This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/75c57b-2786-47b9-981c-faa8b718b6cb/1/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.mft File: r4Kgl6KKa2ppnY1qvk3LlbsZgzA.mft (raw, json) Hash identifier: An6MNlaYgq44EfZfkvbLxTy+DkAvTyyZybFslXsQFoQ= Subject key identifier: A6:D6:83:D4:F6:6C:7C:0B:AA:95:AD:F2:3A:8E:3D:B1:25:75:81:A4 Authority key identifier: AF:82:A0:97:A2:8A:6B:6A:69:9D:8D:6A:BE:4D:CB:95:BB:19:83:30 Certificate issuer: /CN=af82a097a28a6b6a699d8d6abe4dcb95bb198330 Certificate serial: 019B34C487AB1BD7BE8B515BCDA890BDF880 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/75c57b-2786-47b9-981c-faa8b718b6cb/1/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.mft Manifest number: 1019 Signing time: Fri 19 Dec 2025 04:00:53 +0000 Manifest this update: Fri 19 Dec 2025 04:00:53 +0000 Manifest next update: Sat 20 Dec 2025 04:00:53 +0000 Files and hashes: 1: r4Kgl6KKa2ppnY1qvk3LlbsZgzA.crl (hash: 3vLgd5mlOgQxr9tV9/+RDMvHXWHQJNDuQNUkHECcgto=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/75c57b-2786-47b9-981c-faa8b718b6cb/1/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.crl rsync://rpki.ripe.net/repository/DEFAULT/f2/75c57b-2786-47b9-981c-faa8b718b6cb/1/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.mft rsync://rpki.ripe.net/repository/DEFAULT/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 04:00:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:34:c4:87:ab:1b:d7:be:8b:51:5b:cd:a8:90:bd:f8:80 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=af82a097a28a6b6a699d8d6abe4dcb95bb198330 Validity Not Before: Dec 19 04:00:53 2025 GMT Not After : Dec 20 04:00:53 2025 GMT Subject: CN=a6d683d4f66c7c0baa95adf23a8e3db1257581a4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:66:c9:2b:21:38:8c:ab:c2:e5:7b:92:46:a3: fc:39:a0:ce:3b:5b:4c:6a:ab:ad:c6:44:9c:c9:6e: b8:42:b2:06:29:14:0a:94:1b:58:24:f6:11:78:72: 83:2d:59:8f:91:97:f9:1e:e1:d4:5e:79:be:cd:21: 90:b4:25:9f:5c:cf:51:21:58:0f:3d:04:43:3e:26: 0f:b1:34:12:62:d2:65:e4:b6:dd:7f:e1:45:6a:d3: a2:d1:15:98:6c:79:45:5f:2f:0a:3c:24:35:4b:cf: ef:85:56:a4:02:ab:43:7d:a8:02:0a:9c:1c:17:8a: c3:9f:2d:d1:b5:ef:59:42:35:ea:2e:2c:4a:13:54: 1e:04:c3:bc:8d:6e:10:12:40:fb:7c:f2:7c:23:91: c6:41:18:e3:02:2e:8f:81:72:86:c5:be:a2:7a:00: 7a:8d:52:d0:c3:01:c2:7a:57:09:a6:5f:5d:b8:37: fd:3d:f6:fb:62:e9:ab:0b:f6:5d:d0:04:04:39:c5: 57:82:05:af:ab:c3:ec:44:e7:aa:c9:1d:0f:6c:9f: 6a:ff:68:92:c7:26:8d:78:68:b9:67:06:69:27:5e: fa:92:01:e5:6b:07:f2:21:ca:c4:83:d9:6e:f2:c8: 30:6d:e4:8a:b5:e1:54:56:35:0a:21:d2:7f:91:d3: f0:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A6:D6:83:D4:F6:6C:7C:0B:AA:95:AD:F2:3A:8E:3D:B1:25:75:81:A4 X509v3 Authority Key Identifier: keyid:AF:82:A0:97:A2:8A:6B:6A:69:9D:8D:6A:BE:4D:CB:95:BB:19:83:30 