This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/990fda-5905-4e49-a630-15357cd5ece4/1/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.mft File: kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.mft (raw, json) Hash identifier: ydkYPGt/Z4z7TOgel6i9Vm1bgAaOYy9EqIGJnLdyI1w= Subject key identifier: 0F:C8:F3:FE:15:0D:D5:D7:2A:1D:5A:8C:19:4F:FC:D6:9B:AC:7E:51 Authority key identifier: 91:D3:38:37:0E:10:62:7A:4C:D6:31:E3:FD:E1:86:E1:94:89:8C:81 Certificate issuer: /CN=91d338370e10627a4cd631e3fde186e194898c81 Certificate serial: 019B3C7F6943C15E720C62B549A61C24B0CA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/990fda-5905-4e49-a630-15357cd5ece4/1/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.mft Manifest number: 0D73 Signing time: Sat 20 Dec 2025 16:02:21 +0000 Manifest this update: Sat 20 Dec 2025 16:02:21 +0000 Manifest next update: Sun 21 Dec 2025 16:02:21 +0000 Files and hashes: 1: kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.crl (hash: K5t/lzPzstxuq2v/lc6UuxGX3i63cXVTTKOxbjs+OwU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/46/990fda-5905-4e49-a630-15357cd5ece4/1/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.crl rsync://rpki.ripe.net/repository/DEFAULT/46/990fda-5905-4e49-a630-15357cd5ece4/1/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.mft rsync://rpki.ripe.net/repository/DEFAULT/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 16:02:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3c:7f:69:43:c1:5e:72:0c:62:b5:49:a6:1c:24:b0:ca Signature Algorithm: sha256WithRSAEncryption Issuer: CN=91d338370e10627a4cd631e3fde186e194898c81 Validity Not Before: Dec 20 16:02:21 2025 GMT Not After : Dec 21 16:02:21 2025 GMT Subject: CN=0fc8f3fe150dd5d72a1d5a8c194ffcd69bac7e51 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:f3:9f:ea:d9:75:8d:bb:d6:bc:1c:db:02:1a: 23:f4:04:df:0f:a8:4e:73:17:8d:1b:10:b9:2d:55: ce:b8:eb:62:9f:b7:19:87:2f:54:49:8f:b2:e4:f8: 7e:4f:9f:cc:05:d6:49:90:5f:f7:db:95:5f:f4:c5: ba:c5:06:0e:9e:ff:1d:22:d6:4d:ce:07:31:44:90: dc:fb:11:70:7c:0c:ce:7e:d8:1b:31:09:91:82:aa: bc:aa:18:99:e9:92:9f:ea:0e:2f:a5:15:d3:09:ca: 2d:42:be:8e:be:12:73:7b:3e:6a:d1:ea:c8:39:5a: d3:4f:5a:f5:59:38:db:71:9c:49:4f:78:56:4e:4d: c4:76:ef:25:a2:2b:ee:95:fc:a9:58:4c:2f:ce:ec: 78:5a:43:64:c8:ba:74:7f:64:ea:2a:01:8f:95:f9: 0b:f6:6a:ee:99:3b:2e:9a:2d:c0:9f:15:a7:df:88: 78:2c:c1:90:7f:ee:da:59:84:d1:51:78:37:d3:6e: 7f:b2:2d:fa:60:4a:13:21:53:c5:5d:7f:df:92:d5: 26:9f:77:3e:df:b4:73:20:ba:61:11:ad:c8:96:aa: 8e:05:09:71:e2:75:d9:92:96:ab:43:05:b1:83:2d: a5:60:a1:1f:f0:af:69:9e:62:a2:a5:aa:3c:40:b0: 37:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0F:C8:F3:FE:15:0D:D5:D7:2A:1D:5A:8C:19:4F:FC:D6:9B:AC:7E:51 X509v3 Authority Key Identifier: keyid:91:D3:38:37:0E:10:62:7A:4C:D6:31:E3:FD:E1:86:E1:94:89:8C:81 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/990fda-5905-4e49-a630-15357cd5ece4/1/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/46/990fda-5905-4e49-a630-15357cd5ece4/1/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 84:d3:a6:2b:00:57:0e:ab:63:db:32:a8:09:8d:92:e2:39:60: a6:3f:30:07:26:3b:eb:93:82:60:61:b9:4d:c0:91:96:91:34: 8f:6c:4e:03:60:af:d7:06:b0:70:3c:41:e7:b2:28:e5:d2:64: fd:91:04:b3:ce:77:1e:3c:7d:f1:29:e2:59:49:49:e0:61:c1: 2d:9e:a4:34:9f:f6:3b:9d:4c:1d:a4:cd:2c:11:89:58:12:0b: ea:98:15:0d:b7:49:df:34:37:54:16:0a:be:57:b1:05:1d:fc: 62:a4:7b:c0:e8:f8:b2:4e:a1:69:e5:95:94:d3:8a:6d:8c:14: 3a:3c:ca:9c:95:16:02:fc:7d:ae:d0:30:9c:78:d3:2e:d3:eb: 32:e8:bf:a6:2a:2d:86:ce:eb:d2:f9:29:e9:f5:13:a9:c8:7c: cd:f7:4d:ed:83:f9:6b:4e:02:ce:f4:cd:13:a5:9c:df:c4:30: 96:a7:e2:22:9e:d8:ce:75:5e:51:d4:52:75:d6:94:47:6a:70: f1:7f:bd:e9:9c:f1:e7:b0:7e:ff:0b:2b:c3:67:23:8a:9b:e6: 0b:16:ad:f0:d1:f6:c0:bc:d0:b4:45:9d:0c:40:1e:31:d4:b8: 72:a8:9c:0e:6e:4a:2e:a7:b1:ba:f0:49:56:ca:62:c5:ac:87: b1:6c:3e:23 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs8f2lDwV5yDGK1SaYcJLDKMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkxZDMzODM3MGUxMDYyN2E0Y2Q2MzFlM2ZkZTE4NmUxOTQ4 OThjODEwHhcNMjUxMjIwMTYwMjIxWhcNMjUxMjIxMTYwMjIxWjAzMTEwLwYDVQQD EygwZmM4ZjNmZTE1MGRkNWQ3MmExZDVhOGMxOTRmZmNkNjliYWM3ZTUxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1vOf6tl1jbvWvBzbAhoj9ATfD6hO cxeNGxC5LVXOuOtin7cZhy9USY+y5Ph+T5/MBdZJkF/325Vf9MW6xQYOnv8dItZN zgcxRJDc+xFwfAzOftgbMQmRgqq8qhiZ6ZKf6g4vpRXTCcotQr6OvhJzez5q0erI OVrTT1r1WTjbcZxJT3hWTk3Edu8loivulfypWEwvzux4WkNkyLp0f2TqKgGPlfkL 9mrumTsumi3AnxWn34h4LMGQf+7aWYTRUXg3025/si36YEoTIVPFXX/fktUmn3c+ 37RzILphEa3IlqqOBQlx4nXZkparQwWxgy2lYKEf8K9pnmKipao8QLA3jwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFA/I8/4VDdXXKh1ajBlP/NabrH5RMB8GA1UdIwQY MBaAFJHTODcOEGJ6TNYx4/3hhuGUiYyBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva2RNNE53NFFZbnBNMWpIal9lR0c0WlNKaklFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni85OTBmZGEtNTkwNS00ZTQ5LWE2MzAt MTUzNTdjZDVlY2U0LzEva2RNNE53NFFZbnBNMWpIal9lR0c0WlNKaklFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Ni85OTBmZGEtNTkwNS00ZTQ5LWE2MzAtMTUzNTdjZDVlY2U0 LzEva2RNNE53NFFZbnBNMWpIal9lR0c0WlNKaklFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhNOmKwBX Dqtj2zKoCY2S4jlgpj8wByY765OCYGG5TcCRlpE0j2xOA2Cv1wawcDxB57Io5dJk /ZEEs853Hjx98SniWUlJ4GHBLZ6kNJ/2O51MHaTNLBGJWBIL6pgVDbdJ3zQ3VBYK vlexBR38YqR7wOj4sk6haeWVlNOKbYwUOjzKnJUWAvx9rtAwnHjTLtPrMui/piot hs7r0vkp6fUTqch8zfdN7YP5a04CzvTNE6Wc38QwlqfiIp7YznVeUdRSddaUR2pw 8X+96Zzx57B+/wsrw2cjipvmCxat8NH2wLzQtEWdDEAeMdS4cqicDm5KLqexuvBJ VspixayHsWw+Iw== -----END CERTIFICATE-----Generated at Sun Dec 21 02:19:14 2025 by rpki-client