This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/24ec8e-1cc6-45e3-9063-99149867dbf7/1/kERLB53wCKfHy-KPy6Xb4GIOjhc.mft File: kERLB53wCKfHy-KPy6Xb4GIOjhc.mft (raw, json) Hash identifier: 0+AtpwY3vAseOk4DmUvQIwIQrgypEY7Qz/Gk8B+Fe3w= Subject key identifier: 39:EC:33:D7:58:59:53:03:F6:A1:6A:E5:F1:7A:2A:17:BE:51:23:B1 Authority key identifier: 90:44:4B:07:9D:F0:08:A7:C7:CB:E2:8F:CB:A5:DB:E0:62:0E:8E:17 Certificate issuer: /CN=90444b079df008a7c7cbe28fcba5dbe0620e8e17 Certificate serial: 019B3B6B7EE1E16BEA5CFA69B0C41602077E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kERLB53wCKfHy-KPy6Xb4GIOjhc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/24ec8e-1cc6-45e3-9063-99149867dbf7/1/kERLB53wCKfHy-KPy6Xb4GIOjhc.mft Manifest number: 15FA Signing time: Sat 20 Dec 2025 11:00:59 +0000 Manifest this update: Sat 20 Dec 2025 11:00:59 +0000 Manifest next update: Sun 21 Dec 2025 11:00:59 +0000 Files and hashes: 1: kERLB53wCKfHy-KPy6Xb4GIOjhc.crl (hash: 8U/0r++yjxWWpnPtdhk7OFYxhA7Z+0Ol0hU+nP/iC6E=) 2: o9Mrd_Zp-119sDj-V8VZv-bH4Po.roa (hash: T/Zr25wueuSL7uIuxkLz/YPHfupfyL0OiqXaAJQQ9Uw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/24ec8e-1cc6-45e3-9063-99149867dbf7/1/kERLB53wCKfHy-KPy6Xb4GIOjhc.crl rsync://rpki.ripe.net/repository/DEFAULT/0e/24ec8e-1cc6-45e3-9063-99149867dbf7/1/kERLB53wCKfHy-KPy6Xb4GIOjhc.mft rsync://rpki.ripe.net/repository/DEFAULT/kERLB53wCKfHy-KPy6Xb4GIOjhc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 10:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3b:6b:7e:e1:e1:6b:ea:5c:fa:69:b0:c4:16:02:07:7e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=90444b079df008a7c7cbe28fcba5dbe0620e8e17 Validity Not Before: Dec 20 11:00:59 2025 GMT Not After : Dec 21 11:00:59 2025 GMT Subject: CN=39ec33d758595303f6a16ae5f17a2a17be5123b1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:01:d1:38:ee:4f:6c:56:96:85:18:9b:35:02: 26:25:3f:9a:fb:ec:42:88:e7:d7:49:5d:93:1d:d9: ca:c8:f1:be:6a:f3:2a:4d:c5:65:78:95:8b:1d:5d: 27:bf:29:bb:2b:8e:23:f1:fb:55:34:57:94:6c:df: 75:26:7c:09:48:cd:a0:1c:b5:50:59:2f:6f:6e:0a: c9:d5:de:37:2a:5b:91:3b:fe:f4:05:4b:13:55:bf: b6:2b:34:d3:30:10:8f:a7:01:e7:0e:4f:e9:77:69: a1:6c:c6:1d:d7:43:c1:99:8f:27:1d:ba:e5:90:db: 09:93:63:02:f1:dd:25:21:b3:36:0c:32:67:c7:2e: 3e:44:6a:07:d6:2e:77:4d:b6:02:0e:9d:8c:cc:16: 85:ab:ae:9c:d8:0e:a1:d4:55:1f:0a:fc:d4:3c:a0: 20:7b:08:1b:b9:b5:0d:51:8b:73:e9:04:28:47:a2: b5:fe:f7:f0:90:b2:eb:68:99:5e:f3:ff:f4:47:cc: f1:6a:d1:db:b2:c9:6f:d0:c0:81:16:64:b8:53:e8: 74:60:9f:6a:79:3a:95:4a:2c:3d:b9:c5:88:17:b7: 71:82:f5:3e:b0:98:38:81:73:55:40:c2:b8:b4:fc: 7e:f3:4d:a9:b2:8a:44:f8:a7:6e:bd:c2:d7:3d:ad: 0f:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:EC:33:D7:58:59:53:03:F6:A1:6A:E5:F1:7A:2A:17:BE:51:23:B1 X509v3 Authority Key Identifier: keyid:90:44:4B:07:9D:F0:08:A7:C7:CB:E2:8F:CB:A5:DB:E0:62:0E:8E:17 