This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/7cc7a7-aef1-408a-a1c6-df1cce4e6950/1/KyJEyKPrSjxtd20EbOkqvwHGwi8.mft File: KyJEyKPrSjxtd20EbOkqvwHGwi8.mft (raw, json) Hash identifier: BFWRguGq9CpqssfT2Dh49ifktu25fnC+LuqcdPU7sQM= Subject key identifier: 6B:37:EB:A3:95:13:AB:A2:D5:5C:93:99:9F:8A:50:15:E2:C1:BF:DF Authority key identifier: 2B:22:44:C8:A3:EB:4A:3C:6D:77:6D:04:6C:E9:2A:BF:01:C6:C2:2F Certificate issuer: /CN=2b2244c8a3eb4a3c6d776d046ce92abf01c6c22f Certificate serial: 019B3DFE96A37C6D6A0E48D28F27EABC7D19 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KyJEyKPrSjxtd20EbOkqvwHGwi8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/7cc7a7-aef1-408a-a1c6-df1cce4e6950/1/KyJEyKPrSjxtd20EbOkqvwHGwi8.mft Manifest number: 1786 Signing time: Sat 20 Dec 2025 23:00:53 +0000 Manifest this update: Sat 20 Dec 2025 23:00:53 +0000 Manifest next update: Sun 21 Dec 2025 23:00:53 +0000 Files and hashes: 1: CWGhSuH7Prq7nBeXCwJSQ8R7MLY.roa (hash: kJD3A5DYARZjtb9aiv1WyX0nnGUXwOPoDx5EHff3F+I=) 2: KyJEyKPrSjxtd20EbOkqvwHGwi8.crl (hash: RBfeLaSxsRchQFcCMFWPFhWeKWDLdqLy9qtQrwb33Jg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/7cc7a7-aef1-408a-a1c6-df1cce4e6950/1/KyJEyKPrSjxtd20EbOkqvwHGwi8.crl rsync://rpki.ripe.net/repository/DEFAULT/24/7cc7a7-aef1-408a-a1c6-df1cce4e6950/1/KyJEyKPrSjxtd20EbOkqvwHGwi8.mft rsync://rpki.ripe.net/repository/DEFAULT/KyJEyKPrSjxtd20EbOkqvwHGwi8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 19:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3d:fe:96:a3:7c:6d:6a:0e:48:d2:8f:27:ea:bc:7d:19 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2b2244c8a3eb4a3c6d776d046ce92abf01c6c22f Validity Not Before: Dec 20 23:00:53 2025 GMT Not After : Dec 21 23:00:53 2025 GMT Subject: CN=6b37eba39513aba2d55c93999f8a5015e2c1bfdf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:1c:b7:64:04:e1:b3:86:02:99:92:0d:0a:0b: af:3c:2f:f3:8e:81:ad:21:10:81:00:bc:90:03:f3: 04:48:f9:ad:a9:45:5c:bb:df:6a:0b:7a:fc:47:2f: 34:d1:0e:c8:36:5e:0c:e6:d8:30:08:fe:28:1a:7d: 9e:c5:9f:21:80:51:df:a3:fa:72:2c:84:a2:2d:18: f2:0c:88:93:60:0e:52:6c:47:97:39:18:b6:87:31: da:45:09:fd:58:e8:1b:6e:62:f6:63:27:c0:c8:0f: 84:1b:8e:da:b4:88:05:db:10:a2:19:8b:3c:42:b9: dc:d4:80:b8:51:0b:a6:bd:54:8f:a3:46:a7:de:17: bf:8f:28:05:49:53:7a:75:24:39:6e:09:12:00:f0: 00:ca:bf:f1:f9:3a:77:55:6d:c6:be:97:7a:48:6e: 97:b1:c3:7c:b6:2c:df:25:8a:f5:4e:7a:68:1d:27: be:78:69:55:34:ca:02:3e:a7:5d:ed:71:4c:a2:21: a3:8f:cf:d6:df:11:26:c5:47:6a:2a:ad:36:7a:0e: 0f:03:3e:0e:36:ea:eb:c1:5f:71:00:c9:73:88:af: 13:03:71:30:ad:6f:f5:3d:f7:43:3a:fc:7c:39:2f: ac:8f:38:31:ce:d3:0f:9b:68:69:4a:ba:67:8a:5f: 25:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6B:37:EB:A3:95:13:AB:A2:D5:5C:93:99:9F:8A:50:15:E2:C1:BF:DF X509v3 Authority Key Identifier: keyid:2B:22:44:C8:A3:EB:4A:3C:6D:77:6D:04:6C:E9:2A:BF:01:C6:C2:2F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KyJEyKPrSjxtd20EbOkqvwHGwi8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/7cc7a7-aef1-408a-a1c6-df1cce4e6950/1/KyJEyKPrSjxtd20EbOkqvwHGwi8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/24/7cc7a7-aef1-408a-a1c6-df1cce4e6950/1/KyJEyKPrSjxtd20EbOkqvwHGwi8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 07:62:f3:99:47:65:60:5a:cb:14:1b:15:bc:09:fd:bc:c4:21: 69:ce:1f:50:61:d7:87:fb:56:d5:c3:18:05:5c:1b:b1:af:1d: ec:c0:fe:45:5f:b5:b8:db:a4:d1:e8:15:00:e7:dd:d2:14:8b: 01:9a:9d:b4:1d:74:b7:0c:86:b4:14:ac:b4:3e:6d:0d:fb:4a: 62:50:49:56:ae:76:71:c4:f0:b1:4d:87:1c:ad:c9:ba:d0:9d: 0a:0d:18:3c:5f:b7:9f:62:59:4f:e6:63:68:2d:07:61:f8:4a: be:38:e2:fc:81:23:9c:a7:3a:db:58:01:d8:51:f0:fc:63:04: 12:7b:15:ae:64:f7:20:4c:d2:c4:8f:f3:30:4f:8c:a0:fe:96: 35:90:c1:5d:e4:d2:45:96:78:f4:20:89:dc:5d:40:0f:c5:cc: 7d:6c:b5:7e:25:a1:26:92:71:25:c4:a6:ca:ab:9a:9b:10:6e: c3:8c:1a:70:0a:6d:7c:65:16:d7:2e:69:f5:49:66:1c:4f:db: 92:d4:89:b6:04:9a:8b:30:f2:c7:18:01:f1:f5:08:b3:a9:23: ed:9e:ff:2f:97:60:fd:6b:da:3d:c0:6b:2f:cf:7a:18:da:0d: 92:d7:6f:c2:d4:4d:3c:fc:d3:dd:db:8b:09:9c:72:15:e9:06: fc:6a:59:78 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs9/pajfG1qDkjSjyfqvH0ZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJiMjI0NGM4YTNlYjRhM2M2ZDc3NmQwNDZjZTkyYWJmMDFj NmMyMmYwHhcNMjUxMjIwMjMwMDUzWhcNMjUxMjIxMjMwMDUzWjAzMTEwLwYDVQQD Eyg2YjM3ZWJhMzk1MTNhYmEyZDU1YzkzOTk5ZjhhNTAxNWUyYzFiZmRmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuxy3ZAThs4YCmZINCguvPC/zjoGt IRCBALyQA/MESPmtqUVcu99qC3r8Ry800Q7INl4M5tgwCP4oGn2exZ8hgFHfo/py LISiLRjyDIiTYA5SbEeXORi2hzHaRQn9WOgbbmL2YyfAyA+EG47atIgF2xCiGYs8 Qrnc1IC4UQumvVSPo0an3he/jygFSVN6dSQ5bgkSAPAAyr/x+Tp3VW3Gvpd6SG6X scN8tizfJYr1TnpoHSe+eGlVNMoCPqdd7XFMoiGjj8/W3xEmxUdqKq02eg4PAz4O NurrwV9xAMlziK8TA3EwrW/1PfdDOvx8OS+sjzgxztMPm2hpSrpnil8lzwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGs366OVE6ui1VyTmZ+KUBXiwb/fMB8GA1UdIwQY MBaAFCsiRMij60o8bXdtBGzpKr8BxsIvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS3lKRXlLUHJTanh0ZDIwRWJPa3F2d0hHd2k4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC83Y2M3YTctYWVmMS00MDhhLWExYzYt ZGYxY2NlNGU2OTUwLzEvS3lKRXlLUHJTanh0ZDIwRWJPa3F2d0hHd2k4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNC83Y2M3YTctYWVmMS00MDhhLWExYzYtZGYxY2NlNGU2OTUw LzEvS3lKRXlLUHJTanh0ZDIwRWJPa3F2d0hHd2k4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAB2LzmUdl YFrLFBsVvAn9vMQhac4fUGHXh/tW1cMYBVwbsa8d7MD+RV+1uNuk0egVAOfd0hSL AZqdtB10twyGtBSstD5tDftKYlBJVq52ccTwsU2HHK3JutCdCg0YPF+3n2JZT+Zj aC0HYfhKvjji/IEjnKc621gB2FHw/GMEEnsVrmT3IEzSxI/zME+MoP6WNZDBXeTS RZZ49CCJ3F1AD8XMfWy1fiWhJpJxJcSmyquamxBuw4wacAptfGUW1y5p9UlmHE/b ktSJtgSaizDyxxgB8fUIs6kj7Z7/L5dg/WvaPcBrL896GNoNktdvwtRNPPzT3duL CZxyFekG/GpZeA== -----END CERTIFICATE-----Generated at Sun Dec 21 02:19:53 2025 by rpki-client