This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/feaa30-142a-4fe0-aab9-907a58c994c2/1/4tNxxKeqqFX4zDsa6oAilCCoDyA.mft File: 4tNxxKeqqFX4zDsa6oAilCCoDyA.mft (raw, json) Hash identifier: S+U8iLJN1/ZTLaXS/jqxO2+1iyLskTdtgjf0JYy6mew= Subject key identifier: F7:54:4E:01:FD:A0:4C:D4:6A:EF:50:3F:E9:72:AC:89:3E:0B:1D:D3 Authority key identifier: E2:D3:71:C4:A7:AA:A8:55:F8:CC:3B:1A:EA:80:22:94:20:A8:0F:20 Certificate issuer: /CN=e2d371c4a7aaa855f8cc3b1aea80229420a80f20 Certificate serial: 019B4882D9670B7D9CF1CC3807F41B1D1F7D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4tNxxKeqqFX4zDsa6oAilCCoDyA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/feaa30-142a-4fe0-aab9-907a58c994c2/1/4tNxxKeqqFX4zDsa6oAilCCoDyA.mft Manifest number: 1790 Signing time: Tue 23 Dec 2025 00:01:33 +0000 Manifest this update: Tue 23 Dec 2025 00:01:33 +0000 Manifest next update: Wed 24 Dec 2025 00:01:33 +0000 Files and hashes: 1: 4tNxxKeqqFX4zDsa6oAilCCoDyA.crl (hash: O3ctiM85zOXn+Zln0E1sCQSiYsspgyPy4naosSF4w4Q=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/feaa30-142a-4fe0-aab9-907a58c994c2/1/4tNxxKeqqFX4zDsa6oAilCCoDyA.crl rsync://rpki.ripe.net/repository/DEFAULT/53/feaa30-142a-4fe0-aab9-907a58c994c2/1/4tNxxKeqqFX4zDsa6oAilCCoDyA.mft rsync://rpki.ripe.net/repository/DEFAULT/4tNxxKeqqFX4zDsa6oAilCCoDyA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 23:03:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:48:82:d9:67:0b:7d:9c:f1:cc:38:07:f4:1b:1d:1f:7d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e2d371c4a7aaa855f8cc3b1aea80229420a80f20 Validity Not Before: Dec 23 00:01:33 2025 GMT Not After : Dec 24 00:01:33 2025 GMT Subject: CN=f7544e01fda04cd46aef503fe972ac893e0b1dd3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:94:c0:ab:1b:36:3d:23:d0:87:b3:9a:81:02:8e: 84:12:1f:70:80:12:fd:d2:69:7b:34:a6:1c:79:23: a2:5e:9f:d9:85:c0:68:91:04:7c:bb:50:4f:31:95: 73:59:eb:d1:cc:ba:12:9a:df:c3:09:e0:23:d5:b9: 34:d9:25:c9:68:fb:a5:8a:af:ea:80:41:c1:b7:60: 3a:fd:a8:55:48:ff:46:94:67:9f:0a:c9:58:0f:7f: 26:e0:5b:76:72:c7:82:9f:2e:44:db:f7:ab:cd:03: 79:d3:aa:63:2d:bd:79:0d:e3:7f:55:03:2f:86:99: d4:92:2c:05:05:da:4d:81:85:8f:1f:f9:f8:05:c7: bc:ca:05:e4:94:d1:a3:e3:5c:0c:99:ec:0b:05:fc: cd:03:01:f5:7b:91:ac:22:a4:8b:69:49:e5:84:b7: 5d:49:4b:c5:85:2f:40:79:be:9c:ac:84:72:26:17: 33:f2:8f:c8:bc:6e:57:03:70:f2:08:4d:7e:8a:cc: dd:88:8a:46:dd:e5:9e:b1:d8:12:f9:c3:c7:02:7d: 90:bd:e0:7e:6c:c0:8c:f7:57:0c:8e:02:74:7c:f1: d7:4a:d0:f1:d9:55:f1:25:2e:7f:d3:06:0f:d8:db: c6:e7:44:00:22:73:56:b7:ab:35:05:41:7b:50:cb: 6b:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F7:54:4E:01:FD:A0:4C:D4:6A:EF:50:3F:E9:72:AC:89:3E:0B:1D:D3 X509v3 Authority Key Identifier: keyid:E2:D3:71:C4:A7:AA:A8:55:F8:CC:3B:1A:EA:80:22:94:20:A8:0F:20 