This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.mft File: KY60_lwZ8pLyiSTL8VVaj1do2CY.mft (raw, json) Hash identifier: 4eXDgAdDHQHqSpv+EihsNNVDzKNHInM82BLOxoBCVVM= Subject key identifier: D0:07:F8:60:E9:3D:5B:67:73:C8:36:BE:E1:38:A4:09:E1:8D:16:BD Authority key identifier: 29:8E:B4:FE:5C:19:F2:92:F2:89:24:CB:F1:55:5A:8F:57:68:D8:26 Certificate issuer: /CN=298eb4fe5c19f292f28924cbf1555a8f5768d826 Certificate serial: 019B68EA094191A948A2EE63B6C22FBFF853 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KY60_lwZ8pLyiSTL8VVaj1do2CY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.mft Manifest number: 179C Signing time: Mon 29 Dec 2025 07:02:06 +0000 Manifest this update: Mon 29 Dec 2025 07:02:06 +0000 Manifest next update: Tue 30 Dec 2025 07:02:06 +0000 Files and hashes: 1: KY60_lwZ8pLyiSTL8VVaj1do2CY.crl (hash: /yRkX++YOLVFeM9iPX2j76HGPU/wyrP0mmkwJhKAbcY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.crl rsync://rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.mft rsync://rpki.ripe.net/repository/DEFAULT/KY60_lwZ8pLyiSTL8VVaj1do2CY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 30 Dec 2025 07:02:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:68:ea:09:41:91:a9:48:a2:ee:63:b6:c2:2f:bf:f8:53 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=298eb4fe5c19f292f28924cbf1555a8f5768d826 Validity Not Before: Dec 29 07:02:06 2025 GMT Not After : Dec 30 07:02:06 2025 GMT Subject: CN=d007f860e93d5b6773c836bee138a409e18d16bd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:8d:51:be:d5:51:4d:64:6d:cb:34:9e:0e:3e: 99:7b:81:5d:10:72:6d:14:cf:5c:61:41:8b:6b:23: 21:16:18:91:a2:a0:a0:08:06:2d:2c:ee:13:3f:f8: a5:1f:1d:d9:34:a9:6b:ba:70:d7:6e:c2:84:75:5d: 28:d5:b3:bb:ad:4c:07:53:81:5c:d5:d7:9e:5a:50: 85:ec:0d:d0:e4:72:1e:64:7b:31:7c:2d:db:47:8b: 16:de:1a:d2:e8:c3:00:e2:7f:a5:ed:57:86:be:b3: 8e:3d:ca:84:42:12:b1:ce:68:07:1d:1e:ff:63:cf: b6:46:e7:09:f4:a2:3e:fb:c3:61:2b:f3:cb:c8:9b: df:81:02:dc:77:bb:5e:3c:25:63:86:7d:7c:26:68: 10:85:38:50:22:1b:07:bc:69:15:7d:60:b3:66:c2: 2f:3a:ea:75:f0:22:13:f1:79:aa:85:52:15:fe:a9: 83:67:78:af:88:7b:05:1d:9e:30:56:c1:98:ef:d9: 5d:ae:c4:16:61:87:19:c8:a8:96:d7:9e:25:39:10: 9a:95:97:a0:1b:b9:ea:3e:f5:83:21:ab:de:f3:2a: cf:58:95:b9:35:7e:c4:7a:e1:19:a4:d8:14:f4:49: 1f:63:7e:24:05:53:0d:61:f2:05:f6:d4:06:51:9d: 55:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D0:07:F8:60:E9:3D:5B:67:73:C8:36:BE:E1:38:A4:09:E1:8D:16:BD X509v3 Authority Key Identifier: keyid:29:8E:B4:FE:5C:19:F2:92:F2:89:24:CB:F1:55:5A:8F:57:68:D8:26 