This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/640370-e21b-408e-8935-27891484d985/1/KH97Jo822TFYldOyCDdzEHGanUE.mft File: KH97Jo822TFYldOyCDdzEHGanUE.mft (raw, json) Hash identifier: 2lsjxkIagu4Zfp6RJxQtciVqCOpFxAPrEhKbRKvLWAI= Subject key identifier: E2:E4:A2:72:F3:14:15:B5:D5:74:D6:06:31:F7:3A:F9:DD:4E:46:EF Authority key identifier: 28:7F:7B:26:8F:36:D9:31:58:95:D3:B2:08:37:73:10:71:9A:9D:41 Certificate issuer: /CN=287f7b268f36d9315895d3b208377310719a9d41 Certificate serial: 019AF5E65BBBFFA8F03B1A465651865C8752 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KH97Jo822TFYldOyCDdzEHGanUE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/640370-e21b-408e-8935-27891484d985/1/KH97Jo822TFYldOyCDdzEHGanUE.mft Manifest number: 0EBC Signing time: Sat 06 Dec 2025 23:01:45 +0000 Manifest this update: Sat 06 Dec 2025 23:01:45 +0000 Manifest next update: Sun 07 Dec 2025 23:01:45 +0000 Files and hashes: 1: KH97Jo822TFYldOyCDdzEHGanUE.crl (hash: /oGHF9mS2tK6xZvYPBR/UeL7y6hgo21H5IQEAi9XY5Q=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/640370-e21b-408e-8935-27891484d985/1/KH97Jo822TFYldOyCDdzEHGanUE.crl rsync://rpki.ripe.net/repository/DEFAULT/1a/640370-e21b-408e-8935-27891484d985/1/KH97Jo822TFYldOyCDdzEHGanUE.mft rsync://rpki.ripe.net/repository/DEFAULT/KH97Jo822TFYldOyCDdzEHGanUE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 21:29:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:e6:5b:bb:ff:a8:f0:3b:1a:46:56:51:86:5c:87:52 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=287f7b268f36d9315895d3b208377310719a9d41 Validity Not Before: Dec 6 23:01:45 2025 GMT Not After : Dec 7 23:01:45 2025 GMT Subject: CN=e2e4a272f31415b5d574d60631f73af9dd4e46ef Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:59:79:83:45:17:46:93:d5:2d:16:d7:a8:c3: 90:20:aa:01:e5:5a:dc:3f:17:38:69:24:12:03:93: 2e:80:c5:25:cd:a7:ce:9a:14:24:81:51:e3:a8:90: 9e:e4:77:d5:89:e3:d0:ee:03:3b:d9:5b:df:2a:5c: 3f:d8:6f:23:da:55:78:a6:f6:42:cc:b0:db:89:74: 5e:ec:82:91:9a:42:8d:3f:1b:bb:e2:b2:99:c0:85: 5f:c8:0b:96:96:f7:cd:7a:6f:d9:06:91:a8:2c:ef: 61:a2:4b:3a:48:65:99:23:b0:c6:ac:78:25:71:b7: e6:b7:e9:0f:61:33:59:a2:82:74:3f:39:10:ac:9b: 2c:0e:94:80:0e:46:ca:d2:02:7f:59:b8:24:53:e2: 2e:ce:37:ce:18:47:63:df:4b:6d:97:bf:37:c1:cc: 57:c0:4f:95:18:9d:d6:38:ad:f4:0b:d2:55:bf:e7: d6:8c:bc:22:05:c1:cf:82:33:b0:89:89:8c:29:cc: be:1f:57:74:c5:78:97:79:12:90:18:cc:43:9e:51: 37:7e:ce:15:54:43:09:1a:78:09:27:48:47:38:7a: aa:0e:e0:58:3b:83:3e:bd:c2:e4:7d:f9:8c:10:7a: 42:58:2a:8a:d3:99:c4:b5:1b:a8:ed:f8:28:5e:fb: c4:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E2:E4:A2:72:F3:14:15:B5:D5:74:D6:06:31:F7:3A:F9:DD:4E:46:EF X509v3 Authority Key Identifier: keyid:28:7F:7B:26:8F:36:D9:31:58:95:D3:B2:08:37:73:10:71:9A:9D:41 