This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/9b9703-3929-4a4e-93b7-a1bf42c58494/1/4SFHcEtsZk3PIjSS7mHV5fkXxek.mft File: 4SFHcEtsZk3PIjSS7mHV5fkXxek.mft (raw, json) Hash identifier: U4CYgcNxZhkIqFt43rWGxiFPaqGBQAM8SIsEvC9rFc8= Subject key identifier: DB:01:CF:95:62:C3:57:61:E5:6E:40:D5:55:D6:51:B5:C0:02:3A:5C Authority key identifier: E1:21:47:70:4B:6C:66:4D:CF:22:34:92:EE:61:D5:E5:F9:17:C5:E9 Certificate issuer: /CN=e12147704b6c664dcf223492ee61d5e5f917c5e9 Certificate serial: 019B202B36BF1049B844A951ABD1763254B2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4SFHcEtsZk3PIjSS7mHV5fkXxek.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/9b9703-3929-4a4e-93b7-a1bf42c58494/1/4SFHcEtsZk3PIjSS7mHV5fkXxek.mft Manifest number: 04B7 Signing time: Mon 15 Dec 2025 04:01:01 +0000 Manifest this update: Mon 15 Dec 2025 04:01:01 +0000 Manifest next update: Tue 16 Dec 2025 04:01:01 +0000 Files and hashes: 1: 4SFHcEtsZk3PIjSS7mHV5fkXxek.crl (hash: mEjsxrDOtOzb/EPPYJQVPKpP+7N3jIBcYDR/UifrirQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e3/9b9703-3929-4a4e-93b7-a1bf42c58494/1/4SFHcEtsZk3PIjSS7mHV5fkXxek.crl rsync://rpki.ripe.net/repository/DEFAULT/e3/9b9703-3929-4a4e-93b7-a1bf42c58494/1/4SFHcEtsZk3PIjSS7mHV5fkXxek.mft rsync://rpki.ripe.net/repository/DEFAULT/4SFHcEtsZk3PIjSS7mHV5fkXxek.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 15 Dec 2025 23:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:20:2b:36:bf:10:49:b8:44:a9:51:ab:d1:76:32:54:b2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e12147704b6c664dcf223492ee61d5e5f917c5e9 Validity Not Before: Dec 15 04:01:01 2025 GMT Not After : Dec 16 04:01:01 2025 GMT Subject: CN=db01cf9562c35761e56e40d555d651b5c0023a5c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:66:28:e8:23:49:07:47:bd:0c:83:39:37:e7: 9f:bc:8c:08:6a:ea:1d:ad:7b:df:42:a1:8b:bf:01: 4a:e8:d3:77:e4:55:af:60:3e:8a:c9:fc:40:52:62: 19:72:71:4c:f3:f6:9a:dc:95:b1:44:ab:d2:ff:79: ae:54:b1:13:af:bc:9c:84:57:48:97:d9:7b:1d:2a: 17:c4:e9:23:ac:d4:23:d2:fe:00:f2:70:a3:b7:0c: 80:d5:a8:ae:98:a6:f7:29:af:1d:67:5f:92:4b:eb: f9:e0:48:a0:85:13:24:67:06:5d:a4:f5:45:d8:ca: dc:25:b0:55:f1:38:2b:92:c8:b7:4e:93:f2:0a:40: 6a:44:aa:22:38:04:6e:31:f7:a4:b6:0e:56:bf:1c: bd:d7:2e:a6:ea:b7:6f:61:75:ae:8b:05:7f:e2:08: 59:2d:06:20:0a:89:64:58:51:b2:31:de:c2:3c:07: ad:29:80:82:66:91:57:58:94:f5:4b:77:8d:a8:ec: 4f:81:ca:e9:34:10:36:ea:2d:6d:7a:64:65:c6:2d: 8b:15:be:63:7c:5c:ce:4f:9e:26:71:6c:2a:bd:6f: 86:33:a3:6f:45:ca:17:07:a8:c9:f1:5a:6d:8f:b6: e7:68:43:72:65:c8:4f:38:23:9f:df:9c:08:c0:67: 1d:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DB:01:CF:95:62:C3:57:61:E5:6E:40:D5:55:D6:51:B5:C0:02:3A:5C X509v3 Authority Key Identifier: keyid:E1:21:47:70:4B:6C:66:4D:CF:22:34:92:EE:61:D5:E5:F9:17:C5:E9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4SFHcEtsZk3PIjSS7mHV5fkXxek.