This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/d520c4-deb4-438b-93bf-768f3d6ee19e/1/4Genud52frl9tk5RZHhJRjO9VOo.mft File: 4Genud52frl9tk5RZHhJRjO9VOo.mft (raw, json) Hash identifier: 8nUtMf6u/fq1G8IL91QLFKPZgQ9VCnTeZO5E8WbFqzY= Subject key identifier: B9:61:EA:43:BA:A3:EF:78:06:2B:EC:AB:DD:3F:C5:20:1C:16:68:2D Authority key identifier: E0:67:A7:B9:DE:76:7E:B9:7D:B6:4E:51:64:78:49:46:33:BD:54:EA Certificate issuer: /CN=e067a7b9de767eb97db64e516478494633bd54ea Certificate serial: 019B56E3305F9842BB1B4E034AB08C1FC22E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4Genud52frl9tk5RZHhJRjO9VOo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/d520c4-deb4-438b-93bf-768f3d6ee19e/1/4Genud52frl9tk5RZHhJRjO9VOo.mft Manifest number: 0D96 Signing time: Thu 25 Dec 2025 19:01:28 +0000 Manifest this update: Thu 25 Dec 2025 19:01:28 +0000 Manifest next update: Fri 26 Dec 2025 19:01:28 +0000 Files and hashes: 1: 4Genud52frl9tk5RZHhJRjO9VOo.crl (hash: nn3m64K26UpycsXndbLSRj8vQB2KD2ss1A2sBQkUqj8=) 2: DQo4EErqs46yA4QIpyLHGlOprVU.roa (hash: jpEUtUNk7NIqvU0XQCmCZgYXNkApAZ2zVdQgWdhDGWc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/d520c4-deb4-438b-93bf-768f3d6ee19e/1/4Genud52frl9tk5RZHhJRjO9VOo.crl rsync://rpki.ripe.net/repository/DEFAULT/2f/d520c4-deb4-438b-93bf-768f3d6ee19e/1/4Genud52frl9tk5RZHhJRjO9VOo.mft rsync://rpki.ripe.net/repository/DEFAULT/4Genud52frl9tk5RZHhJRjO9VOo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 26 Dec 2025 19:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:56:e3:30:5f:98:42:bb:1b:4e:03:4a:b0:8c:1f:c2:2e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e067a7b9de767eb97db64e516478494633bd54ea Validity Not Before: Dec 25 19:01:28 2025 GMT Not After : Dec 26 19:01:28 2025 GMT Subject: CN=b961ea43baa3ef78062becabdd3fc5201c16682d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:94:8e:ae:82:31:5d:6e:e4:13:0d:00:67:41:3c: 9b:ca:b9:d9:ba:b7:75:df:3c:29:a7:04:e1:b1:24: 11:97:a2:9d:8c:f0:da:c5:9e:d3:a1:4a:c7:fe:12: 02:08:f0:25:a8:26:5d:5f:c1:c1:a0:df:3b:6b:eb: 50:86:1d:67:66:23:d3:b8:98:43:c1:84:9d:4b:7a: c4:cb:8a:79:41:db:cb:0e:b8:87:8a:66:e3:67:a1: a4:c1:6d:18:0a:16:6f:9f:9f:00:ee:83:b5:5b:41: 34:35:a2:2a:17:b6:37:d9:1e:37:3c:4a:26:9f:b3: 05:2c:22:53:27:ba:7c:01:3f:23:7f:ee:29:41:78: 77:44:cc:98:e7:c8:cd:47:92:88:21:44:68:e9:c9: 11:95:86:25:71:56:6e:38:33:e6:2f:dd:4a:c0:a7: b5:fb:81:18:66:cc:21:00:56:10:e7:0a:c3:a5:0f: 28:10:3d:d3:d9:53:f5:4d:40:b4:fe:ce:07:5a:f0: 80:43:a0:49:c7:a6:21:27:c3:1b:22:ab:92:f3:55: 7d:f1:13:e7:4f:5a:e9:75:79:d4:d2:87:03:6c:6b: 07:79:b6:73:15:56:63:e7:a8:21:a2:8d:20:cc:29: d9:8f:3b:6c:8b:09:c5:08:5a:14:a4:39:bc:83:fb: 5e:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B9:61:EA:43:BA:A3:EF:78:06:2B:EC:AB:DD:3F:C5:20:1C:16:68:2D X509v3 Authority Key Identifier: