This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/854660-5fa6-427e-a5e8-654da8b40716/1/KyO4dALEaK1icsN77YjlzcbkwGE.mft File: KyO4dALEaK1icsN77YjlzcbkwGE.mft (raw, json) Hash identifier: mkS2/uwFUnf8ha+nmQUlKjmFvL1NyvGtJqo28Qi8kPs= Subject key identifier: 53:C3:A2:9B:DF:73:6F:4C:1B:67:4F:7E:B5:7F:B3:A0:64:E4:2B:9C Authority key identifier: 2B:23:B8:74:02:C4:68:AD:62:72:C3:7B:ED:88:E5:CD:C6:E4:C0:61 Certificate issuer: /CN=2b23b87402c468ad6272c37bed88e5cdc6e4c061 Certificate serial: 019AF3F70EDF9B56BE8810DB9C2F474D5593 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KyO4dALEaK1icsN77YjlzcbkwGE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/854660-5fa6-427e-a5e8-654da8b40716/1/KyO4dALEaK1icsN77YjlzcbkwGE.mft Manifest number: 0237 Signing time: Sat 06 Dec 2025 14:00:45 +0000 Manifest this update: Sat 06 Dec 2025 14:00:45 +0000 Manifest next update: Sun 07 Dec 2025 14:00:45 +0000 Files and hashes: 1: KyO4dALEaK1icsN77YjlzcbkwGE.crl (hash: gbRt8PNOP0XmXCodhPeGnNbQQoHKo0BQ2xZp8CKrLPU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2e/854660-5fa6-427e-a5e8-654da8b40716/1/KyO4dALEaK1icsN77YjlzcbkwGE.crl rsync://rpki.ripe.net/repository/DEFAULT/2e/854660-5fa6-427e-a5e8-654da8b40716/1/KyO4dALEaK1icsN77YjlzcbkwGE.mft rsync://rpki.ripe.net/repository/DEFAULT/KyO4dALEaK1icsN77YjlzcbkwGE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:f7:0e:df:9b:56:be:88:10:db:9c:2f:47:4d:55:93 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2b23b87402c468ad6272c37bed88e5cdc6e4c061 Validity Not Before: Dec 6 14:00:45 2025 GMT Not After : Dec 7 14:00:45 2025 GMT Subject: CN=53c3a29bdf736f4c1b674f7eb57fb3a064e42b9c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:6d:02:b1:16:74:3f:a9:b1:a2:ca:81:31:b9: 81:a3:79:c3:6a:c1:39:71:33:c4:87:1d:37:87:32: 9d:65:00:eb:52:a4:56:df:4b:53:75:5b:a3:49:4d: 35:46:fa:37:0c:ba:e9:ce:fe:fe:0a:90:25:fc:97: 8d:66:c8:18:5f:47:05:81:5e:10:ce:f3:6a:1d:d3: fb:8e:a9:ad:7e:99:fc:23:df:8f:eb:e2:6e:27:e6: 55:bd:28:61:3d:8e:17:2e:51:bf:37:15:d7:94:6f: d9:87:1e:38:b2:3e:b1:e0:05:f3:24:e6:d9:dc:6f: 58:19:07:ca:f6:83:6c:ae:f1:08:64:ec:07:20:25: ca:30:ce:3e:34:61:86:e4:21:e1:b1:8d:72:4d:8f: 0d:4b:c8:bc:45:0d:82:1a:3e:24:ae:10:f2:a5:28: be:f9:09:8f:f4:b8:3f:a5:23:9d:79:ab:c2:c7:fc: 34:a8:23:49:af:5c:fe:21:0a:f2:37:06:99:94:cc: a4:2e:3a:51:96:be:35:93:f3:fe:a4:a0:6c:c1:e4: e1:a7:a1:57:1e:8e:ab:e2:4c:d3:53:b8:d8:76:69: c9:28:b9:e9:ec:ce:ad:e9:3a:0a:a1:19:32:07:1b: 67:27:96:ff:8c:5e:49:16:0b:98:f1:30:55:c1:3a: 7c:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 53:C3:A2:9B:DF:73:6F:4C:1B:67:4F:7E:B5:7F:B3:A0:64:E4:2B:9C X509v3 Authority Key Identifier: keyid:2B:23:B8:74:02:C4:68:AD:62:72:C3:7B:ED:88:E5:CD:C6:E4:C0:61 