This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.mft File: 4BpLB7xMpvoFciL96uhg9kRAR-A.mft (raw, json) Hash identifier: dzblaG+YZbqaY+wxZZLdy/08AqT9BQGAv7rGERuQjOY= Subject key identifier: E3:F2:62:C4:9A:0E:13:D9:A0:75:99:39:B2:A6:7D:0A:B3:F9:D9:47 Authority key identifier: E0:1A:4B:07:BC:4C:A6:FA:05:72:22:FD:EA:E8:60:F6:44:40:47:E0 Certificate issuer: /CN=e01a4b07bc4ca6fa057222fdeae860f6444047e0 Certificate serial: 019B77EE28E7E5ACC8BE494A9592D98C65B2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4BpLB7xMpvoFciL96uhg9kRAR-A.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.mft Manifest number: 0578 Signing time: Thu 01 Jan 2026 05:00:55 +0000 Manifest this update: Thu 01 Jan 2026 05:00:55 +0000 Manifest next update: Fri 02 Jan 2026 05:00:55 +0000 Files and hashes: 1: 4BpLB7xMpvoFciL96uhg9kRAR-A.crl (hash: PBC1PglzIbhp8EYjphOG+akKRm4JwvwcLGJgQHpUeNg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.crl rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.mft rsync://rpki.ripe.net/repository/DEFAULT/4BpLB7xMpvoFciL96uhg9kRAR-A.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 02 Jan 2026 05:00:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:ee:28:e7:e5:ac:c8:be:49:4a:95:92:d9:8c:65:b2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e01a4b07bc4ca6fa057222fdeae860f6444047e0 Validity Not Before: Jan 1 05:00:55 2026 GMT Not After : Jan 2 05:00:55 2026 GMT Subject: CN=e3f262c49a0e13d9a0759939b2a67d0ab3f9d947 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:8c:95:4b:01:48:70:e2:4d:eb:f8:1d:8a:e7: 65:13:d4:6d:64:8e:ab:b8:9a:a9:a6:d3:7d:73:dd: a9:7e:66:3c:69:18:6e:55:0d:04:2c:d6:a9:a6:b7: b0:06:e6:e0:b7:a6:28:66:8a:b5:e4:ea:be:c0:00: cf:20:56:a6:b8:85:f0:9a:c1:55:10:57:92:41:98: 5f:44:ca:a1:e1:65:e4:e7:78:c6:af:e9:7c:cf:85: 04:98:03:d7:05:87:1b:f3:fc:d9:55:a3:4b:4d:77: 83:b4:a4:59:47:f6:a0:5f:ed:e3:81:05:14:b3:96: 39:b4:3d:fa:1a:15:5f:9f:03:09:cc:8b:01:74:00: a7:d5:49:78:e6:9b:86:01:fb:69:ba:ab:a9:28:e4: e4:4e:5d:c9:99:a9:87:69:d9:25:63:34:07:49:15: 69:89:b5:a9:43:c5:b5:ef:fa:67:04:3f:72:83:d3: 6b:73:a7:7d:69:0c:2e:fd:52:7c:a8:29:bc:c0:ad: 50:8e:25:2c:e8:0e:37:1d:62:96:00:a6:62:a9:57: f3:8b:2d:e8:36:65:01:61:bd:e9:01:6f:e6:13:88: eb:57:77:f8:98:e1:36:57:40:2c:0f:b0:d4:03:62: 42:1e:2f:1f:65:30:4b:49:31:c7:32:14:c8:53:d1: 14:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:F2:62:C4:9A:0E:13:D9:A0:75:99:39:B2:A6:7D:0A:B3:F9:D9:47 X509v3 Authority Key Identifier: keyid:E0:1A:4B:07:BC:4C:A6:FA:05:72:22:FD:EA:E8:60:F6:44:40:47:E0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4BpLB7xMpvoFciL96uhg9kRAR-A.