keyid:E0:67:A7:B9:DE:76:7E:B9:7D:B6:4E:51:64:78:49:46:33:BD:54:EA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4Genud52frl9tk5RZHhJRjO9VOo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/d520c4-deb4-438b-93bf-768f3d6ee19e/1/4Genud52frl9tk5RZHhJRjO9VOo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/d520c4-deb4-438b-93bf-768f3d6ee19e/1/4Genud52frl9tk5RZHhJRjO9VOo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 17:e0:6b:54:2b:72:fa:bd:f5:28:3a:65:ff:a0:98:91:26:7e: 4c:7a:c5:06:4e:de:a3:e6:de:a4:a6:20:4e:f0:a5:19:ba:7d: 2a:0c:3d:91:7e:39:8c:94:84:fe:cd:d6:02:72:6c:54:cc:08: 9e:72:74:31:1c:4b:c6:f5:75:a4:23:4a:78:11:33:8f:3e:b1: 78:89:c6:d9:9f:ef:3f:97:cb:28:21:8a:b5:f5:01:51:84:b2: 98:fa:b3:0d:83:35:d1:44:97:b3:a9:81:27:21:12:c0:0d:3d: 00:72:3f:a8:66:21:20:0f:f7:ce:70:50:d5:31:40:58:62:b1: 53:d6:96:c5:7d:d8:79:32:ef:28:e7:f3:3f:9d:30:a9:17:51: b2:fe:d2:c4:1d:51:9c:da:57:48:0a:54:2a:b5:03:d7:1c:d2: 3d:51:27:87:93:bc:b9:ac:9d:6b:63:62:9c:9d:05:80:2e:f9: cf:7c:14:9a:2e:61:44:79:63:31:79:3a:a2:5f:7e:32:fb:c7: 8c:08:a6:7f:9f:cc:48:49:65:bc:86:a4:a7:a3:ad:79:f5:0f: 0d:df:3b:d8:d8:b8:72:7d:48:c4:22:d2:d7:24:d6:58:17:51: a1:a6:b2:96:d5:37:d0:9e:4f:ac:29:59:99:b9:7a:cd:94:94: b2:a7:13:07 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtW4zBfmEK7G04DSrCMH8IuMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGUwNjdhN2I5ZGU3NjdlYjk3ZGI2NGU1MTY0Nzg0OTQ2MzNi ZDU0ZWEwHhcNMjUxMjI1MTkwMTI4WhcNMjUxMjI2MTkwMTI4WjAzMTEwLwYDVQQD EyhiOTYxZWE0M2JhYTNlZjc4MDYyYmVjYWJkZDNmYzUyMDFjMTY2ODJkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlI6ugjFdbuQTDQBnQTybyrnZurd1 3zwppwThsSQRl6KdjPDaxZ7ToUrH/hICCPAlqCZdX8HBoN87a+tQhh1nZiPTuJhD wYSdS3rEy4p5QdvLDriHimbjZ6GkwW0YChZvn58A7oO1W0E0NaIqF7Y32R43PEom n7MFLCJTJ7p8AT8jf+4pQXh3RMyY58jNR5KIIURo6ckRlYYlcVZuODPmL91KwKe1 +4EYZswhAFYQ5wrDpQ8oED3T2VP1TUC0/s4HWvCAQ6BJx6YhJ8MbIquS81V98RPn T1rpdXnU0ocDbGsHebZzFVZj56ghoo0gzCnZjztsiwnFCFoUpDm8g/tezwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLlh6kO6o+94Bivsq90/xSAcFmgtMB8GA1UdIwQY MBaAFOBnp7nedn65fbZOUWR4SUYzvVTqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNEdlbnVkNTJmcmw5dGs1UlpIaEpSak85Vk9vLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9kNTIwYzQtZGViNC00MzhiLTkzYmYt NzY4ZjNkNmVlMTllLzEvNEdlbnVkNTJmcmw5dGs1UlpIaEpSak85Vk9vLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yZi9kNTIwYzQtZGViNC00MzhiLTkzYmYtNzY4ZjNkNmVlMTll LzEvNEdlbnVkNTJmcmw5dGs1UlpIaEpSak85Vk9vLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAF+BrVCty +r31KDpl/6CYkSZ+THrFBk7eo+bepKYgTvClGbp9Kgw9kX45jJSE/s3WAnJsVMwI nnJ0MRxLxvV1pCNKeBEzjz6xeInG2Z/vP5fLKCGKtfUBUYSymPqzDYM10USXs6mB JyESwA09AHI/qGYhIA/3znBQ1TFAWGKxU9aWxX3YeTLvKOfzP50wqRdRsv7SxB1R nNpXSApUKrUD1xzSPVEnh5O8uayda2NinJ0FgC75z3wUmi5hRHljMXk6ol9+MvvH jAimf5/MSEllvIakp6OtefUPDd872Ni4cn1IxCLS1yTWWBdRoaayltU30J5PrClZ mbl6zZSUsqcTBw== -----END CERTIFICATE-----Generated at Fri Dec 26 00:47:43 2025 by rpki-client