This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.mft File: kDYQzypUZDoKG2sVH6ZuMlAEy0o.mft (raw, json) Hash identifier: 436+XfNQM6NinZ6WXSyf9x+7v+pwr8hBpokksXSC5HY= Subject key identifier: 97:56:F6:D6:29:9E:CC:2A:E7:83:D1:C8:0B:FF:26:18:9B:A1:2E:F1 Authority key identifier: 90:36:10:CF:2A:54:64:3A:0A:1B:6B:15:1F:A6:6E:32:50:04:CB:4A Certificate issuer: /CN=903610cf2a54643a0a1b6b151fa66e325004cb4a Certificate serial: 019B4E4D4C372A9E1792ECA52DFBA96F8678 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kDYQzypUZDoKG2sVH6ZuMlAEy0o.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.mft Manifest number: 06BB Signing time: Wed 24 Dec 2025 03:00:47 +0000 Manifest this update: Wed 24 Dec 2025 03:00:47 +0000 Manifest next update: Thu 25 Dec 2025 03:00:47 +0000 Files and hashes: 1: kDYQzypUZDoKG2sVH6ZuMlAEy0o.crl (hash: Vu2BAw+kaNvc/GqkC3P/UlDpL4kzo8w22zHb7wTdWoU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.crl rsync://rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.mft rsync://rpki.ripe.net/repository/DEFAULT/kDYQzypUZDoKG2sVH6ZuMlAEy0o.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 03:00:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4e:4d:4c:37:2a:9e:17:92:ec:a5:2d:fb:a9:6f:86:78 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=903610cf2a54643a0a1b6b151fa66e325004cb4a Validity Not Before: Dec 24 03:00:47 2025 GMT Not After : Dec 25 03:00:47 2025 GMT Subject: CN=9756f6d6299ecc2ae783d1c80bff26189ba12ef1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:bc:d6:37:34:03:a2:fb:f5:c4:b2:30:17:84: bd:8d:58:f4:43:b6:4b:7d:73:81:94:d5:ad:57:5f: bb:2f:5e:c3:be:dd:c8:68:b1:02:c1:26:a5:1f:18: 80:ee:55:f3:26:a4:4a:84:ec:f2:87:70:94:72:fe: bb:f1:4f:7c:3f:50:3f:0b:9c:17:73:c9:a1:95:8b: 46:4e:1e:d2:78:5f:f1:84:cd:36:c0:e9:c2:dc:36: 53:e1:7b:db:67:8a:7e:13:f8:30:d3:bd:58:f5:6f: 7e:23:9d:90:d4:e3:83:63:e6:f8:4a:d5:96:54:c3: dc:50:a9:fe:43:a6:4a:d8:43:4a:e6:89:b5:b8:c5: f8:d8:33:8d:e3:ff:ec:d1:37:fe:2b:60:33:98:60: ca:fb:57:e0:23:bb:6c:49:84:f2:74:78:91:57:5d: fd:7c:8d:34:e3:1e:88:93:63:df:b4:0d:50:82:b5: db:6e:61:a5:ed:79:7f:e2:ec:b0:25:d5:22:a5:27: b8:d9:5f:c1:5d:fa:c6:dd:4e:f3:42:50:e9:ce:f1: d8:cf:33:67:d4:f5:b8:c9:f9:9d:04:d6:20:e5:71: 0f:ae:df:d9:28:2a:8c:89:b9:ae:83:a2:17:91:86: 18:00:9d:14:96:d9:b4:2d:4b:63:d1:70:be:ab:e0: 19:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 97:56:F6:D6:29:9E:CC:2A:E7:83:D1:C8:0B:FF:26:18:9B:A1:2E:F1 X509v3 Authority Key Identifier: keyid:90:36:10:CF:2A:54:64:3A:0A:1B:6B:15:1F:A6:6E:32:50:04:CB:4A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kDYQzypUZDoKG2sVH6ZuMlAEy0o.