This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/c7afbc-b885-4755-8d15-893b8dd2d2b0/1/kd3H2eAtRMa_jGNcHQcV9uicEBI.mft File: kd3H2eAtRMa_jGNcHQcV9uicEBI.mft (raw, json) Hash identifier: yn/T/4dnm736MCJANcSozQEPFEXPFm9/Ddu84OXSbbs= Subject key identifier: 31:C1:F4:A5:4B:03:70:D1:0C:34:5C:B4:06:BC:62:DD:86:43:B0:0A Authority key identifier: 91:DD:C7:D9:E0:2D:44:C6:BF:8C:63:5C:1D:07:15:F6:E8:9C:10:12 Certificate issuer: /CN=91ddc7d9e02d44c6bf8c635c1d0715f6e89c1012 Certificate serial: 019B4091C70EBB7AA48867D34EE0AF51F3C7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kd3H2eAtRMa_jGNcHQcV9uicEBI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/c7afbc-b885-4755-8d15-893b8dd2d2b0/1/kd3H2eAtRMa_jGNcHQcV9uicEBI.mft Manifest number: 0145 Signing time: Sun 21 Dec 2025 11:00:53 +0000 Manifest this update: Sun 21 Dec 2025 11:00:53 +0000 Manifest next update: Mon 22 Dec 2025 11:00:53 +0000 Files and hashes: 1: kd3H2eAtRMa_jGNcHQcV9uicEBI.crl (hash: MNHGPR6XmEfcR0Ky6tWBuFHC5S0ayZAndoa2k5IbjNs=) 2: s5q2oTWE63BKKJHezuXxV23_1ao.roa (hash: kxGqoLV/rWB0wj/sYCOZiA+1BQk6TjqEiRvVL8/Fnps=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/c7afbc-b885-4755-8d15-893b8dd2d2b0/1/kd3H2eAtRMa_jGNcHQcV9uicEBI.crl rsync://rpki.ripe.net/repository/DEFAULT/01/c7afbc-b885-4755-8d15-893b8dd2d2b0/1/kd3H2eAtRMa_jGNcHQcV9uicEBI.mft rsync://rpki.ripe.net/repository/DEFAULT/kd3H2eAtRMa_jGNcHQcV9uicEBI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 11:00:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:40:91:c7:0e:bb:7a:a4:88:67:d3:4e:e0:af:51:f3:c7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=91ddc7d9e02d44c6bf8c635c1d0715f6e89c1012 Validity Not Before: Dec 21 11:00:53 2025 GMT Not After : Dec 22 11:00:53 2025 GMT Subject: CN=31c1f4a54b0370d10c345cb406bc62dd8643b00a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8c:c9:ca:bb:75:9d:25:db:25:c7:95:47:d1:77: 83:d0:a4:13:80:72:0b:f9:5b:33:3b:c6:b5:5f:48: e4:f6:d8:57:d0:a4:1d:00:54:3b:c9:26:ca:a0:3b: c8:b7:00:6f:41:c5:bf:d4:0f:7e:29:69:98:3e:01: f0:98:4f:be:8a:22:93:9b:d8:3e:be:e9:f4:76:13: 86:69:3e:67:9e:83:f6:e1:ab:55:df:c1:58:2f:0c: 61:88:3c:01:8a:2f:f2:7b:5f:14:60:be:92:e6:a5: 78:34:26:82:13:f4:c0:66:c7:ed:f3:16:ca:62:75: a8:a3:70:23:68:b0:14:ad:68:77:10:31:3c:1b:e2: 29:52:5d:e5:5c:db:f9:3d:2e:8c:46:ab:91:f9:fd: e4:8c:e6:10:a6:60:38:3e:23:4a:f3:92:43:e1:29: f7:18:84:7c:98:65:ee:a6:c5:f0:c7:2b:ba:e8:d3: f0:84:93:66:eb:57:e6:66:32:f1:ca:b7:42:c2:43: dd:1b:3e:be:bb:be:82:88:38:16:31:d2:5e:33:68: 97:4a:3f:7a:58:e1:66:dc:eb:d1:75:77:b1:7e:3a: fe:d7:bf:72:94:c3:9c:e0:8b:4c:0f:ad:48:7f:43: dd:7f:a2:7c:cb:37:df:d1:22:7e:d0:78:b6:0b:e9: 86:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 31:C1:F4:A5:4B:03:70:D1:0C:34:5C:B4:06:BC:62:DD:86:43:B0:0A X509v3 Authority Key Identifier: keyid:91:DD:C7:D9:E0:2D:44:C6:BF:8C:63:5C:1D:07:15:F6:E8:9C:10:12 