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/75c57b-2786-47b9-981c-faa8b718b6cb/1/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/75c57b-2786-47b9-981c-faa8b718b6cb/1/r4Kgl6KKa2ppnY1qvk3LlbsZgzA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6f:21:38:c1:4f:05:58:1c:8a:19:d0:2e:3c:b3:30:ad:86:c3: 1b:92:47:14:42:00:6c:c4:5a:c5:f0:ef:87:78:29:ac:8a:5c: da:05:34:48:f2:1f:57:c3:dd:20:cf:e5:d4:7d:f1:fb:fa:7b: ea:99:a7:0c:15:f4:13:fe:b0:81:17:5a:f2:a9:32:41:fc:44: ff:60:5b:e4:9d:cf:d9:fd:a1:24:c4:41:3f:4c:e0:1a:bd:6a: ea:04:fc:26:c7:51:56:8a:e2:a6:e5:90:ae:cf:94:ed:e1:06: 18:10:6a:8e:9f:66:96:51:e6:e0:07:6e:43:fb:61:db:6d:d3: fc:71:da:fa:e4:d8:75:5a:48:90:53:6c:1a:3a:a7:a7:5d:91: 4d:a9:0e:47:7a:2d:88:03:55:ff:ee:ef:d8:a3:fe:a6:e2:8f: 65:36:73:dd:89:5d:69:ff:cc:a6:6c:3f:67:c9:f1:a0:36:26: b2:d5:b9:96:4b:8d:70:96:2e:f3:5c:5c:b6:f6:20:02:36:dc: 19:33:a7:a7:16:f5:57:19:89:69:4e:d9:78:39:a3:70:9d:1a: 1b:2a:7d:f0:da:0b:0a:53:b0:85:b5:fb:b0:9e:0a:49:89:24: f9:4f:28:c0:02:13:8b:9d:a7:49:94:f4:0c:b1:03:48:bb:d4: b1:43:e9:df -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs0xIerG9e+i1FbzaiQvfiAMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFmODJhMDk3YTI4YTZiNmE2OTlkOGQ2YWJlNGRjYjk1YmIx OTgzMzAwHhcNMjUxMjE5MDQwMDUzWhcNMjUxMjIwMDQwMDUzWjAzMTEwLwYDVQQD EyhhNmQ2ODNkNGY2NmM3YzBiYWE5NWFkZjIzYThlM2RiMTI1NzU4MWE0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxmbJKyE4jKvC5XuSRqP8OaDOO1tM aqutxkScyW64QrIGKRQKlBtYJPYReHKDLVmPkZf5HuHUXnm+zSGQtCWfXM9RIVgP PQRDPiYPsTQSYtJl5Lbdf+FFatOi0RWYbHlFXy8KPCQ1S8/vhVakAqtDfagCCpwc F4rDny3Rte9ZQjXqLixKE1QeBMO8jW4QEkD7fPJ8I5HGQRjjAi6PgXKGxb6iegB6 jVLQwwHCelcJpl9duDf9Pfb7YumrC/Zd0AQEOcVXggWvq8PsROeqyR0PbJ9q/2iS xyaNeGi5ZwZpJ176kgHlawfyIcrEg9lu8sgwbeSKteFUVjUKIdJ/kdPwHwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKbWg9T2bHwLqpWt8jqOPbEldYGkMB8GA1UdIwQY MBaAFK+CoJeiimtqaZ2Nar5Ny5W7GYMwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcjRLZ2w2S0thMnBwblkxcXZrM0xsYnNaZ3pBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi83NWM1N2ItMjc4Ni00N2I5LTk4MWMt ZmFhOGI3MThiNmNiLzEvcjRLZ2w2S0thMnBwblkxcXZrM0xsYnNaZ3pBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mMi83NWM1N2ItMjc4Ni00N2I5LTk4MWMtZmFhOGI3MThiNmNi LzEvcjRLZ2w2S0thMnBwblkxcXZrM0xsYnNaZ3pBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbyE4wU8F WByKGdAuPLMwrYbDG5JHFEIAbMRaxfDvh3gprIpc2gU0SPIfV8PdIM/l1H3x+/p7 6pmnDBX0E/6wgRda8qkyQfxE/2Bb5J3P2f2hJMRBP0zgGr1q6gT8JsdRVoripuWQ rs+U7eEGGBBqjp9mllHm4AduQ/th223T/HHa+uTYdVpIkFNsGjqnp12RTakOR3ot iANV/+7v2KP+puKPZTZz3Yldaf/Mpmw/Z8nxoDYmstW5lkuNcJYu81xctvYgAjbc GTOnpxb1VxmJaU7ZeDmjcJ0aGyp98NoLClOwhbX7sJ4KSYkk+U8owAITi52nSZT0 DLEDSLvUsUPp3w== -----END CERTIFICATE-----Generated at Fri Dec 19 09:42:05 2025 by rpki-client