This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/75c964-354e-46a3-b39e-ed82379cfa32/1/kbDB4HajRpZoEluN05XzBN-i55Q.mft File: kbDB4HajRpZoEluN05XzBN-i55Q.mft (raw, json) Hash identifier: sHpf5xU5vuX4IWzSI3bTgpTC5Hv/E4E0ZGMbEEiST1s= Subject key identifier: 06:2D:A0:90:4F:92:68:ED:62:D5:AF:04:58:84:36:72:BC:E6:32:3F Authority key identifier: 91:B0:C1:E0:76:A3:46:96:68:12:5B:8D:D3:95:F3:04:DF:A2:E7:94 Certificate issuer: /CN=91b0c1e076a3469668125b8dd395f304dfa2e794 Certificate serial: 019AF12E8E9B187C01F4723FA446B28C090F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kbDB4HajRpZoEluN05XzBN-i55Q.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/75c964-354e-46a3-b39e-ed82379cfa32/1/kbDB4HajRpZoEluN05XzBN-i55Q.mft Manifest number: 015D Signing time: Sat 06 Dec 2025 01:02:31 +0000 Manifest this update: Sat 06 Dec 2025 01:02:31 +0000 Manifest next update: Sun 07 Dec 2025 01:02:31 +0000 Files and hashes: 1: kbDB4HajRpZoEluN05XzBN-i55Q.crl (hash: 6Hy6+5wA7fVIeCPZ4dih1MWyvm/RUO2/oxwhgoFb4kQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1d/75c964-354e-46a3-b39e-ed82379cfa32/1/kbDB4HajRpZoEluN05XzBN-i55Q.crl rsync://rpki.ripe.net/repository/DEFAULT/1d/75c964-354e-46a3-b39e-ed82379cfa32/1/kbDB4HajRpZoEluN05XzBN-i55Q.mft rsync://rpki.ripe.net/repository/DEFAULT/kbDB4HajRpZoEluN05XzBN-i55Q.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:02:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2e:8e:9b:18:7c:01:f4:72:3f:a4:46:b2:8c:09:0f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=91b0c1e076a3469668125b8dd395f304dfa2e794 Validity Not Before: Dec 6 01:02:31 2025 GMT Not After : Dec 7 01:02:31 2025 GMT Subject: CN=062da0904f9268ed62d5af0458843672bce6323f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8e:7e:2f:70:e0:88:51:40:f5:3c:16:c6:c3:aa: 0c:85:84:dd:51:74:d7:ed:af:e3:b9:9e:50:2b:95: bc:88:8b:52:35:ac:a4:dc:cd:08:5a:e6:3d:eb:d8: 05:ff:60:3a:ab:a1:64:66:c3:a8:c5:a7:20:74:89: 0e:03:15:bf:d4:68:bd:da:14:62:27:3f:32:1a:58: 1a:da:a3:f9:a0:51:02:b2:30:d3:5b:89:df:a2:7d: a5:e2:c6:0f:70:8b:5f:b5:1e:a6:7c:a7:d3:c9:86: 90:d6:5f:d4:5e:a7:b4:c9:bb:ed:ee:18:37:b4:f6: 54:eb:1c:01:d9:eb:d6:2e:56:40:24:2b:28:28:1f: 6f:be:4a:f5:06:68:5d:34:45:48:13:b9:30:43:d1: e6:29:3f:07:00:af:59:87:f6:fc:2e:8e:f1:a5:63: b9:e9:3c:41:13:e6:b1:11:43:6f:de:05:22:76:5b: 72:76:12:b8:ac:f9:68:37:05:5e:a5:e4:d3:ca:d4: 27:d6:7a:3a:2e:44:64:1f:30:15:eb:48:64:36:d2: a1:eb:f8:6f:1c:bc:2d:2d:38:71:57:e0:03:fa:bb: 39:2d:c7:18:a2:0d:fe:67:e0:6e:ff:fc:04:bb:18: a0:ce:d7:cd:9a:37:4e:45:b0:b6:b8:86:c0:3b:fd: 18:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 06:2D:A0:90:4F:92:68:ED:62:D5:AF:04:58:84:36:72:BC:E6:32:3F X509v3 Authority Key Identifier: keyid:91:B0:C1:E0:76:A3:46:96:68:12:5B:8D:D3:95:F3:04:DF:A2:E7:94 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kbDB4HajRpZoEluN05XzBN-i55Q.