This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/a34200-4b9b-4334-a159-9cb296301e64/1/4z2f_axY52ErCVFE_sBrolhapqg.mft File: 4z2f_axY52ErCVFE_sBrolhapqg.mft (raw, json) Hash identifier: XhpYcTzCJjJl4lunRdQsNjl5c0jGdCtz6hjxvXIuYfU= Subject key identifier: 9A:D7:53:8A:FE:69:19:74:36:F0:E4:64:3A:44:F4:F0:54:8B:73:A8 Authority key identifier: E3:3D:9F:FD:AC:58:E7:61:2B:09:51:44:FE:C0:6B:A2:58:5A:A6:A8 Certificate issuer: /CN=e33d9ffdac58e7612b095144fec06ba2585aa6a8 Certificate serial: 019B0ECA354E6B70C578C78C1AA79A48BDE4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4z2f_axY52ErCVFE_sBrolhapqg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/a34200-4b9b-4334-a159-9cb296301e64/1/4z2f_axY52ErCVFE_sBrolhapqg.mft Manifest number: 14C7 Signing time: Thu 11 Dec 2025 19:01:31 +0000 Manifest this update: Thu 11 Dec 2025 19:01:31 +0000 Manifest next update: Fri 12 Dec 2025 19:01:31 +0000 Files and hashes: 1: 4z2f_axY52ErCVFE_sBrolhapqg.crl (hash: MfkVn+MVkvwdZZiuUyovFnwCdHK2TQPe1RQYUiuMquE=) 2: kDBI9l_YMVWuxKarh0cfBt-co8E.roa (hash: Cmec62sAgGLnTuvkkeIcYM85TIkQ74UMRSA2arV5eDI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/a34200-4b9b-4334-a159-9cb296301e64/1/4z2f_axY52ErCVFE_sBrolhapqg.crl rsync://rpki.ripe.net/repository/DEFAULT/f1/a34200-4b9b-4334-a159-9cb296301e64/1/4z2f_axY52ErCVFE_sBrolhapqg.mft rsync://rpki.ripe.net/repository/DEFAULT/4z2f_axY52ErCVFE_sBrolhapqg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 12 Dec 2025 19:01:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:0e:ca:35:4e:6b:70:c5:78:c7:8c:1a:a7:9a:48:bd:e4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e33d9ffdac58e7612b095144fec06ba2585aa6a8 Validity Not Before: Dec 11 19:01:31 2025 GMT Not After : Dec 12 19:01:31 2025 GMT Subject: CN=9ad7538afe69197436f0e4643a44f4f0548b73a8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:54:f1:3d:17:3b:ac:01:aa:f8:9f:e4:d5:36: 7a:53:6d:b0:d2:b8:f5:d2:a7:f8:80:94:0e:64:57: 7a:44:ac:e2:2b:5b:cd:88:e9:3e:db:90:d0:bb:27: b8:7d:61:f9:be:88:c2:38:83:fa:34:52:0f:c5:2a: 43:ab:f7:f3:0d:60:58:4f:26:54:b5:83:5b:e7:30: 8c:e6:b4:fc:97:54:8b:f8:98:76:53:8c:63:73:76: 4b:2b:75:5a:69:13:99:00:27:4e:98:1f:ab:31:b2: 40:64:11:d1:00:19:67:7f:9a:7e:1e:ce:e1:fb:7c: 80:87:4e:5c:17:8d:2c:3e:4a:f9:bf:52:15:f2:e7: 08:00:64:cd:08:db:2c:15:4d:8a:71:9f:5d:3a:8f: eb:4e:fd:0c:7d:a1:f1:e2:32:e1:92:04:67:5b:cf: 09:ef:d3:ae:e5:f3:49:b8:fc:6b:31:ac:b1:53:e2: 97:5f:ed:50:fc:58:a2:ae:94:26:5d:33:b6:33:21: 86:ea:f5:75:96:79:27:c9:c0:dd:9d:cd:8e:b4:8d: d5:5d:36:5c:b5:8f:2e:57:11:32:89:05:e8:31:42: 22:3a:41:a9:0a:b8:42:f0:a6:ba:67:6d:dd:9f:77: 05:ef:42:10:9e:00:30:17:b9:3c:d1:bb:94:f8:bb: 23:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9A:D7:53:8A:FE:69:19:74:36:F0:E4:64:3A:44:F4:F0:54:8B:73:A8 X509v3 Authority Key Identifier: keyid:E3:3D:9F:FD:AC:58:E7:61:2B:09:51:44:FE:C0:6B:A2:58:5A:A6:A8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4z2f_axY52ErCVFE_sBrolhapqg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/a34200-4b9b-4334-a159-9cb296301e64/1/4z2f_axY52ErCVFE_sBrolhapqg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/a34200-4b9b-4334-a159-9cb296301e64/1/4z2f_axY52ErCVFE_sBrolhapqg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a0:54:da:3d:a4:4d:37:df:46:24:07:b6:bb:4d:57:15:c6:93: 78:6b:b4:43:df:6c:3a:d6:97:bf:ba:47:4e:28:b0:b9:b6:0f: 9e:6d:17:e3:60:fc:8a:87:2a:8c:9d:5b:f1:bf:66:8d:6c:14: d8:f6:d6:63:e1:22:8c:bd:18:75:73:43:9b:f9:4c:23:2a:97: d0:ab:92:51:7c:de:07:37:b8:9b:91:da:ba:98:d8:3a:48:c8: 5b:76:ae:a4:55:2a:2c:c6:18:47:df:7a:2d:a9:a5:2b:6e:17: 91:7f:99:ca:c1:31:be:d3:98:4d:b7:7a:8a:b6:36:56:16:db: 44:3a:87:b6:b2:46:b9:d1:65:22:29:02:53:56:37:13:4f:bd: d1:d2:df:a6:69:80:c3:cd:66:89:56:01:00:28:7d:7e:42:9f: d3:f0:72:c9:30:d6:8d:cd:9c:83:94:d3:ad:76:07:53:5d:0c: 1c:a3:6f:ff:ad:29:5b:01:7d:ec:ab:e4:4f:1a:a9:fa:20:5e: 88:92:b1:42:65:86:7e:1d:40:1e:a7:d6:d2:2d:12:42:f3:27: 81:57:c3:f6:4e:1e:ec:af:2b:44:f9:ff:d6:37:ee:56:a2:f5: 91:50:2d:02:80:47:dd:04:bf:fb:bd:c3:fa:d4:81:55:84:b2: a7:19:04:97 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsOyjVOa3DFeMeMGqeaSL3kMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGUzM2Q5ZmZkYWM1OGU3NjEyYjA5NTE0NGZlYzA2YmEyNTg1 YWE2YTgwHhcNMjUxMjExMTkwMTMxWhcNMjUxMjEyMTkwMTMxWjAzMTEwLwYDVQQD Eyg5YWQ3NTM4YWZlNjkxOTc0MzZmMGU0NjQzYTQ0ZjRmMDU0OGI3M2E4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApFTxPRc7rAGq+J/k1TZ6U22w0rj1 0qf4gJQOZFd6RKziK1vNiOk+25DQuye4fWH5vojCOIP6NFIPxSpDq/fzDWBYTyZU tYNb5zCM5rT8l1SL+Jh2U4xjc3ZLK3VaaROZACdOmB+rMbJAZBHRABlnf5p+Hs7h +3yAh05cF40sPkr5v1IV8ucIAGTNCNssFU2KcZ9dOo/rTv0MfaHx4jLhkgRnW88J 79Ou5fNJuPxrMayxU+KXX+1Q/FiirpQmXTO2MyGG6vV1lnknycDdnc2OtI3VXTZc tY8uVxEyiQXoMUIiOkGpCrhC8Ka6Z23dn3cF70IQngAwF7k80buU+LsjBQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJrXU4r+aRl0NvDkZDpE9PBUi3OoMB8GA1UdIwQY MBaAFOM9n/2sWOdhKwlRRP7Aa6JYWqaoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNHoyZl9heFk1MkVyQ1ZGRV9zQnJvbGhhcHFnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9hMzQyMDAtNGI5Yi00MzM0LWExNTkt OWNiMjk2MzAxZTY0LzEvNHoyZl9heFk1MkVyQ1ZGRV9zQnJvbGhhcHFnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mMS9hMzQyMDAtNGI5Yi00MzM0LWExNTktOWNiMjk2MzAxZTY0 LzEvNHoyZl9heFk1MkVyQ1ZGRV9zQnJvbGhhcHFnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoFTaPaRN N99GJAe2u01XFcaTeGu0Q99sOtaXv7pHTiiwubYPnm0X42D8iocqjJ1b8b9mjWwU 2PbWY+EijL0YdXNDm/lMIyqX0KuSUXzeBze4m5HaupjYOkjIW3aupFUqLMYYR996 LamlK24XkX+ZysExvtOYTbd6irY2VhbbRDqHtrJGudFlIikCU1Y3E0+90dLfpmmA w81miVYBACh9fkKf0/ByyTDWjc2cg5TTrXYHU10MHKNv/60pWwF97KvkTxqp+iBe iJKxQmWGfh1AHqfW0i0SQvMngVfD9k4e7K8rRPn/1jfuVqL1kVAtAoBH3QS/+73D +tSBVYSypxkElw== -----END CERTIFICATE-----Generated at Fri Dec 12 02:48:15 2025 by rpki-client