This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/14e977-346f-44ad-b0df-0a10b881c3ac/1/04BE23ZiygAUgai9swt6vRi86ao.mft File: 04BE23ZiygAUgai9swt6vRi86ao.mft (raw, json) Hash identifier: UOfw8mukhjkcxo1Uc0jgkatM0XX30u/w8se2Rz/e2+o= Subject key identifier: BD:CB:83:CC:44:D0:32:97:39:46:24:91:4D:79:6E:A6:C3:A2:CE:CD Authority key identifier: D3:80:44:DB:76:62:CA:00:14:81:A8:BD:B3:0B:7A:BD:18:BC:E9:AA Certificate issuer: /CN=d38044db7662ca001481a8bdb30b7abd18bce9aa Certificate serial: 019B070FE8564F1F839AA01F3CF628E8A565 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/04BE23ZiygAUgai9swt6vRi86ao.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/14e977-346f-44ad-b0df-0a10b881c3ac/1/04BE23ZiygAUgai9swt6vRi86ao.mft Manifest number: 122F Signing time: Wed 10 Dec 2025 07:00:41 +0000 Manifest this update: Wed 10 Dec 2025 07:00:41 +0000 Manifest next update: Thu 11 Dec 2025 07:00:41 +0000 Files and hashes: 1: 04BE23ZiygAUgai9swt6vRi86ao.crl (hash: hkKvdcSbpRQd/VJK4H45lnvY2y53n9CZ0hq1eh9rM04=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/91/14e977-346f-44ad-b0df-0a10b881c3ac/1/04BE23ZiygAUgai9swt6vRi86ao.crl rsync://rpki.ripe.net/repository/DEFAULT/91/14e977-346f-44ad-b0df-0a10b881c3ac/1/04BE23ZiygAUgai9swt6vRi86ao.mft rsync://rpki.ripe.net/repository/DEFAULT/04BE23ZiygAUgai9swt6vRi86ao.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 11 Dec 2025 01:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:07:0f:e8:56:4f:1f:83:9a:a0:1f:3c:f6:28:e8:a5:65 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d38044db7662ca001481a8bdb30b7abd18bce9aa Validity Not Before: Dec 10 07:00:41 2025 GMT Not After : Dec 11 07:00:41 2025 GMT Subject: CN=bdcb83cc44d03297394624914d796ea6c3a2cecd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:f2:a2:07:c5:6a:e8:0e:26:15:14:c6:b1:a6: b0:a9:3a:db:08:df:25:d5:f3:8c:d2:7b:35:9f:d3: 5e:f9:ce:aa:0e:b7:5d:b0:a7:1b:6e:d0:33:61:80: 03:d9:bb:c7:9c:46:d3:70:2b:e3:ba:38:bd:a6:cd: 6d:5b:9c:e9:fd:fc:98:b3:33:7f:e1:b4:83:10:51: 9e:94:3d:25:a9:ed:79:c5:c0:65:8a:0d:c9:68:4c: a6:3d:10:90:16:a6:6f:55:bd:b8:99:fc:56:f4:e0: ea:0a:c0:df:71:22:74:7e:7e:a7:19:e0:f4:33:8f: b2:4f:cf:4a:2a:05:2a:d3:5c:36:24:f2:fb:d5:56: 5f:76:53:66:d9:da:fa:23:56:d8:a5:b4:6e:30:44: 90:ff:f5:91:5a:bf:63:b1:3c:03:78:7b:cb:27:eb: f5:db:0d:ee:5a:d8:09:07:92:69:a3:2c:eb:fe:be: ac:e7:a8:6b:10:92:80:d1:60:4c:8c:34:73:38:f2: 25:58:21:60:00:9c:a6:53:46:a1:69:df:ba:0c:37: ef:7c:eb:ce:a0:3a:3d:44:d5:51:e0:84:49:f6:5d: 61:ba:ca:28:7d:d9:dd:20:b3:7a:75:21:b1:35:3a: c8:0f:71:3e:0b:56:a7:15:d5:4f:6d:31:17:da:36: 86:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BD:CB:83:CC:44:D0:32:97:39:46:24:91:4D:79:6E:A6:C3:A2:CE:CD X509v3 Authority Key Identifier: keyid:D3:80:44:DB:76:62:CA:00:14:81:A8:BD:B3:0B:7A:BD:18:BC:E9:AA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/04BE23ZiygAUgai9swt6vRi86ao.