This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/95746e-be52-42ee-9cc8-c3edb4d8f71e/1/4KM3CoQbiT57aPhqOTNjWC4QVkg.mft File: 4KM3CoQbiT57aPhqOTNjWC4QVkg.mft (raw, json) Hash identifier: mtGeEQYzoSLhFVXW6wG/KywKPqTf+h1+Ph3OFpdiviw= Subject key identifier: 36:54:F7:A6:4D:94:3A:DB:41:DA:06:4E:F4:00:4B:92:C6:2C:0D:8F Authority key identifier: E0:A3:37:0A:84:1B:89:3E:7B:68:F8:6A:39:33:63:58:2E:10:56:48 Certificate issuer: /CN=e0a3370a841b893e7b68f86a393363582e105648 Certificate serial: 019B5BD1D0BCFD2F456F19E3EA5E17803D64 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4KM3CoQbiT57aPhqOTNjWC4QVkg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/95746e-be52-42ee-9cc8-c3edb4d8f71e/1/4KM3CoQbiT57aPhqOTNjWC4QVkg.mft Manifest number: 0C72 Signing time: Fri 26 Dec 2025 18:00:35 +0000 Manifest this update: Fri 26 Dec 2025 18:00:35 +0000 Manifest next update: Sat 27 Dec 2025 18:00:35 +0000 Files and hashes: 1: 4KM3CoQbiT57aPhqOTNjWC4QVkg.crl (hash: 0B3CGo64yw2e/aL8y7oxQ6lI6Ge5KqN4O5yeTk9oWV8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/95746e-be52-42ee-9cc8-c3edb4d8f71e/1/4KM3CoQbiT57aPhqOTNjWC4QVkg.crl rsync://rpki.ripe.net/repository/DEFAULT/40/95746e-be52-42ee-9cc8-c3edb4d8f71e/1/4KM3CoQbiT57aPhqOTNjWC4QVkg.mft rsync://rpki.ripe.net/repository/DEFAULT/4KM3CoQbiT57aPhqOTNjWC4QVkg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 15:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5b:d1:d0:bc:fd:2f:45:6f:19:e3:ea:5e:17:80:3d:64 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e0a3370a841b893e7b68f86a393363582e105648 Validity Not Before: Dec 26 18:00:35 2025 GMT Not After : Dec 27 18:00:35 2025 GMT Subject: CN=3654f7a64d943adb41da064ef4004b92c62c0d8f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:41:49:05:8a:64:b8:09:0e:f1:fe:fe:55:8d: b4:9c:fa:d2:d4:e6:6a:06:3b:ed:44:65:fa:d2:7a: 00:d9:84:26:0c:db:dd:cb:bc:cf:8f:6e:71:a7:f4: 74:8f:6a:4e:c7:e6:d4:c6:82:c2:4e:bc:a3:ca:04: 74:49:b3:d6:81:da:15:3d:ad:a8:78:75:6e:81:08: 69:b2:f4:88:cc:7a:87:cc:5b:1d:e2:15:26:4f:21: c0:9e:8b:47:c3:68:63:27:f4:6e:0c:7f:28:3e:90: 00:a5:1f:fa:1b:01:41:fc:4d:e4:fc:64:64:6a:a8: 19:e4:c9:a3:89:17:7c:75:bb:01:73:cf:f6:f2:42: f3:86:c6:cd:bb:35:61:35:58:4a:18:7c:86:c8:90: 75:d9:89:a6:d9:56:ae:0a:1a:2e:39:40:70:99:54: 33:86:22:a7:83:af:16:d6:07:42:00:e7:83:22:85: 1d:ed:0a:5e:59:c0:bb:a1:9e:13:1b:37:ea:9a:3e: d2:ae:4c:c5:cb:7a:e9:e1:76:9c:8f:10:fb:80:c1: 17:71:8d:4d:62:e9:5d:93:65:f1:6d:fb:33:0e:e6: 61:1a:0f:06:9c:c7:e5:85:28:ab:ee:fb:49:70:ca: d0:1b:6d:24:f5:d3:65:7a:a6:f2:ed:af:fc:58:2c: fa:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 36:54:F7:A6:4D:94:3A:DB:41:DA:06:4E:F4:00:4B:92:C6:2C:0D:8F X509v3 Authority Key Identifier: keyid:E0:A3:37:0A:84:1B:89:3E:7B:68:F8:6A:39:33:63:58:2E:10:56:48 