This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/a8bb57-c181-4695-9be7-57554058620b/1/4qEN5v-uWQQnJEoDND22asVkJ1o.mft File: 4qEN5v-uWQQnJEoDND22asVkJ1o.mft (raw, json) Hash identifier: Xu/uCM6mDR62F22HASD34vOKiLWucbvKscKpnfFUQi4= Subject key identifier: B9:DC:6E:12:97:E7:42:CD:E8:B2:4F:21:09:0F:06:EB:17:A0:81:F5 Authority key identifier: E2:A1:0D:E6:FF:AE:59:04:27:24:4A:03:34:3D:B6:6A:C5:64:27:5A Certificate issuer: /CN=e2a10de6ffae590427244a03343db66ac564275a Certificate serial: 019B6EB3AAF6EA4DDE98F01BEC3DA1C67040 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4qEN5v-uWQQnJEoDND22asVkJ1o.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/a8bb57-c181-4695-9be7-57554058620b/1/4qEN5v-uWQQnJEoDND22asVkJ1o.mft Manifest number: 14EA Signing time: Tue 30 Dec 2025 10:00:27 +0000 Manifest this update: Tue 30 Dec 2025 10:00:27 +0000 Manifest next update: Wed 31 Dec 2025 10:00:27 +0000 Files and hashes: 1: 4qEN5v-uWQQnJEoDND22asVkJ1o.crl (hash: QONR3FwIHyUybp/fKME1YyO8c4xI1FFYeStcmtjHbnk=) 2: EMEQainrdjhvrSxfRt2EdTwfFho.roa (hash: MgfrBxxTqDVEh7a/Ypney2yykLPSmFU/4+sRkVkl74s=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/07/a8bb57-c181-4695-9be7-57554058620b/1/4qEN5v-uWQQnJEoDND22asVkJ1o.crl rsync://rpki.ripe.net/repository/DEFAULT/07/a8bb57-c181-4695-9be7-57554058620b/1/4qEN5v-uWQQnJEoDND22asVkJ1o.mft rsync://rpki.ripe.net/repository/DEFAULT/4qEN5v-uWQQnJEoDND22asVkJ1o.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 31 Dec 2025 09:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:6e:b3:aa:f6:ea:4d:de:98:f0:1b:ec:3d:a1:c6:70:40 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e2a10de6ffae590427244a03343db66ac564275a Validity Not Before: Dec 30 10:00:27 2025 GMT Not After : Dec 31 10:00:27 2025 GMT Subject: CN=b9dc6e1297e742cde8b24f21090f06eb17a081f5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:eb:c3:7a:8b:f3:eb:1a:fa:e3:bb:e4:f9:2a: 4d:d9:98:0e:0b:3a:c2:cb:e6:b6:df:5b:23:94:22: e7:49:fc:8b:c1:d1:30:d8:af:a2:af:ed:55:27:73: b5:83:d4:bf:1e:9e:e1:32:e1:d2:b8:f7:88:42:2d: 61:b5:06:78:da:16:57:0c:b0:26:14:73:1b:6a:c9: c6:b0:0f:bf:2f:5d:99:0d:07:85:06:7a:3c:7f:f3: 30:3d:4c:2d:9b:09:ab:ca:b8:d7:0d:44:ca:32:6e: 8f:ee:b8:92:29:f2:10:e6:4e:ca:c7:74:14:6b:06: 50:83:27:36:c8:36:2b:cc:11:ba:8a:30:32:ba:c2: 9f:8a:6d:93:a8:51:0a:64:f0:2b:45:c4:c2:ab:60: 31:95:1f:7d:d1:df:a0:da:e4:df:eb:0c:9d:bf:f2: c8:7f:25:79:6e:b4:8d:5b:de:0e:cc:23:a6:0c:f9: d4:88:2a:99:e4:9e:33:e2:6a:16:bc:a0:36:c0:a8: b5:be:c2:ca:0d:35:2d:17:f1:5e:01:82:92:52:48: c1:ad:26:42:7c:66:d1:82:00:2d:d7:01:e5:b1:0c: 09:21:78:4e:75:41:0d:28:a5:66:0e:af:96:13:cd: 43:a6:bd:a4:76:11:fb:89:2e:73:e7:3e:dd:17:49: fc:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B9:DC:6E:12:97:E7:42:CD:E8:B2:4F:21:09:0F:06:EB:17:A0:81:F5 X509v3 Authority Key Identifier: keyid:E2:A1:0D:E6:FF:AE:59:04:27:24:4A:03:34:3D:B6:6A:C5:64:27:5A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4qEN5v-uWQQnJEoDND22asVkJ1o.