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tNxxKeqqFX4zDsa6oAilCCoDyA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/feaa30-142a-4fe0-aab9-907a58c994c2/1/4tNxxKeqqFX4zDsa6oAilCCoDyA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/53/feaa30-142a-4fe0-aab9-907a58c994c2/1/4tNxxKeqqFX4zDsa6oAilCCoDyA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4c:84:24:c7:2a:66:eb:40:5f:95:81:e3:b1:23:5d:8e:0f:ea: 6f:97:e6:d6:6d:a1:4e:73:c6:f2:c5:4a:d0:50:9c:f2:c1:64: f2:1e:98:bb:80:1d:43:fe:c6:f6:eb:32:52:93:7b:57:5a:33: 06:4f:3e:4f:cd:91:4e:59:53:28:df:f1:52:73:e0:8f:2e:b2: b9:1f:af:9f:b6:5a:a8:2c:e3:3c:01:97:c6:02:c7:8b:cd:2a: f4:0b:f2:71:53:c7:da:09:5f:2a:fa:5f:81:9e:54:c5:79:75: 1b:95:45:ff:5c:06:3d:e2:09:43:d8:c3:09:8c:25:1d:42:d7: 3b:de:96:fd:68:84:f9:ae:15:b6:d7:c8:64:91:e8:72:7b:1a: 6b:8a:ee:28:c8:63:05:14:e8:22:49:7b:8b:fb:a8:d8:6a:33: ce:d8:9c:d2:40:f7:11:c6:24:c8:75:3a:58:cf:84:6d:0e:a5: eb:f4:b2:9e:0d:c1:91:11:8a:7e:ce:4d:c5:66:20:4b:51:4f: 68:d1:63:63:29:b5:4e:45:59:74:40:3f:a6:25:0c:2e:98:5f: 89:3e:a7:2c:16:f4:db:b2:31:74:8b:5a:60:3c:03:fd:11:65: 4c:d7:99:7a:cf:65:cb:96:91:25:41:97:2c:65:45:e3:32:93: c8:ca:a1:a0 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtIgtlnC32c8cw4B/QbHR99MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGUyZDM3MWM0YTdhYWE4NTVmOGNjM2IxYWVhODAyMjk0MjBh ODBmMjAwHhcNMjUxMjIzMDAwMTMzWhcNMjUxMjI0MDAwMTMzWjAzMTEwLwYDVQQD EyhmNzU0NGUwMWZkYTA0Y2Q0NmFlZjUwM2ZlOTcyYWM4OTNlMGIxZGQzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlMCrGzY9I9CHs5qBAo6EEh9wgBL9 0ml7NKYceSOiXp/ZhcBokQR8u1BPMZVzWevRzLoSmt/DCeAj1bk02SXJaPuliq/q gEHBt2A6/ahVSP9GlGefCslYD38m4Ft2cseCny5E2/erzQN506pjLb15DeN/VQMv hpnUkiwFBdpNgYWPH/n4Bce8ygXklNGj41wMmewLBfzNAwH1e5GsIqSLaUnlhLdd SUvFhS9Aeb6crIRyJhcz8o/IvG5XA3DyCE1+iszdiIpG3eWesdgS+cPHAn2QveB+ bMCM91cMjgJ0fPHXStDx2VXxJS5/0wYP2NvG50QAInNWt6s1BUF7UMtrawIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPdUTgH9oEzUau9QP+lyrIk+Cx3TMB8GA1UdIwQY MBaAFOLTccSnqqhV+Mw7GuqAIpQgqA8gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNHROeHhLZXFxRlg0ekRzYTZvQWlsQ0NvRHlBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9mZWFhMzAtMTQyYS00ZmUwLWFhYjkt OTA3YTU4Yzk5NGMyLzEvNHROeHhLZXFxRlg0ekRzYTZvQWlsQ0NvRHlBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81My9mZWFhMzAtMTQyYS00ZmUwLWFhYjktOTA3YTU4Yzk5NGMy LzEvNHROeHhLZXFxRlg0ekRzYTZvQWlsQ0NvRHlBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATIQkxypm 60BflYHjsSNdjg/qb5fm1m2hTnPG8sVK0FCc8sFk8h6Yu4AdQ/7G9usyUpN7V1oz Bk8+T82RTllTKN/xUnPgjy6yuR+vn7ZaqCzjPAGXxgLHi80q9AvycVPH2glfKvpf gZ5UxXl1G5VF/1wGPeIJQ9jDCYwlHULXO96W/WiE+a4VttfIZJHocnsaa4ruKMhj BRToIkl7i/uo2Gozztic0kD3EcYkyHU6WM+EbQ6l6/Syng3BkRGKfs5NxWYgS1FP aNFjYym1TkVZdEA/piUMLphfiT6nLBb027IxdItaYDwD/RFlTNeZes9ly5aRJUGX LGVF4zKTyMqhoA== -----END CERTIFICATE-----Generated at Tue Dec 23 03:46:09 2025 by rpki-client