This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/9eab6d-6b35-4a5a-afb1-251f22093d04/1/KrmiSem1jILhRV6yM5RVsDHn3d8.mft File: KrmiSem1jILhRV6yM5RVsDHn3d8.mft (raw, json) Hash identifier: NpajJilevzO47k8V5e9gr4gd5vheAUSn5+bKBUQmcOo= Subject key identifier: 7E:9D:11:40:CC:33:4E:5B:87:D2:4B:BA:42:47:62:B8:13:89:E7:2F Authority key identifier: 2A:B9:A2:49:E9:B5:8C:82:E1:45:5E:B2:33:94:55:B0:31:E7:DD:DF Certificate issuer: /CN=2ab9a249e9b58c82e1455eb2339455b031e7dddf Certificate serial: 019B42B6F72BD4C06334931982299DBEF278 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KrmiSem1jILhRV6yM5RVsDHn3d8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/9eab6d-6b35-4a5a-afb1-251f22093d04/1/KrmiSem1jILhRV6yM5RVsDHn3d8.mft Manifest number: 1788 Signing time: Sun 21 Dec 2025 21:00:45 +0000 Manifest this update: Sun 21 Dec 2025 21:00:45 +0000 Manifest next update: Mon 22 Dec 2025 21:00:45 +0000 Files and hashes: 1: KrmiSem1jILhRV6yM5RVsDHn3d8.crl (hash: c0XVYdQEbjQ6ULt5e4bVTLi3ESpm5nyZdPWoocxeQpk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/9eab6d-6b35-4a5a-afb1-251f22093d04/1/KrmiSem1jILhRV6yM5RVsDHn3d8.crl rsync://rpki.ripe.net/repository/DEFAULT/a2/9eab6d-6b35-4a5a-afb1-251f22093d04/1/KrmiSem1jILhRV6yM5RVsDHn3d8.mft rsync://rpki.ripe.net/repository/DEFAULT/KrmiSem1jILhRV6yM5RVsDHn3d8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 21:00:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:42:b6:f7:2b:d4:c0:63:34:93:19:82:29:9d:be:f2:78 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2ab9a249e9b58c82e1455eb2339455b031e7dddf Validity Not Before: Dec 21 21:00:45 2025 GMT Not After : Dec 22 21:00:45 2025 GMT Subject: CN=7e9d1140cc334e5b87d24bba424762b81389e72f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:f9:1f:39:a5:3a:ad:ec:f6:9b:80:57:45:1c: e2:d8:43:4e:57:9c:cf:8e:fb:67:d5:d0:0f:11:64: 5d:cb:17:2c:20:46:c7:a4:5f:92:90:2e:7b:30:bf: d7:04:c3:b6:fa:69:f0:27:8a:ce:16:88:99:c2:82: 5f:6e:83:32:01:d4:32:b3:36:b9:1c:6f:6a:44:0a: 80:be:1d:bc:1a:b1:39:d8:f7:cf:fa:60:ac:d6:d2: 2f:8a:e6:07:fe:11:ea:62:82:cd:2d:36:d8:98:f0: f8:ed:a5:64:1a:83:75:af:0b:3b:c9:73:5f:9c:1e: 7b:3f:dd:36:fa:74:f2:84:62:67:dd:9a:5a:1e:2d: 9a:0f:47:5c:7f:bc:dd:c8:02:95:19:0c:f1:66:36: 9e:d3:95:f1:a3:bf:0f:f1:ed:5a:16:31:1d:9b:be: 20:e9:50:f0:2b:4e:16:78:51:d4:73:f8:75:47:ae: a7:4b:63:f3:ee:d5:1f:6e:09:7b:fe:f6:0e:5a:1c: db:83:ac:c0:49:24:c8:a5:37:66:16:28:db:0a:a9: ff:41:55:98:55:3a:fa:1a:7c:7e:e3:cd:2d:9f:65: bd:97:50:fb:50:91:87:a1:77:27:b9:57:22:ee:91: a5:9c:5b:63:b9:57:0d:b5:0e:25:c7:15:0b:5d:b3: 68:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7E:9D:11:40:CC:33:4E:5B:87:D2:4B:BA:42:47:62:B8:13:89:E7:2F X509v3 Authority Key Identifier: keyid:2A:B9:A2:49:E9:B5:8C:82:E1:45:5E:B2:33:94:55:B0:31:E7:DD:DF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KrmiSem1jILhRV6yM5RVsDHn3d8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/9eab6d-6b35-4a5a-afb1-251f22093d04/1/KrmiSem1jILhRV6yM5RVsDHn3d8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/9eab6d-6b35-4a5a-afb1-251f22093d04/1/KrmiSem1jILhRV6yM5RVsDHn3d8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption ec:57:87:5f:fa:b4:ef:8e:62:38:5d:04:44:66:41:6d:c4:23: 06:ff:f3:62:40:cf:b3:d1:14:63:fb:dc:68:f2:87:7d:17:62: 0d:75:b5:9a:be:61:ce:5f:a8:e2:65:8d:df:2f:29:f8:d7:5c: 5a:0a:fd:3e:40:a6:14:92:c4:8e:76:cc:e7:d5:83:d6:89:22: 1f:79:c2:68:1a:82:c0:51:58:9f:55:12:09:80:89:55:0b:b5: ce:7e:56:1b:57:21:fd:af:9e:6c:b9:4f:82:9a:cd:0d:92:75: ff:b8:bf:f9:4b:31:6a:10:a8:04:0b:f5:e0:fd:4b:66:19:dd: 5f:c2:47:bd:da:98:18:72:08:96:26:db:74:0a:c1:25:21:50: cf:bb:fe:9f:2c:13:ce:36:43:a9:2f:b2:1a:d4:11:5f:51:f1: ab:53:31:6e:2a:e8:e5:74:8e:96:67:d5:49:b8:b4:53:a3:e8: 20:47:19:f3:eb:d9:f2:45:b6:2f:32:7a:a2:c7:a4:cb:22:16: b9:ec:61:b6:04:99:81:61:35:4c:bb:a3:3e:30:f1:f7:52:ab: 9d:2c:25:a7:61:69:e5:75:5f:42:ca:20:c4:25:46:b7:f5:a3: 82:87:15:20:83:cd:04:dd:db:60:5c:33:2c:3a:1e:a0:1f:74: 2c:62:0f:30 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtCtvcr1MBjNJMZgimdvvJ4MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhYjlhMjQ5ZTliNThjODJlMTQ1NWViMjMzOTQ1NWIwMzFl N2RkZGYwHhcNMjUxMjIxMjEwMDQ1WhcNMjUxMjIyMjEwMDQ1WjAzMTEwLwYDVQQD Eyg3ZTlkMTE0MGNjMzM0ZTViODdkMjRiYmE0MjQ3NjJiODEzODllNzJmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtfkfOaU6rez2m4BXRRzi2ENOV5zP jvtn1dAPEWRdyxcsIEbHpF+SkC57ML/XBMO2+mnwJ4rOFoiZwoJfboMyAdQysza5 HG9qRAqAvh28GrE52PfP+mCs1tIviuYH/hHqYoLNLTbYmPD47aVkGoN1rws7yXNf nB57P902+nTyhGJn3ZpaHi2aD0dcf7zdyAKVGQzxZjae05Xxo78P8e1aFjEdm74g 6VDwK04WeFHUc/h1R66nS2Pz7tUfbgl7/vYOWhzbg6zASSTIpTdmFijbCqn/QVWY VTr6Gnx+480tn2W9l1D7UJGHoXcnuVci7pGlnFtjuVcNtQ4lxxULXbNowQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFH6dEUDMM05bh9JLukJHYrgTiecvMB8GA1UdIwQY MBaAFCq5oknptYyC4UVesjOUVbAx593fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS3JtaVNlbTFqSUxoUlY2eU01UlZzREhuM2Q4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi85ZWFiNmQtNmIzNS00YTVhLWFmYjEt MjUxZjIyMDkzZDA0LzEvS3JtaVNlbTFqSUxoUlY2eU01UlZzREhuM2Q4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMi85ZWFiNmQtNmIzNS00YTVhLWFmYjEtMjUxZjIyMDkzZDA0 LzEvS3JtaVNlbTFqSUxoUlY2eU01UlZzREhuM2Q4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA7FeHX/q0 745iOF0ERGZBbcQjBv/zYkDPs9EUY/vcaPKHfRdiDXW1mr5hzl+o4mWN3y8p+Ndc Wgr9PkCmFJLEjnbM59WD1okiH3nCaBqCwFFYn1USCYCJVQu1zn5WG1ch/a+ebLlP gprNDZJ1/7i/+UsxahCoBAv14P1LZhndX8JHvdqYGHIIlibbdArBJSFQz7v+nywT zjZDqS+yGtQRX1Hxq1Mxbiro5XSOlmfVSbi0U6PoIEcZ8+vZ8kW2LzJ6osekyyIW uexhtgSZgWE1TLujPjDx91KrnSwlp2Fp5XVfQsogxCVGt/WjgocVIIPNBN3bYFwz LDoeoB90LGIPMA== -----END CERTIFICATE-----Generated at Mon Dec 22 00:57:21 2025 by rpki-client