This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.mft File: KY60_lwZ8pLyiSTL8VVaj1do2CY.mft (raw, json) Hash identifier: 2fiDTmowZiHDULCcfyEJuM42+FFJM9bIfL3HVW4rOow= Subject key identifier: 4E:8C:FB:3E:6C:71:FE:56:30:13:21:D9:EC:2A:2C:B6:4C:3A:9B:DC Authority key identifier: 29:8E:B4:FE:5C:19:F2:92:F2:89:24:CB:F1:55:5A:8F:57:68:D8:26 Certificate issuer: /CN=298eb4fe5c19f292f28924cbf1555a8f5768d826 Certificate serial: 019B34C4AA9874E3C4414B4BB6CB4AF2F00F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KY60_lwZ8pLyiSTL8VVaj1do2CY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.mft Manifest number: 1781 Signing time: Fri 19 Dec 2025 04:01:02 +0000 Manifest this update: Fri 19 Dec 2025 04:01:02 +0000 Manifest next update: Sat 20 Dec 2025 04:01:02 +0000 Files and hashes: 1: KY60_lwZ8pLyiSTL8VVaj1do2CY.crl (hash: f+PKaFQMC6C7EsnoGivClmuzH1hEMvgTQ9NSch+K1PI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.crl rsync://rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.mft rsync://rpki.ripe.net/repository/DEFAULT/KY60_lwZ8pLyiSTL8VVaj1do2CY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:34:c4:aa:98:74:e3:c4:41:4b:4b:b6:cb:4a:f2:f0:0f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=298eb4fe5c19f292f28924cbf1555a8f5768d826 Validity Not Before: Dec 19 04:01:02 2025 GMT Not After : Dec 20 04:01:02 2025 GMT Subject: CN=4e8cfb3e6c71fe56301321d9ec2a2cb64c3a9bdc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:f5:44:63:ff:d6:04:ca:f1:b5:da:c4:5c:69: 66:a1:89:ad:9d:d9:12:38:dd:f6:92:7b:1e:a2:4d: 27:5c:2e:e8:d1:04:a3:fd:87:39:59:b2:47:23:b9: 17:3d:99:e8:d8:31:41:ea:a5:08:2a:ba:f4:f5:f0: ac:a4:60:14:a0:89:58:29:f3:8f:b4:b0:06:9d:ec: 35:1e:10:33:d1:48:0c:b0:31:8e:ec:af:6e:d9:c8: 9e:72:ba:08:21:56:af:56:13:d9:73:4b:c0:06:f2: 82:19:d4:be:9a:fd:03:3a:6e:ea:d5:86:46:31:12: 9a:99:b5:f8:e9:4d:7b:82:94:98:eb:4c:33:98:db: 04:95:4d:87:75:d2:e8:cd:ac:a9:e0:3e:c3:6d:d2: 3c:7f:04:83:d9:a3:e3:78:fb:38:7a:8d:81:49:7d: d7:3c:86:c2:d9:0b:d5:70:e1:45:57:ad:0f:0c:ff: 71:d0:42:c7:bc:76:22:dc:05:66:d2:9d:73:eb:41: b7:7c:e5:e0:f0:cc:4a:8a:39:10:d3:b0:61:45:e3: 70:60:83:33:8f:3c:1a:17:c2:20:c5:7c:fa:dd:ea: 24:51:76:8e:e5:5c:34:c9:f4:d7:5f:eb:7d:e9:f5: 3f:08:d0:47:68:2d:75:ea:a4:38:a5:09:8f:7f:1d: db:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4E:8C:FB:3E:6C:71:FE:56:30:13:21:D9:EC:2A:2C:B6:4C:3A:9B:DC X509v3 Authority Key Identifier: keyid:29:8E:B4:FE:5C:19:F2:92:F2:89:24:CB:F1:55:5A:8F:57:68:D8:26 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KY60_lwZ8pLyiSTL8VVaj1do2CY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/42/97111c-2e61-4359-8766-6bedf2fbdce2/1/KY60_lwZ8pLyiSTL8VVaj1do2CY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 