This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/4e3fc3-048d-4b66-a951-3e2534583611/1/epHmw2HvM-JQ3YijH32Sfq03Xtk.mft File: epHmw2HvM-JQ3YijH32Sfq03Xtk.mft (raw, json) Hash identifier: JO2wNAiAkRJB/icDK3M+lP8slGVz/5FJu8KdWL6WQA0= Subject key identifier: 43:AA:53:BE:04:82:2B:CB:0D:D2:ED:1B:3E:00:59:4E:65:2C:DC:2B Authority key identifier: 7A:91:E6:C3:61:EF:33:E2:50:DD:88:A3:1F:7D:92:7E:AD:37:5E:D9 Certificate issuer: /CN=7a91e6c361ef33e250dd88a31f7d927ead375ed9 Certificate serial: 019B3C7F6EBDABE3B12B17124677A5893767 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/epHmw2HvM-JQ3YijH32Sfq03Xtk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/4e3fc3-048d-4b66-a951-3e2534583611/1/epHmw2HvM-JQ3YijH32Sfq03Xtk.mft Manifest number: 0704 Signing time: Sat 20 Dec 2025 16:02:22 +0000 Manifest this update: Sat 20 Dec 2025 16:02:22 +0000 Manifest next update: Sun 21 Dec 2025 16:02:22 +0000 Files and hashes: 1: epHmw2HvM-JQ3YijH32Sfq03Xtk.crl (hash: UXb/fAZ+DxnqdysnXEysf/IsqVSbfEZn+iRqyGo5VD8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/4e3fc3-048d-4b66-a951-3e2534583611/1/epHmw2HvM-JQ3YijH32Sfq03Xtk.crl rsync://rpki.ripe.net/repository/DEFAULT/a9/4e3fc3-048d-4b66-a951-3e2534583611/1/epHmw2HvM-JQ3YijH32Sfq03Xtk.mft rsync://rpki.ripe.net/repository/DEFAULT/epHmw2HvM-JQ3YijH32Sfq03Xtk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 10:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3c:7f:6e:bd:ab:e3:b1:2b:17:12:46:77:a5:89:37:67 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7a91e6c361ef33e250dd88a31f7d927ead375ed9 Validity Not Before: Dec 20 16:02:22 2025 GMT Not After : Dec 21 16:02:22 2025 GMT Subject: CN=43aa53be04822bcb0dd2ed1b3e00594e652cdc2b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:9a:0d:83:52:25:a2:5e:b8:b1:48:88:59:ca: bd:b0:9b:91:5d:f1:a9:28:b0:dd:66:d1:75:69:33: 54:ab:56:22:da:b0:d9:9a:97:0c:01:ac:31:d4:58: e2:82:b8:91:a3:bb:09:a2:4c:d6:00:c1:73:2f:4d: a7:5e:57:1c:61:36:f1:45:af:bf:af:8e:92:93:65: a8:33:93:60:27:4f:e0:8d:6a:30:b5:c2:aa:bc:34: a6:ad:34:f3:8f:81:04:c6:4d:91:9a:2a:93:de:c8: 0b:eb:33:55:ed:25:0a:11:af:66:99:18:17:99:98: 16:d6:41:4e:f8:58:0b:6f:2e:a0:73:29:a6:01:78: 2a:d4:6a:27:ca:28:75:a8:41:09:c9:d6:a2:6b:10: 2e:f4:53:81:7b:ac:2f:77:27:6b:3d:c8:d6:d6:4b: bb:26:da:ac:6f:da:d3:7e:db:34:84:52:17:70:fc: 0a:89:87:0b:b4:b9:8a:c3:4a:36:8c:4b:14:87:c7: 41:aa:89:29:2f:c1:18:d7:87:7e:a5:8b:8a:a4:ad: 96:cd:df:4c:d9:f3:b6:e0:ec:60:09:1d:6d:1d:ab: fe:e8:b8:d9:5b:49:85:d4:ac:85:a9:07:a1:bd:3e: 9b:d6:b6:b5:28:45:41:01:94:b7:83:ba:be:6d:7f: ce:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 43:AA:53:BE:04:82:2B:CB:0D:D2:ED:1B:3E:00:59:4E:65:2C:DC:2B X509v3 Authority Key Identifier: keyid:7A:91:E6:C3:61:EF:33:E2:50:DD:88:A3:1F:7D:92:7E:AD:37:5E:D9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/epHmw2HvM-JQ3YijH32Sfq03Xtk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/4e3fc3-048d-4b66-a951-3e2534583611/1/epHmw2HvM-JQ3YijH32Sfq03Xtk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/4e3fc3-048d-4b66-a951-3e2534583611/1/epHmw2HvM-JQ3YijH32Sfq03Xtk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9d:37:2f:53:99:f0:fc:40:20:e2:64:37:3a:59:aa:18:74:8d: 31:0d:69:64:ac:c1:50:43:98:96:05:51:19:3d:83:54:40:f8: 58:2f:8e:5b:2b:c6:f4:b8:75:06:67:0f:9d:2e:ec:dd:4d:5d: 4d:7c:b4:ef:7c:19:1c:27:bd:9e:aa:26:07:88:03:3a:7d:70: ba:bc:f9:f9:4a:fd:38:2a:6e:81:2b:58:45:61:b3:6a:ed:e8: 2a:69:ab:ea:da:a4:49:d6:4a:fd:d3:f3:48:8b:10:bf:61:19: 6d:c4:97:8f:07:13:05:ee:8a:b5:fc:7b:5b:c6:fd:7e:60:d3: 76:10:29:b3:73:4b:91:e9:0c:b5:9e:0d:0f:24:e2:33:dc:70: 5a:9d:57:f7:ee:db:79:bc:da:9b:12:22:fc:e6:a5:4d:10:85: 80:95:4c:34:a0:aa:af:a0:10:63:fc:b9:6c:45:64:9f:78:ba: ef:6e:41:a3:f9:72:42:61:1d:85:e2:b7:7f:b6:f1:45:df:c1: 0e:8b:79:f4:88:a1:68:dd:09:7b:c0:a9:5f:44:c9:bd:46:3f: 6e:9a:dc:4a:bc:b1:48:f9:bf:39:c8:3e:15:06:f8:72:f8:fb: 05:e9:97:0c:21:37:73:98:ee:8c:fd:ac:f0:b4:fc:c1:71:d3: 6d:ba:e3:19 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs8f269q+OxKxcSRneliTdnMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDdhOTFlNmMzNjFlZjMzZTI1MGRkODhhMzFmN2Q5MjdlYWQz NzVlZDkwHhcNMjUxMjIwMTYwMjIyWhcNMjUxMjIxMTYwMjIyWjAzMTEwLwYDVQQD Eyg0M2FhNTNiZTA0ODIyYmNiMGRkMmVkMWIzZTAwNTk0ZTY1MmNkYzJiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzZoNg1Ilol64sUiIWcq9sJuRXfGp KLDdZtF1aTNUq1Yi2rDZmpcMAawx1FjigriRo7sJokzWAMFzL02nXlccYTbxRa+/ r46Sk2WoM5NgJ0/gjWowtcKqvDSmrTTzj4EExk2RmiqT3sgL6zNV7SUKEa9mmRgX mZgW1kFO+FgLby6gcymmAXgq1Gonyih1qEEJydaiaxAu9FOBe6wvdydrPcjW1ku7 Jtqsb9rTfts0hFIXcPwKiYcLtLmKw0o2jEsUh8dBqokpL8EY14d+pYuKpK2Wzd9M 2fO24OxgCR1tHav+6LjZW0mF1KyFqQehvT6b1ra1KEVBAZS3g7q+bX/OkwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEOqU74EgivLDdLtGz4AWU5lLNwrMB8GA1UdIwQY MBaAFHqR5sNh7zPiUN2Iox99kn6tN17ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZXBIbXcySHZNLUpRM1lpakgzMlNmcTAzWHRrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS80ZTNmYzMtMDQ4ZC00YjY2LWE5NTEt M2UyNTM0NTgzNjExLzEvZXBIbXcySHZNLUpRM1lpakgzMlNmcTAzWHRrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hOS80ZTNmYzMtMDQ4ZC00YjY2LWE5NTEtM2UyNTM0NTgzNjEx LzEvZXBIbXcySHZNLUpRM1lpakgzMlNmcTAzWHRrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnTcvU5nw /EAg4mQ3OlmqGHSNMQ1pZKzBUEOYlgVRGT2DVED4WC+OWyvG9Lh1BmcPnS7s3U1d TXy073wZHCe9nqomB4gDOn1wurz5+Ur9OCpugStYRWGzau3oKmmr6tqkSdZK/dPz SIsQv2EZbcSXjwcTBe6Ktfx7W8b9fmDTdhAps3NLkekMtZ4NDyTiM9xwWp1X9+7b ebzamxIi/OalTRCFgJVMNKCqr6AQY/y5bEVkn3i6725Bo/lyQmEdheK3f7bxRd/B Dot59IihaN0Je8CpX0TJvUY/bprcSryxSPm/Ocg+FQb4cvj7BemXDCE3c5jujP2s 8LT8wXHTbbrjGQ== -----END CERTIFICATE-----Generated at Sat Dec 20 19:28:21 2025 by rpki-client