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kERLB53wCKfHy-KPy6Xb4GIOjhc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/24ec8e-1cc6-45e3-9063-99149867dbf7/1/kERLB53wCKfHy-KPy6Xb4GIOjhc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/24ec8e-1cc6-45e3-9063-99149867dbf7/1/kERLB53wCKfHy-KPy6Xb4GIOjhc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 67:83:a6:b6:fb:d0:f3:bb:42:93:76:73:e9:66:60:9a:03:96: a4:bd:2b:29:ee:3a:0b:01:e8:01:a8:8d:0b:1f:d9:b4:80:e9: 7f:9a:98:6c:7a:53:d2:b2:d3:ea:fd:e4:c6:dc:12:04:6d:8e: 1b:86:85:e3:60:9c:85:52:99:a4:b6:78:63:0d:e1:a3:fb:0b: 96:9e:41:ad:c4:f0:bc:d9:cd:7f:18:8f:8a:2d:91:02:97:96: f8:b9:d2:84:42:11:f5:b9:03:58:82:2e:06:1b:b8:f8:80:3a: 8e:af:93:18:90:fe:db:56:27:5a:c9:07:64:0f:71:ba:c8:8f: 31:94:57:e0:3f:86:6f:52:14:18:99:8d:49:5d:d9:0f:c6:65: 20:be:09:b6:c5:7a:32:51:9f:41:34:d3:1e:e1:00:ba:75:b0: 39:d7:fd:cd:4f:af:0c:dd:20:08:cc:7d:c0:dd:1e:a3:5b:99: 0a:2b:6b:0d:84:8b:39:a0:df:88:dd:46:b9:3d:c9:c5:3c:8f: 4c:d2:7c:9c:d4:7d:d4:ec:ae:af:12:6d:10:83:43:86:dd:e6: b0:af:c4:14:96:5b:b9:e4:54:44:9e:e7:63:c0:89:57:5b:53: ea:9c:6a:3d:1b:98:c3:4d:b5:2d:93:25:75:1d:4c:a2:69:42: 42:1c:75:e4 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs7a37h4WvqXPppsMQWAgd+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkwNDQ0YjA3OWRmMDA4YTdjN2NiZTI4ZmNiYTVkYmUwNjIw ZThlMTcwHhcNMjUxMjIwMTEwMDU5WhcNMjUxMjIxMTEwMDU5WjAzMTEwLwYDVQQD EygzOWVjMzNkNzU4NTk1MzAzZjZhMTZhZTVmMTdhMmExN2JlNTEyM2IxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0AHROO5PbFaWhRibNQImJT+a++xC iOfXSV2THdnKyPG+avMqTcVleJWLHV0nvym7K44j8ftVNFeUbN91JnwJSM2gHLVQ WS9vbgrJ1d43KluRO/70BUsTVb+2KzTTMBCPpwHnDk/pd2mhbMYd10PBmY8nHbrl kNsJk2MC8d0lIbM2DDJnxy4+RGoH1i53TbYCDp2MzBaFq66c2A6h1FUfCvzUPKAg ewgbubUNUYtz6QQoR6K1/vfwkLLraJle8//0R8zxatHbsslv0MCBFmS4U+h0YJ9q eTqVSiw9ucWIF7dxgvU+sJg4gXNVQMK4tPx+802psopE+KduvcLXPa0PwQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDnsM9dYWVMD9qFq5fF6Khe+USOxMB8GA1UdIwQY MBaAFJBESwed8Ainx8vij8ul2+BiDo4XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva0VSTEI1M3dDS2ZIeS1LUHk2WGI0R0lPamhjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8yNGVjOGUtMWNjNi00NWUzLTkwNjMt OTkxNDk4NjdkYmY3LzEva0VSTEI1M3dDS2ZIeS1LUHk2WGI0R0lPamhjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wZS8yNGVjOGUtMWNjNi00NWUzLTkwNjMtOTkxNDk4NjdkYmY3 LzEva0VSTEI1M3dDS2ZIeS1LUHk2WGI0R0lPamhjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ4OmtvvQ 87tCk3Zz6WZgmgOWpL0rKe46CwHoAaiNCx/ZtIDpf5qYbHpT0rLT6v3kxtwSBG2O G4aF42CchVKZpLZ4Yw3ho/sLlp5BrcTwvNnNfxiPii2RApeW+LnShEIR9bkDWIIu Bhu4+IA6jq+TGJD+21YnWskHZA9xusiPMZRX4D+Gb1IUGJmNSV3ZD8ZlIL4JtsV6 MlGfQTTTHuEAunWwOdf9zU+vDN0gCMx9wN0eo1uZCitrDYSLOaDfiN1GuT3JxTyP TNJ8nNR91OyurxJtEINDht3msK/EFJZbueRURJ7nY8CJV1tT6pxqPRuYw021LZMl dR1MomlCQhx15A== -----END CERTIFICATE-----Generated at Sat Dec 20 18:58:23 2025 by rpki-client