This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/1b01d8-9b31-4f08-a1c5-e91648ec7de5/1/kpZChU_lYFL93BRr9y57xpSFC2M.mft File: kpZChU_lYFL93BRr9y57xpSFC2M.mft (raw, json) Hash identifier: 9Y3U+Xt7NPqPMX9N8o2+W1BU/hNyzJvw2BtzBrFbGTs= Subject key identifier: D0:31:D7:7B:7B:7B:3D:C8:91:22:AF:B3:C9:06:73:FF:AE:1E:83:0D Authority key identifier: 92:96:42:85:4F:E5:60:52:FD:DC:14:6B:F7:2E:7B:C6:94:85:0B:63 Certificate issuer: /CN=929642854fe56052fddc146bf72e7bc694850b63 Certificate serial: 019B4438AFF6D2CFD8C1E96765E4DA4846F0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kpZChU_lYFL93BRr9y57xpSFC2M.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/1b01d8-9b31-4f08-a1c5-e91648ec7de5/1/kpZChU_lYFL93BRr9y57xpSFC2M.mft Manifest number: 0875 Signing time: Mon 22 Dec 2025 04:02:04 +0000 Manifest this update: Mon 22 Dec 2025 04:02:04 +0000 Manifest next update: Tue 23 Dec 2025 04:02:04 +0000 Files and hashes: 1: kpZChU_lYFL93BRr9y57xpSFC2M.crl (hash: Gb47g0ySmGdO0IVY9crU4ryGfv2ocqlyYd3q2GZQwR8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/1b01d8-9b31-4f08-a1c5-e91648ec7de5/1/kpZChU_lYFL93BRr9y57xpSFC2M.crl rsync://rpki.ripe.net/repository/DEFAULT/ba/1b01d8-9b31-4f08-a1c5-e91648ec7de5/1/kpZChU_lYFL93BRr9y57xpSFC2M.mft rsync://rpki.ripe.net/repository/DEFAULT/kpZChU_lYFL93BRr9y57xpSFC2M.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:44:38:af:f6:d2:cf:d8:c1:e9:67:65:e4:da:48:46:f0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=929642854fe56052fddc146bf72e7bc694850b63 Validity Not Before: Dec 22 04:02:04 2025 GMT Not After : Dec 23 04:02:04 2025 GMT Subject: CN=d031d77b7b7b3dc89122afb3c90673ffae1e830d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:94:67:d7:48:5a:e1:54:ab:54:44:ae:23:e9: 08:71:f4:50:d9:de:90:25:b1:e2:ce:bb:b9:35:4a: d2:68:35:7c:8e:02:3a:82:0b:ac:f2:cf:46:85:d4: 7d:d7:6f:e1:d7:3d:9a:dd:d7:e9:76:5c:ca:42:99: 72:88:f5:2c:11:3c:2b:37:b8:34:dc:f8:a6:4e:a3: 26:d1:71:24:df:1a:64:7d:5c:88:35:fe:0b:52:54: fb:5f:08:7c:bf:26:bc:6a:5c:1f:55:e3:ca:5c:89: e7:f0:a5:54:cb:3f:f5:d4:e7:18:d9:71:c9:0d:eb: 96:88:85:94:b9:e8:b2:98:37:de:04:15:39:0b:58: 9e:a7:ab:96:02:46:b6:a8:9b:c9:64:f4:cb:c8:0b: e4:85:be:b4:5d:1e:ad:7b:51:33:5d:7c:89:4b:6e: e0:e3:15:85:89:a0:af:41:88:b7:49:c8:25:fd:01: 2e:54:63:2d:a0:85:8f:4b:f5:6a:16:15:b7:9b:aa: aa:42:9f:9a:0a:6c:be:ec:01:81:52:1b:5c:6c:87: 56:29:e2:30:a9:5d:6e:31:43:d3:9e:e0:ba:0b:c4: 8d:60:f9:e6:c3:4c:c4:91:a4:b3:a4:1e:db:79:53: 14:20:35:75:6d:08:b5:91:f4:9d:79:46:aa:49:43: af:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D0:31:D7:7B:7B:7B:3D:C8:91:22:AF:B3:C9:06:73:FF:AE:1E:83:0D X509v3 Authority Key Identifier: keyid:92:96:42:85:4F:E5:60:52:FD:DC:14:6B:F7:2E:7B:C6:94:85:0B:63 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kpZChU_lYFL93BRr9y57xpSFC2M.