This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/edefb3-138d-4ae6-9487-5dab1b4a5c61/1/KUeYd2hkfuuKDzhgxEF2JHzm_Fk.mft File: KUeYd2hkfuuKDzhgxEF2JHzm_Fk.mft (raw, json) Hash identifier: vmrQL4ZZFPHp+HeN3ZttTJZBGbe6vWyQqQtDqIGzcX0= Subject key identifier: 62:5A:69:EE:0E:5A:1B:A0:84:F9:ED:16:13:53:AB:D5:48:73:28:BB Authority key identifier: 29:47:98:77:68:64:7E:EB:8A:0F:38:60:C4:41:76:24:7C:E6:FC:59 Certificate issuer: /CN=2947987768647eeb8a0f3860c44176247ce6fc59 Certificate serial: 019B4392A3D81A15A6A4F3ED0329A253F245 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KUeYd2hkfuuKDzhgxEF2JHzm_Fk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/edefb3-138d-4ae6-9487-5dab1b4a5c61/1/KUeYd2hkfuuKDzhgxEF2JHzm_Fk.mft Manifest number: 0FA3 Signing time: Mon 22 Dec 2025 01:00:42 +0000 Manifest this update: Mon 22 Dec 2025 01:00:42 +0000 Manifest next update: Tue 23 Dec 2025 01:00:42 +0000 Files and hashes: 1: KUeYd2hkfuuKDzhgxEF2JHzm_Fk.crl (hash: eGyrZptaqcOJhSW91VJdDtgODm4iDMjLUVHNFl/SXGw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/edefb3-138d-4ae6-9487-5dab1b4a5c61/1/KUeYd2hkfuuKDzhgxEF2JHzm_Fk.crl rsync://rpki.ripe.net/repository/DEFAULT/cb/edefb3-138d-4ae6-9487-5dab1b4a5c61/1/KUeYd2hkfuuKDzhgxEF2JHzm_Fk.mft rsync://rpki.ripe.net/repository/DEFAULT/KUeYd2hkfuuKDzhgxEF2JHzm_Fk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:43:92:a3:d8:1a:15:a6:a4:f3:ed:03:29:a2:53:f2:45 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2947987768647eeb8a0f3860c44176247ce6fc59 Validity Not Before: Dec 22 01:00:42 2025 GMT Not After : Dec 23 01:00:42 2025 GMT Subject: CN=625a69ee0e5a1ba084f9ed161353abd5487328bb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:dc:f0:1f:36:62:5d:68:e6:88:3b:34:d4:8a: 04:11:76:3d:f6:00:4a:19:4f:95:58:df:64:f6:06: 92:0e:cb:d3:fb:a8:95:f6:d7:d9:d4:4f:e9:c3:2b: 04:d1:5b:e5:f3:30:56:eb:53:59:da:72:8f:2a:ac: 35:82:a3:5b:6e:18:4a:76:32:8b:e3:2f:4e:ce:25: 54:cf:d7:6e:53:23:11:d1:e6:dd:09:c1:07:29:ca: b5:d9:c3:96:00:e3:7d:17:f8:f6:32:8b:55:eb:4a: 9f:7f:f2:e3:2c:aa:bc:e1:65:60:4c:bc:3c:f1:49: dd:4c:cd:ab:47:f3:43:3f:b2:a4:06:2b:64:32:e3: ba:6b:b0:db:fa:e8:cf:ac:12:53:47:42:66:dc:40: d5:ae:04:2e:d3:ec:87:e7:6f:61:dc:b0:e1:df:b0: 36:3f:d4:0b:dd:52:a4:af:2d:14:7d:89:a2:9c:2a: 33:16:89:78:ba:ee:e0:ae:25:73:27:26:44:42:e2: 9b:69:49:9f:c9:5f:00:41:74:5f:5e:ca:cb:85:cd: a5:ab:88:3b:7b:96:e6:0c:12:06:f5:fb:fe:25:89: 57:21:f2:e7:0f:5d:86:04:e3:22:c2:e3:13:58:a1: 97:86:7e:b2:26:f8:8c:5d:14:3a:9c:f4:a3:47:cc: 8c:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 62:5A:69:EE:0E:5A:1B:A0:84:F9:ED:16:13:53:AB:D5:48:73:28:BB X509v3 Authority Key Identifier: keyid:29:47:98:77:68:64:7E:EB:8A:0F:38:60:C4:41:76:24:7C:E6:FC:59 