This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.mft File: 4MQ8pMSc9lLWDM3zZuYBFQ0PALk.mft (raw, json) Hash identifier: Xkx4xm3Sg7UgP1wHEU4fkJ12s5c/LdOGn9KXkVhI6jE= Subject key identifier: A3:F9:58:80:F2:41:A2:FB:21:A5:6F:AA:84:80:CC:D9:D2:54:C0:49 Authority key identifier: E0:C4:3C:A4:C4:9C:F6:52:D6:0C:CD:F3:66:E6:01:15:0D:0F:00:B9 Certificate issuer: /CN=e0c43ca4c49cf652d60ccdf366e601150d0f00b9 Certificate serial: 019B6A692015356F42768E64AA0C79ACF99A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.mft Manifest number: 0679 Signing time: Mon 29 Dec 2025 14:00:32 +0000 Manifest this update: Mon 29 Dec 2025 14:00:32 +0000 Manifest next update: Tue 30 Dec 2025 14:00:32 +0000 Files and hashes: 1: 4MQ8pMSc9lLWDM3zZuYBFQ0PALk.crl (hash: G3kmdv1kZFr40nFV5ljnu8UUaCQG+yAHBDmGoakQyTM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.crl rsync://rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.mft rsync://rpki.ripe.net/repository/DEFAULT/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 30 Dec 2025 14:00:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:6a:69:20:15:35:6f:42:76:8e:64:aa:0c:79:ac:f9:9a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e0c43ca4c49cf652d60ccdf366e601150d0f00b9 Validity Not Before: Dec 29 14:00:32 2025 GMT Not After : Dec 30 14:00:32 2025 GMT Subject: CN=a3f95880f241a2fb21a56faa8480ccd9d254c049 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:89:de:9e:cd:a3:69:ec:8b:29:ae:af:35:cd: ff:2f:7e:49:f8:f0:ac:ae:b0:bb:c5:df:63:fb:c6: dd:f2:b1:8c:cd:11:4f:79:db:fe:6e:45:c4:fb:78: 34:6a:d6:40:bd:d5:53:42:f2:b4:f9:49:96:dc:f4: 6d:02:c6:02:4c:8b:a7:3f:f8:cb:1e:12:12:eb:3d: d5:5b:89:a7:e3:26:43:0f:68:84:49:d3:bf:18:c0: 40:91:85:9c:94:3f:c5:2d:1a:66:4c:9c:bb:b1:e1: d8:e2:00:29:da:0b:bc:d0:7d:32:64:c1:5e:3c:ed: eb:04:62:d8:59:5d:01:85:cd:e4:8a:1a:5a:26:7f: e4:5f:e9:81:ee:08:d8:c7:ab:ce:e2:c2:0b:66:51: e3:c0:af:6a:e8:7d:c7:9d:64:da:9c:31:c8:ba:8b: 3d:b4:5b:df:25:59:53:27:84:c0:60:5c:1b:35:71: 2b:25:97:06:e1:05:34:5b:3b:08:ec:23:e3:26:05: 54:4a:d8:4e:36:e4:5f:10:eb:d0:50:a6:98:97:5d: e8:ec:92:04:69:f3:6f:22:85:5e:10:91:6f:62:dc: c0:50:cd:ba:ed:93:73:a5:16:84:94:73:3b:30:4a: 58:54:7d:4c:9b:1f:3e:53:4f:53:e7:19:04:75:77: c3:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:F9:58:80:F2:41:A2:FB:21:A5:6F:AA:84:80:CC:D9:D2:54:C0:49 X509v3 Authority Key Identifier: keyid:E0:C4:3C:A4:C4:9C:F6:52:D6:0C:CD:F3:66:E6:01:15:0D:0F:00:B9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/27/e81f8f-6dff-497f-8125-05fa4918c410/1/4MQ8pMSc9lLWDM3zZuYBFQ0PALk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3e:a3:e6:4f:84:41:9b:df:d5:ae:01:64:bc:02:2a:2a:39:79: 