This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/cc3b6e-b749-45f1-a868-25e21c9e7de9/1/4N8zRFExdiUqLLaQvPcF1kmBEfU.mft File: 4N8zRFExdiUqLLaQvPcF1kmBEfU.mft (raw, json) Hash identifier: EGodWJCuhoIf2aHGmDG91TtiqH65DBk3zaqbscAolhQ= Subject key identifier: 47:50:27:7A:7F:BE:92:99:BC:EE:6F:20:EC:AA:71:29:5B:BE:4C:62 Authority key identifier: E0:DF:33:44:51:31:76:25:2A:2C:B6:90:BC:F7:05:D6:49:81:11:F5 Certificate issuer: /CN=e0df3344513176252a2cb690bcf705d6498111f5 Certificate serial: 019B58D1A1178E94CBF66F0EDFF7A3529D6B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4N8zRFExdiUqLLaQvPcF1kmBEfU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/cc3b6e-b749-45f1-a868-25e21c9e7de9/1/4N8zRFExdiUqLLaQvPcF1kmBEfU.mft Manifest number: 0AB1 Signing time: Fri 26 Dec 2025 04:01:31 +0000 Manifest this update: Fri 26 Dec 2025 04:01:31 +0000 Manifest next update: Sat 27 Dec 2025 04:01:31 +0000 Files and hashes: 1: 4N8zRFExdiUqLLaQvPcF1kmBEfU.crl (hash: PeJkZpwPP7LQgYPnZLvgrZJ7bqBubV91H07lo4UuzKc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/cc3b6e-b749-45f1-a868-25e21c9e7de9/1/4N8zRFExdiUqLLaQvPcF1kmBEfU.crl rsync://rpki.ripe.net/repository/DEFAULT/b4/cc3b6e-b749-45f1-a868-25e21c9e7de9/1/4N8zRFExdiUqLLaQvPcF1kmBEfU.mft rsync://rpki.ripe.net/repository/DEFAULT/4N8zRFExdiUqLLaQvPcF1kmBEfU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 04:01:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:58:d1:a1:17:8e:94:cb:f6:6f:0e:df:f7:a3:52:9d:6b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e0df3344513176252a2cb690bcf705d6498111f5 Validity Not Before: Dec 26 04:01:31 2025 GMT Not After : Dec 27 04:01:31 2025 GMT Subject: CN=4750277a7fbe9299bcee6f20ecaa71295bbe4c62 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:f8:12:e6:51:7c:c8:eb:47:5b:8f:c7:65:29: bd:17:ad:19:ff:9f:8b:aa:ce:df:51:b1:42:81:d9: cb:26:1d:d9:99:fc:d0:e6:bb:f0:02:c3:0b:b3:bb: 88:bb:b2:2c:ce:f7:4a:d8:73:41:4e:82:cc:ff:db: 85:ba:94:c5:fa:45:7b:ac:5f:b1:3e:5e:35:c6:4c: 8a:8b:66:24:b0:a8:20:00:ae:d0:b3:f6:31:38:f6: 56:76:f5:dd:aa:bc:39:dc:62:99:fa:ac:ef:3c:b0: 7f:91:46:66:94:5e:51:41:54:9e:7b:25:c1:47:9d: c0:70:62:a6:b0:66:02:2b:e5:cf:1d:a0:24:0a:8e: 04:e2:79:e6:6f:ae:99:8b:e1:fb:6b:7d:46:b6:50: 9a:75:88:2b:56:ad:aa:cf:aa:3e:61:a4:36:79:ce: 38:24:81:e2:52:78:10:0d:a5:5b:39:55:ed:fa:2f: 67:15:78:4e:0e:ad:bc:ec:9d:e9:57:48:da:e2:99: e4:8e:85:da:00:06:93:c8:35:67:67:e7:81:3a:ca: 4e:0a:03:df:b9:73:4d:e7:1b:bb:58:f4:f4:5b:5e: c6:83:96:9e:46:6a:ec:e9:44:37:96:c8:b6:76:40: 5d:b8:ca:68:0c:a6:76:98:35:4d:64:4c:c8:03:14: 17:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 47:50:27:7A:7F:BE:92:99:BC:EE:6F:20:EC:AA:71:29:5B:BE:4C:62 X509v3 Authority Key Identifier: keyid:E0:DF:33:44:51:31:76:25:2A:2C:B6:90:BC:F7:05:D6:49:81:11:F5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4N8zRFExdiUqLLaQvPcF1kmBEfU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/cc3b6e-b749-45f1-a868-25e21c9e7de9/1/4N8zRFExdiUqLLaQvPcF1kmBEfU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/cc3b6e-b749-45f1-a868-25e21c9e7de9/1/4N8zRFExdiUqLLaQvPcF1kmBEfU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b4:3e:7b:cb:86:f0:b1:05:58:47:dc:58:5b:93:8d:8f:fd:cd: ac:26:30:f6:3d:78:95:a8:ca:7d:c7:63:cc:98:9a:d2:df:49: 49:43:52:c6:1c:03:76:0a:ba:54:4b:d3:e0:ad:14:e1:d2:24: 10:18:8f:5d:e1:93:1a:5e:87:3d:eb:96:fd:5c:82:e7:ca:6c: 48:94:e6:f5:9f:c0:06:da:27:89:a7:8b:34:43:ff:8a:04:84: f0:54:62:52:96:85:98:2c:7a:72:6a:98:de:9d:f5:61:b9:91: b2:98:e4:89:14:f3:e7:8e:3e:ff:ee:38:cc:03:6f:e5:4f:e5: f3:94:81:07:64:10:d3:55:00:c5:d2:7d:a1:97:e7:18:56:fb: 99:d5:03:0a:76:90:08:b7:c5:98:a4:59:cf:a6:e2:29:0b:d6: ab:ba:f0:cc:ca:92:62:a6:04:1a:a2:a1:b6:f2:68:5f:59:c9: d5:f4:e3:5f:94:56:62:0d:e5:f3:1d:7e:21:56:6d:73:57:a8: e4:e0:be:8e:34:09:93:5c:9e:58:e4:fa:88:bf:81:82:8a:28: 01:79:c1:f2:4f:2b:e4:84:5f:ee:b4:96:09:e1:b9:ab:dc:53: 19:07:47:04:52:ec:4b:9b:a4:2e:01:42:fa:c2:05:22:58:dd: 35:61:7f:78 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtY0aEXjpTL9m8O3/ejUp1rMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGUwZGYzMzQ0NTEzMTc2MjUyYTJjYjY5MGJjZjcwNWQ2NDk4 MTExZjUwHhcNMjUxMjI2MDQwMTMxWhcNMjUxMjI3MDQwMTMxWjAzMTEwLwYDVQQD Eyg0NzUwMjc3YTdmYmU5Mjk5YmNlZTZmMjBlY2FhNzEyOTViYmU0YzYyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsPgS5lF8yOtHW4/HZSm9F60Z/5+L qs7fUbFCgdnLJh3ZmfzQ5rvwAsMLs7uIu7IszvdK2HNBToLM/9uFupTF+kV7rF+x Pl41xkyKi2YksKggAK7Qs/YxOPZWdvXdqrw53GKZ+qzvPLB/kUZmlF5RQVSeeyXB R53AcGKmsGYCK+XPHaAkCo4E4nnmb66Zi+H7a31GtlCadYgrVq2qz6o+YaQ2ec44 JIHiUngQDaVbOVXt+i9nFXhODq287J3pV0ja4pnkjoXaAAaTyDVnZ+eBOspOCgPf uXNN5xu7WPT0W17Gg5aeRmrs6UQ3lsi2dkBduMpoDKZ2mDVNZEzIAxQXkQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEdQJ3p/vpKZvO5vIOyqcSlbvkxiMB8GA1UdIwQY MBaAFODfM0RRMXYlKiy2kLz3BdZJgRH1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNE44elJGRXhkaVVxTExhUXZQY0Yxa21CRWZVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9jYzNiNmUtYjc0OS00NWYxLWE4Njgt MjVlMjFjOWU3ZGU5LzEvNE44elJGRXhkaVVxTExhUXZQY0Yxa21CRWZVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNC9jYzNiNmUtYjc0OS00NWYxLWE4NjgtMjVlMjFjOWU3ZGU5 LzEvNE44elJGRXhkaVVxTExhUXZQY0Yxa21CRWZVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtD57y4bw sQVYR9xYW5ONj/3NrCYw9j14lajKfcdjzJia0t9JSUNSxhwDdgq6VEvT4K0U4dIk EBiPXeGTGl6HPeuW/VyC58psSJTm9Z/ABtoniaeLNEP/igSE8FRiUpaFmCx6cmqY 3p31YbmRspjkiRTz544+/+44zANv5U/l85SBB2QQ01UAxdJ9oZfnGFb7mdUDCnaQ CLfFmKRZz6biKQvWq7rwzMqSYqYEGqKhtvJoX1nJ1fTjX5RWYg3l8x1+IVZtc1eo 5OC+jjQJk1yeWOT6iL+BgoooAXnB8k8r5IRf7rSWCeG5q9xTGQdHBFLsS5ukLgFC +sIFIljdNWF/eA== -----END CERTIFICATE-----Generated at Fri Dec 26 14:15:51 2025 by rpki-client