This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/49e0b2-1e2a-432a-ba19-115988d81289/1/Kksu12XR1HipbYLxJgEen7dS_Ic.mft File: Kksu12XR1HipbYLxJgEen7dS_Ic.mft (raw, json) Hash identifier: MxguAFx9/dnWHt4A/RNJ9xMPSdGlUFyURBc2+wBtmnU= Subject key identifier: DA:BA:6A:AC:1A:1F:15:89:33:93:FD:1C:51:99:29:9F:9B:B3:A9:C8 Authority key identifier: 2A:4B:2E:D7:65:D1:D4:78:A9:6D:82:F1:26:01:1E:9F:B7:52:FC:87 Certificate issuer: /CN=2a4b2ed765d1d478a96d82f126011e9fb752fc87 Certificate serial: 019B33B1D2DE37932FBA3E7A93027D5DDC1D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Kksu12XR1HipbYLxJgEen7dS_Ic.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/49e0b2-1e2a-432a-ba19-115988d81289/1/Kksu12XR1HipbYLxJgEen7dS_Ic.mft Manifest number: 177F Signing time: Thu 18 Dec 2025 23:00:50 +0000 Manifest this update: Thu 18 Dec 2025 23:00:50 +0000 Manifest next update: Fri 19 Dec 2025 23:00:50 +0000 Files and hashes: 1: Kksu12XR1HipbYLxJgEen7dS_Ic.crl (hash: 0LWVLMvrvaYhF+lx+xKgMJnIuTbO+7oegt+T9+HFaeo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/49e0b2-1e2a-432a-ba19-115988d81289/1/Kksu12XR1HipbYLxJgEen7dS_Ic.crl rsync://rpki.ripe.net/repository/DEFAULT/dd/49e0b2-1e2a-432a-ba19-115988d81289/1/Kksu12XR1HipbYLxJgEen7dS_Ic.mft rsync://rpki.ripe.net/repository/DEFAULT/Kksu12XR1HipbYLxJgEen7dS_Ic.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:33:b1:d2:de:37:93:2f:ba:3e:7a:93:02:7d:5d:dc:1d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a4b2ed765d1d478a96d82f126011e9fb752fc87 Validity Not Before: Dec 18 23:00:50 2025 GMT Not After : Dec 19 23:00:50 2025 GMT Subject: CN=daba6aac1a1f15893393fd1c5199299f9bb3a9c8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:5a:e1:11:bb:4a:76:07:8e:0c:5d:5a:8f:b3: 0a:1d:41:1e:5a:6f:4f:60:35:aa:64:a8:07:3a:69: 72:a7:51:1f:0c:f6:e6:09:6c:46:92:27:9b:70:fd: 15:36:a0:6e:a9:b7:9f:f3:68:26:9e:58:92:c2:fa: f7:15:d9:ce:48:5b:e6:3c:17:4c:4a:9f:8c:f3:21: ec:ee:07:11:c7:26:17:6b:10:a1:f2:32:58:41:ca: 26:2b:13:94:75:64:19:ee:60:5f:4e:fd:5a:f5:e9: 51:db:ce:18:99:c9:0a:da:c5:3a:75:1c:10:70:3e: dc:52:c2:bc:2a:0e:57:35:06:03:7a:fb:ca:bb:90: 31:b3:c0:32:f5:97:46:31:8f:3c:a3:4b:b7:bb:94: 6f:5c:1e:23:c6:96:7a:60:ee:71:b4:50:d3:8a:22: 98:67:4f:1f:f4:5e:a5:eb:96:cf:35:21:f4:26:18: a4:5f:fd:2d:35:61:4b:63:a7:ef:5b:30:48:9c:f8: 82:5d:6a:7c:fe:d2:9a:1c:51:bb:00:17:12:4e:62: 41:de:f4:4d:e7:80:9e:37:9b:a9:79:82:d9:1b:47: f9:2a:9c:eb:eb:f3:4e:66:13:68:79:d6:bd:65:ad: 6c:82:6d:ca:05:21:19:3c:41:be:1a:71:b3:3b:91: dd:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:BA:6A:AC:1A:1F:15:89:33:93:FD:1C:51:99:29:9F:9B:B3:A9:C8 X509v3 Authority Key Identifier: keyid:2A:4B:2E:D7:65:D1:D4:78:A9:6D:82:F1:26:01:1E:9F:B7:52:FC:87 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kksu12XR1HipbYLxJgEen7dS_Ic.