This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/b87c2a-cd03-4538-9dc4-991fae5c9b07/1/KeieDArUFRV01m8rML0dpKqd8Fs.mft File: KeieDArUFRV01m8rML0dpKqd8Fs.mft (raw, json) Hash identifier: q8H2jcFMdYzWuj4PA53aTGW1Ruu12zsmFbK1PcEnTtI= Subject key identifier: F5:3B:34:5E:C8:70:C9:0B:F3:6E:FA:CE:AB:25:D2:17:ED:98:78:A6 Authority key identifier: 29:E8:9E:0C:0A:D4:15:15:74:D6:6F:2B:30:BD:1D:A4:AA:9D:F0:5B Certificate issuer: /CN=29e89e0c0ad4151574d66f2b30bd1da4aa9df05b Certificate serial: 019B68E93B493034CA8E297E6BA3B556C07D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KeieDArUFRV01m8rML0dpKqd8Fs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/b87c2a-cd03-4538-9dc4-991fae5c9b07/1/KeieDArUFRV01m8rML0dpKqd8Fs.mft Manifest number: 146B Signing time: Mon 29 Dec 2025 07:01:14 +0000 Manifest this update: Mon 29 Dec 2025 07:01:14 +0000 Manifest next update: Tue 30 Dec 2025 07:01:14 +0000 Files and hashes: 1: KeieDArUFRV01m8rML0dpKqd8Fs.crl (hash: oVeOKxS7B+4LwjsoURPRaUSm5KHPyX25g7bYaWHhetw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/b87c2a-cd03-4538-9dc4-991fae5c9b07/1/KeieDArUFRV01m8rML0dpKqd8Fs.crl rsync://rpki.ripe.net/repository/DEFAULT/41/b87c2a-cd03-4538-9dc4-991fae5c9b07/1/KeieDArUFRV01m8rML0dpKqd8Fs.mft rsync://rpki.ripe.net/repository/DEFAULT/KeieDArUFRV01m8rML0dpKqd8Fs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 30 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:68:e9:3b:49:30:34:ca:8e:29:7e:6b:a3:b5:56:c0:7d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=29e89e0c0ad4151574d66f2b30bd1da4aa9df05b Validity Not Before: Dec 29 07:01:14 2025 GMT Not After : Dec 30 07:01:14 2025 GMT Subject: CN=f53b345ec870c90bf36efaceab25d217ed9878a6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:7e:21:37:9d:40:aa:6a:6a:9f:e1:61:a5:0f: 65:54:7a:e8:4f:ea:28:93:a4:46:d5:c8:d9:69:b4: 00:fc:1e:04:4b:37:63:1c:68:47:39:d0:4b:1d:6b: 39:27:56:32:da:5a:15:96:1d:8d:26:ee:a8:d6:e9: d8:69:1e:2c:6e:06:b3:94:6a:f5:fc:b6:03:7a:c8: 78:90:5f:7a:04:3f:01:99:b1:76:03:d8:5a:2c:38: 70:ab:0a:28:04:6e:71:55:9f:e7:e5:fe:4e:93:c0: 57:c6:02:66:5c:25:8b:dc:5c:98:be:de:d9:e4:b1: 67:29:ac:f2:db:af:44:5e:a1:fc:d8:a6:a5:77:46: d1:f7:a4:bf:47:65:70:80:e4:ff:e9:65:9e:6b:ae: ae:8d:ee:f3:8d:6a:1e:df:cc:36:e3:6f:dd:57:0e: d8:02:47:bd:7c:92:a4:d7:67:46:b0:64:5d:f4:f7: 40:85:c7:c3:76:17:5b:0c:a2:95:9c:15:79:5d:6e: b4:73:37:c4:69:0a:55:eb:fc:46:f1:37:37:c1:5f: 23:67:7b:ff:07:72:2e:95:36:74:7a:4a:2a:3a:c0: d4:f3:11:6b:87:56:33:bc:ed:0c:8c:c7:71:ae:1e: 01:13:e5:4a:3d:c8:05:6e:dc:98:8e:33:8a:76:a7: f7:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F5:3B:34:5E:C8:70:C9:0B:F3:6E:FA:CE:AB:25:D2:17:ED:98:78:A6 X509v3 Authority Key Identifier: keyid:29:E8:9E:0C:0A:D4:15:15:74:D6:6F:2B:30:BD:1D:A4:AA:9D:F0:5B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KeieDArUFRV01m8rML0dpKqd8Fs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/b87c2a-cd03-4538-9dc4-991fae5c9b07/1/KeieDArUFRV01m8rML0dpKqd8Fs.