6a:53:54:de:9f:74:3c:2f:fc:7e:f1:8f:5a:b0:fe:d6:14:35: 09:02:8c:0f:94:2a:5b:f8:95:cd:a9:10:9a:69:c2:14:3c:47: 96:1e:1a:53:4e:22:4e:5b:61:d6:ef:b8:d8:e8:6e:7c:cd:b3: f8:12:75:4f:5c:4e:a7:8d:6f:2d:70:c7:3f:b7:d8:18:03:eb: 54:17:a1:20:8c:24:02:e8:96:64:04:7d:40:06:f8:db:ae:71: 2e:ad:e8:13:9c:3b:63:ba:f4:e6:54:80:45:1e:b3:45:0f:ae: f9:e9:b6:31:72:70:af:ee:70:98:6d:0a:3c:e4:4d:f8:d7:15: cc:2a:84:e1:91:d7:e7:c0:ba:5d:73:e9:3d:f8:ef:88:5d:13: c5:e4:54:da:5c:7f:cd:59:bd:e5:3d:2a:58:84:4f:6b:fe:55: 1d:a5:a2:1f:0b:4b:4f:a1:6d:b5:3c:48:60:72:dd:87:d8:5a: 84:0b:dc:c0:64:eb:e4:2b:c0:f1:fc:c1:52:a6:7b:7c:99:b7: 87:df:dd:bc:ea:8a:25:72:fd:64:4c:04:e5:0c:66:6a:02:1c: bf:5a:8e:7f:8d:7b:9c:9b:81:67:71:f8:03:5b:0b:bf:43:04: b6:31:79:de -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtqaSAVNW9Cdo5kqgx5rPmaMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGUwYzQzY2E0YzQ5Y2Y2NTJkNjBjY2RmMzY2ZTYwMTE1MGQw ZjAwYjkwHhcNMjUxMjI5MTQwMDMyWhcNMjUxMjMwMTQwMDMyWjAzMTEwLwYDVQQD EyhhM2Y5NTg4MGYyNDFhMmZiMjFhNTZmYWE4NDgwY2NkOWQyNTRjMDQ5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsYnens2jaeyLKa6vNc3/L35J+PCs rrC7xd9j+8bd8rGMzRFPedv+bkXE+3g0atZAvdVTQvK0+UmW3PRtAsYCTIunP/jL HhIS6z3VW4mn4yZDD2iESdO/GMBAkYWclD/FLRpmTJy7seHY4gAp2gu80H0yZMFe PO3rBGLYWV0Bhc3kihpaJn/kX+mB7gjYx6vO4sILZlHjwK9q6H3HnWTanDHIuos9 tFvfJVlTJ4TAYFwbNXErJZcG4QU0WzsI7CPjJgVUSthONuRfEOvQUKaYl13o7JIE afNvIoVeEJFvYtzAUM267ZNzpRaElHM7MEpYVH1Mmx8+U09T5xkEdXfD9wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKP5WIDyQaL7IaVvqoSAzNnSVMBJMB8GA1UdIwQY MBaAFODEPKTEnPZS1gzN82bmARUNDwC5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNE1ROHBNU2M5bExXRE0zelp1WUJGUTBQQUxrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9lODFmOGYtNmRmZi00OTdmLTgxMjUt MDVmYTQ5MThjNDEwLzEvNE1ROHBNU2M5bExXRE0zelp1WUJGUTBQQUxrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNy9lODFmOGYtNmRmZi00OTdmLTgxMjUtMDVmYTQ5MThjNDEw LzEvNE1ROHBNU2M5bExXRE0zelp1WUJGUTBQQUxrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPqPmT4RB m9/VrgFkvAIqKjl5alNU3p90PC/8fvGPWrD+1hQ1CQKMD5QqW/iVzakQmmnCFDxH lh4aU04iTlth1u+42OhufM2z+BJ1T1xOp41vLXDHP7fYGAPrVBehIIwkAuiWZAR9 QAb4265xLq3oE5w7Y7r05lSARR6zRQ+u+em2MXJwr+5wmG0KPORN+NcVzCqE4ZHX 58C6XXPpPfjviF0TxeRU2lx/zVm95T0qWIRPa/5VHaWiHwtLT6FttTxIYHLdh9ha hAvcwGTr5CvA8fzBUqZ7fJm3h9/dvOqKJXL9ZEwE5QxmagIcv1qOf417nJuBZ3H4 A1sLv0MEtjF53g== -----END CERTIFICATE-----Generated at Mon Dec 29 17:42:46 2025 by rpki-client