This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/24ec8e-1cc6-45e3-9063-99149867dbf7/1/kERLB53wCKfHy-KPy6Xb4GIOjhc.mft File: kERLB53wCKfHy-KPy6Xb4GIOjhc.mft (raw, json) Hash identifier: g7Hq3FR3sGiwbrOIONW0gUpGHD+E954mUgF4v5GPyfk= Subject key identifier: 80:A7:DF:55:8B:A8:50:2A:AC:05:0F:5D:3A:37:E3:89:93:D8:94:99 Authority key identifier: 90:44:4B:07:9D:F0:08:A7:C7:CB:E2:8F:CB:A5:DB:E0:62:0E:8E:17 Certificate issuer: /CN=90444b079df008a7c7cbe28fcba5dbe0620e8e17 Certificate serial: 019B50A9AAA95F33DA08981DB08E8702DBB2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kERLB53wCKfHy-KPy6Xb4GIOjhc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/24ec8e-1cc6-45e3-9063-99149867dbf7/1/kERLB53wCKfHy-KPy6Xb4GIOjhc.mft Manifest number: 1605 Signing time: Wed 24 Dec 2025 14:00:55 +0000 Manifest this update: Wed 24 Dec 2025 14:00:55 +0000 Manifest next update: Thu 25 Dec 2025 14:00:55 +0000 Files and hashes: 1: kERLB53wCKfHy-KPy6Xb4GIOjhc.crl (hash: 5DEmsQVEPGTc/SyxOCh6B6hzr5qxYHXdHqRwoQKEEhQ=) 2: o9Mrd_Zp-119sDj-V8VZv-bH4Po.roa (hash: T/Zr25wueuSL7uIuxkLz/YPHfupfyL0OiqXaAJQQ9Uw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/24ec8e-1cc6-45e3-9063-99149867dbf7/1/kERLB53wCKfHy-KPy6Xb4GIOjhc.crl rsync://rpki.ripe.net/repository/DEFAULT/0e/24ec8e-1cc6-45e3-9063-99149867dbf7/1/kERLB53wCKfHy-KPy6Xb4GIOjhc.mft rsync://rpki.ripe.net/repository/DEFAULT/kERLB53wCKfHy-KPy6Xb4GIOjhc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 09:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:50:a9:aa:a9:5f:33:da:08:98:1d:b0:8e:87:02:db:b2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=90444b079df008a7c7cbe28fcba5dbe0620e8e17 Validity Not Before: Dec 24 14:00:55 2025 GMT Not After : Dec 25 14:00:55 2025 GMT Subject: CN=80a7df558ba8502aac050f5d3a37e38993d89499 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:23:b8:90:de:c4:4c:bd:73:d5:10:10:ac:94: 94:ce:db:a6:09:02:5e:5e:f8:ad:ab:05:bf:0a:e0: 3c:cd:4b:54:f6:05:41:64:ea:89:81:2d:7f:32:ca: f4:31:7f:be:29:44:bc:3e:a2:7d:44:75:9f:12:fd: 38:e8:0c:34:3d:8a:5e:b5:2c:c5:c0:d7:6c:b5:7f: b3:29:e3:f5:ff:8f:bd:42:df:75:c8:65:f0:59:63: 91:7b:8b:18:96:b1:de:4c:da:5e:48:ac:9b:9a:a2: 7a:35:47:a3:22:04:e6:fa:60:a9:62:32:98:65:21: 1d:92:fb:d9:4a:a6:1e:0b:70:21:a0:d8:5a:a8:1f: 80:48:c9:0b:f0:28:8d:87:6a:67:1c:ea:22:ff:96: 8b:ba:40:59:e9:12:a5:8c:95:80:80:48:35:e5:c1: 86:5a:dc:7f:20:3d:1a:ca:75:fa:fa:14:2f:47:64: 7c:c7:d8:e5:17:04:04:a8:b0:0a:7f:91:df:23:de: 06:bb:51:78:00:f0:68:08:6d:33:b1:10:af:92:34: 0a:91:e9:c1:e3:d5:67:7f:fd:f1:7d:8e:6e:89:00: 43:be:17:69:e8:95:05:ff:43:a9:92:17:02:1f:11: d2:4e:e7:b1:5f:8f:e6:a8:49:34:b6:55:fe:8f:22: c6:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 80:A7:DF:55:8B:A8:50:2A:AC:05:0F:5D:3A:37:E3:89:93:D8:94:99 X509v3 Authority Key Identifier: keyid:90:44:4B:07:9D:F0:08:A7:C7:CB:E2:8F:CB:A5:DB:E0:62:0E:8E:17 