This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/a00c61-2d87-4620-913f-0e464ca39e75/1/KbEhDskQXHF9CY-fDQDZ3qIyJTk.mft File: KbEhDskQXHF9CY-fDQDZ3qIyJTk.mft (raw, json) Hash identifier: HtS2iN9mkwYBKokHoUQpnEFKTGeSMFR3kZfSCd5OWVs= Subject key identifier: 75:B6:54:F0:F3:84:89:94:99:EB:59:E2:32:65:A7:42:3A:88:89:96 Authority key identifier: 29:B1:21:0E:C9:10:5C:71:7D:09:8F:9F:0D:00:D9:DE:A2:32:25:39 Certificate issuer: /CN=29b1210ec9105c717d098f9f0d00d9dea2322539 Certificate serial: 019AF19B8C0ED25EC6F39AD9F6077C0C41DF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KbEhDskQXHF9CY-fDQDZ3qIyJTk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/a00c61-2d87-4620-913f-0e464ca39e75/1/KbEhDskQXHF9CY-fDQDZ3qIyJTk.mft Manifest number: 1433 Signing time: Sat 06 Dec 2025 03:01:34 +0000 Manifest this update: Sat 06 Dec 2025 03:01:34 +0000 Manifest next update: Sun 07 Dec 2025 03:01:34 +0000 Files and hashes: 1: KbEhDskQXHF9CY-fDQDZ3qIyJTk.crl (hash: q42RwLxADg+/UZS6WGTE7/dFkc/qCe4XgB3zMlJPJ54=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/07/a00c61-2d87-4620-913f-0e464ca39e75/1/KbEhDskQXHF9CY-fDQDZ3qIyJTk.crl rsync://rpki.ripe.net/repository/DEFAULT/07/a00c61-2d87-4620-913f-0e464ca39e75/1/KbEhDskQXHF9CY-fDQDZ3qIyJTk.mft rsync://rpki.ripe.net/repository/DEFAULT/KbEhDskQXHF9CY-fDQDZ3qIyJTk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:9b:8c:0e:d2:5e:c6:f3:9a:d9:f6:07:7c:0c:41:df Signature Algorithm: sha256WithRSAEncryption Issuer: CN=29b1210ec9105c717d098f9f0d00d9dea2322539 Validity Not Before: Dec 6 03:01:34 2025 GMT Not After : Dec 7 03:01:34 2025 GMT Subject: CN=75b654f0f384899499eb59e23265a7423a888996 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:2f:ff:01:68:60:7b:3c:a9:da:ff:a8:e5:bb: fe:3f:f1:eb:01:a2:99:05:a0:dd:ae:8d:82:0a:db: 03:25:f1:8c:b2:9c:65:51:31:d2:c1:69:c4:ae:38: b4:4f:5c:7b:e2:cf:50:ce:82:bd:57:71:fa:c7:f2: 71:ab:d8:c7:de:dd:92:2c:1f:3a:81:ac:43:7b:ec: e0:32:65:d7:e4:49:f4:00:95:71:a2:0c:7d:cd:c1: 0b:70:3c:02:95:9d:57:61:d9:d8:5e:c1:36:e0:dc: e9:bb:70:0f:71:27:96:7a:2a:88:5c:1b:3e:2d:d6: 96:05:e0:d2:b5:a0:cf:93:0e:1b:c3:37:1d:5a:6f: 31:48:52:b0:ed:08:66:0c:0b:9c:61:77:6d:d6:ad: 27:1f:13:48:04:9e:ea:16:2a:69:e6:98:aa:69:cf: ae:ce:24:17:45:33:d2:33:30:27:c6:ee:d1:24:21: b8:fa:b0:b5:48:bc:bb:28:9b:2a:8f:f1:7a:ae:c4: 65:77:1b:1d:5a:a5:30:0b:a0:44:31:87:2c:ac:d1: 9d:74:83:97:dc:74:43:25:2e:a5:3c:57:a1:b1:c6: 93:e8:82:df:ef:9b:9d:45:f8:56:f9:81:d6:69:80: c5:05:0d:1d:35:09:d6:9e:a5:47:c6:77:32:b7:ec: 28:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 75:B6:54:F0:F3:84:89:94:99:EB:59:E2:32:65:A7:42:3A:88:89:96 X509v3 Authority Key Identifier: keyid:29:B1:21:0E:C9:10:5C:71:7D:09:8F:9F:0D:00:D9:DE:A2:32:25:39 