This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/2fa75a-11b8-49ae-924a-eb9dcd17b476/1/KL8TZ9YSDGyHl6BEhtduR7EwrVE.mft File: KL8TZ9YSDGyHl6BEhtduR7EwrVE.mft (raw, json) Hash identifier: 9x5lVqsc9PQ/PjGTGOAlccinpfavMRUgpl/ugKgC5eg= Subject key identifier: 2D:69:38:FD:83:24:D1:20:E7:C0:E5:40:9B:B8:92:F1:B1:C9:42:44 Authority key identifier: 28:BF:13:67:D6:12:0C:6C:87:97:A0:44:86:D7:6E:47:B1:30:AD:51 Certificate issuer: /CN=28bf1367d6120c6c8797a04486d76e47b130ad51 Certificate serial: 019AF0BF8E4DCE1DEA05EE1E1C470188D98F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KL8TZ9YSDGyHl6BEhtduR7EwrVE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/2fa75a-11b8-49ae-924a-eb9dcd17b476/1/KL8TZ9YSDGyHl6BEhtduR7EwrVE.mft Manifest number: D7 Signing time: Fri 05 Dec 2025 23:01:16 +0000 Manifest this update: Fri 05 Dec 2025 23:01:16 +0000 Manifest next update: Sat 06 Dec 2025 23:01:16 +0000 Files and hashes: 1: KL8TZ9YSDGyHl6BEhtduR7EwrVE.crl (hash: IsgN17EURWzxf45Hit8R/npE0fb7NcSDBf/B333SaHc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/18/2fa75a-11b8-49ae-924a-eb9dcd17b476/1/KL8TZ9YSDGyHl6BEhtduR7EwrVE.crl rsync://rpki.ripe.net/repository/DEFAULT/18/2fa75a-11b8-49ae-924a-eb9dcd17b476/1/KL8TZ9YSDGyHl6BEhtduR7EwrVE.mft rsync://rpki.ripe.net/repository/DEFAULT/KL8TZ9YSDGyHl6BEhtduR7EwrVE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 23:01:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f0:bf:8e:4d:ce:1d:ea:05:ee:1e:1c:47:01:88:d9:8f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=28bf1367d6120c6c8797a04486d76e47b130ad51 Validity Not Before: Dec 5 23:01:16 2025 GMT Not After : Dec 6 23:01:16 2025 GMT Subject: CN=2d6938fd8324d120e7c0e5409bb892f1b1c94244 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:ea:ee:e8:28:e1:d6:81:7f:fe:d8:9a:15:f2: 81:7f:46:98:a5:a2:de:4a:f3:e6:90:20:48:16:00: bc:77:2c:33:ed:00:6b:e3:2c:58:5e:85:52:70:25: 9c:ef:20:0d:ad:23:55:79:a1:7e:2f:28:a3:16:04: a1:ad:1a:08:a4:33:b2:a8:37:9c:53:43:4c:ce:cd: 39:57:d5:6a:e1:2e:9a:1b:70:54:55:9d:b8:51:05: 69:da:bb:18:65:73:03:b7:55:96:9d:3e:08:1e:58: 2e:2e:ea:9f:db:18:80:50:6b:b3:dc:ec:e5:6c:15: 2e:a3:36:37:f7:11:de:4c:a4:f6:3f:8b:44:a0:96: 05:ec:33:b7:12:42:f6:4e:46:fa:c3:4a:e2:26:8b: f3:06:f9:6d:d8:3f:fd:58:72:4f:d3:fe:54:b2:a3: cc:3e:2b:1e:6f:ea:64:db:8c:e5:de:c3:8f:2b:ba: f8:e3:01:57:37:17:a9:b7:fb:9e:d3:23:90:04:58: 57:04:97:f7:ed:c8:fa:e8:0d:35:f9:27:fa:42:2d: c5:a4:23:62:05:86:fd:c1:0e:93:15:53:e9:af:34: 90:d0:a5:d3:b7:2c:1a:7b:92:7e:9c:0f:c6:13:1d: f0:33:95:27:38:1b:14:77:26:4e:06:e9:b5:b8:9b: 63:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:69:38:FD:83:24:D1:20:E7:C0:E5:40:9B:B8:92:F1:B1:C9:42:44 X509v3 Authority Key Identifier: keyid:28:BF:13:67:D6:12:0C:6C:87:97:A0:44:86:D7:6E:47:B1:30:AD:51 