This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/d5383b-10e5-43e9-b320-3234160dbcd4/1/4fQ_PmGZD9Pldn3r6Y5RzBnKxwg.mft File: 4fQ_PmGZD9Pldn3r6Y5RzBnKxwg.mft (raw, json) Hash identifier: e6Fvorm24ZW3QrZb7QEcIgH73TD5tL7pL3Kjypoakrs= Subject key identifier: 89:EA:8E:0B:B7:0A:C3:EB:76:AD:14:28:48:12:2A:24:58:42:09:01 Authority key identifier: E1:F4:3F:3E:61:99:0F:D3:E5:76:7D:EB:E9:8E:51:CC:19:CA:C7:08 Certificate issuer: /CN=e1f43f3e61990fd3e5767debe98e51cc19cac708 Certificate serial: 019B52618FBDF6EE8E37365E08269B9C10FE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4fQ_PmGZD9Pldn3r6Y5RzBnKxwg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/d5383b-10e5-43e9-b320-3234160dbcd4/1/4fQ_PmGZD9Pldn3r6Y5RzBnKxwg.mft Manifest number: 064D Signing time: Wed 24 Dec 2025 22:01:23 +0000 Manifest this update: Wed 24 Dec 2025 22:01:23 +0000 Manifest next update: Thu 25 Dec 2025 22:01:23 +0000 Files and hashes: 1: 4fQ_PmGZD9Pldn3r6Y5RzBnKxwg.crl (hash: bzo4FOsuy4f7RApzqYOy/UDQx7dRKfKUEtsZiJAJmj4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5e/d5383b-10e5-43e9-b320-3234160dbcd4/1/4fQ_PmGZD9Pldn3r6Y5RzBnKxwg.crl rsync://rpki.ripe.net/repository/DEFAULT/5e/d5383b-10e5-43e9-b320-3234160dbcd4/1/4fQ_PmGZD9Pldn3r6Y5RzBnKxwg.mft rsync://rpki.ripe.net/repository/DEFAULT/4fQ_PmGZD9Pldn3r6Y5RzBnKxwg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 18:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:52:61:8f:bd:f6:ee:8e:37:36:5e:08:26:9b:9c:10:fe Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e1f43f3e61990fd3e5767debe98e51cc19cac708 Validity Not Before: Dec 24 22:01:23 2025 GMT Not After : Dec 25 22:01:23 2025 GMT Subject: CN=89ea8e0bb70ac3eb76ad142848122a2458420901 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:b6:8b:6c:b4:b4:6e:6c:69:81:eb:37:e9:80: a0:d1:d7:fe:be:8d:1a:77:64:72:c2:18:27:15:61: a3:4a:ea:e5:ac:b0:9b:94:31:96:05:1e:f9:7c:1a: c8:d8:b0:04:61:f7:57:3b:4d:5f:a8:4f:c2:92:07: 5a:23:4a:0e:30:6c:78:59:90:57:86:89:23:95:c0: aa:a5:0d:79:6e:fc:0b:9d:02:b8:28:c0:40:9f:6b: d4:9d:73:fc:35:ab:26:16:fe:5f:60:c0:68:30:bf: a8:fd:df:57:40:03:c8:01:0f:30:c1:7e:29:65:e8: c6:59:5e:81:f9:be:2d:93:0d:1f:c7:02:cf:11:69: cc:fa:a6:a5:6b:ce:ce:79:92:d9:af:21:52:d7:1e: 2b:75:96:77:93:26:c6:85:71:a0:d9:03:66:c6:a2: 62:88:7a:32:36:99:e2:3c:65:f1:06:f6:4c:af:92: a8:6b:1a:8f:d6:17:e4:5d:85:a1:d7:8d:a3:7b:79: be:79:16:fd:aa:d9:bb:99:73:0c:5a:6e:4f:17:00: 87:d0:e9:fa:2e:e2:5f:52:e3:fa:0d:75:01:de:f4: b9:6b:a8:cb:e4:57:ce:54:6f:b7:13:68:9b:36:11: c0:08:7a:f0:31:f7:a2:72:8d:b4:55:f3:d2:20:29: bc:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:EA:8E:0B:B7:0A:C3:EB:76:AD:14:28:48:12:2A:24:58:42:09:01 X509v3 Authority Key Identifier: keyid:E1:F4:3F:3E:61:99:0F:D3:E5:76:7D:EB:E9:8E:51:CC:19:CA:C7:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4fQ_PmGZD9Pldn3r6Y5RzBnKxwg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/d5383b-10e5-43e9-b320-3234160dbcd4/1/4fQ_PmGZD9Pldn3r6Y5RzBnKxwg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/d5383b-10e5-43e9-b320-3234160dbcd4/1/4fQ_PmGZD9Pldn3r6Y5RzBnKxwg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a8:37:30:e3:c8:c6:d8:c9:19:05:8b:89:d4:71:97:b7:92:f8: c6:de:73:71:46:dc:e3:e3:ad:cb:0a:1b:de:d1:b6:ac:d4:e7: 9d:17:08:12:b9:3d:ae:f2:8d:c6:53:dd:ed:6a:ed:fa:3d:be: a7:18:67:ca:3b:85:5b:4f:c7:df:49:8c:77:5d:e0:cb:bc:91: 72:5a:00:93:d5:6d:0e:09:00:c3:55:46:21:73:15:cc:85:e1: fa:d7:6c:14:27:bc:de:b8:c7:04:3b:69:64:60:b5:45:84:5b: 07:7f:89:95:e1:dc:00:b8:44:c1:10:d1:d7:46:33:c7:00:ca: d7:2d:33:72:96:3e:07:b8:11:5e:e9:0d:57:e6:ec:86:75:7c: a0:6f:d3:0c:1e:0c:40:6b:1d:72:38:59:d7:5f:0d:6e:73:57: e1:d1:81:9f:58:0e:74:f3:43:dc:41:3b:26:16:6a:38:c1:60: ba:09:47:44:ad:44:0d:c9:8e:25:75:7b:dd:0b:22:a2:f4:d4: 27:34:6b:8b:d6:36:1e:73:9d:22:04:db:bb:81:7f:20:d0:56: 29:a4:ed:4a:08:2e:4b:51:ff:9e:9a:05:dd:3a:8d:cb:ba:22: e7:b7:e2:a4:0c:ec:7a:53:81:c5:e8:6d:55:59:53:5e:aa:e9: 26:9b:e1:0c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtSYY+99u6ONzZeCCabnBD+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGUxZjQzZjNlNjE5OTBmZDNlNTc2N2RlYmU5OGU1MWNjMTlj YWM3MDgwHhcNMjUxMjI0MjIwMTIzWhcNMjUxMjI1MjIwMTIzWjAzMTEwLwYDVQQD Eyg4OWVhOGUwYmI3MGFjM2ViNzZhZDE0Mjg0ODEyMmEyNDU4NDIwOTAxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn7aLbLS0bmxpges36YCg0df+vo0a d2RywhgnFWGjSurlrLCblDGWBR75fBrI2LAEYfdXO01fqE/CkgdaI0oOMGx4WZBX hokjlcCqpQ15bvwLnQK4KMBAn2vUnXP8NasmFv5fYMBoML+o/d9XQAPIAQ8wwX4p ZejGWV6B+b4tkw0fxwLPEWnM+qala87OeZLZryFS1x4rdZZ3kybGhXGg2QNmxqJi iHoyNpniPGXxBvZMr5KoaxqP1hfkXYWh142je3m+eRb9qtm7mXMMWm5PFwCH0On6 LuJfUuP6DXUB3vS5a6jL5FfOVG+3E2ibNhHACHrwMfeico20VfPSICm8kwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFInqjgu3CsPrdq0UKEgSKiRYQgkBMB8GA1UdIwQY MBaAFOH0Pz5hmQ/T5XZ96+mOUcwZyscIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNGZRX1BtR1pEOVBsZG4zcjZZNVJ6Qm5LeHdnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS9kNTM4M2ItMTBlNS00M2U5LWIzMjAt MzIzNDE2MGRiY2Q0LzEvNGZRX1BtR1pEOVBsZG4zcjZZNVJ6Qm5LeHdnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81ZS9kNTM4M2ItMTBlNS00M2U5LWIzMjAtMzIzNDE2MGRiY2Q0 LzEvNGZRX1BtR1pEOVBsZG4zcjZZNVJ6Qm5LeHdnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqDcw48jG 2MkZBYuJ1HGXt5L4xt5zcUbc4+Otywob3tG2rNTnnRcIErk9rvKNxlPd7Wrt+j2+ pxhnyjuFW0/H30mMd13gy7yRcloAk9VtDgkAw1VGIXMVzIXh+tdsFCe83rjHBDtp ZGC1RYRbB3+JleHcALhEwRDR10YzxwDK1y0zcpY+B7gRXukNV+bshnV8oG/TDB4M QGsdcjhZ118NbnNX4dGBn1gOdPND3EE7JhZqOMFguglHRK1EDcmOJXV73QsiovTU JzRri9Y2HnOdIgTbu4F/INBWKaTtSgguS1H/npoF3TqNy7oi57fipAzselOBxeht VVlTXqrpJpvhDA== -----END CERTIFICATE-----Generated at Thu Dec 25 04:34:22 2025 by rpki-client