This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/540c5f-a2a2-44e4-9287-41b54500fdcf/1/4koD-A9i2oZjUuGZCZfx1GzrL7A.mft File: 4koD-A9i2oZjUuGZCZfx1GzrL7A.mft (raw, json) Hash identifier: KxhRYi48b67+eqpnffgMONOVtMP0O5+t8vfeEkgUAOg= Subject key identifier: C3:42:99:14:BD:B2:9D:71:E8:92:5A:48:8D:A8:45:6B:C4:CF:55:DB Authority key identifier: E2:4A:03:F8:0F:62:DA:86:63:52:E1:99:09:97:F1:D4:6C:EB:2F:B0 Certificate issuer: /CN=e24a03f80f62da866352e1990997f1d46ceb2fb0 Certificate serial: 019B2BF86D586759D0B4FF45E9D07A730DC6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4koD-A9i2oZjUuGZCZfx1GzrL7A.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/540c5f-a2a2-44e4-9287-41b54500fdcf/1/4koD-A9i2oZjUuGZCZfx1GzrL7A.mft Manifest number: 143C Signing time: Wed 17 Dec 2025 11:00:59 +0000 Manifest this update: Wed 17 Dec 2025 11:00:59 +0000 Manifest next update: Thu 18 Dec 2025 11:00:59 +0000 Files and hashes: 1: 4koD-A9i2oZjUuGZCZfx1GzrL7A.crl (hash: 2zHVXU+Yh8q/Kp806mRp1dyZn8wqfq+1/wa0J0ey9/w=) 2: _SDGNnpAJAI5c9TTproSlcDE1Ew.roa (hash: FWM2UQvUNqFuHmMAV7nZEdUtqbqVwiTq2Q2yh+QWjTY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/08/540c5f-a2a2-44e4-9287-41b54500fdcf/1/4koD-A9i2oZjUuGZCZfx1GzrL7A.crl rsync://rpki.ripe.net/repository/DEFAULT/08/540c5f-a2a2-44e4-9287-41b54500fdcf/1/4koD-A9i2oZjUuGZCZfx1GzrL7A.mft rsync://rpki.ripe.net/repository/DEFAULT/4koD-A9i2oZjUuGZCZfx1GzrL7A.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 18 Dec 2025 10:00:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2b:f8:6d:58:67:59:d0:b4:ff:45:e9:d0:7a:73:0d:c6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e24a03f80f62da866352e1990997f1d46ceb2fb0 Validity Not Before: Dec 17 11:00:59 2025 GMT Not After : Dec 18 11:00:59 2025 GMT Subject: CN=c3429914bdb29d71e8925a488da8456bc4cf55db Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:e0:6a:ad:ee:50:7e:8e:23:72:28:5c:b7:40: 23:78:f6:bc:e2:bc:25:44:40:db:c1:d1:f6:92:df: c0:89:c7:fa:a7:80:f7:dc:b8:37:72:6a:43:c2:61: 3d:36:78:b3:80:cb:4b:4f:e9:2a:a8:7c:7f:da:fc: 79:2a:21:c9:68:84:bb:1f:cf:91:91:9d:21:fc:2d: 14:8a:d3:1b:ed:5e:0b:3f:99:da:f9:4d:b7:3d:7b: 7c:30:ac:fa:50:3b:6a:6c:cb:40:a5:1d:5e:4e:65: f2:1a:75:53:d8:65:2e:04:b4:37:11:ae:03:d0:ba: ab:7a:1f:f6:06:bc:03:a4:95:52:b2:86:63:71:cc: 65:11:cc:47:1c:ec:06:3d:c7:d8:48:39:6f:34:a7: bb:bf:ec:48:49:15:60:6c:77:c6:97:d9:48:06:f3: bc:8a:a4:6e:54:2b:3e:19:7e:b5:d2:dd:bb:4e:19: 3f:b9:07:e8:43:9e:8b:33:81:ca:65:11:06:d5:20: 97:f6:66:51:a6:2c:c1:bf:7f:79:58:9c:0a:f7:eb: e4:79:47:60:c4:cc:32:9e:94:43:03:65:ea:36:6e: c5:37:32:d9:fb:45:70:bf:31:70:e7:54:00:42:8b: 43:a0:06:2f:ea:80:b2:a1:fe:39:b6:07:9d:7c:db: 98:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C3:42:99:14:BD:B2:9D:71:E8:92:5A:48:8D:A8:45:6B:C4:CF:55:DB X509v3 Authority Key Identifier: keyid:E2:4A:03:F8:0F:62:DA:86:63:52:E1:99:09:97:F1:D4:6C:EB:2F:B0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4koD-A9i2oZjUuGZCZfx1GzrL7A.