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KL8TZ9YSDGyHl6BEhtduR7EwrVE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/2fa75a-11b8-49ae-924a-eb9dcd17b476/1/KL8TZ9YSDGyHl6BEhtduR7EwrVE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/18/2fa75a-11b8-49ae-924a-eb9dcd17b476/1/KL8TZ9YSDGyHl6BEhtduR7EwrVE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4c:85:fe:15:b4:68:b7:83:5e:36:28:4f:78:1e:9d:9f:44:e0: c9:d7:0e:5a:ab:91:88:f1:64:3f:cc:0f:67:00:0c:b0:23:9f: 35:2b:f7:37:a2:d2:bc:75:40:3a:2b:1c:00:65:7c:17:73:ac: a0:75:49:fb:80:4a:54:11:d2:01:13:90:ff:8a:c2:5e:98:87: 05:88:1f:c1:db:c1:4d:f3:bc:a8:27:d3:bd:b2:5a:78:b8:90: bf:c1:c7:54:9b:d6:83:57:51:f5:94:5f:24:f6:87:43:ab:84: 51:03:44:7e:75:d7:35:89:48:83:0e:a4:6c:0f:f2:5d:9d:70: 11:0f:5d:45:de:00:2b:27:69:74:e1:25:d7:14:b1:c6:ff:63: 97:21:46:ab:bd:66:63:d8:b6:0c:97:dc:9d:1e:6b:ea:bc:13: 3c:63:13:a6:c3:78:d9:d8:87:91:f0:9b:a6:04:fc:3c:0f:58: 49:c2:57:d5:01:32:14:c8:e6:cb:2e:76:19:c7:71:57:cd:49: d7:c9:64:98:19:a0:01:0a:ad:da:dd:97:0d:78:fe:25:27:22: 72:50:aa:99:91:6d:3d:f5:4f:ba:cf:d9:cf:ab:da:82:0c:3b: 3a:8b:2d:e1:a2:03:f5:b8:9a:37:c0:08:66:f4:e4:7e:69:85: 57:f3:14:8d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrwv45Nzh3qBe4eHEcBiNmPMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI4YmYxMzY3ZDYxMjBjNmM4Nzk3YTA0NDg2ZDc2ZTQ3YjEz MGFkNTEwHhcNMjUxMjA1MjMwMTE2WhcNMjUxMjA2MjMwMTE2WjAzMTEwLwYDVQQD EygyZDY5MzhmZDgzMjRkMTIwZTdjMGU1NDA5YmI4OTJmMWIxYzk0MjQ0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuuru6Cjh1oF//tiaFfKBf0aYpaLe SvPmkCBIFgC8dywz7QBr4yxYXoVScCWc7yANrSNVeaF+LyijFgShrRoIpDOyqDec U0NMzs05V9Vq4S6aG3BUVZ24UQVp2rsYZXMDt1WWnT4IHlguLuqf2xiAUGuz3Ozl bBUuozY39xHeTKT2P4tEoJYF7DO3EkL2Tkb6w0riJovzBvlt2D/9WHJP0/5UsqPM Piseb+pk24zl3sOPK7r44wFXNxept/ue0yOQBFhXBJf37cj66A01+Sf6Qi3FpCNi BYb9wQ6TFVPprzSQ0KXTtywae5J+nA/GEx3wM5UnOBsUdyZOBum1uJtjSQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFC1pOP2DJNEg58DlQJu4kvGxyUJEMB8GA1UdIwQY MBaAFCi/E2fWEgxsh5egRIbXbkexMK1RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS0w4VFo5WVNER3lIbDZCRWh0ZHVSN0V3clZFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC8yZmE3NWEtMTFiOC00OWFlLTkyNGEt ZWI5ZGNkMTdiNDc2LzEvS0w4VFo5WVNER3lIbDZCRWh0ZHVSN0V3clZFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xOC8yZmE3NWEtMTFiOC00OWFlLTkyNGEtZWI5ZGNkMTdiNDc2 LzEvS0w4VFo5WVNER3lIbDZCRWh0ZHVSN0V3clZFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATIX+FbRo t4NeNihPeB6dn0TgydcOWquRiPFkP8wPZwAMsCOfNSv3N6LSvHVAOiscAGV8F3Os oHVJ+4BKVBHSAROQ/4rCXpiHBYgfwdvBTfO8qCfTvbJaeLiQv8HHVJvWg1dR9ZRf JPaHQ6uEUQNEfnXXNYlIgw6kbA/yXZ1wEQ9dRd4AKydpdOEl1xSxxv9jlyFGq71m Y9i2DJfcnR5r6rwTPGMTpsN42diHkfCbpgT8PA9YScJX1QEyFMjmyy52GcdxV81J 18lkmBmgAQqt2t2XDXj+JSciclCqmZFtPfVPus/Zz6vaggw7Oost4aID9biaN8AI ZvTkfmmFV/MUjQ== -----END CERTIFICATE-----Generated at Sat Dec 6 08:09:06 2025 by rpki-client