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KY60_lwZ8pLyiSTL8VVaj1do2CY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0e:f2:cd:35:fd:84:ae:2a:ba:dc:eb:1b:4f:4a:86:7b:83:45: d3:53:d6:bc:ef:46:5d:8c:5d:07:c8:aa:e0:b2:99:7f:c9:8d: 57:ec:33:56:15:68:a6:b2:22:e9:e2:d8:60:36:9b:24:31:09: 3c:40:e2:88:06:94:40:ab:85:c2:ef:d8:27:13:b1:ad:96:1c: bf:f5:ce:fe:d5:4f:f8:a5:17:f3:00:0b:50:71:f9:9d:10:cc: 30:13:43:ad:3a:00:fa:01:5c:a3:67:97:52:79:24:3c:fd:fc: 55:14:0f:d6:34:e6:4a:c4:a3:e5:d2:ef:16:8f:ae:b2:ee:d3: 73:5c:65:f6:64:c8:54:47:14:e5:dd:a1:7e:41:d9:cb:7f:fd: 71:d8:82:17:5e:12:36:b0:e1:42:89:53:5c:5a:0c:f4:25:67: b1:1b:ec:db:76:da:7f:8f:59:58:6c:f0:dd:52:e5:fb:04:ac: 53:39:79:07:a8:57:ab:cb:9f:f5:a1:15:9a:5c:85:04:5a:8d: 6b:ea:c4:76:0a:c0:f1:ca:a8:3b:d8:52:b6:7e:3f:29:6f:ed: b2:bd:ce:55:de:ad:59:f3:03:40:68:cf:fc:a8:2c:c0:f5:31: c3:51:9d:90:23:c6:c0:86:a2:4a:ea:e2:3f:1c:de:4e:46:2a: 33:cf:99:30 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZto6glBkalIou5jtsIvv/hTMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI5OGViNGZlNWMxOWYyOTJmMjg5MjRjYmYxNTU1YThmNTc2 OGQ4MjYwHhcNMjUxMjI5MDcwMjA2WhcNMjUxMjMwMDcwMjA2WjAzMTEwLwYDVQQD EyhkMDA3Zjg2MGU5M2Q1YjY3NzNjODM2YmVlMTM4YTQwOWUxOGQxNmJkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqI1RvtVRTWRtyzSeDj6Ze4FdEHJt FM9cYUGLayMhFhiRoqCgCAYtLO4TP/ilHx3ZNKlrunDXbsKEdV0o1bO7rUwHU4Fc 1deeWlCF7A3Q5HIeZHsxfC3bR4sW3hrS6MMA4n+l7VeGvrOOPcqEQhKxzmgHHR7/ Y8+2RucJ9KI++8NhK/PLyJvfgQLcd7tePCVjhn18JmgQhThQIhsHvGkVfWCzZsIv Oup18CIT8XmqhVIV/qmDZ3iviHsFHZ4wVsGY79ldrsQWYYcZyKiW154lORCalZeg G7nqPvWDIave8yrPWJW5NX7EeuEZpNgU9EkfY34kBVMNYfIF9tQGUZ1VswIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNAH+GDpPVtnc8g2vuE4pAnhjRa9MB8GA1UdIwQY MBaAFCmOtP5cGfKS8okky/FVWo9XaNgmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS1k2MF9sd1o4cEx5aVNUTDhWVmFqMWRvMkNZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi85NzExMWMtMmU2MS00MzU5LTg3NjYt NmJlZGYyZmJkY2UyLzEvS1k2MF9sd1o4cEx5aVNUTDhWVmFqMWRvMkNZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Mi85NzExMWMtMmU2MS00MzU5LTg3NjYtNmJlZGYyZmJkY2Uy LzEvS1k2MF9sd1o4cEx5aVNUTDhWVmFqMWRvMkNZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADvLNNf2E riq63OsbT0qGe4NF01PWvO9GXYxdB8iq4LKZf8mNV+wzVhVoprIi6eLYYDabJDEJ PEDiiAaUQKuFwu/YJxOxrZYcv/XO/tVP+KUX8wALUHH5nRDMMBNDrToA+gFco2eX UnkkPP38VRQP1jTmSsSj5dLvFo+usu7Tc1xl9mTIVEcU5d2hfkHZy3/9cdiCF14S NrDhQolTXFoM9CVnsRvs23baf49ZWGzw3VLl+wSsUzl5B6hXq8uf9aEVmlyFBFqN a+rEdgrA8cqoO9hStn4/KW/tsr3OVd6tWfMDQGjP/KgswPUxw1GdkCPGwIaiSuri PxzeTkYqM8+ZMA== -----END CERTIFICATE-----Generated at Mon Dec 29 14:58:15 2025 by rpki-client