This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/174c3e-fa5b-49d1-9d21-e2bd2e4c5232/1/kffw_3S3yfrqKXjtlehAmEkE3NY.mft File: kffw_3S3yfrqKXjtlehAmEkE3NY.mft (raw, json) Hash identifier: LrsmhgYegFSFGZIV3VlOMMphyKAniHURoaA5pjw7Geg= Subject key identifier: 4B:D7:60:E1:65:07:E2:5F:25:1C:32:05:21:C3:95:0E:22:53:AE:22 Authority key identifier: 91:F7:F0:FF:74:B7:C9:FA:EA:29:78:ED:95:E8:40:98:49:04:DC:D6 Certificate issuer: /CN=91f7f0ff74b7c9faea2978ed95e840984904dcd6 Certificate serial: 019B54193A24D4D4977796330A7F88F6ED96 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kffw_3S3yfrqKXjtlehAmEkE3NY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/174c3e-fa5b-49d1-9d21-e2bd2e4c5232/1/kffw_3S3yfrqKXjtlehAmEkE3NY.mft Manifest number: 0B50 Signing time: Thu 25 Dec 2025 06:01:37 +0000 Manifest this update: Thu 25 Dec 2025 06:01:37 +0000 Manifest next update: Fri 26 Dec 2025 06:01:37 +0000 Files and hashes: 1: kffw_3S3yfrqKXjtlehAmEkE3NY.crl (hash: 8GxkA28/tv4HBIORQlYS4eiu8nvDfGBRqYT/kKzCiYg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/56/174c3e-fa5b-49d1-9d21-e2bd2e4c5232/1/kffw_3S3yfrqKXjtlehAmEkE3NY.crl rsync://rpki.ripe.net/repository/DEFAULT/56/174c3e-fa5b-49d1-9d21-e2bd2e4c5232/1/kffw_3S3yfrqKXjtlehAmEkE3NY.mft rsync://rpki.ripe.net/repository/DEFAULT/kffw_3S3yfrqKXjtlehAmEkE3NY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 26 Dec 2025 03:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:54:19:3a:24:d4:d4:97:77:96:33:0a:7f:88:f6:ed:96 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=91f7f0ff74b7c9faea2978ed95e840984904dcd6 Validity Not Before: Dec 25 06:01:37 2025 GMT Not After : Dec 26 06:01:37 2025 GMT Subject: CN=4bd760e16507e25f251c320521c3950e2253ae22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:d5:f2:31:69:ce:7e:8a:77:87:9b:b6:f7:13: 49:09:4a:c3:a9:5c:85:27:5f:a7:24:40:20:37:4e: c1:3a:a0:ac:e1:4e:48:f4:44:38:08:98:72:aa:62: 60:2c:f6:0d:77:92:52:2d:06:4a:40:4f:34:e2:43: 53:f0:0b:1e:6c:dc:ec:59:22:11:29:1b:19:d4:90: 59:a5:8a:3d:57:86:69:9e:5e:8a:f6:f1:c8:90:b7: fc:68:1e:42:56:04:f6:76:77:c9:2a:22:30:ec:c9: 6b:76:27:8a:79:1c:a0:8b:cf:54:88:44:90:02:36: 90:54:f4:b6:23:4a:fa:17:65:61:69:26:76:5c:8a: 29:1b:93:76:c5:d9:eb:54:c1:40:d7:1e:f3:53:38: e8:31:5d:ba:d8:6d:aa:68:5b:dd:8b:b7:8f:78:c2: 01:3b:82:0c:fa:5e:fa:54:ef:c1:6c:78:6f:29:61: 39:27:64:dd:b7:15:c6:26:34:22:26:0c:ec:18:76: 41:08:22:8f:04:df:ee:44:5d:6c:41:a3:79:1f:5f: 58:ce:10:9d:ca:9d:73:f0:06:a8:f9:d7:55:f6:4f: bd:a5:23:9c:3a:d2:5f:3e:3e:0b:87:73:f0:62:c8: 02:ff:dc:97:be:a6:b8:3e:e7:a9:f3:b1:c2:1b:45: 4f:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:D7:60:E1:65:07:E2:5F:25:1C:32:05:21:C3:95:0E:22:53:AE:22 X509v3 Authority Key Identifier: keyid:91:F7:F0:FF:74:B7:C9:FA:EA:29:78:ED:95:E8:40:98:49:04:DC:D6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kffw_3S3yfrqKXjtlehAmEkE3NY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/174c3e-fa5b-49d1-9d21-e2bd2e4c5232/1/kffw_3S3yfrqKXjtlehAmEkE3NY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/56/174c3e-fa5b-49d1-9d21-e2bd2e4c5232/1/kffw_3S3yfrqKXjtlehAmEkE3NY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 12:aa:6f:c3:d2:9f:80:60:da:de:af:1d:cb:d8:23:88:52:a8: 7e:0f:8c:14:91:bb:e2:9a:91:e3:a1:cd:9e:da:dc:70:05:7f: a1:34:30:55:2a:4b:5c:81:8e:fc:1f:af:f1:86:95:f9:92:12: 48:9a:e6:52:b1:24:b1:e1:18:df:27:f9:8f:b7:ec:9a:03:7e: ea:39:b7:53:01:bc:38:ee:e1:82:61:85:3d:6a:0d:4d:91:23: 8e:39:05:46:37:68:fb:9d:93:b8:9c:28:73:d1:d9:8a:12:c6: 42:6f:f3:db:dc:08:d3:0f:5a:33:9a:8f:7b:f4:02:b9:5c:5d: 27:4c:3e:05:74:62:71:41:89:3e:e6:7e:fd:5c:98:e5:f8:34: 75:bd:93:4e:92:ee:56:cb:b7:27:a1:1a:ab:30:34:8a:2b:dc: c9:d7:de:41:5e:e4:fd:1c:b5:d5:f7:fa:21:24:d4:2c:35:2c: 57:46:8d:73:35:ab:41:28:97:13:9d:48:cc:bc:c7:75:63:6d: 16:68:2d:77:bd:96:c2:ae:03:f2:d3:1a:fc:39:a3:dc:13:21: bf:ff:2e:fe:ef:d9:42:e4:3f:24:5b:8f:e2:dd:00:4a:9f:55: 7e:f0:c4:12:bb:f6:b4:be:9d:d5:3a:cd:98:6c:3c:a8:ce:11: 39:67:c4:1c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtUGTok1NSXd5YzCn+I9u2WMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkxZjdmMGZmNzRiN2M5ZmFlYTI5NzhlZDk1ZTg0MDk4NDkw NGRjZDYwHhcNMjUxMjI1MDYwMTM3WhcNMjUxMjI2MDYwMTM3WjAzMTEwLwYDVQQD Eyg0YmQ3NjBlMTY1MDdlMjVmMjUxYzMyMDUyMWMzOTUwZTIyNTNhZTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAstXyMWnOfop3h5u29xNJCUrDqVyF J1+nJEAgN07BOqCs4U5I9EQ4CJhyqmJgLPYNd5JSLQZKQE804kNT8AsebNzsWSIR KRsZ1JBZpYo9V4Zpnl6K9vHIkLf8aB5CVgT2dnfJKiIw7MlrdieKeRygi89UiESQ AjaQVPS2I0r6F2VhaSZ2XIopG5N2xdnrVMFA1x7zUzjoMV262G2qaFvdi7ePeMIB O4IM+l76VO/BbHhvKWE5J2TdtxXGJjQiJgzsGHZBCCKPBN/uRF1sQaN5H19YzhCd yp1z8Aao+ddV9k+9pSOcOtJfPj4Lh3PwYsgC/9yXvqa4Puep87HCG0VPOwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEvXYOFlB+JfJRwyBSHDlQ4iU64iMB8GA1UdIwQY MBaAFJH38P90t8n66il47ZXoQJhJBNzWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva2Zmd18zUzN5ZnJxS1hqdGxlaEFtRWtFM05ZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni8xNzRjM2UtZmE1Yi00OWQxLTlkMjEt ZTJiZDJlNGM1MjMyLzEva2Zmd18zUzN5ZnJxS1hqdGxlaEFtRWtFM05ZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Ni8xNzRjM2UtZmE1Yi00OWQxLTlkMjEtZTJiZDJlNGM1MjMy LzEva2Zmd18zUzN5ZnJxS1hqdGxlaEFtRWtFM05ZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEqpvw9Kf gGDa3q8dy9gjiFKofg+MFJG74pqR46HNntrccAV/oTQwVSpLXIGO/B+v8YaV+ZIS SJrmUrEkseEY3yf5j7fsmgN+6jm3UwG8OO7hgmGFPWoNTZEjjjkFRjdo+52TuJwo c9HZihLGQm/z29wI0w9aM5qPe/QCuVxdJ0w+BXRicUGJPuZ+/VyY5fg0db2TTpLu Vsu3J6EaqzA0iivcydfeQV7k/Ry11ff6ISTULDUsV0aNczWrQSiXE51IzLzHdWNt Fmgtd72Wwq4D8tMa/Dmj3BMhv/8u/u/ZQuQ/JFuP4t0ASp9VfvDEErv2tL6d1TrN mGw8qM4ROWfEHA== -----END CERTIFICATE-----Generated at Thu Dec 25 09:03:46 2025 by rpki-client