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/540c5f-a2a2-44e4-9287-41b54500fdcf/1/4koD-A9i2oZjUuGZCZfx1GzrL7A.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/08/540c5f-a2a2-44e4-9287-41b54500fdcf/1/4koD-A9i2oZjUuGZCZfx1GzrL7A.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 28:b2:d1:b5:01:eb:1b:be:40:0a:24:d3:e0:e8:2b:4f:04:d2: ee:26:32:2b:1a:9c:46:f4:e3:23:ea:a3:6e:c2:95:7f:44:be: b8:ad:c5:17:12:5a:c8:3f:8f:47:c9:7b:50:85:e1:33:9d:f1: 7a:07:0d:ea:5e:00:12:f2:7f:03:22:49:e1:57:39:da:de:92: c5:e4:4b:ff:54:5c:23:c3:ff:d3:93:42:22:94:8d:1c:36:f4: 83:b7:98:35:35:f6:f8:89:b3:64:28:ab:e5:53:85:a3:12:0f: f8:28:0e:98:e3:22:a3:a5:33:d1:7a:e5:54:00:41:3b:e3:16: 4b:5a:54:e0:35:aa:55:89:6b:3a:87:c9:b6:f7:ef:e7:f1:a2: aa:71:92:64:29:73:af:11:7d:ae:58:06:b9:27:1e:36:ef:fa: 73:8c:68:6e:30:73:b8:58:3d:a2:5d:c9:6a:f4:4c:05:cc:de: 99:03:f2:0e:a1:47:e0:ca:47:33:ac:ac:81:17:b1:20:d7:2c: 2e:ef:43:4d:59:91:e0:c4:3a:10:9c:8a:26:a0:6d:78:61:d0: 59:b2:9b:76:e6:cb:42:2f:5e:19:1f:bd:cf:8b:76:e8:e4:07: 17:39:5f:84:a8:7e:c3:30:fd:a3:cf:f7:17:cf:18:0b:00:ca: 00:a8:88:e3 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsr+G1YZ1nQtP9F6dB6cw3GMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGUyNGEwM2Y4MGY2MmRhODY2MzUyZTE5OTA5OTdmMWQ0NmNl YjJmYjAwHhcNMjUxMjE3MTEwMDU5WhcNMjUxMjE4MTEwMDU5WjAzMTEwLwYDVQQD EyhjMzQyOTkxNGJkYjI5ZDcxZTg5MjVhNDg4ZGE4NDU2YmM0Y2Y1NWRiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2uBqre5Qfo4jcihct0AjePa84rwl REDbwdH2kt/Aicf6p4D33Lg3cmpDwmE9NnizgMtLT+kqqHx/2vx5KiHJaIS7H8+R kZ0h/C0UitMb7V4LP5na+U23PXt8MKz6UDtqbMtApR1eTmXyGnVT2GUuBLQ3Ea4D 0Lqreh/2BrwDpJVSsoZjccxlEcxHHOwGPcfYSDlvNKe7v+xISRVgbHfGl9lIBvO8 iqRuVCs+GX610t27Thk/uQfoQ56LM4HKZREG1SCX9mZRpizBv395WJwK9+vkeUdg xMwynpRDA2XqNm7FNzLZ+0VwvzFw51QAQotDoAYv6oCyof45tgedfNuYWQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMNCmRS9sp1x6JJaSI2oRWvEz1XbMB8GA1UdIwQY MBaAFOJKA/gPYtqGY1LhmQmX8dRs6y+wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNGtvRC1BOWkyb1pqVXVHWkNaZngxR3pyTDdBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC81NDBjNWYtYTJhMi00NGU0LTkyODct NDFiNTQ1MDBmZGNmLzEvNGtvRC1BOWkyb1pqVXVHWkNaZngxR3pyTDdBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wOC81NDBjNWYtYTJhMi00NGU0LTkyODctNDFiNTQ1MDBmZGNm LzEvNGtvRC1BOWkyb1pqVXVHWkNaZngxR3pyTDdBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKLLRtQHr G75ACiTT4OgrTwTS7iYyKxqcRvTjI+qjbsKVf0S+uK3FFxJayD+PR8l7UIXhM53x egcN6l4AEvJ/AyJJ4Vc52t6SxeRL/1RcI8P/05NCIpSNHDb0g7eYNTX2+ImzZCir 5VOFoxIP+CgOmOMio6Uz0XrlVABBO+MWS1pU4DWqVYlrOofJtvfv5/GiqnGSZClz rxF9rlgGuSceNu/6c4xobjBzuFg9ol3JavRMBczemQPyDqFH4MpHM6ysgRexINcs Lu9DTVmR4MQ6EJyKJqBteGHQWbKbdubLQi9eGR+9z4t26OQHFzlfhKh+wzD9o8/3 F88YCwDKAKiI4w== -----END CERTIFICATE-----Generated at Wed Dec 17 16:52:58 2025 by rpki-client