This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/ff2fd0-624d-47f8-be9f-d1f1803b1812/1/kXgw2UHuCQqOMjSPl7gwj9HOCf0.mft File: kXgw2UHuCQqOMjSPl7gwj9HOCf0.mft (raw, json) Hash identifier: 6DChlzw99J5RuptEQ98qpgjwChPig6RUK61TJ9n64xA= Subject key identifier: C6:D2:53:F3:01:99:16:03:AD:14:CF:48:F3:90:EF:3C:52:28:78:B1 Authority key identifier: 91:78:30:D9:41:EE:09:0A:8E:32:34:8F:97:B8:30:8F:D1:CE:09:FD Certificate issuer: /CN=917830d941ee090a8e32348f97b8308fd1ce09fd Certificate serial: 019AF19B909D196B042D725ACD927B728A08 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kXgw2UHuCQqOMjSPl7gwj9HOCf0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/ff2fd0-624d-47f8-be9f-d1f1803b1812/1/kXgw2UHuCQqOMjSPl7gwj9HOCf0.mft Manifest number: 0DDD Signing time: Sat 06 Dec 2025 03:01:35 +0000 Manifest this update: Sat 06 Dec 2025 03:01:35 +0000 Manifest next update: Sun 07 Dec 2025 03:01:35 +0000 Files and hashes: 1: kXgw2UHuCQqOMjSPl7gwj9HOCf0.crl (hash: Eug5NeMhIZKm9ok894JN1foRCLW8Lmi4pTJy8d40tSM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/ff2fd0-624d-47f8-be9f-d1f1803b1812/1/kXgw2UHuCQqOMjSPl7gwj9HOCf0.crl rsync://rpki.ripe.net/repository/DEFAULT/34/ff2fd0-624d-47f8-be9f-d1f1803b1812/1/kXgw2UHuCQqOMjSPl7gwj9HOCf0.mft rsync://rpki.ripe.net/repository/DEFAULT/kXgw2UHuCQqOMjSPl7gwj9HOCf0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 03:01:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:9b:90:9d:19:6b:04:2d:72:5a:cd:92:7b:72:8a:08 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=917830d941ee090a8e32348f97b8308fd1ce09fd Validity Not Before: Dec 6 03:01:35 2025 GMT Not After : Dec 7 03:01:35 2025 GMT Subject: CN=c6d253f301991603ad14cf48f390ef3c522878b1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:61:22:3a:4a:bc:22:b7:77:10:be:3c:8e:76: 8b:b9:18:9f:db:ef:90:a7:f7:3b:56:2e:8f:9a:6e: 57:2e:b3:a3:05:d8:10:15:db:5f:07:4e:f1:a4:46: 4a:0b:69:68:50:e3:32:5c:b1:70:5a:38:b2:71:c4: 31:30:b4:a8:c7:b7:03:c0:99:ee:6a:21:c6:1b:88: c3:e2:c2:7a:c4:e1:d0:a9:33:7f:be:8d:76:99:e4: fb:74:af:32:fd:87:91:4b:70:2f:27:e7:bb:01:18: b5:d5:26:3f:ef:33:5b:91:74:8f:ce:43:3d:31:3e: 5e:c4:7d:6d:2c:fc:1f:bd:bc:fe:85:9f:1a:72:d6: 62:d1:f6:87:7c:82:3c:f1:0a:e3:49:2c:ee:a2:66: 75:f6:5c:2e:4b:92:a2:c8:e7:19:28:9e:20:74:ba: 86:7b:0d:76:b3:30:34:25:66:b0:50:17:44:d8:e7: 97:f6:65:a5:22:d3:2d:9b:7b:20:e1:71:fd:9d:64: 2c:e2:ef:98:8c:7e:a9:c3:0a:11:4e:4f:2e:9f:8f: 56:1b:54:d3:b1:7e:7e:87:4e:d9:ec:9e:b7:bf:66: bf:6d:60:49:ea:c6:f3:02:37:e4:07:13:2c:29:75: fd:ba:99:5f:ec:78:94:0c:b2:af:3d:16:0f:47:02: ef:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C6:D2:53:F3:01:99:16:03:AD:14:CF:48:F3:90:EF:3C:52:28:78:B1 X509v3 Authority Key Identifier: keyid:91:78:30:D9:41:EE:09:0A:8E:32:34:8F:97:B8:30:8F:D1:CE:09:FD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kXgw2UHuCQqOMjSPl7gwj9HOCf0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/ff2fd0-624d-47f8-be9f-d1f1803b1812/1/kXgw2UHuCQqOMjSPl7gwj9HOCf0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/34/ff2fd0-624d-47f8-be9f-d1f1803b1812/1/kXgw2UHuCQqOMjSPl7gwj9HOCf0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption ad:c9:2d:47:34:af:47:54:74:8f:e0:b0:63:ad:48:08:11:3e: 8f:c5:17:1f:69:ba:48:33:84:49:98:78:e5:ce:3a:d9:09:83: ae:8c:e1:72:09:ec:a1:23:cb:54:aa:58:88:d5:b3:2c:de:b1: 62:4d:7b:8c:34:e0:ae:52:db:f3:a6:c2:b5:66:28:c2:66:12: 18:9c:2f:16:c9:fb:23:33:53:b2:6a:d5:57:33:77:37:3d:2a: e9:39:04:e0:c5:36:d0:94:aa:9f:15:f8:66:4f:e7:cd:27:40: a5:8e:5f:7a:79:5c:60:6a:b9:da:41:96:dd:78:71:8c:2e:08: 32:a4:f5:a2:7a:f5:77:20:62:c9:9f:4b:3e:6a:18:6b:ef:1f: 00:31:fc:0b:af:1b:53:6a:34:b1:8b:50:d1:20:a5:c7:fc:08: 20:d2:a1:cd:81:c0:cc:ff:f3:c5:16:68:69:be:aa:95:e1:ca: 15:df:a9:77:8a:0a:52:2e:10:de:58:22:e6:e4:b4:4d:9f:d8: 81:c4:9f:75:f0:2f:08:4b:05:49:02:ed:62:41:63:b7:15:65: a3:3c:8a:b8:b7:66:66:76:85:4d:81:a9:d2:5f:03:ea:55:99: 2c:34:32:b0:ca:b5:0d:9b:f1:3b:cc:45:50:68:80:71:76:b6: f3:29:be:20 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxm5CdGWsELXJazZJ7cooIMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkxNzgzMGQ5NDFlZTA5MGE4ZTMyMzQ4Zjk3YjgzMDhmZDFj ZTA5ZmQwHhcNMjUxMjA2MDMwMTM1WhcNMjUxMjA3MDMwMTM1WjAzMTEwLwYDVQQD EyhjNmQyNTNmMzAxOTkxNjAzYWQxNGNmNDhmMzkwZWYzYzUyMjg3OGIxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo2EiOkq8Ird3EL48jnaLuRif2++Q p/c7Vi6Pmm5XLrOjBdgQFdtfB07xpEZKC2loUOMyXLFwWjiyccQxMLSox7cDwJnu aiHGG4jD4sJ6xOHQqTN/vo12meT7dK8y/YeRS3AvJ+e7ARi11SY/7zNbkXSPzkM9 MT5exH1tLPwfvbz+hZ8actZi0faHfII88QrjSSzuomZ19lwuS5KiyOcZKJ4gdLqG ew12szA0JWawUBdE2OeX9mWlItMtm3sg4XH9nWQs4u+YjH6pwwoRTk8un49WG1TT sX5+h07Z7J63v2a/bWBJ6sbzAjfkBxMsKXX9uplf7HiUDLKvPRYPRwLvzwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMbSU/MBmRYDrRTPSPOQ7zxSKHixMB8GA1UdIwQY MBaAFJF4MNlB7gkKjjI0j5e4MI/Rzgn9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva1hndzJVSHVDUXFPTWpTUGw3Z3dqOUhPQ2YwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9mZjJmZDAtNjI0ZC00N2Y4LWJlOWYt ZDFmMTgwM2IxODEyLzEva1hndzJVSHVDUXFPTWpTUGw3Z3dqOUhPQ2YwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNC9mZjJmZDAtNjI0ZC00N2Y4LWJlOWYtZDFmMTgwM2IxODEy LzEva1hndzJVSHVDUXFPTWpTUGw3Z3dqOUhPQ2YwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArcktRzSv R1R0j+CwY61ICBE+j8UXH2m6SDOESZh45c462QmDrozhcgnsoSPLVKpYiNWzLN6x Yk17jDTgrlLb86bCtWYowmYSGJwvFsn7IzNTsmrVVzN3Nz0q6TkE4MU20JSqnxX4 Zk/nzSdApY5fenlcYGq52kGW3XhxjC4IMqT1onr1dyBiyZ9LPmoYa+8fADH8C68b U2o0sYtQ0SClx/wIINKhzYHAzP/zxRZoab6qleHKFd+pd4oKUi4Q3lgi5uS0TZ/Y gcSfdfAvCEsFSQLtYkFjtxVlozyKuLdmZnaFTYGp0l8D6lWZLDQysMq1DZvxO8xF UGiAcXa28ym+IA== -----END CERTIFICATE-----Generated at Sat Dec 6 11:00:37 2025 by rpki-client