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/9b9703-3929-4a4e-93b7-a1bf42c58494/1/4SFHcEtsZk3PIjSS7mHV5fkXxek.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/9b9703-3929-4a4e-93b7-a1bf42c58494/1/4SFHcEtsZk3PIjSS7mHV5fkXxek.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 80:e8:c1:16:77:7f:8d:37:90:d6:76:31:f4:9f:e0:04:08:e6: a9:ac:3f:3c:33:f0:1c:4b:71:a4:2c:2f:04:cb:e7:ae:7e:b3: 90:7f:14:8b:dd:d4:bf:39:76:92:53:10:d4:de:8b:32:2b:ac: 84:33:a3:db:66:7c:46:b2:1a:00:e8:34:a6:58:8a:3a:5d:4d: 78:7c:b1:40:64:57:dc:9e:81:dc:be:9a:42:3b:f7:4d:66:28: 4a:df:f7:17:4d:6c:e9:01:ac:ba:1e:83:5b:39:41:c5:08:b7: 00:c1:21:43:ee:b7:1e:a4:4c:1a:c5:3f:b0:fe:2b:58:a0:79: f7:19:61:c8:53:47:d5:37:0a:5a:70:e2:ed:3c:ff:fd:37:0a: fe:ab:e7:b0:7b:ef:f7:bf:4d:4e:6e:27:27:29:dc:64:7a:0e: 1a:0b:e4:e5:dc:c3:75:15:00:8a:d5:e8:09:fc:2b:96:48:3c: 08:39:d3:a1:de:76:a4:5e:08:42:fc:ec:f2:bf:f7:44:1e:5c: 61:dd:e8:28:c2:ed:2d:2f:71:74:7d:ef:3b:af:5d:f4:38:44: 05:93:4f:76:3d:b5:60:4e:93:88:3d:20:28:bc:4f:32:5f:7a: 6f:cd:19:dd:d1:f1:6c:82:32:bd:ef:3a:27:2b:f4:56:03:39: 77:2f:8a:f5 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsgKza/EEm4RKlRq9F2MlSyMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGUxMjE0NzcwNGI2YzY2NGRjZjIyMzQ5MmVlNjFkNWU1Zjkx N2M1ZTkwHhcNMjUxMjE1MDQwMTAxWhcNMjUxMjE2MDQwMTAxWjAzMTEwLwYDVQQD EyhkYjAxY2Y5NTYyYzM1NzYxZTU2ZTQwZDU1NWQ2NTFiNWMwMDIzYTVjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1WYo6CNJB0e9DIM5N+efvIwIauod rXvfQqGLvwFK6NN35FWvYD6KyfxAUmIZcnFM8/aa3JWxRKvS/3muVLETr7ychFdI l9l7HSoXxOkjrNQj0v4A8nCjtwyA1aiumKb3Ka8dZ1+SS+v54EighRMkZwZdpPVF 2MrcJbBV8Tgrksi3TpPyCkBqRKoiOARuMfektg5Wvxy91y6m6rdvYXWuiwV/4ghZ LQYgColkWFGyMd7CPAetKYCCZpFXWJT1S3eNqOxPgcrpNBA26i1temRlxi2LFb5j fFzOT54mcWwqvW+GM6NvRcoXB6jJ8Vptj7bnaENyZchPOCOf35wIwGcdPwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNsBz5Viw1dh5W5A1VXWUbXAAjpcMB8GA1UdIwQY MBaAFOEhR3BLbGZNzyI0ku5h1eX5F8XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNFNGSGNFdHNaazNQSWpTUzdtSFY1ZmtYeGVrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy85Yjk3MDMtMzkyOS00YTRlLTkzYjct YTFiZjQyYzU4NDk0LzEvNFNGSGNFdHNaazNQSWpTUzdtSFY1ZmtYeGVrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lMy85Yjk3MDMtMzkyOS00YTRlLTkzYjctYTFiZjQyYzU4NDk0 LzEvNFNGSGNFdHNaazNQSWpTUzdtSFY1ZmtYeGVrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgOjBFnd/ jTeQ1nYx9J/gBAjmqaw/PDPwHEtxpCwvBMvnrn6zkH8Ui93Uvzl2klMQ1N6LMius hDOj22Z8RrIaAOg0pliKOl1NeHyxQGRX3J6B3L6aQjv3TWYoSt/3F01s6QGsuh6D WzlBxQi3AMEhQ+63HqRMGsU/sP4rWKB59xlhyFNH1TcKWnDi7Tz//TcK/qvnsHvv 979NTm4nJyncZHoOGgvk5dzDdRUAitXoCfwrlkg8CDnTod52pF4IQvzs8r/3RB5c Yd3oKMLtLS9xdH3vO69d9DhEBZNPdj21YE6TiD0gKLxPMl96b80Z3dHxbIIyve86 Jyv0VgM5dy+K9Q== -----END CERTIFICATE-----Generated at Mon Dec 15 06:49:27 2025 by rpki-client