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/63/b4e1bb-346a-44b3-a0af-bc53f388fafa/1/kDYQzypUZDoKG2sVH6ZuMlAEy0o.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption ce:e4:9c:4c:7e:71:73:3a:49:b3:7f:ae:a0:95:46:67:91:ab: 16:aa:96:50:6b:f4:f7:83:a2:71:72:f6:25:ba:4c:d5:ac:af: 9e:89:76:0b:b7:7b:9d:6d:c8:ab:5a:e9:a2:ce:ff:e1:19:b8: 34:c7:9f:aa:a6:9c:09:77:97:8b:d2:03:ce:dc:a7:0a:7b:84: 54:4f:d6:9f:e6:10:f2:1f:b6:dd:f0:03:76:53:4e:5a:1d:f7: 8f:b9:5c:54:9b:cc:8f:6f:78:83:d5:b6:1b:da:ab:0e:02:e9: 07:1e:00:df:02:1c:90:ce:66:d4:82:21:25:3f:19:f2:09:f1: 9c:a1:22:d2:75:94:bb:23:eb:0b:3c:7b:e8:9c:67:4b:87:73: 47:ee:16:63:c8:71:a9:a8:dd:13:ea:32:39:d8:65:44:b8:65: 4a:ee:2a:bb:15:ae:ed:ad:a7:09:a4:dd:b9:9e:ce:c5:06:35: c7:d8:3c:73:f6:7d:ca:a7:40:ab:94:68:03:01:a0:2c:aa:b5: db:c8:5b:03:c9:ac:64:d0:12:c3:2e:53:3c:1a:75:96:5b:ab: 84:42:65:b5:6d:16:11:f0:dd:11:f2:f8:df:22:4f:9c:31:04: 9d:10:be:b1:12:fd:9b:41:ef:02:9f:5a:1d:e9:90:e1:b3:ab: 21:06:16:bb -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtOTUw3Kp4XkuylLfupb4Z4MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkwMzYxMGNmMmE1NDY0M2EwYTFiNmIxNTFmYTY2ZTMyNTAw NGNiNGEwHhcNMjUxMjI0MDMwMDQ3WhcNMjUxMjI1MDMwMDQ3WjAzMTEwLwYDVQQD Eyg5NzU2ZjZkNjI5OWVjYzJhZTc4M2QxYzgwYmZmMjYxODliYTEyZWYxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA47zWNzQDovv1xLIwF4S9jVj0Q7ZL fXOBlNWtV1+7L17Dvt3IaLECwSalHxiA7lXzJqRKhOzyh3CUcv678U98P1A/C5wX c8mhlYtGTh7SeF/xhM02wOnC3DZT4XvbZ4p+E/gw071Y9W9+I52Q1OODY+b4StWW VMPcUKn+Q6ZK2ENK5om1uMX42DON4//s0Tf+K2AzmGDK+1fgI7tsSYTydHiRV139 fI004x6Ik2PftA1QgrXbbmGl7Xl/4uywJdUipSe42V/BXfrG3U7zQlDpzvHYzzNn 1PW4yfmdBNYg5XEPrt/ZKCqMibmug6IXkYYYAJ0Ultm0LUtj0XC+q+AZHwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJdW9tYpnswq54PRyAv/JhiboS7xMB8GA1UdIwQY MBaAFJA2EM8qVGQ6ChtrFR+mbjJQBMtKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva0RZUXp5cFVaRG9LRzJzVkg2WnVNbEFFeTBvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My9iNGUxYmItMzQ2YS00NGIzLWEwYWYt YmM1M2YzODhmYWZhLzEva0RZUXp5cFVaRG9LRzJzVkg2WnVNbEFFeTBvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82My9iNGUxYmItMzQ2YS00NGIzLWEwYWYtYmM1M2YzODhmYWZh LzEva0RZUXp5cFVaRG9LRzJzVkg2WnVNbEFFeTBvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAzuScTH5x czpJs3+uoJVGZ5GrFqqWUGv094OicXL2JbpM1ayvnol2C7d7nW3Iq1rpos7/4Rm4 NMefqqacCXeXi9IDztynCnuEVE/Wn+YQ8h+23fADdlNOWh33j7lcVJvMj294g9W2 G9qrDgLpBx4A3wIckM5m1IIhJT8Z8gnxnKEi0nWUuyPrCzx76JxnS4dzR+4WY8hx qajdE+oyOdhlRLhlSu4quxWu7a2nCaTduZ7OxQY1x9g8c/Z9yqdAq5RoAwGgLKq1 28hbA8msZNASwy5TPBp1llurhEJltW0WEfDdEfL43yJPnDEEnRC+sRL9m0HvAp9a HemQ4bOrIQYWuw== -----END CERTIFICATE-----Generated at Wed Dec 24 10:04:20 2025 by rpki-client