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/49e0b2-1e2a-432a-ba19-115988d81289/1/Kksu12XR1HipbYLxJgEen7dS_Ic.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/49e0b2-1e2a-432a-ba19-115988d81289/1/Kksu12XR1HipbYLxJgEen7dS_Ic.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4d:6a:72:f4:56:a8:12:6a:b3:3b:ad:08:b9:5b:26:af:25:c1: 7a:c6:3e:10:5a:35:52:11:32:ac:eb:06:7e:ed:d8:13:b5:a5: d4:e2:2b:46:b0:f4:7f:6a:5b:bd:4e:68:b5:6c:96:87:a0:b6: 71:13:4e:2a:61:9c:28:33:6c:72:d1:60:f0:d0:e6:77:8b:06: 0a:73:47:53:db:f8:f4:7e:5c:6e:77:3d:d3:67:d1:10:42:3c: e5:28:35:a2:02:86:65:1e:2f:27:09:f8:ef:9e:b0:e7:59:60: 07:df:89:0a:03:48:7e:22:1d:92:81:17:a4:7a:dc:ac:38:a3: 9d:e3:7b:e5:83:c1:9f:d8:7b:9d:b5:cf:12:be:76:98:11:55: a0:3d:ea:47:90:a5:e9:4e:a0:4a:f8:8f:d7:4d:8f:7f:86:5b: 6a:e4:1b:bd:a0:7f:23:c2:57:71:7f:d4:ed:12:41:b1:49:36: e6:d8:5d:c6:87:40:0a:44:96:74:26:f6:25:99:ee:86:ec:6d: 6f:6b:ff:3c:3c:f2:9f:1c:2e:d1:7f:6c:1e:ff:68:8f:d8:1d: 6b:77:9b:23:13:da:ef:58:2a:15:30:e4:fd:eb:61:77:53:fa: bc:00:d2:0e:10:65:98:f6:a7:3e:59:04:3f:b4:35:e2:80:5a: a0:c0:e0:90 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZszsdLeN5Mvuj56kwJ9XdwdMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhNGIyZWQ3NjVkMWQ0NzhhOTZkODJmMTI2MDExZTlmYjc1 MmZjODcwHhcNMjUxMjE4MjMwMDUwWhcNMjUxMjE5MjMwMDUwWjAzMTEwLwYDVQQD EyhkYWJhNmFhYzFhMWYxNTg5MzM5M2ZkMWM1MTk5Mjk5ZjliYjNhOWM4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqVrhEbtKdgeODF1aj7MKHUEeWm9P YDWqZKgHOmlyp1EfDPbmCWxGkiebcP0VNqBuqbef82gmnliSwvr3FdnOSFvmPBdM Sp+M8yHs7gcRxyYXaxCh8jJYQcomKxOUdWQZ7mBfTv1a9elR284YmckK2sU6dRwQ cD7cUsK8Kg5XNQYDevvKu5Axs8Ay9ZdGMY88o0u3u5RvXB4jxpZ6YO5xtFDTiiKY Z08f9F6l65bPNSH0JhikX/0tNWFLY6fvWzBInPiCXWp8/tKaHFG7ABcSTmJB3vRN 54CeN5upeYLZG0f5Kpzr6/NOZhNoeda9Za1sgm3KBSEZPEG+GnGzO5Hd2QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNq6aqwaHxWJM5P9HFGZKZ+bs6nIMB8GA1UdIwQY MBaAFCpLLtdl0dR4qW2C8SYBHp+3UvyHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS2tzdTEyWFIxSGlwYllMeEpnRWVuN2RTX0ljLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC80OWUwYjItMWUyYS00MzJhLWJhMTkt MTE1OTg4ZDgxMjg5LzEvS2tzdTEyWFIxSGlwYllMeEpnRWVuN2RTX0ljLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZC80OWUwYjItMWUyYS00MzJhLWJhMTktMTE1OTg4ZDgxMjg5 LzEvS2tzdTEyWFIxSGlwYllMeEpnRWVuN2RTX0ljLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATWpy9Fao EmqzO60IuVsmryXBesY+EFo1UhEyrOsGfu3YE7Wl1OIrRrD0f2pbvU5otWyWh6C2 cRNOKmGcKDNsctFg8NDmd4sGCnNHU9v49H5cbnc902fREEI85Sg1ogKGZR4vJwn4 756w51lgB9+JCgNIfiIdkoEXpHrcrDijneN75YPBn9h7nbXPEr52mBFVoD3qR5Cl 6U6gSviP102Pf4ZbauQbvaB/I8JXcX/U7RJBsUk25thdxodACkSWdCb2JZnuhuxt b2v/PDzynxwu0X9sHv9oj9gda3ebIxPa71gqFTDk/ethd1P6vADSDhBlmPanPlkE P7Q14oBaoMDgkA== -----END CERTIFICATE-----Generated at Fri Dec 19 03:09:04 2025 by rpki-client