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/14e977-346f-44ad-b0df-0a10b881c3ac/1/04BE23ZiygAUgai9swt6vRi86ao.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/91/14e977-346f-44ad-b0df-0a10b881c3ac/1/04BE23ZiygAUgai9swt6vRi86ao.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 97:fd:7f:d6:e7:45:83:ee:fd:87:ee:a2:79:a6:c3:0e:3a:1c: 4f:5d:27:7a:e9:aa:51:29:00:1c:47:1c:13:29:62:28:57:c5: d4:fb:04:a7:5d:bf:77:db:e9:b5:52:a9:70:51:95:d2:70:8a: 14:d8:b7:f6:fa:b2:d1:85:b8:d1:1a:69:42:5c:a7:d9:1f:cc: 04:4b:ff:2b:f7:eb:d9:db:39:3c:eb:13:59:4a:8f:dc:df:a0: fc:2b:f1:8b:f1:dc:aa:c4:cd:b7:6f:c7:bc:28:a2:d9:27:46: 6f:b9:0a:e7:d0:94:bb:e0:c0:29:e8:58:53:38:27:6d:90:ee: a3:e6:9f:8e:c2:49:bb:7e:dd:e5:bc:15:53:81:fd:5e:ee:fc: bb:d5:46:df:a5:c8:8c:bb:a8:7b:28:06:9a:d2:d6:e1:2d:32: a2:eb:6d:5b:5b:ec:49:fa:e5:64:10:76:96:b9:1a:48:94:e9: d3:5b:b0:f9:dc:2f:4d:51:2d:55:d6:81:5e:df:2e:08:7a:1a: e9:c3:85:f6:dd:7c:ca:95:ed:ee:21:a7:55:05:de:ff:e0:22: 6c:ad:87:cd:1a:37:d8:f9:71:af:38:7e:6c:39:f1:7b:c1:e4: f9:05:b7:ac:ea:68:67:af:16:3c:13:80:0a:95:94:fe:9b:35: e4:53:07:46 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsHD+hWTx+DmqAfPPYo6KVlMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQzODA0NGRiNzY2MmNhMDAxNDgxYThiZGIzMGI3YWJkMThi Y2U5YWEwHhcNMjUxMjEwMDcwMDQxWhcNMjUxMjExMDcwMDQxWjAzMTEwLwYDVQQD EyhiZGNiODNjYzQ0ZDAzMjk3Mzk0NjI0OTE0ZDc5NmVhNmMzYTJjZWNkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/KiB8Vq6A4mFRTGsaawqTrbCN8l 1fOM0ns1n9Ne+c6qDrddsKcbbtAzYYAD2bvHnEbTcCvjuji9ps1tW5zp/fyYszN/ 4bSDEFGelD0lqe15xcBlig3JaEymPRCQFqZvVb24mfxW9ODqCsDfcSJ0fn6nGeD0 M4+yT89KKgUq01w2JPL71VZfdlNm2dr6I1bYpbRuMESQ//WRWr9jsTwDeHvLJ+v1 2w3uWtgJB5Jpoyzr/r6s56hrEJKA0WBMjDRzOPIlWCFgAJymU0ahad+6DDfvfOvO oDo9RNVR4IRJ9l1husoofdndILN6dSGxNTrID3E+C1anFdVPbTEX2jaGOwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFL3Lg8xE0DKXOUYkkU15bqbDos7NMB8GA1UdIwQY MBaAFNOARNt2YsoAFIGovbMLer0YvOmqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMDRCRTIzWml5Z0FVZ2FpOXN3dDZ2Umk4NmFvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS8xNGU5NzctMzQ2Zi00NGFkLWIwZGYt MGExMGI4ODFjM2FjLzEvMDRCRTIzWml5Z0FVZ2FpOXN3dDZ2Umk4NmFvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85MS8xNGU5NzctMzQ2Zi00NGFkLWIwZGYtMGExMGI4ODFjM2Fj LzEvMDRCRTIzWml5Z0FVZ2FpOXN3dDZ2Umk4NmFvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAl/1/1udF g+79h+6ieabDDjocT10neumqUSkAHEccEyliKFfF1PsEp12/d9vptVKpcFGV0nCK FNi39vqy0YW40RppQlyn2R/MBEv/K/fr2ds5POsTWUqP3N+g/Cvxi/HcqsTNt2/H vCii2SdGb7kK59CUu+DAKehYUzgnbZDuo+afjsJJu37d5bwVU4H9Xu78u9VG36XI jLuoeygGmtLW4S0youttW1vsSfrlZBB2lrkaSJTp01uw+dwvTVEtVdaBXt8uCHoa 6cOF9t18ypXt7iGnVQXe/+AibK2HzRo32Plxrzh+bDnxe8Hk+QW3rOpoZ68WPBOA CpWU/ps15FMHRg== -----END CERTIFICATE-----Generated at Wed Dec 10 08:35:03 2025 by rpki-client