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/41/b87c2a-cd03-4538-9dc4-991fae5c9b07/1/KeieDArUFRV01m8rML0dpKqd8Fs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4a:04:31:71:e0:30:d5:b5:09:e5:1c:9d:7a:35:27:42:c8:b7: 32:91:1d:37:91:62:4f:3b:e6:b5:b0:96:5c:ce:aa:37:45:d8: 73:ba:72:b5:a3:e7:de:4c:c5:39:bc:4d:d4:4c:f3:cd:0d:3e: a4:31:36:cb:7c:54:40:4b:0a:52:41:31:7a:fd:38:1b:1c:59: 79:59:29:50:53:e3:32:4b:ce:b1:19:26:6e:74:04:15:55:0f: e2:66:99:f0:0a:bf:76:a7:95:28:12:b1:6e:93:30:b4:a0:be: 00:6e:79:ee:49:9a:26:7f:92:dc:79:20:fa:22:c5:82:b2:04: fc:9b:e6:ff:10:4f:e9:34:5d:7d:5f:94:af:56:33:dd:11:4d: a0:48:eb:ec:42:9d:8c:bc:d9:6b:88:97:aa:83:39:30:90:7e: 37:7c:f0:eb:02:b1:54:6b:fe:5d:6a:cc:94:a1:7d:1d:48:ff: b2:12:9a:04:47:f8:c4:a2:72:64:85:a4:fc:88:78:0e:17:80: 36:bf:da:b9:30:1b:b1:83:a6:59:b5:7a:4b:1d:72:8d:29:48: 66:36:d3:85:82:42:5d:3d:c8:f4:b4:43:21:d2:3e:1a:af:d5: 3f:bf:89:85:a9:ef:28:f8:75:e3:6b:54:97:20:47:1e:7c:00: 51:7e:23:69 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZto6TtJMDTKjil+a6O1VsB9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI5ZTg5ZTBjMGFkNDE1MTU3NGQ2NmYyYjMwYmQxZGE0YWE5 ZGYwNWIwHhcNMjUxMjI5MDcwMTE0WhcNMjUxMjMwMDcwMTE0WjAzMTEwLwYDVQQD EyhmNTNiMzQ1ZWM4NzBjOTBiZjM2ZWZhY2VhYjI1ZDIxN2VkOTg3OGE2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArX4hN51Aqmpqn+FhpQ9lVHroT+oo k6RG1cjZabQA/B4ESzdjHGhHOdBLHWs5J1Yy2loVlh2NJu6o1unYaR4sbgazlGr1 /LYDesh4kF96BD8BmbF2A9haLDhwqwooBG5xVZ/n5f5Ok8BXxgJmXCWL3FyYvt7Z 5LFnKazy269EXqH82Kald0bR96S/R2VwgOT/6WWea66uje7zjWoe38w242/dVw7Y Ake9fJKk12dGsGRd9PdAhcfDdhdbDKKVnBV5XW60czfEaQpV6/xG8Tc3wV8jZ3v/ B3IulTZ0ekoqOsDU8xFrh1YzvO0MjMdxrh4BE+VKPcgFbtyYjjOKdqf30QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPU7NF7IcMkL8276zqsl0hftmHimMB8GA1UdIwQY MBaAFCnongwK1BUVdNZvKzC9HaSqnfBbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS2VpZURBclVGUlYwMW04ck1MMGRwS3FkOEZzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS9iODdjMmEtY2QwMy00NTM4LTlkYzQt OTkxZmFlNWM5YjA3LzEvS2VpZURBclVGUlYwMW04ck1MMGRwS3FkOEZzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80MS9iODdjMmEtY2QwMy00NTM4LTlkYzQtOTkxZmFlNWM5YjA3 LzEvS2VpZURBclVGUlYwMW04ck1MMGRwS3FkOEZzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASgQxceAw 1bUJ5RydejUnQsi3MpEdN5FiTzvmtbCWXM6qN0XYc7pytaPn3kzFObxN1EzzzQ0+ pDE2y3xUQEsKUkExev04GxxZeVkpUFPjMkvOsRkmbnQEFVUP4maZ8Aq/dqeVKBKx bpMwtKC+AG557kmaJn+S3Hkg+iLFgrIE/Jvm/xBP6TRdfV+Ur1Yz3RFNoEjr7EKd jLzZa4iXqoM5MJB+N3zw6wKxVGv+XWrMlKF9HUj/shKaBEf4xKJyZIWk/Ih4DheA Nr/auTAbsYOmWbV6Sx1yjSlIZjbThYJCXT3I9LRDIdI+Gq/VP7+JhanvKPh142tU lyBHHnwAUX4jaQ== -----END CERTIFICATE-----Generated at Mon Dec 29 10:01:21 2025 by rpki-client