This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/19877d-3932-472e-9e64-c45e8924c54a/1/sd_KrmUzbQycpCWFpG2Yyawk9eU.mft File: sd_KrmUzbQycpCWFpG2Yyawk9eU.mft (raw, json) Hash identifier: rxiyVG/3zImhFfEhkgA31cK3pDQuWtnMW/R7dtklXS4= Subject key identifier: 14:CE:24:92:C9:AA:52:DF:82:37:E8:14:81:1B:51:41:8D:12:FD:BE Authority key identifier: B1:DF:CA:AE:65:33:6D:0C:9C:A4:25:85:A4:6D:98:C9:AC:24:F5:E5 Certificate issuer: /CN=b1dfcaae65336d0c9ca42585a46d98c9ac24f5e5 Certificate serial: 019AF2401D0427763D6DD2A00BCDE1FEFA8C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sd_KrmUzbQycpCWFpG2Yyawk9eU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/19877d-3932-472e-9e64-c45e8924c54a/1/sd_KrmUzbQycpCWFpG2Yyawk9eU.mft Manifest number: 03A8 Signing time: Sat 06 Dec 2025 06:01:19 +0000 Manifest this update: Sat 06 Dec 2025 06:01:19 +0000 Manifest next update: Sun 07 Dec 2025 06:01:19 +0000 Files and hashes: 1: sd_KrmUzbQycpCWFpG2Yyawk9eU.crl (hash: fOugy48sjt4rnWMFRGV9wVC89bhj2SNxnu3Azo8DPaI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/19877d-3932-472e-9e64-c45e8924c54a/1/sd_KrmUzbQycpCWFpG2Yyawk9eU.crl rsync://rpki.ripe.net/repository/DEFAULT/20/19877d-3932-472e-9e64-c45e8924c54a/1/sd_KrmUzbQycpCWFpG2Yyawk9eU.mft rsync://rpki.ripe.net/repository/DEFAULT/sd_KrmUzbQycpCWFpG2Yyawk9eU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:40:1d:04:27:76:3d:6d:d2:a0:0b:cd:e1:fe:fa:8c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b1dfcaae65336d0c9ca42585a46d98c9ac24f5e5 Validity Not Before: Dec 6 06:01:19 2025 GMT Not After : Dec 7 06:01:19 2025 GMT Subject: CN=14ce2492c9aa52df8237e814811b51418d12fdbe Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:c0:da:4e:06:cb:80:ae:15:5f:f2:50:41:b7: 7f:53:64:72:de:23:51:58:c0:b6:ed:92:30:53:09: 57:48:77:3a:02:4b:2c:8c:be:95:59:54:ed:85:e0: f6:6a:b8:a9:e0:ca:06:d7:b7:40:bb:76:59:ee:5e: 4a:67:eb:96:20:8d:1a:90:bf:30:c5:58:79:8c:29: ae:5d:be:b7:a4:d3:0b:77:52:44:98:99:81:08:19: de:67:29:2d:54:f6:e6:bb:4e:42:b2:b6:66:81:06: 83:be:aa:01:68:32:aa:93:2d:7c:f4:53:b1:b4:a5: fa:24:31:f9:99:2e:5e:2e:53:8f:ad:82:52:3a:67: 17:9e:fb:96:a2:fa:d0:a4:ad:cc:19:5d:39:4a:2c: cb:7e:a2:b0:4a:56:ed:25:92:a3:6c:58:23:17:51: 1e:b9:ab:bc:1f:e7:f9:e3:72:b1:64:05:a9:52:20: 76:7e:36:7b:45:58:d7:cf:db:35:ae:20:18:81:5d: d3:8d:cb:bc:32:c8:d7:53:f4:4f:b5:9c:4e:c8:57: 17:52:d1:cc:a3:07:cd:d5:8d:a3:81:9b:90:6d:ac: f2:0b:59:2b:34:a1:32:16:38:52:5c:ff:a4:c0:e6: 59:b7:ad:0e:d2:79:41:34:17:08:de:31:57:34:49: 36:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 14:CE:24:92:C9:AA:52:DF:82:37:E8:14:81:1B:51:41:8D:12:FD:BE X509v3 Authority Key Identifier: keyid:B1:DF:CA:AE:65:33:6D:0C:9C:A4:25:85:A4:6D:98:C9:AC:24:F5:E5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sd_KrmUzbQycpCWFpG2Yyawk9eU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/19877d-3932-472e-9e64-c45e8924c54a/1/sd_KrmUzbQycpCWFpG2Yyawk9eU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/20/19877d-3932-472e-9e64-c45e8924c54a/1/sd_KrmUzbQycpCWFpG2Yyawk9eU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8a:16:7e:ee:87:fd:e4:b5:df:e3:74:16:cf:f4:d7:ee:5e:23: 1b:c1:e4:c5:92:96:d9:5a:a0:a1:b3:db:9f:fa:d0:e2:86:9e: 76:55:e6:48:31:de:e1:d3:d0:56:91:8f:3f:6d:c4:b8:82:b1: 65:c2:c6:13:35:b9:d7:a2:1d:ec:67:c1:be:a4:33:8e:1f:01: e8:3c:2f:02:b8:e6:38:fa:1f:bc:00:b7:e1:30:60:1e:45:35: ac:e2:6a:07:ff:0f:d7:6d:15:57:a2:e7:91:3b:4b:de:28:c1: 61:06:b2:c1:eb:ea:3f:ab:2c:23:8a:36:e5:cc:68:31:c8:da: f6:ed:18:bd:c4:89:e4:0b:01:b1:0a:1d:8e:7d:e2:15:41:4d: 5f:35:99:94:c9:3c:42:cd:5b:d3:10:14:64:7b:d8:4f:43:b9: 1c:02:e9:df:87:1c:61:2e:03:51:eb:fa:b2:36:dd:05:ad:6f: a0:a1:15:63:9a:c8:36:47:e5:d1:a1:92:87:93:75:9e:91:f1: 3c:ce:c3:a9:cb:75:5f:e5:01:7c:99:95:11:ab:ac:36:28:ae: a7:c1:5a:92:13:57:60:0b:c3:43:ec:1b:b2:62:9e:44:5e:91: 93:66:60:3f:cd:54:a1:dc:71:e6:57:e6:fd:a2:ee:e5:a5:a4: c3:b9:89:15 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryQB0EJ3Y9bdKgC83h/vqMMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIxZGZjYWFlNjUzMzZkMGM5Y2E0MjU4NWE0NmQ5OGM5YWMy NGY1ZTUwHhcNMjUxMjA2MDYwMTE5WhcNMjUxMjA3MDYwMTE5WjAzMTEwLwYDVQQD EygxNGNlMjQ5MmM5YWE1MmRmODIzN2U4MTQ4MTFiNTE0MThkMTJmZGJlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAocDaTgbLgK4VX/JQQbd/U2Ry3iNR WMC27ZIwUwlXSHc6AkssjL6VWVTtheD2arip4MoG17dAu3ZZ7l5KZ+uWII0akL8w xVh5jCmuXb63pNMLd1JEmJmBCBneZyktVPbmu05CsrZmgQaDvqoBaDKqky189FOx tKX6JDH5mS5eLlOPrYJSOmcXnvuWovrQpK3MGV05SizLfqKwSlbtJZKjbFgjF1Ee uau8H+f543KxZAWpUiB2fjZ7RVjXz9s1riAYgV3Tjcu8MsjXU/RPtZxOyFcXUtHM owfN1Y2jgZuQbazyC1krNKEyFjhSXP+kwOZZt60O0nlBNBcI3jFXNEk2fQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBTOJJLJqlLfgjfoFIEbUUGNEv2+MB8GA1UdIwQY MBaAFLHfyq5lM20MnKQlhaRtmMmsJPXlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvc2RfS3JtVXpiUXljcENXRnBHMll5YXdrOWVVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC8xOTg3N2QtMzkzMi00NzJlLTllNjQt YzQ1ZTg5MjRjNTRhLzEvc2RfS3JtVXpiUXljcENXRnBHMll5YXdrOWVVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMC8xOTg3N2QtMzkzMi00NzJlLTllNjQtYzQ1ZTg5MjRjNTRh LzEvc2RfS3JtVXpiUXljcENXRnBHMll5YXdrOWVVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAihZ+7of9 5LXf43QWz/TX7l4jG8HkxZKW2VqgobPbn/rQ4oaedlXmSDHe4dPQVpGPP23EuIKx ZcLGEzW516Id7GfBvqQzjh8B6DwvArjmOPofvAC34TBgHkU1rOJqB/8P120VV6Ln kTtL3ijBYQaywevqP6ssI4o25cxoMcja9u0YvcSJ5AsBsQodjn3iFUFNXzWZlMk8 Qs1b0xAUZHvYT0O5HALp34ccYS4DUev6sjbdBa1voKEVY5rINkfl0aGSh5N1npHx PM7Dqct1X+UBfJmVEausNiiup8FakhNXYAvDQ+wbsmKeRF6Rk2ZgP81Uodxx5lfm /aLu5aWkw7mJFQ== -----END CERTIFICATE-----Generated at Sat Dec 6 08:07:16 2025 by rpki-client