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/43/944c8f-f0f8-4c71-9ede-7a3c532d3a55/1/4BpLB7xMpvoFciL96uhg9kRAR-A.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 40:60:2a:25:ef:84:ac:a3:5a:92:d4:a1:1f:c3:4c:a6:b7:f1: 3a:d9:d4:30:18:bc:e1:fa:1c:55:98:7e:68:cd:28:1b:fe:c2: 55:d9:64:6e:68:cc:25:9e:f7:d4:10:44:0d:e5:99:dc:31:83: 1a:55:ba:7b:62:1a:a4:ca:17:c9:b7:38:87:de:75:d5:d6:70: 91:a9:71:35:5d:8a:8f:24:2b:b7:88:fd:c7:0e:47:0d:6b:62: 03:7c:a0:07:e6:e5:70:1c:cf:51:e0:6e:54:b0:83:36:de:69: 69:55:ca:77:0a:4f:a3:42:3e:6a:df:59:42:91:fb:e5:0a:80: 49:0c:48:d6:62:8b:41:6d:55:36:b7:7c:13:b3:b2:20:b6:f6: 11:79:c3:b0:79:62:28:29:1f:95:e6:41:72:b7:9f:31:37:ac: db:a5:38:3c:a8:7c:7e:6c:04:54:34:2f:a2:de:73:01:26:4d: 84:d1:c0:9a:6b:57:47:56:b2:9a:14:cf:59:c9:b6:9b:92:90: e6:45:46:b3:f2:04:0d:83:91:8a:02:9d:2d:4e:94:c6:66:fd: 39:5e:50:59:4d:e0:d1:bc:28:d5:52:57:c4:2c:5b:8c:69:cb: 32:74:f4:d2:fb:41:cb:f5:60:ba:6d:c7:f0:4f:9a:57:ee:9a: 6a:a9:6b:9b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZt37ijn5azIvklKlZLZjGWyMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGUwMWE0YjA3YmM0Y2E2ZmEwNTcyMjJmZGVhZTg2MGY2NDQ0 MDQ3ZTAwHhcNMjYwMTAxMDUwMDU1WhcNMjYwMTAyMDUwMDU1WjAzMTEwLwYDVQQD EyhlM2YyNjJjNDlhMGUxM2Q5YTA3NTk5MzliMmE2N2QwYWIzZjlkOTQ3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtYyVSwFIcOJN6/gdiudlE9RtZI6r uJqpptN9c92pfmY8aRhuVQ0ELNapprewBubgt6YoZoq15Oq+wADPIFamuIXwmsFV EFeSQZhfRMqh4WXk53jGr+l8z4UEmAPXBYcb8/zZVaNLTXeDtKRZR/agX+3jgQUU s5Y5tD36GhVfnwMJzIsBdACn1Ul45puGAftpuqupKOTkTl3JmamHadklYzQHSRVp ibWpQ8W17/pnBD9yg9Nrc6d9aQwu/VJ8qCm8wK1QjiUs6A43HWKWAKZiqVfziy3o NmUBYb3pAW/mE4jrV3f4mOE2V0AsD7DUA2JCHi8fZTBLSTHHMhTIU9EUJwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOPyYsSaDhPZoHWZObKmfQqz+dlHMB8GA1UdIwQY MBaAFOAaSwe8TKb6BXIi/eroYPZEQEfgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNEJwTEI3eE1wdm9GY2lMOTZ1aGc5a1JBUi1BLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My85NDRjOGYtZjBmOC00YzcxLTllZGUt N2EzYzUzMmQzYTU1LzEvNEJwTEI3eE1wdm9GY2lMOTZ1aGc5a1JBUi1BLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80My85NDRjOGYtZjBmOC00YzcxLTllZGUtN2EzYzUzMmQzYTU1 LzEvNEJwTEI3eE1wdm9GY2lMOTZ1aGc5a1JBUi1BLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQGAqJe+E rKNaktShH8NMprfxOtnUMBi84focVZh+aM0oG/7CVdlkbmjMJZ731BBEDeWZ3DGD GlW6e2IapMoXybc4h9511dZwkalxNV2KjyQrt4j9xw5HDWtiA3ygB+blcBzPUeBu VLCDNt5paVXKdwpPo0I+at9ZQpH75QqASQxI1mKLQW1VNrd8E7OyILb2EXnDsHli KCkfleZBcrefMTes26U4PKh8fmwEVDQvot5zASZNhNHAmmtXR1aymhTPWcm2m5KQ 5kVGs/IEDYORigKdLU6Uxmb9OV5QWU3g0bwo1VJXxCxbjGnLMnT00vtBy/Vgum3H 8E+aV+6aaqlrmw== -----END CERTIFICATE-----Generated at Thu Jan 1 14:27:19 2026 by rpki-client