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KbEhDskQXHF9CY-fDQDZ3qIyJTk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a00c61-2d87-4620-913f-0e464ca39e75/1/KbEhDskQXHF9CY-fDQDZ3qIyJTk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a00c61-2d87-4620-913f-0e464ca39e75/1/KbEhDskQXHF9CY-fDQDZ3qIyJTk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7f:e0:7a:5e:f3:75:0c:90:de:65:b4:1e:8e:ae:bb:04:3e:3c: 9f:0e:20:af:39:66:cd:34:11:40:6c:95:ba:fb:59:2b:80:a2: b5:3c:63:03:51:43:d8:38:42:15:d6:6e:78:fe:6e:38:1a:f6: 6d:8f:e1:87:a1:94:c7:80:1e:37:af:8b:ed:9f:08:70:fd:a9: 9e:3b:3f:cf:a4:2f:3a:71:65:d9:43:19:37:0e:a8:d6:7b:b4: 15:51:cd:e3:7b:7a:a9:8f:e8:1e:eb:7b:97:1b:ce:0e:50:3b: 0f:37:06:7b:a8:64:e4:34:ee:8b:46:9f:33:a7:e3:bd:65:f6: 4f:eb:83:43:9e:79:76:3d:12:e6:90:6e:89:64:01:18:ce:d2: 53:62:c5:93:8c:78:d7:b4:d5:39:92:ba:6d:2f:5b:39:1b:0b: b9:4d:3c:20:c8:0b:1c:29:d0:e4:5a:da:5b:a4:2b:6e:94:36: ca:3d:bf:da:29:aa:b3:dd:d7:cb:8f:84:5a:c1:f6:35:7f:cd: 54:51:f9:78:82:de:a2:24:bb:c1:b4:a0:ce:0c:31:b9:8e:d7: 14:80:e9:68:cc:92:bc:a7:18:8a:0b:0d:71:99:7e:ee:1b:d8: fe:e8:dc:d7:58:24:40:f4:2d:51:41:b6:0b:27:31:5f:50:19: 00:8d:64:7a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxm4wO0l7G85rZ9gd8DEHfMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI5YjEyMTBlYzkxMDVjNzE3ZDA5OGY5ZjBkMDBkOWRlYTIz MjI1MzkwHhcNMjUxMjA2MDMwMTM0WhcNMjUxMjA3MDMwMTM0WjAzMTEwLwYDVQQD Eyg3NWI2NTRmMGYzODQ4OTk0OTllYjU5ZTIzMjY1YTc0MjNhODg4OTk2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzC//AWhgezyp2v+o5bv+P/HrAaKZ BaDdro2CCtsDJfGMspxlUTHSwWnErji0T1x74s9QzoK9V3H6x/Jxq9jH3t2SLB86 gaxDe+zgMmXX5En0AJVxogx9zcELcDwClZ1XYdnYXsE24Nzpu3APcSeWeiqIXBs+ LdaWBeDStaDPkw4bwzcdWm8xSFKw7QhmDAucYXdt1q0nHxNIBJ7qFipp5piqac+u ziQXRTPSMzAnxu7RJCG4+rC1SLy7KJsqj/F6rsRldxsdWqUwC6BEMYcsrNGddIOX 3HRDJS6lPFehscaT6ILf75udRfhW+YHWaYDFBQ0dNQnWnqVHxncyt+wojwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHW2VPDzhImUmetZ4jJlp0I6iImWMB8GA1UdIwQY MBaAFCmxIQ7JEFxxfQmPnw0A2d6iMiU5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS2JFaERza1FYSEY5Q1ktZkRRRFozcUl5SlRrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9hMDBjNjEtMmQ4Ny00NjIwLTkxM2Yt MGU0NjRjYTM5ZTc1LzEvS2JFaERza1FYSEY5Q1ktZkRRRFozcUl5SlRrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wNy9hMDBjNjEtMmQ4Ny00NjIwLTkxM2YtMGU0NjRjYTM5ZTc1 LzEvS2JFaERza1FYSEY5Q1ktZkRRRFozcUl5SlRrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAf+B6XvN1 DJDeZbQejq67BD48nw4grzlmzTQRQGyVuvtZK4CitTxjA1FD2DhCFdZueP5uOBr2 bY/hh6GUx4AeN6+L7Z8IcP2pnjs/z6QvOnFl2UMZNw6o1nu0FVHN43t6qY/oHut7 lxvODlA7DzcGe6hk5DTui0afM6fjvWX2T+uDQ555dj0S5pBuiWQBGM7SU2LFk4x4 17TVOZK6bS9bORsLuU08IMgLHCnQ5FraW6QrbpQ2yj2/2imqs93Xy4+EWsH2NX/N VFH5eILeoiS7wbSgzgwxuY7XFIDpaMySvKcYigsNcZl+7hvY/ujc11gkQPQtUUG2 CycxX1AZAI1keg== -----END CERTIFICATE-----Generated at Sat Dec 6 10:16:17 2025 by rpki-client