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kERLB53wCKfHy-KPy6Xb4GIOjhc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/24ec8e-1cc6-45e3-9063-99149867dbf7/1/kERLB53wCKfHy-KPy6Xb4GIOjhc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/24ec8e-1cc6-45e3-9063-99149867dbf7/1/kERLB53wCKfHy-KPy6Xb4GIOjhc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 69:7b:f3:6a:d5:89:e6:9f:10:ae:f6:b8:cb:57:80:15:c7:47: 7a:9b:27:53:02:54:14:b7:b9:35:79:b6:42:b0:a2:24:22:31: 81:43:57:2d:b0:56:f8:56:57:80:e7:d5:12:c6:93:92:2e:f4: 13:5e:1e:aa:3b:44:5d:8d:34:fc:ec:73:3a:17:d9:9b:60:db: af:cf:bb:15:b4:b7:45:cd:0a:71:47:c0:d8:f1:56:23:0c:e6: 49:8e:d2:7e:86:a6:71:29:2f:fd:cd:60:8d:79:57:57:bc:ab: 27:67:bf:f9:27:6b:01:47:0a:a7:02:70:1f:3d:9d:80:4a:81: e6:de:a3:1a:6d:f6:0f:45:b5:98:69:c6:7e:2b:95:3f:68:a1: 7f:79:d5:a7:24:fd:3f:f3:d3:0d:ae:19:7a:79:1a:7f:1b:50: cc:72:3e:5c:56:de:93:9b:da:f6:3a:8c:bb:a3:a2:4b:25:73: e2:35:f2:40:70:44:12:84:58:9f:94:41:3e:5f:dc:46:2e:8e: 36:42:09:f4:6b:e1:be:6c:3c:12:5c:07:60:0b:f3:b5:47:7a: ef:29:a3:a2:53:98:91:71:f1:65:0b:48:e0:60:da:2c:ea:30: 42:89:d1:63:f6:a0:07:58:01:51:f8:2c:29:74:57:a7:a5:3b: 78:32:8c:76 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtQqaqpXzPaCJgdsI6HAtuyMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkwNDQ0YjA3OWRmMDA4YTdjN2NiZTI4ZmNiYTVkYmUwNjIw ZThlMTcwHhcNMjUxMjI0MTQwMDU1WhcNMjUxMjI1MTQwMDU1WjAzMTEwLwYDVQQD Eyg4MGE3ZGY1NThiYTg1MDJhYWMwNTBmNWQzYTM3ZTM4OTkzZDg5NDk5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtiO4kN7ETL1z1RAQrJSUztumCQJe XvitqwW/CuA8zUtU9gVBZOqJgS1/Msr0MX++KUS8PqJ9RHWfEv046Aw0PYpetSzF wNdstX+zKeP1/4+9Qt91yGXwWWORe4sYlrHeTNpeSKybmqJ6NUejIgTm+mCpYjKY ZSEdkvvZSqYeC3AhoNhaqB+ASMkL8CiNh2pnHOoi/5aLukBZ6RKljJWAgEg15cGG Wtx/ID0aynX6+hQvR2R8x9jlFwQEqLAKf5HfI94Gu1F4APBoCG0zsRCvkjQKkenB 49Vnf/3xfY5uiQBDvhdp6JUF/0OpkhcCHxHSTuexX4/mqEk0tlX+jyLGywIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFICn31WLqFAqrAUPXTo344mT2JSZMB8GA1UdIwQY MBaAFJBESwed8Ainx8vij8ul2+BiDo4XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva0VSTEI1M3dDS2ZIeS1LUHk2WGI0R0lPamhjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8yNGVjOGUtMWNjNi00NWUzLTkwNjMt OTkxNDk4NjdkYmY3LzEva0VSTEI1M3dDS2ZIeS1LUHk2WGI0R0lPamhjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wZS8yNGVjOGUtMWNjNi00NWUzLTkwNjMtOTkxNDk4NjdkYmY3 LzEva0VSTEI1M3dDS2ZIeS1LUHk2WGI0R0lPamhjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaXvzatWJ 5p8Qrva4y1eAFcdHepsnUwJUFLe5NXm2QrCiJCIxgUNXLbBW+FZXgOfVEsaTki70 E14eqjtEXY00/OxzOhfZm2Dbr8+7FbS3Rc0KcUfA2PFWIwzmSY7SfoamcSkv/c1g jXlXV7yrJ2e/+SdrAUcKpwJwHz2dgEqB5t6jGm32D0W1mGnGfiuVP2ihf3nVpyT9 P/PTDa4ZenkafxtQzHI+XFbek5va9jqMu6OiSyVz4jXyQHBEEoRYn5RBPl/cRi6O NkIJ9Gvhvmw8ElwHYAvztUd67ymjolOYkXHxZQtI4GDaLOowQonRY/agB1gBUfgs KXRXp6U7eDKMdg== -----END CERTIFICATE-----Generated at Wed Dec 24 16:39:35 2025 by rpki-client