This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/5c765c-83f3-45d1-8930-8d04f8779423/1/kVijd10MXrOPIPDvmjYRBhpRlbM.mft File: kVijd10MXrOPIPDvmjYRBhpRlbM.mft (raw, json) Hash identifier: aJTPT3PeUYOFtgmqOVQ1Ke28dudrlomhv6+BeI5A6W0= Subject key identifier: EB:B4:BD:98:A5:DD:D4:D4:C9:B3:24:01:DA:BE:B2:8C:AF:32:03:63 Authority key identifier: 91:58:A3:77:5D:0C:5E:B3:8F:20:F0:EF:9A:36:11:06:1A:51:95:B3 Certificate issuer: /CN=9158a3775d0c5eb38f20f0ef9a3611061a5195b3 Certificate serial: 019B6278FB2B1DE707DF2CE62AD6DD88AEF7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kVijd10MXrOPIPDvmjYRBhpRlbM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/5c765c-83f3-45d1-8930-8d04f8779423/1/kVijd10MXrOPIPDvmjYRBhpRlbM.mft Manifest number: 1799 Signing time: Sun 28 Dec 2025 01:00:54 +0000 Manifest this update: Sun 28 Dec 2025 01:00:54 +0000 Manifest next update: Mon 29 Dec 2025 01:00:54 +0000 Files and hashes: 1: kVijd10MXrOPIPDvmjYRBhpRlbM.crl (hash: ZkvavzjE/7Re9Xn0b+rRNdhQgWZ7u+YAZi6OGkyAQZs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d8/5c765c-83f3-45d1-8930-8d04f8779423/1/kVijd10MXrOPIPDvmjYRBhpRlbM.crl rsync://rpki.ripe.net/repository/DEFAULT/d8/5c765c-83f3-45d1-8930-8d04f8779423/1/kVijd10MXrOPIPDvmjYRBhpRlbM.mft rsync://rpki.ripe.net/repository/DEFAULT/kVijd10MXrOPIPDvmjYRBhpRlbM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 29 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:62:78:fb:2b:1d:e7:07:df:2c:e6:2a:d6:dd:88:ae:f7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9158a3775d0c5eb38f20f0ef9a3611061a5195b3 Validity Not Before: Dec 28 01:00:54 2025 GMT Not After : Dec 29 01:00:54 2025 GMT Subject: CN=ebb4bd98a5ddd4d4c9b32401dabeb28caf320363 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:d8:df:5e:0d:0b:ce:5e:e3:bf:5e:38:2e:70: 85:a5:56:24:fc:dd:6f:f6:0f:83:0c:6b:c3:57:ee: ce:10:fa:d6:2b:94:6e:a8:6a:0c:e5:df:61:fd:5f: e1:c7:f4:a4:ba:d4:a5:9b:c8:5a:d6:b1:ad:7a:40: 76:eb:9d:bd:8c:98:65:53:05:17:9f:a7:7c:6e:61: f8:5e:1d:84:fb:fd:77:4c:62:33:69:81:6c:fb:88: 75:28:29:a2:c7:8b:25:c3:df:7f:2e:22:f7:c6:c5: 6e:0b:f0:95:5d:f2:fd:d1:1a:3f:78:86:72:fc:70: 21:4a:3a:1d:46:55:10:28:d7:1b:e0:c5:d9:92:b6: 47:02:f9:c4:0b:0e:9a:43:c3:2c:c5:af:b6:b2:1f: fd:9d:97:e0:0e:f3:9e:e4:6a:51:d3:17:20:5b:b5: 36:96:56:cd:c1:08:cb:24:0b:40:7b:f6:0a:6f:b0: 79:68:6e:19:be:12:42:4e:10:2e:f9:78:61:13:cc: 95:1c:5f:61:6d:af:35:f5:ba:e3:3f:f4:ba:86:44: a8:79:b9:14:f8:4f:24:09:5c:bd:e4:d1:73:33:fd: 5c:fc:01:5c:50:ab:79:0f:c1:cb:60:8f:50:47:9e: b8:9d:25:07:a6:90:2c:2d:bc:f4:39:1a:5e:58:08: 56:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EB:B4:BD:98:A5:DD:D4:D4:C9:B3:24:01:DA:BE:B2:8C:AF:32:03:63 X509v3 Authority Key Identifier: keyid:91:58:A3:77:5D:0C:5E:B3:8F:20:F0:EF:9A:36:11:06:1A:51:95:B3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kVijd10MXrOPIPDvmjYRBhpRlbM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/5c765c-83f3-45d1-8930-8d04f8779423/1/kVijd10MXrOPIPDvmjYRBhpRlbM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/5c765c-83f3-45d1-8930-8d04f8779423/1/kVijd10MXrOPIPDvmjYRBhpRlbM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8a:24:62:fe:d2:df:28:0d:cb:b7:a8:b5:49:ed:ef:a1:9d:9a: ab:a5:43:75:1d:83:97:7c:21:55:23:63:0a:35:a1:59:34:79: 7c:ea:db:79:ba:ef:89:d3:ed:b0:d8:ec:09:14:a4:39:f8:64: ea:86:b3:d3:4b:f3:da:32:67:fd:b8:e4:53:d8:d8:d3:57:a1: 0b:f8:67:a9:ed:ed:c9:86:de:d8:9c:d4:34:b1:97:fc:16:0e: 02:f8:d8:ad:eb:0a:77:42:6a:bf:48:d2:e5:8d:3c:19:3b:63: b5:99:cf:ed:be:79:1e:03:23:72:73:05:d6:30:ab:92:06:00: d0:22:c7:ef:b4:6a:b9:0f:b8:c5:4b:a2:ef:fe:df:a9:05:f4: 01:32:e0:d6:80:42:6f:f6:41:7f:a2:d0:25:45:ff:21:4b:b7: 71:8c:2c:f9:a1:19:21:e2:db:06:ed:90:64:d3:35:33:32:5d: 4d:8d:b1:07:83:6c:0a:90:45:ac:d2:a3:bd:32:47:78:20:cc: 4d:fb:ed:d3:8b:16:a5:7a:1c:b1:78:40:8d:12:37:81:8f:16: 28:c7:96:88:1f:d7:a4:67:9c:3f:8e:12:d6:9d:e5:b0:b5:d6: 8e:82:46:d0:c9:d3:58:cf:b9:9d:50:7c:93:46:37:ed:a7:d1: dd:f1:c3:50 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtiePsrHecH3yzmKtbdiK73MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkxNThhMzc3NWQwYzVlYjM4ZjIwZjBlZjlhMzYxMTA2MWE1 MTk1YjMwHhcNMjUxMjI4MDEwMDU0WhcNMjUxMjI5MDEwMDU0WjAzMTEwLwYDVQQD EyhlYmI0YmQ5OGE1ZGRkNGQ0YzliMzI0MDFkYWJlYjI4Y2FmMzIwMzYzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoNjfXg0Lzl7jv144LnCFpVYk/N1v 9g+DDGvDV+7OEPrWK5RuqGoM5d9h/V/hx/SkutSlm8ha1rGtekB26529jJhlUwUX n6d8bmH4Xh2E+/13TGIzaYFs+4h1KCmix4slw99/LiL3xsVuC/CVXfL90Ro/eIZy /HAhSjodRlUQKNcb4MXZkrZHAvnECw6aQ8Msxa+2sh/9nZfgDvOe5GpR0xcgW7U2 llbNwQjLJAtAe/YKb7B5aG4ZvhJCThAu+XhhE8yVHF9hba819brjP/S6hkSoebkU +E8kCVy95NFzM/1c/AFcUKt5D8HLYI9QR564nSUHppAsLbz0ORpeWAhWOwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOu0vZil3dTUybMkAdq+soyvMgNjMB8GA1UdIwQY MBaAFJFYo3ddDF6zjyDw75o2EQYaUZWzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva1ZpamQxME1Yck9QSVBEdm1qWVJCaHBSbGJNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC81Yzc2NWMtODNmMy00NWQxLTg5MzAt OGQwNGY4Nzc5NDIzLzEva1ZpamQxME1Yck9QSVBEdm1qWVJCaHBSbGJNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kOC81Yzc2NWMtODNmMy00NWQxLTg5MzAtOGQwNGY4Nzc5NDIz LzEva1ZpamQxME1Yck9QSVBEdm1qWVJCaHBSbGJNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiiRi/tLf KA3Lt6i1Se3voZ2aq6VDdR2Dl3whVSNjCjWhWTR5fOrbebrvidPtsNjsCRSkOfhk 6oaz00vz2jJn/bjkU9jY01ehC/hnqe3tyYbe2JzUNLGX/BYOAvjYresKd0Jqv0jS 5Y08GTtjtZnP7b55HgMjcnMF1jCrkgYA0CLH77RquQ+4xUui7/7fqQX0ATLg1oBC b/ZBf6LQJUX/IUu3cYws+aEZIeLbBu2QZNM1MzJdTY2xB4NsCpBFrNKjvTJHeCDM Tfvt04sWpXocsXhAjRI3gY8WKMeWiB/XpGecP44S1p3lsLXWjoJG0MnTWM+5nVB8 k0Y37afR3fHDUA== -----END CERTIFICATE-----Generated at Sun Dec 28 07:29:41 2025 by rpki-client