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KH97Jo822TFYldOyCDdzEHGanUE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/640370-e21b-408e-8935-27891484d985/1/KH97Jo822TFYldOyCDdzEHGanUE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/640370-e21b-408e-8935-27891484d985/1/KH97Jo822TFYldOyCDdzEHGanUE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 36:3c:b7:e6:97:e3:85:b0:23:fc:b7:63:30:cc:49:95:18:a0: 02:9e:e0:b7:e0:ea:cf:34:3c:dc:1e:0c:e4:8e:11:0e:65:6f: b3:2c:65:66:d4:48:10:c7:de:3b:87:d1:b3:6f:01:46:9b:a6: 97:c2:d4:3e:6c:d8:a4:46:71:46:fc:19:22:bb:7c:ed:ee:c4: 8b:67:59:c7:93:ae:a2:df:a9:ba:cc:46:70:24:59:b1:5d:4b: f1:51:a5:e7:0f:34:04:3a:13:48:5d:c0:5d:e8:b5:de:f9:b1: 32:5b:6b:fa:40:00:c1:c0:61:bb:e6:d4:5a:40:31:dc:6d:54: 0c:ca:a1:9d:d3:75:25:84:71:47:8b:a3:be:75:f5:96:de:31: bb:c8:b3:a6:0d:7e:bd:b1:b3:0a:ae:39:82:aa:e0:aa:9b:af: 6d:28:ab:c9:e7:e8:aa:66:13:40:56:63:5c:21:6c:b2:39:75: 9d:34:47:dc:ce:f3:7d:7e:85:ee:cd:35:86:f9:44:88:47:36: 43:2d:49:d5:d7:a1:00:49:42:52:2c:18:de:87:9a:17:14:73: 90:82:52:74:10:2e:92:dd:58:66:57:7b:1e:51:d5:1c:d7:8c: 19:58:66:a2:72:d1:8a:77:ee:29:02:c1:de:85:53:1a:64:18: aa:d5:c9:8d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr15lu7/6jwOxpGVlGGXIdSMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI4N2Y3YjI2OGYzNmQ5MzE1ODk1ZDNiMjA4Mzc3MzEwNzE5 YTlkNDEwHhcNMjUxMjA2MjMwMTQ1WhcNMjUxMjA3MjMwMTQ1WjAzMTEwLwYDVQQD EyhlMmU0YTI3MmYzMTQxNWI1ZDU3NGQ2MDYzMWY3M2FmOWRkNGU0NmVmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsFl5g0UXRpPVLRbXqMOQIKoB5Vrc Pxc4aSQSA5MugMUlzafOmhQkgVHjqJCe5HfViePQ7gM72VvfKlw/2G8j2lV4pvZC zLDbiXRe7IKRmkKNPxu74rKZwIVfyAuWlvfNem/ZBpGoLO9hoks6SGWZI7DGrHgl cbfmt+kPYTNZooJ0PzkQrJssDpSADkbK0gJ/WbgkU+IuzjfOGEdj30ttl783wcxX wE+VGJ3WOK30C9JVv+fWjLwiBcHPgjOwiYmMKcy+H1d0xXiXeRKQGMxDnlE3fs4V VEMJGngJJ0hHOHqqDuBYO4M+vcLkffmMEHpCWCqK05nEtRuo7fgoXvvEzQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOLkonLzFBW11XTWBjH3OvndTkbvMB8GA1UdIwQY MBaAFCh/eyaPNtkxWJXTsgg3cxBxmp1BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS0g5N0pvODIyVEZZbGRPeUNEZHpFSEdhblVFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS82NDAzNzAtZTIxYi00MDhlLTg5MzUt Mjc4OTE0ODRkOTg1LzEvS0g5N0pvODIyVEZZbGRPeUNEZHpFSEdhblVFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xYS82NDAzNzAtZTIxYi00MDhlLTg5MzUtMjc4OTE0ODRkOTg1 LzEvS0g5N0pvODIyVEZZbGRPeUNEZHpFSEdhblVFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANjy35pfj hbAj/LdjMMxJlRigAp7gt+DqzzQ83B4M5I4RDmVvsyxlZtRIEMfeO4fRs28BRpum l8LUPmzYpEZxRvwZIrt87e7Ei2dZx5Ouot+pusxGcCRZsV1L8VGl5w80BDoTSF3A Xei13vmxMltr+kAAwcBhu+bUWkAx3G1UDMqhndN1JYRxR4ujvnX1lt4xu8izpg1+ vbGzCq45gqrgqpuvbSiryefoqmYTQFZjXCFssjl1nTRH3M7zfX6F7s01hvlEiEc2 Qy1J1dehAElCUiwY3oeaFxRzkIJSdBAukt1YZld7HlHVHNeMGVhmonLRinfuKQLB 3oVTGmQYqtXJjQ== -----END CERTIFICATE-----Generated at Sun Dec 7 02:58:49 2025 by rpki-client