This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/8e87fe-c9d6-4424-bd98-7a0619faaf7d/1/KdRXsQJeSmpFxsS0XW4jSqUYyLE.mft File: KdRXsQJeSmpFxsS0XW4jSqUYyLE.mft (raw, json) Hash identifier: omxFKya4+gCZo1e33cYxsPK3LTAqE5OQ1PRPxu/GLoo= Subject key identifier: 7C:34:A5:EE:75:3F:CB:12:67:93:E6:44:DC:DA:BE:41:A4:F0:00:0C Authority key identifier: 29:D4:57:B1:02:5E:4A:6A:45:C6:C4:B4:5D:6E:23:4A:A5:18:C8:B1 Certificate issuer: /CN=29d457b1025e4a6a45c6c4b45d6e234aa518c8b1 Certificate serial: 019AF2774A266D38B2CCBEB50870621CB0BB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KdRXsQJeSmpFxsS0XW4jSqUYyLE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/8e87fe-c9d6-4424-bd98-7a0619faaf7d/1/KdRXsQJeSmpFxsS0XW4jSqUYyLE.mft Manifest number: 1237 Signing time: Sat 06 Dec 2025 07:01:35 +0000 Manifest this update: Sat 06 Dec 2025 07:01:35 +0000 Manifest next update: Sun 07 Dec 2025 07:01:35 +0000 Files and hashes: 1: KdRXsQJeSmpFxsS0XW4jSqUYyLE.crl (hash: OcHwHmtb7NEN/2Eag9GA6OkjYHOutJtsQ+PkSEfmjyQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/8e87fe-c9d6-4424-bd98-7a0619faaf7d/1/KdRXsQJeSmpFxsS0XW4jSqUYyLE.crl rsync://rpki.ripe.net/repository/DEFAULT/05/8e87fe-c9d6-4424-bd98-7a0619faaf7d/1/KdRXsQJeSmpFxsS0XW4jSqUYyLE.mft rsync://rpki.ripe.net/repository/DEFAULT/KdRXsQJeSmpFxsS0XW4jSqUYyLE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:77:4a:26:6d:38:b2:cc:be:b5:08:70:62:1c:b0:bb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=29d457b1025e4a6a45c6c4b45d6e234aa518c8b1 Validity Not Before: Dec 6 07:01:35 2025 GMT Not After : Dec 7 07:01:35 2025 GMT Subject: CN=7c34a5ee753fcb126793e644dcdabe41a4f0000c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:ae:91:02:86:8c:2a:e4:a7:9a:6e:48:dd:cd: c9:18:d0:b4:8f:e7:e7:af:e6:d1:92:61:7e:a7:e1: e8:89:0f:e5:06:71:a7:d1:05:31:7b:dd:82:d1:f5: 3a:a9:7d:dd:7c:8d:fa:9d:57:ef:c9:69:2d:7e:07: 9f:d5:25:26:bf:b0:f9:f7:38:e9:69:1a:2e:ef:11: 97:d7:59:4e:f3:ea:18:91:6c:58:42:fd:04:2c:9a: 76:bb:cf:a8:1f:d6:f6:46:04:77:dc:1f:ab:05:9b: 39:03:5d:a8:c7:2b:3d:fd:c0:1e:5f:43:fd:fe:4c: 54:c7:01:07:44:9e:5f:1e:d0:65:90:a8:3c:04:f3: af:f6:db:55:31:14:cf:05:33:a8:ff:ff:c3:6e:7c: b4:d0:0a:f5:8d:8a:ee:ed:96:83:a3:6d:a6:70:93: 4e:2c:1a:2e:49:9a:18:cc:f5:45:3c:c6:90:75:5f: 63:8a:2c:39:9f:66:24:98:7a:5b:80:e9:39:ea:43: b2:0a:4e:a9:9c:da:6a:70:58:48:02:53:19:ce:ac: a1:eb:fe:0c:54:8a:9c:48:3b:d7:a8:2a:fb:1e:d8: ee:94:4d:a8:d0:5e:51:8b:27:50:87:e0:4f:f9:1b: 22:09:fc:ce:32:25:7a:d1:d1:ee:6f:97:15:ba:59: a8:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7C:34:A5:EE:75:3F:CB:12:67:93:E6:44:DC:DA:BE:41:A4:F0:00:0C X509v3 Authority Key Identifier: keyid:29:D4:57:B1:02:5E:4A:6A:45:C6:C4:B4:5D:6E:23:4A:A5:18:C8:B1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdRXsQJeSmpFxsS0XW4jSqUYyLE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/8e87fe-c9d6-4424-bd98-7a0619faaf7d/1/KdRXsQJeSmpFxsS0XW4jSqUYyLE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/05/8e87fe-c9d6-4424-bd98-7a0619faaf7d/1/KdRXsQJeSmpFxsS0XW4jSqUYyLE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 28:58:02:cd:18:2f:25:e1:09:ac:fa:71:09:c7:33:ec:02:00: 01:28:d5:c3:b2:ef:12:8c:08:36:04:83:b2:31:ee:a3:12:aa: 43:ea:3f:2c:59:e5:e7:b2:c3:12:80:67:ad:09:66:f1:30:b0: 40:4a:a7:ae:d7:ee:62:dc:63:24:61:49:dc:cb:7d:24:c9:2a: 57:7a:d1:a9:49:08:ac:e0:49:32:68:35:91:5e:ca:4c:82:8f: 32:bb:b2:46:3e:26:5d:e3:72:03:54:d8:b3:5a:c2:73:ea:6d: 29:94:0d:99:5a:a8:27:c7:1f:25:d9:ab:97:ec:8d:3f:ba:64: 3c:fc:cf:ab:f2:b9:44:72:59:69:0f:26:41:3a:a8:13:61:d4: d3:e6:13:7a:7f:a8:3f:fb:74:99:5a:d9:80:04:a9:e8:69:1f: d8:61:18:d1:91:e7:e1:48:6b:e9:33:e5:69:bf:48:21:f5:21: 85:c0:35:07:20:95:6a:9d:0d:63:7c:77:77:5f:e2:00:01:15: bc:25:77:41:48:0a:9e:cb:65:32:60:b2:5b:10:43:1a:94:53: 9c:93:67:29:b4:7b:8a:ca:90:2e:b2:71:ab:a4:51:ce:25:99: 12:83:b7:90:ce:08:3f:2c:71:12:2e:4e:b1:ab:10:9c:80:2b: df:d2:7e:25 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryd0ombTiyzL61CHBiHLC7MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI5ZDQ1N2IxMDI1ZTRhNmE0NWM2YzRiNDVkNmUyMzRhYTUx OGM4YjEwHhcNMjUxMjA2MDcwMTM1WhcNMjUxMjA3MDcwMTM1WjAzMTEwLwYDVQQD Eyg3YzM0YTVlZTc1M2ZjYjEyNjc5M2U2NDRkY2RhYmU0MWE0ZjAwMDBjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp66RAoaMKuSnmm5I3c3JGNC0j+fn r+bRkmF+p+HoiQ/lBnGn0QUxe92C0fU6qX3dfI36nVfvyWktfgef1SUmv7D59zjp aRou7xGX11lO8+oYkWxYQv0ELJp2u8+oH9b2RgR33B+rBZs5A12oxys9/cAeX0P9 /kxUxwEHRJ5fHtBlkKg8BPOv9ttVMRTPBTOo///Dbny00Ar1jYru7ZaDo22mcJNO LBouSZoYzPVFPMaQdV9jiiw5n2YkmHpbgOk56kOyCk6pnNpqcFhIAlMZzqyh6/4M VIqcSDvXqCr7HtjulE2o0F5RiydQh+BP+RsiCfzOMiV60dHub5cVulmoewIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHw0pe51P8sSZ5PmRNzavkGk8AAMMB8GA1UdIwQY MBaAFCnUV7ECXkpqRcbEtF1uI0qlGMixMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS2RSWHNRSmVTbXBGeHNTMFhXNGpTcVVZeUxFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS84ZTg3ZmUtYzlkNi00NDI0LWJkOTgt N2EwNjE5ZmFhZjdkLzEvS2RSWHNRSmVTbXBGeHNTMFhXNGpTcVVZeUxFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wNS84ZTg3ZmUtYzlkNi00NDI0LWJkOTgtN2EwNjE5ZmFhZjdk LzEvS2RSWHNRSmVTbXBGeHNTMFhXNGpTcVVZeUxFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKFgCzRgv JeEJrPpxCccz7AIAASjVw7LvEowINgSDsjHuoxKqQ+o/LFnl57LDEoBnrQlm8TCw QEqnrtfuYtxjJGFJ3Mt9JMkqV3rRqUkIrOBJMmg1kV7KTIKPMruyRj4mXeNyA1TY s1rCc+ptKZQNmVqoJ8cfJdmrl+yNP7pkPPzPq/K5RHJZaQ8mQTqoE2HU0+YTen+o P/t0mVrZgASp6Gkf2GEY0ZHn4Uhr6TPlab9IIfUhhcA1ByCVap0NY3x3d1/iAAEV vCV3QUgKnstlMmCyWxBDGpRTnJNnKbR7isqQLrJxq6RRziWZEoO3kM4IPyxxEi5O sasQnIAr39J+JQ== -----END CERTIFICATE-----Generated at Sat Dec 6 10:01:28 2025 by rpki-client