c9:04: 76:42:c6:0b:37:f9:cb:23:3b:93:25:a7:fe:b4:ae: 46:47:0b:82:7b:c3:92:45:97:a0:cc:9c:03:af:53: 64:e3:30:4d:56:20:c8:ef:0c:f8:1c:cf:89:48:46: a5:dd:27:ed:27:66:af:6d:97:41:b2:1b:b2:ae:4b: e5:de:cf:bd:53:57:07:6a:1b:71:29:d6:3e:28:ab: 02:02:a6:d1:ee:4e:31:b0:4e:a4:d6:15:de:91:65: 6c:c4:79:3a:95:fc:2f:03:19:b1:7e:91:92:8a:a6: d9:35:62:ec:00:55:35:c5:32:50:be:9d:53:5d:2e: 51:1d:12:6a:3e:de:d3:46:bc:dc:08:99:b3:be:ff: 2a:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3B:4C:E0:B0:62:0C:D9:6C:34:0E:FD:11:D1:87:0B:02:2C:E6:B8:83 X509v3 Authority Key Identifier: keyid:E1:65:34:3D:95:BD:4D:BC:30:F3:D7:22:49:54:1A:9D:47:E7:6D:91 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4WU0PZW9Tbww89ciSVQanUfnbZE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/7d26b8-f747-4d9a-9aa2-6e2c053d9993/1/4WU0PZW9Tbww89ciSVQanUfnbZE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/74/7d26b8-f747-4d9a-9aa2-6e2c053d9993/1/4WU0PZW9Tbww89ciSVQanUfnbZE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 05:78:1d:74:ef:0a:85:e2:84:2a:09:50:1e:91:e6:a4:bc:99: f6:c3:84:2a:2b:68:aa:e5:30:07:d4:f2:e3:fc:ad:df:32:e9: 40:38:2b:ab:90:3f:93:63:18:3b:d9:53:24:e2:8e:8a:12:40: 83:92:e8:30:88:f2:f2:bd:8c:b1:8a:a1:cd:7a:2f:39:2a:e6: 32:c6:1d:79:54:bc:bb:f4:7d:18:cd:8a:2a:54:eb:d6:36:09: 72:ae:bc:ab:f0:44:e4:0e:a1:d3:dd:66:fc:4a:94:97:95:b2: 62:59:ef:08:46:c7:bd:6d:25:4f:64:a4:1a:b2:c6:e0:d5:7f: c9:48:7f:ad:f1:97:18:68:65:fd:eb:23:c1:76:7d:54:37:d2: b8:84:47:39:e3:83:34:e4:c3:df:c0:95:95:29:f8:ac:e2:a6: 8c:92:bb:eb:53:59:a6:2d:0f:7e:65:ef:7c:21:78:85:66:51: f6:66:57:b5:92:25:77:7d:f9:65:30:8d:03:51:3d:b5:03:13: 1e:e9:2e:c6:c5:03:43:f3:88:d9:f9:3b:96:f5:f6:1a:98:3c: 4f:a1:e0:15:56:03:a6:de:2b:54:04:3b:5f:d9:88:63:13:1a: 7e:10:41:5f:7e:6b:f9:94:52:fb:99:ee:5e:0b:5f:fc:60:09: 35:36:5b:f1 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZshddIDisHx4244ejJOBd00MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGUxNjUzNDNkOTViZDRkYmMzMGYzZDcyMjQ5NTQxYTlkNDdl NzZkOTEwHhcNMjUxMjE1MTAwMjA4WhcNMjUxMjE2MTAwMjA4WjAzMTEwLwYDVQQD EygzYjRjZTBiMDYyMGNkOTZjMzQwZWZkMTFkMTg3MGIwMjJjZTZiODgzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmdssyyQ9E+Ou2qmosx2sYF5mnqKd QX+4rHJsUc/kHzJGWycQdMi3/Azi0ALWUKrWtDzpM3mX5dpQo2b3QZtbI1msb1C1 JKDldGaq7KduqC1bFg8R9l0Z5KvIeCM49O8X0Tp6qKunQ7pF5hs7hdYTSzdd2egP yQR2QsYLN/nLIzuTJaf+tK5GRwuCe8OSRZegzJwDr1Nk4zBNViDI7wz4HM+JSEal 3SftJ2avbZdBshuyrkvl3s+9U1cHahtxKdY+KKsCAqbR7k4xsE6k1hXekWVsxHk6 lfwvAxmxfpGSiqbZNWLsAFU1xTJQvp1TXS5RHRJqPt7TRrzcCJmzvv8qzQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDtM4LBiDNlsNA79EdGHCwIs5riDMB8GA1UdIwQY MBaAFOFlND2VvU28MPPXIklUGp1H522RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNFdVMFBaVzlUYnd3ODljaVNWUWFuVWZuYlpFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC83ZDI2YjgtZjc0Ny00ZDlhLTlhYTIt NmUyYzA1M2Q5OTkzLzEvNFdVMFBaVzlUYnd3ODljaVNWUWFuVWZuYlpFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83NC83ZDI2YjgtZjc0Ny00ZDlhLTlhYTItNmUyYzA1M2Q5OTkz LzEvNFdVMFBaVzlUYnd3ODljaVNWUWFuVWZuYlpFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABXgddO8K heKEKglQHpHmpLyZ9sOEKitoquUwB9Ty4/yt3zLpQDgrq5A/k2MYO9lTJOKOihJA g5LoMIjy8r2MsYqhzXovOSrmMsYdeVS8u/R9GM2KKlTr1jYJcq68q/BE5A6h091m /EqUl5WyYlnvCEbHvW0lT2SkGrLG4NV/yUh/rfGXGGhl/esjwXZ9VDfSuIRHOeOD NOTD38CVlSn4rOKmjJK761NZpi0PfmXvfCF4hWZR9mZXtZIld335ZTCNA1E9tQMT HukuxsUDQ/OI2fk7lvX2Gpg8T6HgFVYDpt4rVAQ7X9mIYxMafhBBX35r+ZRS+5nu Xgtf/GAJNTZb8Q== -----END CERTIFICATE-----Generated at Mon Dec 15 19:10:44 2025 by rpki-client