This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/edefb3-138d-4ae6-9487-5dab1b4a5c61/1/KUeYd2hkfuuKDzhgxEF2JHzm_Fk.mft File: KUeYd2hkfuuKDzhgxEF2JHzm_Fk.mft (raw, json) Hash identifier: A4xwieur/WPrtASLdQxh7d31Ml3wZ2D+9UsQmnqCKSs= Subject key identifier: 17:A8:12:6B:6C:F6:9A:F4:0D:91:B6:DE:F0:16:3A:5E:F3:DD:23:C2 Authority key identifier: 29:47:98:77:68:64:7E:EB:8A:0F:38:60:C4:41:76:24:7C:E6:FC:59 Certificate issuer: /CN=2947987768647eeb8a0f3860c44176247ce6fc59 Certificate serial: 019B4F291E267BFFB1044A459FE4DDB4BE7A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KUeYd2hkfuuKDzhgxEF2JHzm_Fk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/edefb3-138d-4ae6-9487-5dab1b4a5c61/1/KUeYd2hkfuuKDzhgxEF2JHzm_Fk.mft Manifest number: 0FA9 Signing time: Wed 24 Dec 2025 07:00:53 +0000 Manifest this update: Wed 24 Dec 2025 07:00:53 +0000 Manifest next update: Thu 25 Dec 2025 07:00:53 +0000 Files and hashes: 1: KUeYd2hkfuuKDzhgxEF2JHzm_Fk.crl (hash: lgpyi887CV/DZ4I/a1IFVG6HO3/Gc9S6p/PanuKFN70=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/edefb3-138d-4ae6-9487-5dab1b4a5c61/1/KUeYd2hkfuuKDzhgxEF2JHzm_Fk.crl rsync://rpki.ripe.net/repository/DEFAULT/cb/edefb3-138d-4ae6-9487-5dab1b4a5c61/1/KUeYd2hkfuuKDzhgxEF2JHzm_Fk.mft rsync://rpki.ripe.net/repository/DEFAULT/KUeYd2hkfuuKDzhgxEF2JHzm_Fk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 07:00:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4f:29:1e:26:7b:ff:b1:04:4a:45:9f:e4:dd:b4:be:7a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2947987768647eeb8a0f3860c44176247ce6fc59 Validity Not Before: Dec 24 07:00:53 2025 GMT Not After : Dec 25 07:00:53 2025 GMT Subject: CN=17a8126b6cf69af40d91b6def0163a5ef3dd23c2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:94:35:76:28:e0:16:c8:24:fc:b0:be:01:83:b7: b4:2a:53:2f:a5:1f:9a:92:eb:9b:53:74:58:5e:1a: ff:28:6b:0b:57:3a:62:a7:1c:2a:6f:ce:2e:5e:6e: 16:11:12:d9:8b:27:be:17:47:da:96:aa:fb:8a:e9: 9e:52:77:c0:d0:ca:a9:92:a1:3d:57:e3:88:dc:be: 7b:df:3e:1c:e5:d8:fe:f3:fc:f2:b1:64:6a:a5:84: 52:26:1c:43:b8:34:b4:6a:8c:c3:82:0c:06:a8:99: 1f:af:28:27:15:f6:b9:06:1c:5e:7b:6d:b1:03:53: 61:ff:e4:32:87:d4:fd:bb:e5:e0:1b:b5:86:31:62: ed:54:35:04:a7:2c:c7:68:84:8d:8d:72:fe:16:cd: c9:97:7d:ee:48:20:42:32:36:e3:f1:42:47:93:b7: 77:79:74:4b:4a:c8:6b:00:71:0d:ff:fb:fa:57:be: d0:c5:11:39:d6:ef:dc:d9:cd:ea:23:02:0c:65:a0: 6f:53:30:1a:a3:2a:44:06:5d:ce:d2:4b:f7:6f:c2: fd:73:e3:74:fd:8a:61:9f:11:bd:3c:02:d1:39:5e: 3e:82:52:4c:a6:50:a0:32:01:f2:c6:46:e2:49:2e: bc:74:92:66:48:f1:66:0e:43:36:77:81:d9:1f:94: 20:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 17:A8:12:6B:6C:F6:9A:F4:0D:91:B6:DE:F0:16:3A:5E:F3:DD:23:C2 X509v3 Authority Key Identifier: keyid:29:47:98:77:68:64:7E:EB:8A:0F:38:60:C4:41:76:24:7C:E6:FC:59 