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4KM3CoQbiT57aPhqOTNjWC4QVkg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/95746e-be52-42ee-9cc8-c3edb4d8f71e/1/4KM3CoQbiT57aPhqOTNjWC4QVkg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/40/95746e-be52-42ee-9cc8-c3edb4d8f71e/1/4KM3CoQbiT57aPhqOTNjWC4QVkg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption ba:9f:d6:26:14:23:8b:ae:c1:4e:0d:ef:c6:0f:76:cb:bc:14: 2c:b9:10:9e:1a:e1:75:71:b6:43:38:fb:ae:eb:8f:81:db:e8: ea:ca:cf:c5:32:6c:72:79:99:df:5e:65:05:59:81:52:c1:ec: 6a:88:18:f8:62:58:88:b8:0f:67:7e:f4:6b:c0:4c:86:ae:f4: e3:03:55:e1:18:94:00:7a:8a:d4:ba:25:81:ee:8f:d3:e7:8e: 5c:9b:52:b6:be:90:ac:a7:49:e7:96:dc:60:fe:cb:9e:c5:fc: 7b:26:5f:2c:c0:a7:6b:f2:64:48:f9:c9:47:7c:58:05:a1:24: ea:72:a0:98:db:44:a7:af:b0:43:e2:ee:bb:cc:16:72:23:84: db:a9:0a:cd:70:9a:56:c6:65:c3:f9:cd:97:98:0b:47:e6:78: 6c:2c:d0:77:37:50:ca:bd:8b:9f:b7:7a:91:c7:45:19:84:99: 3c:61:92:8a:b6:89:71:3b:fa:60:87:a2:f8:c3:99:a3:bb:7a: a6:25:f6:e7:97:67:01:6e:a8:fc:cc:d3:f5:9e:55:54:78:ef: e7:78:49:76:7a:f4:de:96:17:29:62:c6:f4:03:dd:13:2e:72: da:d3:83:8a:99:6b:af:6b:8a:ce:ac:5d:4e:9f:7c:d2:03:f5: 1b:5d:f1:42 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtb0dC8/S9Fbxnj6l4XgD1kMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGUwYTMzNzBhODQxYjg5M2U3YjY4Zjg2YTM5MzM2MzU4MmUx MDU2NDgwHhcNMjUxMjI2MTgwMDM1WhcNMjUxMjI3MTgwMDM1WjAzMTEwLwYDVQQD EygzNjU0ZjdhNjRkOTQzYWRiNDFkYTA2NGVmNDAwNGI5MmM2MmMwZDhmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA60FJBYpkuAkO8f7+VY20nPrS1OZq BjvtRGX60noA2YQmDNvdy7zPj25xp/R0j2pOx+bUxoLCTryjygR0SbPWgdoVPa2o eHVugQhpsvSIzHqHzFsd4hUmTyHAnotHw2hjJ/RuDH8oPpAApR/6GwFB/E3k/GRk aqgZ5MmjiRd8dbsBc8/28kLzhsbNuzVhNVhKGHyGyJB12Ymm2VauChouOUBwmVQz hiKng68W1gdCAOeDIoUd7QpeWcC7oZ4TGzfqmj7SrkzFy3rp4XacjxD7gMEXcY1N Yuldk2XxbfszDuZhGg8GnMflhSir7vtJcMrQG20k9dNleqby7a/8WCz6SwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDZU96ZNlDrbQdoGTvQAS5LGLA2PMB8GA1UdIwQY MBaAFOCjNwqEG4k+e2j4ajkzY1guEFZIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNEtNM0NvUWJpVDU3YVBocU9UTmpXQzRRVmtnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC85NTc0NmUtYmU1Mi00MmVlLTljYzgt YzNlZGI0ZDhmNzFlLzEvNEtNM0NvUWJpVDU3YVBocU9UTmpXQzRRVmtnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80MC85NTc0NmUtYmU1Mi00MmVlLTljYzgtYzNlZGI0ZDhmNzFl LzEvNEtNM0NvUWJpVDU3YVBocU9UTmpXQzRRVmtnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAup/WJhQj i67BTg3vxg92y7wULLkQnhrhdXG2Qzj7ruuPgdvo6srPxTJscnmZ315lBVmBUsHs aogY+GJYiLgPZ370a8BMhq704wNV4RiUAHqK1Lolge6P0+eOXJtStr6QrKdJ55bc YP7LnsX8eyZfLMCna/JkSPnJR3xYBaEk6nKgmNtEp6+wQ+Luu8wWciOE26kKzXCa VsZlw/nNl5gLR+Z4bCzQdzdQyr2Ln7d6kcdFGYSZPGGSiraJcTv6YIei+MOZo7t6 piX255dnAW6o/MzT9Z5VVHjv53hJdnr03pYXKWLG9APdEy5y2tODiplrr2uKzqxd Tp980gP1G13xQg== -----END CERTIFICATE-----Generated at Fri Dec 26 23:12:25 2025 by rpki-client