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a8bb57-c181-4695-9be7-57554058620b/1/4qEN5v-uWQQnJEoDND22asVkJ1o.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a8bb57-c181-4695-9be7-57554058620b/1/4qEN5v-uWQQnJEoDND22asVkJ1o.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a3:13:ed:57:0b:2c:8c:f1:7f:27:ff:20:0e:cf:55:78:88:80: fe:41:a7:6f:60:aa:a0:81:53:ba:36:c6:55:2f:70:a0:2d:5a: c4:e1:94:73:79:9b:99:df:83:34:17:f9:81:fa:e6:bf:b3:c8: f9:57:30:00:14:f8:f2:a7:5a:62:20:53:ce:4f:cc:17:74:58: 2e:23:35:f8:a8:c8:a0:f8:18:19:a2:13:45:bb:eb:8f:6a:96: 9c:33:0e:ae:f7:bd:aa:8f:cb:20:bf:c1:cb:67:f1:20:67:3a: d9:02:b5:f9:f5:26:ed:14:22:6e:b5:72:99:26:85:d7:80:64: 49:42:d6:7a:03:2e:ff:86:e6:ac:d1:7e:17:ed:f7:2f:94:fb: 48:cd:0b:45:b1:f9:2c:e0:db:ed:32:52:ed:93:46:ba:dc:df: 8b:12:11:e6:4f:20:31:82:37:44:62:0b:f6:6b:66:cd:82:ef: 0d:81:ea:b3:61:d1:0d:ab:1c:c4:a7:00:ed:7f:1c:69:f7:78: 85:d2:9e:d8:25:ae:00:e1:ff:a8:52:55:31:8c:b4:b6:33:06: fc:e7:bb:b6:0c:6e:59:f9:ad:37:05:f9:00:58:1b:07:f1:75: 1c:a2:da:b3:e0:95:44:d2:1e:cc:2b:32:ec:32:ba:f4:09:58: 71:20:1e:a9 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtus6r26k3emPAb7D2hxnBAMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGUyYTEwZGU2ZmZhZTU5MDQyNzI0NGEwMzM0M2RiNjZhYzU2 NDI3NWEwHhcNMjUxMjMwMTAwMDI3WhcNMjUxMjMxMTAwMDI3WjAzMTEwLwYDVQQD EyhiOWRjNmUxMjk3ZTc0MmNkZThiMjRmMjEwOTBmMDZlYjE3YTA4MWY1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm+vDeovz6xr647vk+SpN2ZgOCzrC y+a231sjlCLnSfyLwdEw2K+ir+1VJ3O1g9S/Hp7hMuHSuPeIQi1htQZ42hZXDLAm FHMbasnGsA+/L12ZDQeFBno8f/MwPUwtmwmryrjXDUTKMm6P7riSKfIQ5k7Kx3QU awZQgyc2yDYrzBG6ijAyusKfim2TqFEKZPArRcTCq2AxlR990d+g2uTf6wydv/LI fyV5brSNW94OzCOmDPnUiCqZ5J4z4moWvKA2wKi1vsLKDTUtF/FeAYKSUkjBrSZC fGbRggAt1wHlsQwJIXhOdUENKKVmDq+WE81Dpr2kdhH7iS5z5z7dF0n86wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLncbhKX50LN6LJPIQkPBusXoIH1MB8GA1UdIwQY MBaAFOKhDeb/rlkEJyRKAzQ9tmrFZCdaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNHFFTjV2LXVXUVFuSkVvRE5EMjJhc1ZrSjFvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9hOGJiNTctYzE4MS00Njk1LTliZTct NTc1NTQwNTg2MjBiLzEvNHFFTjV2LXVXUVFuSkVvRE5EMjJhc1ZrSjFvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wNy9hOGJiNTctYzE4MS00Njk1LTliZTctNTc1NTQwNTg2MjBi LzEvNHFFTjV2LXVXUVFuSkVvRE5EMjJhc1ZrSjFvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoxPtVwss jPF/J/8gDs9VeIiA/kGnb2CqoIFTujbGVS9woC1axOGUc3mbmd+DNBf5gfrmv7PI +VcwABT48qdaYiBTzk/MF3RYLiM1+KjIoPgYGaITRbvrj2qWnDMOrve9qo/LIL/B y2fxIGc62QK1+fUm7RQibrVymSaF14BkSULWegMu/4bmrNF+F+33L5T7SM0LRbH5 LODb7TJS7ZNGutzfixIR5k8gMYI3RGIL9mtmzYLvDYHqs2HRDascxKcA7X8cafd4 hdKe2CWuAOH/qFJVMYy0tjMG/Oe7tgxuWfmtNwX5AFgbB/F1HKLas+CVRNIezCsy 7DK69AlYcSAeqQ== -----END CERTIFICATE-----Generated at Tue Dec 30 12:13:54 2025 by rpki-client