This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/5dec06-8b1b-4c76-a54c-69b4b4fb9d12/1/kyZYOBNEfHvd61oBwydNjkHDAaI.mft File: kyZYOBNEfHvd61oBwydNjkHDAaI.mft (raw, json) Hash identifier: Tusb8pjzVU8jodWTD4U+cfPKuE2VXVUM4nOGR58fBj4= Subject key identifier: 65:C2:C4:ED:E9:BA:2C:A7:90:5C:44:D5:3B:11:34:E9:47:6D:42:1D Authority key identifier: 93:26:58:38:13:44:7C:7B:DD:EB:5A:01:C3:27:4D:8E:41:C3:01:A2 Certificate issuer: /CN=9326583813447c7bddeb5a01c3274d8e41c301a2 Certificate serial: 019B2B8B1B2186A66E3AE8DC65CFD0000DDE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kyZYOBNEfHvd61oBwydNjkHDAaI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/5dec06-8b1b-4c76-a54c-69b4b4fb9d12/1/kyZYOBNEfHvd61oBwydNjkHDAaI.mft Manifest number: 1246 Signing time: Wed 17 Dec 2025 09:01:35 +0000 Manifest this update: Wed 17 Dec 2025 09:01:35 +0000 Manifest next update: Thu 18 Dec 2025 09:01:35 +0000 Files and hashes: 1: kyZYOBNEfHvd61oBwydNjkHDAaI.crl (hash: E5Qi2oSwXkiVtNEVDb16P22STHjJ/I6wsHQMW2WoIE8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/5dec06-8b1b-4c76-a54c-69b4b4fb9d12/1/kyZYOBNEfHvd61oBwydNjkHDAaI.crl rsync://rpki.ripe.net/repository/DEFAULT/0f/5dec06-8b1b-4c76-a54c-69b4b4fb9d12/1/kyZYOBNEfHvd61oBwydNjkHDAaI.mft rsync://rpki.ripe.net/repository/DEFAULT/kyZYOBNEfHvd61oBwydNjkHDAaI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 18 Dec 2025 08:30:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2b:8b:1b:21:86:a6:6e:3a:e8:dc:65:cf:d0:00:0d:de Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9326583813447c7bddeb5a01c3274d8e41c301a2 Validity Not Before: Dec 17 09:01:35 2025 GMT Not After : Dec 18 09:01:35 2025 GMT Subject: CN=65c2c4ede9ba2ca7905c44d53b1134e9476d421d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:0c:62:18:fc:97:6d:09:96:24:e1:53:e5:5c: 28:65:d6:8d:20:8d:f8:ad:c4:f1:54:b0:e8:60:d5: 0e:81:14:f2:20:d1:ec:6a:4b:96:cc:fd:86:27:8d: fb:6c:a7:0e:41:6a:8d:f5:f3:52:0d:1f:cf:5d:e1: 7f:d5:36:3c:7f:52:0d:42:97:2c:ee:05:13:e1:83: 54:52:49:8d:d4:e2:bf:24:9a:7b:3e:fb:23:a5:89: e2:17:f4:ec:b2:98:0e:7e:54:d3:b8:70:cd:b7:f8: b5:5a:a8:00:08:2f:46:ec:c4:e1:ef:3a:ca:83:67: b3:17:e9:0d:07:68:64:f7:0f:85:cf:af:4e:8d:25: 82:32:ff:28:e1:60:8a:05:0a:73:ee:4c:8d:e3:44: 74:8e:d2:d3:51:fc:1e:28:78:70:b2:1f:29:b4:71: 7d:c3:a0:c6:be:f6:62:c3:a3:a3:a0:a9:a2:71:ae: 17:85:dd:56:6a:d5:13:60:25:0d:b9:a6:a8:ea:89: 73:18:99:32:27:d5:63:21:72:f8:e1:4b:bb:ff:63: 76:fe:c4:1d:8d:d9:d3:df:ee:a9:9d:22:d5:0a:64: 1b:36:d1:ab:b4:c9:ed:db:94:32:65:df:40:df:84: 79:e6:4e:e9:14:5d:4d:ef:2e:0f:34:e2:6c:6f:7c: e6:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 65:C2:C4:ED:E9:BA:2C:A7:90:5C:44:D5:3B:11:34:E9:47:6D:42:1D X509v3 Authority Key Identifier: keyid:93:26:58:38:13:44:7C:7B:DD:EB:5A:01:C3:27:4D:8E:41:C3:01:A2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kyZYOBNEfHvd61oBwydNjkHDAaI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/5dec06-8b1b-4c76-a54c-69b4b4fb9d12/1/kyZYOBNEfHvd61oBwydNjkHDAaI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/5dec06-8b1b-4c76-a54c-69b4b4fb9d12/1/kyZYOBNEfHvd61oBwydNjkHDAaI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 85:64:c8:45:6a:ce:44:0c:50:67:38:7e:7d:2c:8b:4e:e3:2d: 70:66:88:74:ca:71:5c:03:f0:41:ef:08:2c:a2:29:3e:ba:3e: 77:6a:5c:32:d7:1f:88:9e:f6:6d:4a:d5:43:7f:43:87:e1:e4: b6:d4:bd:09:2a:f5:3d:95:2d:4f:2a:48:05:1b:95:45:01:b7: d8:a2:07:d0:28:2f:57:64:fd:6f:f7:fc:3e:b5:b3:39:9a:7c: 2a:34:19:3d:aa:36:8e:0c:ad:40:b2:2b:52:4f:18:d2:e6:96: 18:77:0f:dc:cc:66:6e:44:f4:dd:7e:5c:8e:2e:04:96:2a:cf: 2f:5d:33:16:70:f4:45:1b:e8:dd:24:9b:38:1d:30:5b:d9:4e: 9c:68:04:60:42:96:5c:ba:8a:90:80:4a:78:69:41:3e:7f:b8: d2:54:6a:b3:1c:72:fa:d2:dd:f4:6d:62:84:2d:09:42:e0:5d: de:50:b1:7a:2f:54:fc:3d:20:3b:aa:1c:71:4b:d2:80:31:1e: 89:e9:1e:29:5f:ad:99:a2:0c:f9:3c:be:45:37:5d:21:f2:56: cf:08:c8:82:28:ba:fe:48:90:ff:52:92:9f:57:37:54:bc:70: 26:c8:36:3e:b0:9e:84:ab:e8:ad:3a:d7:41:f0:71:3e:d1:09: 25:f5:74:d1 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsrixshhqZuOujcZc/QAA3eMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkzMjY1ODM4MTM0NDdjN2JkZGViNWEwMWMzMjc0ZDhlNDFj MzAxYTIwHhcNMjUxMjE3MDkwMTM1WhcNMjUxMjE4MDkwMTM1WjAzMTEwLwYDVQQD Eyg2NWMyYzRlZGU5YmEyY2E3OTA1YzQ0ZDUzYjExMzRlOTQ3NmQ0MjFkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4gxiGPyXbQmWJOFT5VwoZdaNII34 rcTxVLDoYNUOgRTyINHsakuWzP2GJ437bKcOQWqN9fNSDR/PXeF/1TY8f1INQpcs 7gUT4YNUUkmN1OK/JJp7PvsjpYniF/TsspgOflTTuHDNt/i1WqgACC9G7MTh7zrK g2ezF+kNB2hk9w+Fz69OjSWCMv8o4WCKBQpz7kyN40R0jtLTUfweKHhwsh8ptHF9 w6DGvvZiw6OjoKmica4Xhd1WatUTYCUNuaao6olzGJkyJ9VjIXL44Uu7/2N2/sQd jdnT3+6pnSLVCmQbNtGrtMnt25QyZd9A34R55k7pFF1N7y4PNOJsb3zmHwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGXCxO3puiynkFxE1TsRNOlHbUIdMB8GA1UdIwQY MBaAFJMmWDgTRHx73etaAcMnTY5BwwGiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva3laWU9CTkVmSHZkNjFvQnd5ZE5qa0hEQWFJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi81ZGVjMDYtOGIxYi00Yzc2LWE1NGMt NjliNGI0ZmI5ZDEyLzEva3laWU9CTkVmSHZkNjFvQnd5ZE5qa0hEQWFJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wZi81ZGVjMDYtOGIxYi00Yzc2LWE1NGMtNjliNGI0ZmI5ZDEy LzEva3laWU9CTkVmSHZkNjFvQnd5ZE5qa0hEQWFJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhWTIRWrO RAxQZzh+fSyLTuMtcGaIdMpxXAPwQe8ILKIpPro+d2pcMtcfiJ72bUrVQ39Dh+Hk ttS9CSr1PZUtTypIBRuVRQG32KIH0CgvV2T9b/f8PrWzOZp8KjQZPao2jgytQLIr Uk8Y0uaWGHcP3MxmbkT03X5cji4ElirPL10zFnD0RRvo3SSbOB0wW9lOnGgEYEKW XLqKkIBKeGlBPn+40lRqsxxy+tLd9G1ihC0JQuBd3lCxei9U/D0gO6occUvSgDEe iekeKV+tmaIM+Ty+RTddIfJWzwjIgii6/kiQ/1KSn1c3VLxwJsg2PrCehKvorTrX QfBxPtEJJfV00Q== -----END CERTIFICATE-----Generated at Wed Dec 17 11:18:35 2025 by rpki-client