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KUeYd2hkfuuKDzhgxEF2JHzm_Fk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/edefb3-138d-4ae6-9487-5dab1b4a5c61/1/KUeYd2hkfuuKDzhgxEF2JHzm_Fk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/edefb3-138d-4ae6-9487-5dab1b4a5c61/1/KUeYd2hkfuuKDzhgxEF2JHzm_Fk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 26:1e:02:cc:5a:c7:48:56:bc:08:53:87:3d:66:14:97:76:fb: 9e:7c:1e:7f:c2:65:d6:1c:6d:1a:ba:ed:73:9f:db:96:f6:cd: 12:5f:a4:83:99:5a:1f:0c:aa:7e:86:cd:c1:1b:7c:63:aa:ba: d4:7e:0c:09:47:db:30:69:be:3e:aa:bc:41:ed:66:3f:c2:2a: 08:7f:d2:e0:5d:6a:35:4a:9b:df:5a:d9:45:68:a3:76:cd:1c: 3b:d9:f4:d7:ef:54:2b:07:1d:86:98:75:15:18:8d:9b:77:ca: 47:07:83:7f:9e:d4:97:1d:d3:22:ab:65:a3:35:3b:74:9e:98: 48:ee:65:81:d6:80:3a:34:2e:a0:ab:ac:c1:71:d8:a2:f7:38: f7:ea:42:fa:4d:eb:00:19:5d:8a:ec:5e:94:33:d3:1b:a9:df: b5:b2:b2:f7:d4:2b:f2:05:a2:46:70:14:00:54:c8:3b:2b:2b: 6b:db:ab:a0:57:2f:a2:84:ca:7d:be:d1:39:03:98:d1:dc:1b: 24:64:f5:f7:80:7b:9e:56:b9:4d:9c:bf:b4:b7:34:c0:87:55: 58:db:69:83:33:43:67:c8:8f:00:b3:12:43:f8:c7:a9:e4:b6: 72:e0:5d:9d:ed:24:72:83:24:c2:bb:e9:f0:1b:45:5e:6e:80: 75:46:a4:61 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtPKR4me/+xBEpFn+TdtL56MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI5NDc5ODc3Njg2NDdlZWI4YTBmMzg2MGM0NDE3NjI0N2Nl NmZjNTkwHhcNMjUxMjI0MDcwMDUzWhcNMjUxMjI1MDcwMDUzWjAzMTEwLwYDVQQD EygxN2E4MTI2YjZjZjY5YWY0MGQ5MWI2ZGVmMDE2M2E1ZWYzZGQyM2MyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlDV2KOAWyCT8sL4Bg7e0KlMvpR+a kuubU3RYXhr/KGsLVzpipxwqb84uXm4WERLZiye+F0falqr7iumeUnfA0MqpkqE9 V+OI3L573z4c5dj+8/zysWRqpYRSJhxDuDS0aozDggwGqJkfrygnFfa5Bhxee22x A1Nh/+Qyh9T9u+XgG7WGMWLtVDUEpyzHaISNjXL+Fs3Jl33uSCBCMjbj8UJHk7d3 eXRLSshrAHEN//v6V77QxRE51u/c2c3qIwIMZaBvUzAaoypEBl3O0kv3b8L9c+N0 /YphnxG9PALROV4+glJMplCgMgHyxkbiSS68dJJmSPFmDkM2d4HZH5QgbQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBeoEmts9pr0DZG23vAWOl7z3SPCMB8GA1UdIwQY MBaAFClHmHdoZH7rig84YMRBdiR85vxZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS1VlWWQyaGtmdXVLRHpoZ3hFRjJKSHptX0ZrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9lZGVmYjMtMTM4ZC00YWU2LTk0ODct NWRhYjFiNGE1YzYxLzEvS1VlWWQyaGtmdXVLRHpoZ3hFRjJKSHptX0ZrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jYi9lZGVmYjMtMTM4ZC00YWU2LTk0ODctNWRhYjFiNGE1YzYx LzEvS1VlWWQyaGtmdXVLRHpoZ3hFRjJKSHptX0ZrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJh4CzFrH SFa8CFOHPWYUl3b7nnwef8Jl1hxtGrrtc5/blvbNEl+kg5laHwyqfobNwRt8Y6q6 1H4MCUfbMGm+Pqq8Qe1mP8IqCH/S4F1qNUqb31rZRWijds0cO9n01+9UKwcdhph1 FRiNm3fKRweDf57Ulx3TIqtlozU7dJ6YSO5lgdaAOjQuoKuswXHYovc49+pC+k3r ABldiuxelDPTG6nftbKy99Qr8gWiRnAUAFTIOysra9uroFcvooTKfb7ROQOY0dwb JGT194B7nla5TZy/tLc0wIdVWNtpgzNDZ8iPALMSQ/jHqeS2cuBdne0kcoMkwrvp 8BtFXm6AdUakYQ== -----END CERTIFICATE-----Generated at Wed Dec 24 15:12:40 2025 by rpki-client