This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/3e6ea5-0d4e-434f-a6f3-eb346d9ce9e0/1/kh2gU5IfUoNniBiPgvYt1aqXP-k.mft File: kh2gU5IfUoNniBiPgvYt1aqXP-k.mft (raw, json) Hash identifier: PgdrTPCYJbkeHkjtYUefTPHiy1dHIlaUKG2peXh2FFc= Subject key identifier: DD:F0:21:B1:38:25:98:38:87:91:10:62:DB:17:E0:3F:72:30:C7:03 Authority key identifier: 92:1D:A0:53:92:1F:52:83:67:88:18:8F:82:F6:2D:D5:AA:97:3F:E9 Certificate issuer: /CN=921da053921f52836788188f82f62dd5aa973fe9 Certificate serial: 019B3532C302B7661435F69D8C64B48662A1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kh2gU5IfUoNniBiPgvYt1aqXP-k.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/3e6ea5-0d4e-434f-a6f3-eb346d9ce9e0/1/kh2gU5IfUoNniBiPgvYt1aqXP-k.mft Manifest number: 1049 Signing time: Fri 19 Dec 2025 06:01:17 +0000 Manifest this update: Fri 19 Dec 2025 06:01:17 +0000 Manifest next update: Sat 20 Dec 2025 06:01:17 +0000 Files and hashes: 1: kh2gU5IfUoNniBiPgvYt1aqXP-k.crl (hash: KUn5nhYMuqtbL6CoWSDXldYzRa5dzmN4RZyNFL47h38=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/3e6ea5-0d4e-434f-a6f3-eb346d9ce9e0/1/kh2gU5IfUoNniBiPgvYt1aqXP-k.crl rsync://rpki.ripe.net/repository/DEFAULT/d5/3e6ea5-0d4e-434f-a6f3-eb346d9ce9e0/1/kh2gU5IfUoNniBiPgvYt1aqXP-k.mft rsync://rpki.ripe.net/repository/DEFAULT/kh2gU5IfUoNniBiPgvYt1aqXP-k.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:35:32:c3:02:b7:66:14:35:f6:9d:8c:64:b4:86:62:a1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=921da053921f52836788188f82f62dd5aa973fe9 Validity Not Before: Dec 19 06:01:17 2025 GMT Not After : Dec 20 06:01:17 2025 GMT Subject: CN=ddf021b13825983887911062db17e03f7230c703 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:ed:c6:dc:54:90:c1:48:08:a9:62:f5:9c:5e: 95:29:5a:fe:e4:34:87:09:f9:40:31:5c:cc:f4:dc: 88:86:53:bb:96:fe:71:0e:57:ee:6a:f4:7f:bd:60: a3:84:09:ea:38:df:71:ab:01:c7:a5:6e:de:70:da: d7:7a:8f:3b:54:cc:76:b0:0c:93:67:e0:27:9d:ae: 90:b1:eb:5f:b8:ae:b2:93:e8:8c:cc:3b:70:dc:52: 62:03:13:20:f4:16:cc:61:fd:6a:38:03:ee:c1:8a: 5e:ba:d4:46:ea:f6:9e:8c:89:5a:f6:63:ba:07:4f: 9b:ae:55:a9:76:7a:d2:23:bc:9a:86:4e:e5:45:04: ab:0e:74:ce:2f:ce:50:ea:e8:63:3b:c0:43:e6:1a: a0:89:48:43:5c:3a:d6:b8:7d:23:56:a3:b4:75:22: a2:95:23:8a:73:0a:4c:8d:e2:8c:f9:3b:aa:0b:75: 8a:a8:6d:ec:af:b1:be:5a:d2:af:5f:5c:52:7c:bb: 6d:9e:40:4a:96:45:b6:37:f3:b3:8f:93:cb:a6:b2: 4a:60:c7:23:9d:95:40:d5:1a:3e:5d:27:3b:b7:c0: de:45:52:fc:8b:49:0a:e9:9b:16:9c:32:e4:ab:9a: 71:7b:9d:8b:78:04:3b:75:fc:6a:a3:79:18:b5:b5: 90:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:F0:21:B1:38:25:98:38:87:91:10:62:DB:17:E0:3F:72:30:C7:03 X509v3 Authority Key Identifier: keyid:92:1D:A0:53:92:1F:52:83:67:88:18:8F:82:F6:2D:D5:AA:97:3F:E9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kh2gU5IfUoNniBiPgvYt1aqXP-k.