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KyO4dALEaK1icsN77YjlzcbkwGE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/854660-5fa6-427e-a5e8-654da8b40716/1/KyO4dALEaK1icsN77YjlzcbkwGE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/854660-5fa6-427e-a5e8-654da8b40716/1/KyO4dALEaK1icsN77YjlzcbkwGE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b9:5a:68:58:5e:06:d2:0c:4d:90:ae:40:27:5e:ad:47:39:22: bc:5a:91:71:c8:f7:47:a3:c1:ed:d3:a5:56:10:25:ee:75:6c: 98:26:6b:5f:86:fd:0d:77:47:f5:b6:c0:e8:93:6f:65:9a:2a: 9e:3b:9b:45:82:36:20:87:05:67:e3:d4:49:6f:7f:32:4b:1f: 31:e0:3b:3b:33:d7:7d:8c:3e:f1:c1:56:d2:e9:b0:a1:fc:34: 78:65:3c:a5:ad:c5:f3:83:57:73:38:3a:20:45:2f:ea:93:3e: 54:69:48:e8:e3:43:c7:b0:4d:89:48:77:0b:d3:93:ba:a0:ed: 49:22:cb:18:7b:69:e7:a4:86:99:3e:fc:d0:c4:22:d1:af:e7: da:de:31:4f:a1:89:30:81:dd:e6:96:ac:63:a7:55:ba:a0:aa: da:9f:0c:36:ce:53:30:34:ac:2e:a0:a2:6e:cc:8e:d8:55:cc: b8:7b:a3:8c:73:37:91:19:c7:ef:6a:5f:67:c1:f8:78:57:da: 05:94:9c:9b:cd:07:6f:7e:4c:41:b4:af:21:4d:b1:82:56:6d: 0f:f7:32:0f:b4:9b:b8:03:67:cd:9b:b7:5c:63:5e:17:12:e9: 37:4b:36:2f:75:35:5b:11:84:33:05:db:df:d1:1d:0f:1a:54: 1a:4e:b1:3f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrz9w7fm1a+iBDbnC9HTVWTMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJiMjNiODc0MDJjNDY4YWQ2MjcyYzM3YmVkODhlNWNkYzZl NGMwNjEwHhcNMjUxMjA2MTQwMDQ1WhcNMjUxMjA3MTQwMDQ1WjAzMTEwLwYDVQQD Eyg1M2MzYTI5YmRmNzM2ZjRjMWI2NzRmN2ViNTdmYjNhMDY0ZTQyYjljMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3W0CsRZ0P6mxosqBMbmBo3nDasE5 cTPEhx03hzKdZQDrUqRW30tTdVujSU01Rvo3DLrpzv7+CpAl/JeNZsgYX0cFgV4Q zvNqHdP7jqmtfpn8I9+P6+JuJ+ZVvShhPY4XLlG/NxXXlG/Zhx44sj6x4AXzJObZ 3G9YGQfK9oNsrvEIZOwHICXKMM4+NGGG5CHhsY1yTY8NS8i8RQ2CGj4krhDypSi+ +QmP9Lg/pSOdeavCx/w0qCNJr1z+IQryNwaZlMykLjpRlr41k/P+pKBsweThp6FX Ho6r4kzTU7jYdmnJKLnp7M6t6ToKoRkyBxtnJ5b/jF5JFguY8TBVwTp8HwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFPDopvfc29MG2dPfrV/s6Bk5CucMB8GA1UdIwQY MBaAFCsjuHQCxGitYnLDe+2I5c3G5MBhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS3lPNGRBTEVhSzFpY3NONzdZamx6Y2Jrd0dFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS84NTQ2NjAtNWZhNi00MjdlLWE1ZTgt NjU0ZGE4YjQwNzE2LzEvS3lPNGRBTEVhSzFpY3NONzdZamx6Y2Jrd0dFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yZS84NTQ2NjAtNWZhNi00MjdlLWE1ZTgtNjU0ZGE4YjQwNzE2 LzEvS3lPNGRBTEVhSzFpY3NONzdZamx6Y2Jrd0dFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuVpoWF4G 0gxNkK5AJ16tRzkivFqRccj3R6PB7dOlVhAl7nVsmCZrX4b9DXdH9bbA6JNvZZoq njubRYI2IIcFZ+PUSW9/MksfMeA7OzPXfYw+8cFW0umwofw0eGU8pa3F84NXczg6 IEUv6pM+VGlI6ONDx7BNiUh3C9OTuqDtSSLLGHtp56SGmT780MQi0a/n2t4xT6GJ MIHd5pasY6dVuqCq2p8MNs5TMDSsLqCibsyO2FXMuHujjHM3kRnH72pfZ8H4eFfa BZScm80Hb35MQbSvIU2xglZtD/cyD7SbuANnzZu3XGNeFxLpN0s2L3U1WxGEMwXb 39EdDxpUGk6xPw== -----END CERTIFICATE-----Generated at Sat Dec 6 20:27:44 2025 by rpki-client