This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/d10d4d-a2c0-4d20-8a21-24d0e62f79c0/1/K328XveedAIoXs2gg3ukvyGHYdw.mft File: K328XveedAIoXs2gg3ukvyGHYdw.mft (raw, json) Hash identifier: yXMs3gqxVGXRwcD9DLEe+f9v9sKV4Vctkbx3Ct9ilQk= Subject key identifier: EE:F6:63:EC:C4:FE:CB:C1:FE:E3:34:1A:D0:7E:B7:28:F8:4D:CA:E7 Authority key identifier: 2B:7D:BC:5E:F7:9E:74:02:28:5E:CD:A0:83:7B:A4:BF:21:87:61:DC Certificate issuer: /CN=2b7dbc5ef79e7402285ecda0837ba4bf218761dc Certificate serial: 019AF465127976C28AA0814E66CAD3A4D25B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K328XveedAIoXs2gg3ukvyGHYdw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/d10d4d-a2c0-4d20-8a21-24d0e62f79c0/1/K328XveedAIoXs2gg3ukvyGHYdw.mft Manifest number: 0F78 Signing time: Sat 06 Dec 2025 16:00:55 +0000 Manifest this update: Sat 06 Dec 2025 16:00:55 +0000 Manifest next update: Sun 07 Dec 2025 16:00:55 +0000 Files and hashes: 1: K328XveedAIoXs2gg3ukvyGHYdw.crl (hash: zS1Ul3EcEm0jaVT6r+k1L4t8sFuSUcsF5f2rqDFegTA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/d10d4d-a2c0-4d20-8a21-24d0e62f79c0/1/K328XveedAIoXs2gg3ukvyGHYdw.crl rsync://rpki.ripe.net/repository/DEFAULT/17/d10d4d-a2c0-4d20-8a21-24d0e62f79c0/1/K328XveedAIoXs2gg3ukvyGHYdw.mft rsync://rpki.ripe.net/repository/DEFAULT/K328XveedAIoXs2gg3ukvyGHYdw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f4:65:12:79:76:c2:8a:a0:81:4e:66:ca:d3:a4:d2:5b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2b7dbc5ef79e7402285ecda0837ba4bf218761dc Validity Not Before: Dec 6 16:00:55 2025 GMT Not After : Dec 7 16:00:55 2025 GMT Subject: CN=eef663ecc4fecbc1fee3341ad07eb728f84dcae7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:7c:67:c4:fe:c1:98:9d:0d:eb:7c:65:9f:af: b6:8d:b4:c9:22:bb:0f:0e:37:86:33:f4:3c:53:a9: 9f:e6:5a:79:b1:b0:15:1e:84:8b:34:bf:6d:53:4d: 51:f6:1d:7e:ab:dd:7f:e0:30:7b:d2:38:0c:2b:17: 31:fd:eb:67:71:1d:dd:b3:eb:39:46:7b:1a:c8:fe: f3:ca:fd:bb:36:82:b8:92:6d:fb:ac:44:6f:fb:a7: 4e:04:5a:02:45:84:1c:b4:62:bd:89:a8:7d:cb:80: 5c:cb:75:a6:a0:59:a2:19:d1:72:7b:ac:f2:6d:b5: 51:9e:a1:70:ee:78:45:ae:5a:0d:d1:90:a3:0d:3a: 9c:52:32:d4:26:9f:bb:40:e7:a1:aa:0d:c0:7d:9a: e7:e3:f5:ac:37:b3:36:79:b0:6d:1f:e6:e5:94:6a: 2c:bb:45:51:16:27:fb:8d:c5:22:7b:20:73:2d:56: fe:72:e0:f3:6b:52:38:04:0a:24:9d:db:14:99:c1: 1f:8e:8d:ff:f7:92:f8:3b:04:6a:af:a8:59:28:6d: ce:9c:5c:fa:76:6c:5a:66:de:72:8b:0d:fc:bb:3e: 36:84:7c:ac:bd:4f:b9:07:75:77:e8:34:7b:8d:52: 55:d3:45:3a:01:e5:57:80:9e:e3:61:71:ba:3e:f3: 00:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EE:F6:63:EC:C4:FE:CB:C1:FE:E3:34:1A:D0:7E:B7:28:F8:4D:CA:E7 X509v3 Authority Key Identifier: keyid:2B:7D:BC:5E:F7:9E:74:02:28:5E:CD:A0:83:7B:A4:BF:21:87:61:DC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K328XveedAIoXs2gg3ukvyGHYdw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/d10d4d-a2c0-4d20-8a21-24d0e62f79c0/1/K328XveedAIoXs2gg3ukvyGHYdw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/17/d10d4d-a2c0-4d20-8a21-24d0e62f79c0/1/K328XveedAIoXs2gg3ukvyGHYdw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 55:05:2d:ee:68:34:cb:ab:7c:54:70:46:d6:bc:bb:0e:58:06: ed:1d:8b:64:51:3f:1a:e3:bd:68:ff:b2:e0:6c:f0:bd:5e:23: 2d:67:f4:d5:ce:2b:e7:46:8a:e3:76:d6:37:33:96:c7:2d:cf: 42:78:88:f5:1a:27:6d:c7:08:f5:a9:35:9c:d2:90:2a:42:d9: 72:57:4d:b1:f3:2d:99:3d:41:21:f8:40:c4:42:00:dd:8b:04: 14:5e:f2:fa:f9:2d:2b:fb:d2:0e:d5:d3:bf:3e:81:58:76:77: 79:2f:66:27:40:a9:81:65:4e:e7:cc:50:12:80:a3:5a:29:77: 98:26:7d:d7:ff:66:53:de:76:55:e0:33:83:f7:51:36:b1:06: 52:ce:19:f5:24:22:4b:92:30:34:61:38:2e:9a:72:e1:b8:18: 14:e7:f2:93:b9:ba:1f:91:a1:18:e8:35:bb:06:22:3a:e2:c5: cd:3a:cf:03:ea:ab:1c:48:fd:b6:c2:ff:41:c3:b6:52:1d:f8: 6c:56:44:5b:57:f5:4f:69:73:cc:b8:26:85:05:b8:29:ee:18: ac:3d:88:31:0a:2b:92:46:4f:3f:82:d3:b2:2d:dc:02:d6:3b: 6b:84:a8:cc:ec:35:1f:93:e2:85:14:7a:ab:8d:77:23:1f:76: c2:be:94:60 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr0ZRJ5dsKKoIFOZsrTpNJbMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJiN2RiYzVlZjc5ZTc0MDIyODVlY2RhMDgzN2JhNGJmMjE4 NzYxZGMwHhcNMjUxMjA2MTYwMDU1WhcNMjUxMjA3MTYwMDU1WjAzMTEwLwYDVQQD EyhlZWY2NjNlY2M0ZmVjYmMxZmVlMzM0MWFkMDdlYjcyOGY4NGRjYWU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtHxnxP7BmJ0N63xln6+2jbTJIrsP DjeGM/Q8U6mf5lp5sbAVHoSLNL9tU01R9h1+q91/4DB70jgMKxcx/etncR3ds+s5 RnsayP7zyv27NoK4km37rERv+6dOBFoCRYQctGK9iah9y4Bcy3WmoFmiGdFye6zy bbVRnqFw7nhFrloN0ZCjDTqcUjLUJp+7QOehqg3AfZrn4/WsN7M2ebBtH+bllGos u0VRFif7jcUieyBzLVb+cuDza1I4BAokndsUmcEfjo3/95L4OwRqr6hZKG3OnFz6 dmxaZt5yiw38uz42hHysvU+5B3V36DR7jVJV00U6AeVXgJ7jYXG6PvMAHQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFO72Y+zE/svB/uM0GtB+tyj4TcrnMB8GA1UdIwQY MBaAFCt9vF73nnQCKF7NoIN7pL8hh2HcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSzMyOFh2ZWVkQUlvWHMyZ2czdWt2eUdIWWR3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9kMTBkNGQtYTJjMC00ZDIwLThhMjEt MjRkMGU2MmY3OWMwLzEvSzMyOFh2ZWVkQUlvWHMyZ2czdWt2eUdIWWR3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNy9kMTBkNGQtYTJjMC00ZDIwLThhMjEtMjRkMGU2MmY3OWMw LzEvSzMyOFh2ZWVkQUlvWHMyZ2czdWt2eUdIWWR3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVQUt7mg0 y6t8VHBG1ry7DlgG7R2LZFE/GuO9aP+y4GzwvV4jLWf01c4r50aK43bWNzOWxy3P QniI9RonbccI9ak1nNKQKkLZcldNsfMtmT1BIfhAxEIA3YsEFF7y+vktK/vSDtXT vz6BWHZ3eS9mJ0CpgWVO58xQEoCjWil3mCZ91/9mU952VeAzg/dRNrEGUs4Z9SQi S5IwNGE4Lppy4bgYFOfyk7m6H5GhGOg1uwYiOuLFzTrPA+qrHEj9tsL/QcO2Uh34 bFZEW1f1T2lzzLgmhQW4Ke4YrD2IMQorkkZPP4LTsi3cAtY7a4SozOw1H5PihRR6 q413Ix92wr6UYA== -----END CERTIFICATE-----Generated at Sat Dec 6 17:52:00 2025 by rpki-client