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kd3H2eAtRMa_jGNcHQcV9uicEBI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/c7afbc-b885-4755-8d15-893b8dd2d2b0/1/kd3H2eAtRMa_jGNcHQcV9uicEBI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/01/c7afbc-b885-4755-8d15-893b8dd2d2b0/1/kd3H2eAtRMa_jGNcHQcV9uicEBI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 43:5d:e0:90:5c:71:18:a8:b2:cf:7f:25:16:d1:0a:49:4d:91: 9a:03:f2:fc:4a:f9:e4:db:62:9b:13:4b:28:fa:1d:dd:0b:bd: a4:f9:d6:d3:3b:ec:e9:b0:47:e5:f3:d0:bb:75:24:17:0a:cc: 66:7c:61:61:24:fa:aa:8c:78:de:a0:70:41:ec:07:d7:9d:40: 37:0d:02:6e:a4:25:e6:7c:e4:d2:2b:6e:ed:d3:8d:2c:f0:7e: 91:92:5c:f3:ed:87:c1:89:69:3d:e4:59:e9:a0:d0:cf:40:c5: 97:4e:78:f1:ed:5c:af:d2:9d:8a:83:30:c0:1d:35:a3:33:0b: e7:88:ab:0d:1f:8a:02:a4:d2:44:f1:01:73:ef:0f:6a:65:4d: fa:9a:b7:0e:31:47:92:0e:fe:b8:f0:f0:8e:46:13:16:41:1a: b5:34:0f:04:2a:85:87:67:65:6b:b4:cd:6f:05:91:a1:ed:32: 1d:68:41:18:27:f2:5f:d7:16:a2:76:28:9a:87:b2:0a:b9:83: 0b:61:a5:4b:ad:09:fb:96:db:92:bf:98:82:0d:d7:af:ca:12: e3:e9:c0:e6:9f:d7:12:fe:d4:ac:39:4a:61:55:13:05:e8:3c: 92:d5:73:a3:03:ca:39:54:d2:b9:0b:73:da:1f:64:48:e7:2c: b8:e0:a7:2d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtAkccOu3qkiGfTTuCvUfPHMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkxZGRjN2Q5ZTAyZDQ0YzZiZjhjNjM1YzFkMDcxNWY2ZTg5 YzEwMTIwHhcNMjUxMjIxMTEwMDUzWhcNMjUxMjIyMTEwMDUzWjAzMTEwLwYDVQQD EygzMWMxZjRhNTRiMDM3MGQxMGMzNDVjYjQwNmJjNjJkZDg2NDNiMDBhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjMnKu3WdJdslx5VH0XeD0KQTgHIL +VszO8a1X0jk9thX0KQdAFQ7ySbKoDvItwBvQcW/1A9+KWmYPgHwmE++iiKTm9g+ vun0dhOGaT5nnoP24atV38FYLwxhiDwBii/ye18UYL6S5qV4NCaCE/TAZsft8xbK YnWoo3AjaLAUrWh3EDE8G+IpUl3lXNv5PS6MRquR+f3kjOYQpmA4PiNK85JD4Sn3 GIR8mGXupsXwxyu66NPwhJNm61fmZjLxyrdCwkPdGz6+u76CiDgWMdJeM2iXSj96 WOFm3OvRdXexfjr+179ylMOc4ItMD61If0Pdf6J8yzff0SJ+0Hi2C+mGXwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDHB9KVLA3DRDDRctAa8Yt2GQ7AKMB8GA1UdIwQY MBaAFJHdx9ngLUTGv4xjXB0HFfbonBASMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva2QzSDJlQXRSTWFfakdOY0hRY1Y5dWljRUJJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9jN2FmYmMtYjg4NS00NzU1LThkMTUt ODkzYjhkZDJkMmIwLzEva2QzSDJlQXRSTWFfakdOY0hRY1Y5dWljRUJJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMS9jN2FmYmMtYjg4NS00NzU1LThkMTUtODkzYjhkZDJkMmIw LzEva2QzSDJlQXRSTWFfakdOY0hRY1Y5dWljRUJJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ13gkFxx GKiyz38lFtEKSU2RmgPy/Er55NtimxNLKPod3Qu9pPnW0zvs6bBH5fPQu3UkFwrM ZnxhYST6qox43qBwQewH151ANw0CbqQl5nzk0itu7dONLPB+kZJc8+2HwYlpPeRZ 6aDQz0DFl0548e1cr9KdioMwwB01ozML54irDR+KAqTSRPEBc+8PamVN+pq3DjFH kg7+uPDwjkYTFkEatTQPBCqFh2dla7TNbwWRoe0yHWhBGCfyX9cWonYomoeyCrmD C2GlS60J+5bbkr+Ygg3Xr8oS4+nA5p/XEv7UrDlKYVUTBeg8ktVzowPKOVTSuQtz 2h9kSOcsuOCnLQ== -----END CERTIFICATE-----Generated at Sun Dec 21 17:19:26 2025 by rpki-client