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/75c964-354e-46a3-b39e-ed82379cfa32/1/kbDB4HajRpZoEluN05XzBN-i55Q.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/75c964-354e-46a3-b39e-ed82379cfa32/1/kbDB4HajRpZoEluN05XzBN-i55Q.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a1:0b:63:7e:ae:6e:1b:5e:15:6b:a5:2c:01:b8:a3:9b:0e:04: f5:b2:9b:9e:c0:86:64:0e:16:31:bf:d7:5c:5a:60:b4:ee:1d: b9:d4:d0:92:a9:d6:46:f7:1c:ca:1c:14:ed:61:ef:f3:22:1e: 3c:42:c9:dd:b3:fd:37:44:04:eb:25:fb:33:eb:5b:63:54:93: 8b:54:99:ed:04:c6:0b:a5:4c:ba:eb:a1:ac:68:6b:43:7e:88: 19:20:c3:9b:ae:ef:0a:41:67:69:8b:e5:76:a4:c0:5f:ae:e7: 5e:b6:a5:27:99:6d:ea:e8:bd:db:8f:82:c1:79:73:8f:b9:22: 60:2f:87:e7:9f:89:d1:a3:0b:41:fe:ae:9d:52:c5:65:49:f4: 00:58:cb:c9:57:c5:0a:ef:3f:aa:ea:d1:9f:94:16:7d:9c:0c: 9b:95:6f:b7:8e:4f:e1:cf:c8:fd:61:24:e6:26:91:7b:da:df: d4:2e:1e:5d:19:62:c7:b8:d0:40:fd:da:b1:0e:99:96:bf:13: 8c:9a:63:fd:e5:7e:1b:05:8e:3f:70:47:82:81:db:ff:53:be: 21:09:60:cb:f7:a5:2c:72:de:39:ef:6c:77:49:55:ea:5f:ad: 58:9f:84:92:23:a0:0f:b1:f2:0b:fa:ae:42:a5:f2:dc:d1:0f: 41:6c:73:cf -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLo6bGHwB9HI/pEayjAkPMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkxYjBjMWUwNzZhMzQ2OTY2ODEyNWI4ZGQzOTVmMzA0ZGZh MmU3OTQwHhcNMjUxMjA2MDEwMjMxWhcNMjUxMjA3MDEwMjMxWjAzMTEwLwYDVQQD EygwNjJkYTA5MDRmOTI2OGVkNjJkNWFmMDQ1ODg0MzY3MmJjZTYzMjNmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjn4vcOCIUUD1PBbGw6oMhYTdUXTX 7a/juZ5QK5W8iItSNayk3M0IWuY969gF/2A6q6FkZsOoxacgdIkOAxW/1Gi92hRi Jz8yGlga2qP5oFECsjDTW4nfon2l4sYPcItftR6mfKfTyYaQ1l/UXqe0ybvt7hg3 tPZU6xwB2evWLlZAJCsoKB9vvkr1BmhdNEVIE7kwQ9HmKT8HAK9Zh/b8Lo7xpWO5 6TxBE+axEUNv3gUidltydhK4rPloNwVepeTTytQn1no6LkRkHzAV60hkNtKh6/hv HLwtLThxV+AD+rs5LccYog3+Z+Bu//wEuxigztfNmjdORbC2uIbAO/0YnQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAYtoJBPkmjtYtWvBFiENnK85jI/MB8GA1UdIwQY MBaAFJGwweB2o0aWaBJbjdOV8wTfoueUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva2JEQjRIYWpScFpvRWx1TjA1WHpCTi1pNTVRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC83NWM5NjQtMzU0ZS00NmEzLWIzOWUt ZWQ4MjM3OWNmYTMyLzEva2JEQjRIYWpScFpvRWx1TjA1WHpCTi1pNTVRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xZC83NWM5NjQtMzU0ZS00NmEzLWIzOWUtZWQ4MjM3OWNmYTMy LzEva2JEQjRIYWpScFpvRWx1TjA1WHpCTi1pNTVRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoQtjfq5u G14Va6UsAbijmw4E9bKbnsCGZA4WMb/XXFpgtO4dudTQkqnWRvccyhwU7WHv8yIe PELJ3bP9N0QE6yX7M+tbY1STi1SZ7QTGC6VMuuuhrGhrQ36IGSDDm67vCkFnaYvl dqTAX67nXralJ5lt6ui924+CwXlzj7kiYC+H55+J0aMLQf6unVLFZUn0AFjLyVfF Cu8/qurRn5QWfZwMm5Vvt45P4c/I/WEk5iaRe9rf1C4eXRlix7jQQP3asQ6Zlr8T jJpj/eV+GwWOP3BHgoHb/1O+IQlgy/elLHLeOe9sd0lV6l+tWJ+EkiOgD7HyC/qu QqXy3NEPQWxzzw== -----END CERTIFICATE-----Generated at Sat Dec 6 07:11:55 2025 by rpki-client