47:07:b8:4d:43:ce:49:3b:73:0a:3e:3f:12:b2:2c:ea:1b:05: 69:e3:c5:46:a2:e1:55:4a:30:2a:88:86:1e:03:f9:91:37:ac: 3e:7a:ac:55:de:bf:04:f8:29:5e:df:62:27:03:50:75:de:a0: e8:7e:29:01:dd:18:02:a5:e3:f7:d2:af:1d:58:7a:75:d7:04: 37:de:f0:d3:16:a3:64:11:60:60:9b:6f:f3:ff:ae:b5:40:f6: 8d:6d:1b:5c:9d:24:fb:c8:74:c9:d1:ae:45:4c:af:1d:b9:1a: 17:76:49:6f:91:33:66:79:2e:bf:c6:09:22:68:ed:b8:cb:64: ab:40:5f:8b:c9:85:57:ee:af:45:c8:6a:82:dc:e1:86:7d:f0: ee:d8:2b:aa:a7:4d:71:b3:12:64:13:b3:f4:1b:c5:8b:37:b2: a3:65:c5:03:6f:aa:e5:b4:9a:4d:a6:aa:9a:58:17:cc:a1:59: f1:45:ed:b9:93:9e:66:bb:dd:25:04:c7:93:51:a8:0e:a5:ca: c8:58:18:55:e6:9d:28:4e:97:59:06:83:57:e2:72:5c:76:0e: 11:79:2a:65:85:c1:dc:98:c2:4a:ef:02:ff:35:b8:0a:50:7f: c3:9d:77:d8:14:a0:21:c9:60:31:0b:82:87:1f:c3:c1:b2:db: 6d:49:88:b8 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs0xKqYdOPEQUtLtstK8vAPMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI5OGViNGZlNWMxOWYyOTJmMjg5MjRjYmYxNTU1YThmNTc2 OGQ4MjYwHhcNMjUxMjE5MDQwMTAyWhcNMjUxMjIwMDQwMTAyWjAzMTEwLwYDVQQD Eyg0ZThjZmIzZTZjNzFmZTU2MzAxMzIxZDllYzJhMmNiNjRjM2E5YmRjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1/VEY//WBMrxtdrEXGlmoYmtndkS ON32knseok0nXC7o0QSj/Yc5WbJHI7kXPZno2DFB6qUIKrr09fCspGAUoIlYKfOP tLAGnew1HhAz0UgMsDGO7K9u2ciecroIIVavVhPZc0vABvKCGdS+mv0DOm7q1YZG MRKambX46U17gpSY60wzmNsElU2HddLozayp4D7DbdI8fwSD2aPjePs4eo2BSX3X PIbC2QvVcOFFV60PDP9x0ELHvHYi3AVm0p1z60G3fOXg8MxKijkQ07BhReNwYIMz jzwaF8IgxXz63eokUXaO5Vw0yfTXX+t96fU/CNBHaC116qQ4pQmPfx3bHQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFE6M+z5scf5WMBMh2ewqLLZMOpvcMB8GA1UdIwQY MBaAFCmOtP5cGfKS8okky/FVWo9XaNgmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS1k2MF9sd1o4cEx5aVNUTDhWVmFqMWRvMkNZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi85NzExMWMtMmU2MS00MzU5LTg3NjYt NmJlZGYyZmJkY2UyLzEvS1k2MF9sd1o4cEx5aVNUTDhWVmFqMWRvMkNZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Mi85NzExMWMtMmU2MS00MzU5LTg3NjYtNmJlZGYyZmJkY2Uy LzEvS1k2MF9sd1o4cEx5aVNUTDhWVmFqMWRvMkNZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARwe4TUPO STtzCj4/ErIs6hsFaePFRqLhVUowKoiGHgP5kTesPnqsVd6/BPgpXt9iJwNQdd6g 6H4pAd0YAqXj99KvHVh6ddcEN97w0xajZBFgYJtv8/+utUD2jW0bXJ0k+8h0ydGu RUyvHbkaF3ZJb5EzZnkuv8YJImjtuMtkq0Bfi8mFV+6vRchqgtzhhn3w7tgrqqdN cbMSZBOz9BvFizeyo2XFA2+q5bSaTaaqmlgXzKFZ8UXtuZOeZrvdJQTHk1GoDqXK yFgYVeadKE6XWQaDV+JyXHYOEXkqZYXB3JjCSu8C/zW4ClB/w5132BSgIclgMQuC hx/DwbLbbUmIuA== -----END CERTIFICATE-----Generated at Fri Dec 19 05:45:52 2025 by rpki-client