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KUeYd2hkfuuKDzhgxEF2JHzm_Fk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/edefb3-138d-4ae6-9487-5dab1b4a5c61/1/KUeYd2hkfuuKDzhgxEF2JHzm_Fk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/edefb3-138d-4ae6-9487-5dab1b4a5c61/1/KUeYd2hkfuuKDzhgxEF2JHzm_Fk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a2:32:eb:c2:4e:6c:c9:2b:7d:41:f2:ce:e0:5f:98:dd:0f:33: d9:64:0d:48:89:7e:d2:5a:c1:4d:a7:38:f8:34:31:c8:c4:d8: c1:94:92:6a:05:10:da:dd:97:9f:fc:b0:d3:80:1f:b3:e6:68: 39:ef:93:1c:16:e4:79:15:86:47:76:49:c8:aa:77:5b:5e:d2: 7c:07:d3:cc:9e:c4:58:c3:ad:40:b3:75:a1:41:5e:26:d2:dc: da:1f:dd:c8:94:90:68:12:be:09:d2:67:c6:43:8d:f1:45:a6: eb:e2:ee:93:07:2c:82:ff:59:5e:cb:df:ff:09:b5:fe:15:82: 00:d1:83:78:20:35:aa:37:67:52:01:5a:ff:21:1a:45:b7:af: 7a:bd:fa:36:89:33:d2:2a:0f:0e:22:26:c8:11:79:6a:2f:25: 73:12:58:61:d5:44:8d:9d:30:98:5f:77:c1:38:55:35:98:18: b7:da:ef:20:37:ca:b2:9c:61:b5:c9:e0:fa:51:d5:2a:51:23: e4:25:02:6a:50:15:64:69:da:72:f9:2b:db:06:db:88:ce:87: d3:9e:00:4b:62:ff:20:fc:05:f4:15:9c:14:ed:d8:d3:fc:ec: 55:44:c0:db:69:42:88:e4:fb:49:2c:2e:d0:16:37:9a:8d:29: 87:1b:4a:4b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtDkqPYGhWmpPPtAymiU/JFMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI5NDc5ODc3Njg2NDdlZWI4YTBmMzg2MGM0NDE3NjI0N2Nl NmZjNTkwHhcNMjUxMjIyMDEwMDQyWhcNMjUxMjIzMDEwMDQyWjAzMTEwLwYDVQQD Eyg2MjVhNjllZTBlNWExYmEwODRmOWVkMTYxMzUzYWJkNTQ4NzMyOGJiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzNzwHzZiXWjmiDs01IoEEXY99gBK GU+VWN9k9gaSDsvT+6iV9tfZ1E/pwysE0Vvl8zBW61NZ2nKPKqw1gqNbbhhKdjKL 4y9OziVUz9duUyMR0ebdCcEHKcq12cOWAON9F/j2MotV60qff/LjLKq84WVgTLw8 8UndTM2rR/NDP7KkBitkMuO6a7Db+ujPrBJTR0Jm3EDVrgQu0+yH529h3LDh37A2 P9QL3VKkry0UfYminCozFol4uu7griVzJyZEQuKbaUmfyV8AQXRfXsrLhc2lq4g7 e5bmDBIG9fv+JYlXIfLnD12GBOMiwuMTWKGXhn6yJviMXRQ6nPSjR8yMyQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGJaae4OWhughPntFhNTq9VIcyi7MB8GA1UdIwQY MBaAFClHmHdoZH7rig84YMRBdiR85vxZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS1VlWWQyaGtmdXVLRHpoZ3hFRjJKSHptX0ZrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9lZGVmYjMtMTM4ZC00YWU2LTk0ODct NWRhYjFiNGE1YzYxLzEvS1VlWWQyaGtmdXVLRHpoZ3hFRjJKSHptX0ZrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jYi9lZGVmYjMtMTM4ZC00YWU2LTk0ODctNWRhYjFiNGE1YzYx LzEvS1VlWWQyaGtmdXVLRHpoZ3hFRjJKSHptX0ZrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAojLrwk5s ySt9QfLO4F+Y3Q8z2WQNSIl+0lrBTac4+DQxyMTYwZSSagUQ2t2Xn/yw04Afs+Zo Oe+THBbkeRWGR3ZJyKp3W17SfAfTzJ7EWMOtQLN1oUFeJtLc2h/dyJSQaBK+CdJn xkON8UWm6+Lukwcsgv9ZXsvf/wm1/hWCANGDeCA1qjdnUgFa/yEaRbever36Nokz 0ioPDiImyBF5ai8lcxJYYdVEjZ0wmF93wThVNZgYt9rvIDfKspxhtcng+lHVKlEj 5CUCalAVZGnacvkr2wbbiM6H054AS2L/IPwF9BWcFO3Y0/zsVUTA22lCiOT7SSwu 0BY3mo0phxtKSw== -----END CERTIFICATE-----Generated at Mon Dec 22 07:57:12 2025 by rpki-client