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/1b01d8-9b31-4f08-a1c5-e91648ec7de5/1/kpZChU_lYFL93BRr9y57xpSFC2M.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/1b01d8-9b31-4f08-a1c5-e91648ec7de5/1/kpZChU_lYFL93BRr9y57xpSFC2M.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2c:dc:c1:95:ea:2d:01:c7:5b:15:96:c4:ab:dc:a3:66:73:bc: fc:f3:f8:d8:8d:86:e1:0e:e5:61:12:08:af:4c:40:58:68:55: d1:2d:47:c2:14:81:86:50:26:0d:46:d3:a7:6d:d5:3f:dc:96: 50:36:c3:ec:dd:71:c6:c3:ad:fc:71:e4:d1:53:c6:c5:d3:79: 0c:89:f5:9b:62:a6:87:c3:fa:b0:7d:a0:02:8d:d4:f7:2e:1a: 85:91:05:a0:e7:b8:7b:27:9b:14:a0:3b:f1:d7:e6:c5:ad:2e: 27:36:33:24:33:f1:27:a6:05:f0:16:bd:a2:05:e5:29:e2:de: 72:84:4c:6e:8a:ce:14:2c:94:95:f6:b8:1f:61:c2:d4:26:6c: 8c:7b:84:f6:89:7e:aa:f7:c7:c3:b7:16:dc:56:7b:3a:ad:0c: 67:18:fa:9b:ae:5a:92:d9:59:70:1b:4e:bb:54:ca:ca:02:f7: f8:a2:04:95:da:12:78:40:43:63:39:44:f5:f4:a8:b9:48:ba: d1:2d:90:90:ce:16:0c:fa:ce:c8:44:16:eb:64:16:fe:cb:4d: 68:64:87:03:26:01:81:5d:51:9d:a2:ea:57:23:d3:41:f2:ad: 7b:a9:52:6d:1b:a3:11:f1:93:86:17:70:77:52:70:5b:f4:79: 48:bb:9c:7b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtEOK/20s/YwelnZeTaSEbwMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkyOTY0Mjg1NGZlNTYwNTJmZGRjMTQ2YmY3MmU3YmM2OTQ4 NTBiNjMwHhcNMjUxMjIyMDQwMjA0WhcNMjUxMjIzMDQwMjA0WjAzMTEwLwYDVQQD EyhkMDMxZDc3YjdiN2IzZGM4OTEyMmFmYjNjOTA2NzNmZmFlMWU4MzBkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxJRn10ha4VSrVESuI+kIcfRQ2d6Q JbHizru5NUrSaDV8jgI6ggus8s9GhdR912/h1z2a3dfpdlzKQplyiPUsETwrN7g0 3PimTqMm0XEk3xpkfVyINf4LUlT7Xwh8vya8alwfVePKXInn8KVUyz/11OcY2XHJ DeuWiIWUueiymDfeBBU5C1iep6uWAka2qJvJZPTLyAvkhb60XR6te1EzXXyJS27g 4xWFiaCvQYi3Scgl/QEuVGMtoIWPS/VqFhW3m6qqQp+aCmy+7AGBUhtcbIdWKeIw qV1uMUPTnuC6C8SNYPnmw0zEkaSzpB7beVMUIDV1bQi1kfSdeUaqSUOvMQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNAx13t7ez3IkSKvs8kGc/+uHoMNMB8GA1UdIwQY MBaAFJKWQoVP5WBS/dwUa/cue8aUhQtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva3BaQ2hVX2xZRkw5M0JScjl5NTd4cFNGQzJNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS8xYjAxZDgtOWIzMS00ZjA4LWExYzUt ZTkxNjQ4ZWM3ZGU1LzEva3BaQ2hVX2xZRkw5M0JScjl5NTd4cFNGQzJNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYS8xYjAxZDgtOWIzMS00ZjA4LWExYzUtZTkxNjQ4ZWM3ZGU1 LzEva3BaQ2hVX2xZRkw5M0JScjl5NTd4cFNGQzJNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALNzBleot AcdbFZbEq9yjZnO8/PP42I2G4Q7lYRIIr0xAWGhV0S1HwhSBhlAmDUbTp23VP9yW UDbD7N1xxsOt/HHk0VPGxdN5DIn1m2Kmh8P6sH2gAo3U9y4ahZEFoOe4eyebFKA7 8dfmxa0uJzYzJDPxJ6YF8Ba9ogXlKeLecoRMborOFCyUlfa4H2HC1CZsjHuE9ol+ qvfHw7cW3FZ7Oq0MZxj6m65aktlZcBtOu1TKygL3+KIEldoSeEBDYzlE9fSouUi6 0S2QkM4WDPrOyEQW62QW/stNaGSHAyYBgV1RnaLqVyPTQfKte6lSbRujEfGThhdw d1JwW/R5SLucew== -----END CERTIFICATE-----Generated at Mon Dec 22 08:06:27 2025 by rpki-client