This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/ebb979-bef0-420c-95e0-bceb376c2573/1/KtclXVpq-4XjdugbuaCew93dvNw.mft File: KtclXVpq-4XjdugbuaCew93dvNw.mft (raw, json) Hash identifier: 7v7yu1HL1LbkANDcgGWmQg5aScPYJ48NqyTEzU3+vtU= Subject key identifier: A5:06:22:76:D3:78:ED:FE:9E:DB:89:10:28:D7:DE:35:13:51:B6:FA Authority key identifier: 2A:D7:25:5D:5A:6A:FB:85:E3:76:E8:1B:B9:A0:9E:C3:DD:DD:BC:DC Certificate issuer: /CN=2ad7255d5a6afb85e376e81bb9a09ec3ddddbcdc Certificate serial: 019B4AA7C6492ACE3238396F5D6E04B43B7D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KtclXVpq-4XjdugbuaCew93dvNw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/ebb979-bef0-420c-95e0-bceb376c2573/1/KtclXVpq-4XjdugbuaCew93dvNw.mft Manifest number: 16A6 Signing time: Tue 23 Dec 2025 10:01:07 +0000 Manifest this update: Tue 23 Dec 2025 10:01:07 +0000 Manifest next update: Wed 24 Dec 2025 10:01:07 +0000 Files and hashes: 1: KtclXVpq-4XjdugbuaCew93dvNw.crl (hash: daOBVNvdMZvM/g4UJqnegSdtBAOzdaHZ2tPhiQlWtcY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/ebb979-bef0-420c-95e0-bceb376c2573/1/KtclXVpq-4XjdugbuaCew93dvNw.crl rsync://rpki.ripe.net/repository/DEFAULT/11/ebb979-bef0-420c-95e0-bceb376c2573/1/KtclXVpq-4XjdugbuaCew93dvNw.mft rsync://rpki.ripe.net/repository/DEFAULT/KtclXVpq-4XjdugbuaCew93dvNw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 24 Dec 2025 10:01:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4a:a7:c6:49:2a:ce:32:38:39:6f:5d:6e:04:b4:3b:7d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2ad7255d5a6afb85e376e81bb9a09ec3ddddbcdc Validity Not Before: Dec 23 10:01:07 2025 GMT Not After : Dec 24 10:01:07 2025 GMT Subject: CN=a5062276d378edfe9edb891028d7de351351b6fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:b7:3d:bb:d7:59:bb:95:3c:f7:d9:6e:a3:7d: fa:5a:28:ad:e3:4b:59:6b:c9:f3:50:85:52:16:8c: af:c9:c7:58:fb:50:0d:57:cc:2b:88:94:de:f7:04: fd:00:01:25:a2:86:96:85:86:d6:73:2e:8d:e7:b0: 7f:7b:32:ed:e8:fd:07:15:d3:7a:2e:0f:78:18:d6: 26:01:a5:d0:f7:f0:fd:a8:a3:d6:f2:cc:ee:87:65: cb:02:a9:ec:23:e4:57:91:8b:cb:d3:fa:61:04:40: af:2b:01:ec:84:ca:b0:e8:90:89:15:5c:06:5a:f2: bf:b5:fe:8e:47:f1:f8:f9:ff:ca:92:0a:e5:19:72: 8c:9b:b5:c7:c4:63:93:07:b8:97:f9:fe:9f:7f:db: a7:88:df:7a:34:6a:64:0e:33:5c:02:33:14:37:a5: 2a:cf:55:28:5c:f8:fc:2c:ba:67:67:aa:22:a0:d3: 2d:3b:70:1d:1b:72:1a:0e:a2:cf:c1:58:83:06:c6: 3d:ee:64:cc:24:a5:07:d1:48:18:8f:89:69:4e:ee: 55:66:33:80:e5:88:43:20:cd:d8:ca:56:b8:5d:14: a7:e0:12:32:a7:12:5a:26:c2:b8:f1:2a:e8:4b:7f: 05:7f:c4:42:b1:39:4d:19:d3:4a:74:10:83:71:05: 44:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A5:06:22:76:D3:78:ED:FE:9E:DB:89:10:28:D7:DE:35:13:51:B6:FA X509v3 Authority Key Identifier: keyid:2A:D7:25:5D:5A:6A:FB:85:E3:76:E8:1B:B9:A0:9E:C3:DD:DD:BC:DC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KtclXVpq-4XjdugbuaCew93dvNw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/ebb979-bef0-420c-95e0-bceb376c2573/1/KtclXVpq-4XjdugbuaCew93dvNw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/11/ebb979-bef0-420c-95e0-bceb376c2573/1/KtclXVpq-4XjdugbuaCew93dvNw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b6:a9:3d:e2:f5:c8:1f:52:a7:04:48:1a:6c:ee:d1:be:64:bc: 78:57:1a:6d:f7:02:7e:56:d5:f5:5d:6e:56:f0:1a:41:f4:08: 52:8f:ed:14:48:81:2b:cd:9f:49:db:80:51:78:71:63:69:99: 64:39:3a:c7:a1:cf:8e:42:52:e5:f6:c6:62:f9:7f:ae:d4:bd: 5f:c7:ea:7c:60:f3:de:e6:0c:92:1a:17:33:f7:0f:af:20:06: e0:cc:ab:ab:92:14:dd:fb:ed:91:51:63:a2:1e:ad:d4:6f:3f: b0:00:88:dd:df:a6:0f:6b:72:af:04:14:55:9e:3d:a1:d1:93: 4b:cb:49:a7:9b:47:0b:e9:5c:f1:23:3c:73:ae:05:c4:d9:89: e4:3b:c3:01:ce:ad:f3:26:c6:5b:92:a6:7e:7d:e7:70:78:bb: b6:6b:a9:80:d2:ca:e5:13:bc:ef:c9:92:34:b8:df:4c:f1:2e: e2:2a:01:4a:c8:6f:c1:36:6a:ae:ee:95:ed:43:78:d0:bd:5f: af:61:61:43:c3:7f:95:be:30:b9:35:9f:6d:01:f7:e3:61:12: 36:cf:cb:db:4f:f2:df:2d:46:21:43:58:4b:d8:f3:28:02:4f: 46:ad:86:9f:e4:54:b4:ef:7c:87:56:a8:fb:c0:6c:e0:b3:6e: f5:ac:3a:b7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtKp8ZJKs4yODlvXW4EtDt9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhZDcyNTVkNWE2YWZiODVlMzc2ZTgxYmI5YTA5ZWMzZGRk ZGJjZGMwHhcNMjUxMjIzMTAwMTA3WhcNMjUxMjI0MTAwMTA3WjAzMTEwLwYDVQQD EyhhNTA2MjI3NmQzNzhlZGZlOWVkYjg5MTAyOGQ3ZGUzNTEzNTFiNmZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAubc9u9dZu5U899luo336Wiit40tZ a8nzUIVSFoyvycdY+1ANV8wriJTe9wT9AAElooaWhYbWcy6N57B/ezLt6P0HFdN6 Lg94GNYmAaXQ9/D9qKPW8szuh2XLAqnsI+RXkYvL0/phBECvKwHshMqw6JCJFVwG WvK/tf6OR/H4+f/KkgrlGXKMm7XHxGOTB7iX+f6ff9uniN96NGpkDjNcAjMUN6Uq z1UoXPj8LLpnZ6oioNMtO3AdG3IaDqLPwViDBsY97mTMJKUH0UgYj4lpTu5VZjOA 5YhDIM3Yyla4XRSn4BIypxJaJsK48SroS38Ff8RCsTlNGdNKdBCDcQVE1QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKUGInbTeO3+ntuJECjX3jUTUbb6MB8GA1UdIwQY MBaAFCrXJV1aavuF43boG7mgnsPd3bzcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS3RjbFhWcHEtNFhqZHVnYnVhQ2V3OTNkdk53LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9lYmI5NzktYmVmMC00MjBjLTk1ZTAt YmNlYjM3NmMyNTczLzEvS3RjbFhWcHEtNFhqZHVnYnVhQ2V3OTNkdk53Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xMS9lYmI5NzktYmVmMC00MjBjLTk1ZTAtYmNlYjM3NmMyNTcz LzEvS3RjbFhWcHEtNFhqZHVnYnVhQ2V3OTNkdk53LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtqk94vXI H1KnBEgabO7RvmS8eFcabfcCflbV9V1uVvAaQfQIUo/tFEiBK82fSduAUXhxY2mZ ZDk6x6HPjkJS5fbGYvl/rtS9X8fqfGDz3uYMkhoXM/cPryAG4Myrq5IU3fvtkVFj oh6t1G8/sACI3d+mD2tyrwQUVZ49odGTS8tJp5tHC+lc8SM8c64FxNmJ5DvDAc6t 8ybGW5Kmfn3ncHi7tmupgNLK5RO878mSNLjfTPEu4ioBSshvwTZqru6V7UN40L1f r2FhQ8N/lb4wuTWfbQH342ESNs/L20/y3y1GIUNYS9jzKAJPRq2Gn+RUtO98h1ao +8Bs4LNu9aw6tw== -----END CERTIFICATE-----Generated at Tue Dec 23 18:51:49 2025 by rpki-client