This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/70669e-5744-4477-86ba-795c3a612e8b/1/KfQ0DfcXYFdICDAMsU_Bdg-uzPk.mft File: KfQ0DfcXYFdICDAMsU_Bdg-uzPk.mft (raw, json) Hash identifier: jzFxZsiXTrVIqAAfKlcAUrI85KGHrg7Q37YDXX4zlcs= Subject key identifier: F2:40:47:7B:B8:29:EF:B2:41:CD:FF:9B:E1:4D:AE:AB:1D:6C:F8:13 Authority key identifier: 29:F4:34:0D:F7:17:60:57:48:08:30:0C:B1:4F:C1:76:0F:AE:CC:F9 Certificate issuer: /CN=29f4340df71760574808300cb14fc1760faeccf9 Certificate serial: 019AF50BBD5847A3E4795EA952453E5E96FC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KfQ0DfcXYFdICDAMsU_Bdg-uzPk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/70669e-5744-4477-86ba-795c3a612e8b/1/KfQ0DfcXYFdICDAMsU_Bdg-uzPk.mft Manifest number: 0217 Signing time: Sat 06 Dec 2025 19:02:58 +0000 Manifest this update: Sat 06 Dec 2025 19:02:58 +0000 Manifest next update: Sun 07 Dec 2025 19:02:58 +0000 Files and hashes: 1: KfQ0DfcXYFdICDAMsU_Bdg-uzPk.crl (hash: QTNTA2d9asiNwb3772vU3jw1r8PwGYRzA6ZbU7/SacI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/70669e-5744-4477-86ba-795c3a612e8b/1/KfQ0DfcXYFdICDAMsU_Bdg-uzPk.crl rsync://rpki.ripe.net/repository/DEFAULT/40/70669e-5744-4477-86ba-795c3a612e8b/1/KfQ0DfcXYFdICDAMsU_Bdg-uzPk.mft rsync://rpki.ripe.net/repository/DEFAULT/KfQ0DfcXYFdICDAMsU_Bdg-uzPk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:0b:bd:58:47:a3:e4:79:5e:a9:52:45:3e:5e:96:fc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=29f4340df71760574808300cb14fc1760faeccf9 Validity Not Before: Dec 6 19:02:58 2025 GMT Not After : Dec 7 19:02:58 2025 GMT Subject: CN=f240477bb829efb241cdff9be14daeab1d6cf813 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:01:93:7e:cc:d3:eb:36:95:1f:3c:f7:09:b0: 1b:37:73:4c:df:7f:19:ba:81:bf:0e:ee:64:5f:ae: fa:b6:84:49:2b:a7:d2:86:98:52:27:e1:3c:10:94: 5f:76:dc:97:42:3a:bc:0b:95:bf:ed:e9:34:d7:b8: 19:44:4c:87:8d:93:3f:11:75:56:70:94:a0:e6:17: 7c:d1:4d:9d:67:dd:92:9f:20:46:d9:94:07:c2:6e: 1d:a9:c5:6a:34:e2:8a:65:ad:e9:01:31:65:8d:ef: 1d:90:a5:43:46:c2:c5:0b:6d:f9:b8:11:c8:07:1d: 76:2f:91:2a:74:42:ac:11:5e:d8:1e:7d:1c:e6:52: 7e:51:f4:05:be:9f:55:13:f8:3e:65:fb:d1:f7:21: ef:07:66:fb:5c:1e:7e:c7:81:7a:18:dc:2e:93:dc: 5a:fb:d4:9b:aa:32:e9:1a:86:c7:46:6b:67:8c:b9: ea:29:99:ea:06:8f:81:38:36:6b:41:4f:91:ce:fc: c4:d4:40:f0:24:72:5a:26:27:b1:d9:7d:3a:3c:48: 4c:47:04:f0:ba:d9:a1:bc:d8:5a:b8:a5:63:a5:98: aa:b2:19:50:c5:8f:a1:0b:22:b8:69:a6:00:1c:8a: 04:3e:cf:09:39:8e:51:b0:d9:52:d9:78:f9:1f:aa: 6c:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F2:40:47:7B:B8:29:EF:B2:41:CD:FF:9B:E1:4D:AE:AB:1D:6C:F8:13 X509v3 Authority Key Identifier: keyid:29:F4:34:0D:F7:17:60:57:48:08:30:0C:B1:4F:C1:76:0F:AE:CC:F9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KfQ0DfcXYFdICDAMsU_Bdg-uzPk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/70669e-5744-4477-86ba-795c3a612e8b/1/KfQ0DfcXYFdICDAMsU_Bdg-uzPk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/40/70669e-5744-4477-86ba-795c3a612e8b/1/KfQ0DfcXYFdICDAMsU_Bdg-uzPk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4d:b2:39:b1:b8:bd:86:00:4b:61:02:61:5e:03:93:61:fa:a3: 9a:2a:43:6e:28:b9:46:a7:00:86:eb:4d:3d:60:04:34:b8:12: 4f:a8:1c:91:da:13:7e:12:86:2b:ec:b0:66:f4:e2:0e:60:35: 90:16:cb:a7:28:ed:b0:d6:26:80:3f:21:85:61:22:7d:a5:27: 27:57:64:da:3a:be:7b:ab:42:89:fa:ed:51:70:5e:76:15:d3: 98:58:cd:ef:cc:fe:ab:74:88:ee:f0:c9:a7:55:e1:23:71:c0: 84:fd:86:32:28:92:93:9e:cd:2c:a7:49:05:74:db:8c:30:39: 36:48:ea:19:77:4e:57:15:af:ba:23:4c:5d:60:f6:a4:c7:23: a8:2f:87:89:21:5a:0e:72:fb:cd:7f:96:70:5b:59:db:18:10: e9:28:b7:5a:fb:41:4e:43:d5:29:12:5f:7f:21:e1:8e:be:66: 6c:a1:be:3b:77:32:a1:93:bf:02:51:35:18:42:10:00:e6:bc: 6d:75:b0:ba:bf:3d:50:35:85:23:d9:d1:9a:37:de:66:c7:d2: 70:66:7c:7a:92:7c:fc:40:96:ee:42:32:e1:43:f8:4a:29:21: 88:78:30:62:d4:56:52:a1:0d:57:13:2b:dc:2a:86:61:9c:8e: e6:73:87:05 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr1C71YR6PkeV6pUkU+Xpb8MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI5ZjQzNDBkZjcxNzYwNTc0ODA4MzAwY2IxNGZjMTc2MGZh ZWNjZjkwHhcNMjUxMjA2MTkwMjU4WhcNMjUxMjA3MTkwMjU4WjAzMTEwLwYDVQQD EyhmMjQwNDc3YmI4MjllZmIyNDFjZGZmOWJlMTRkYWVhYjFkNmNmODEzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlwGTfszT6zaVHzz3CbAbN3NM338Z uoG/Du5kX676toRJK6fShphSJ+E8EJRfdtyXQjq8C5W/7ek017gZREyHjZM/EXVW cJSg5hd80U2dZ92SnyBG2ZQHwm4dqcVqNOKKZa3pATFlje8dkKVDRsLFC235uBHI Bx12L5EqdEKsEV7YHn0c5lJ+UfQFvp9VE/g+ZfvR9yHvB2b7XB5+x4F6GNwuk9xa +9SbqjLpGobHRmtnjLnqKZnqBo+BODZrQU+RzvzE1EDwJHJaJiex2X06PEhMRwTw utmhvNhauKVjpZiqshlQxY+hCyK4aaYAHIoEPs8JOY5RsNlS2Xj5H6ps6QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPJAR3u4Ke+yQc3/m+FNrqsdbPgTMB8GA1UdIwQY MBaAFCn0NA33F2BXSAgwDLFPwXYPrsz5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS2ZRMERmY1hZRmRJQ0RBTXNVX0JkZy11elBrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC83MDY2OWUtNTc0NC00NDc3LTg2YmEt Nzk1YzNhNjEyZThiLzEvS2ZRMERmY1hZRmRJQ0RBTXNVX0JkZy11elBrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80MC83MDY2OWUtNTc0NC00NDc3LTg2YmEtNzk1YzNhNjEyZThi LzEvS2ZRMERmY1hZRmRJQ0RBTXNVX0JkZy11elBrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATbI5sbi9 hgBLYQJhXgOTYfqjmipDbii5RqcAhutNPWAENLgST6gckdoTfhKGK+ywZvTiDmA1 kBbLpyjtsNYmgD8hhWEifaUnJ1dk2jq+e6tCifrtUXBedhXTmFjN78z+q3SI7vDJ p1XhI3HAhP2GMiiSk57NLKdJBXTbjDA5NkjqGXdOVxWvuiNMXWD2pMcjqC+HiSFa DnL7zX+WcFtZ2xgQ6Si3WvtBTkPVKRJffyHhjr5mbKG+O3cyoZO/AlE1GEIQAOa8 bXWwur89UDWFI9nRmjfeZsfScGZ8epJ8/ECW7kIy4UP4SikhiHgwYtRWUqENVxMr 3CqGYZyO5nOHBQ== -----END CERTIFICATE-----Generated at Sat Dec 6 22:02:52 2025 by rpki-client