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/3e6ea5-0d4e-434f-a6f3-eb346d9ce9e0/1/kh2gU5IfUoNniBiPgvYt1aqXP-k.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/3e6ea5-0d4e-434f-a6f3-eb346d9ce9e0/1/kh2gU5IfUoNniBiPgvYt1aqXP-k.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b8:63:7d:8e:83:fc:14:a0:17:b9:76:95:4c:3c:b9:e3:b0:ea: 3a:47:26:81:f0:3d:06:41:6a:31:ed:2f:a4:23:4b:c8:6a:c6: bb:48:9a:4a:34:82:f7:e9:23:84:14:b6:2f:d4:0b:e8:87:06: 28:86:47:f0:92:28:8a:2f:d5:e8:d3:e3:ab:ec:5f:ba:82:a2: e3:e9:d3:f9:9d:51:ab:e7:50:d4:b4:73:34:0a:c6:e0:e5:dc: 84:00:58:5f:bd:6e:d5:50:9e:a9:bf:ca:04:c7:83:5d:4c:92: 44:d0:c1:df:69:90:7b:8f:28:ce:47:2f:f0:a1:70:c2:c0:90: 63:1e:31:18:36:57:42:2a:be:df:ff:e7:c9:e1:d5:0f:c5:d8: 9d:54:d4:f2:e6:d9:8e:6f:b9:fa:a3:34:d7:f6:00:e9:97:6e: 56:c5:dc:97:70:76:93:bc:91:fa:e9:f5:9c:9e:36:18:ed:e2: 9b:64:e2:3e:9e:80:02:89:ad:c0:86:c5:3c:bc:ba:ca:83:3d: db:2e:5e:3e:9c:a1:16:13:24:74:fb:ea:d7:1b:c2:70:4d:57: 57:31:79:6a:8b:19:04:88:46:0b:ec:99:12:ab:44:56:47:34: b6:87:6a:28:c5:10:fa:63:6f:b1:45:83:b5:1f:95:40:41:19: 0c:ff:7b:f0 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs1MsMCt2YUNfadjGS0hmKhMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkyMWRhMDUzOTIxZjUyODM2Nzg4MTg4ZjgyZjYyZGQ1YWE5 NzNmZTkwHhcNMjUxMjE5MDYwMTE3WhcNMjUxMjIwMDYwMTE3WjAzMTEwLwYDVQQD EyhkZGYwMjFiMTM4MjU5ODM4ODc5MTEwNjJkYjE3ZTAzZjcyMzBjNzAzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3+3G3FSQwUgIqWL1nF6VKVr+5DSH CflAMVzM9NyIhlO7lv5xDlfuavR/vWCjhAnqON9xqwHHpW7ecNrXeo87VMx2sAyT Z+Anna6QsetfuK6yk+iMzDtw3FJiAxMg9BbMYf1qOAPuwYpeutRG6vaejIla9mO6 B0+brlWpdnrSI7yahk7lRQSrDnTOL85Q6uhjO8BD5hqgiUhDXDrWuH0jVqO0dSKi lSOKcwpMjeKM+TuqC3WKqG3sr7G+WtKvX1xSfLttnkBKlkW2N/Ozj5PLprJKYMcj nZVA1Ro+XSc7t8DeRVL8i0kK6ZsWnDLkq5pxe52LeAQ7dfxqo3kYtbWQCwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFN3wIbE4JZg4h5EQYtsX4D9yMMcDMB8GA1UdIwQY MBaAFJIdoFOSH1KDZ4gYj4L2LdWqlz/pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva2gyZ1U1SWZVb05uaUJpUGd2WXQxYXFYUC1rLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS8zZTZlYTUtMGQ0ZS00MzRmLWE2ZjMt ZWIzNDZkOWNlOWUwLzEva2gyZ1U1SWZVb05uaUJpUGd2WXQxYXFYUC1rLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kNS8zZTZlYTUtMGQ0ZS00MzRmLWE2ZjMtZWIzNDZkOWNlOWUw LzEva2gyZ1U1SWZVb05uaUJpUGd2WXQxYXFYUC1rLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuGN9joP8 FKAXuXaVTDy547DqOkcmgfA9BkFqMe0vpCNLyGrGu0iaSjSC9+kjhBS2L9QL6IcG KIZH8JIoii/V6NPjq+xfuoKi4+nT+Z1Rq+dQ1LRzNArG4OXchABYX71u1VCeqb/K BMeDXUySRNDB32mQe48ozkcv8KFwwsCQYx4xGDZXQiq+3//nyeHVD8XYnVTU8ubZ jm+5+qM01/YA6ZduVsXcl3B2k7yR+un1nJ42GO3im2TiPp6AAomtwIbFPLy6yoM9 2y5ePpyhFhMkdPvq1xvCcE1XVzF5aosZBIhGC+yZEqtEVkc0todqKMUQ+mNvsUWD tR+VQEEZDP978A== -----END CERTIFICATE-----Generated at Fri Dec 19 08:24:41 2025 by rpki-client