This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/990fda-5905-4e49-a630-15357cd5ece4/1/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.mft File: kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.mft (raw, json) Hash identifier: X4Q3JQYr+l+YlhwQc4O2lYqT/4RUj3jOr1k7S239KyE= Subject key identifier: F5:A1:4F:FA:F7:9F:EA:12:C5:80:40:5A:78:BF:CF:6C:38:56:61:3A Authority key identifier: 91:D3:38:37:0E:10:62:7A:4C:D6:31:E3:FD:E1:86:E1:94:89:8C:81 Certificate issuer: /CN=91d338370e10627a4cd631e3fde186e194898c81 Certificate serial: 019AF12E43DB4CB83C605687FD040BE242BE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/990fda-5905-4e49-a630-15357cd5ece4/1/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.mft Manifest number: 0D4C Signing time: Sat 06 Dec 2025 01:02:12 +0000 Manifest this update: Sat 06 Dec 2025 01:02:12 +0000 Manifest next update: Sun 07 Dec 2025 01:02:12 +0000 Files and hashes: 1: kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.crl (hash: p5LkFNZKqQcZ5q1QbZTL6OKLg+ehV14RbAeQzRzpFII=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/46/990fda-5905-4e49-a630-15357cd5ece4/1/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.crl rsync://rpki.ripe.net/repository/DEFAULT/46/990fda-5905-4e49-a630-15357cd5ece4/1/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.mft rsync://rpki.ripe.net/repository/DEFAULT/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:02:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2e:43:db:4c:b8:3c:60:56:87:fd:04:0b:e2:42:be Signature Algorithm: sha256WithRSAEncryption Issuer: CN=91d338370e10627a4cd631e3fde186e194898c81 Validity Not Before: Dec 6 01:02:12 2025 GMT Not After : Dec 7 01:02:12 2025 GMT Subject: CN=f5a14ffaf79fea12c580405a78bfcf6c3856613a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:ea:b5:93:a8:72:0b:45:0e:83:c8:5d:8d:72: 33:61:69:45:5d:4f:0f:0a:e0:1c:c1:dd:eb:9b:30: 91:a1:bf:36:84:ed:3e:ce:63:ee:0b:f4:b4:de:99: 95:27:04:2e:19:fa:c1:dd:e2:4c:c4:ba:dc:ca:c0: 84:22:bc:08:42:b1:23:c8:b8:27:5a:97:f6:c5:e0: 34:77:d6:89:11:5e:e8:fa:fd:9d:7f:31:d2:36:4c: f6:5b:99:24:f3:1b:12:5f:8c:73:f4:85:89:01:6e: e1:82:47:3a:fb:f7:ea:55:9b:b3:f4:8c:80:74:81: 9e:7f:0d:6d:19:a5:c8:24:13:d1:ff:58:dc:94:2a: b1:30:7a:15:76:36:fd:99:1f:68:8a:20:2f:aa:e8: 49:6f:fa:fc:7a:f1:22:62:bf:0f:74:84:ef:22:5f: 48:6e:67:1b:30:e2:15:e9:fe:4d:2b:c8:97:b0:8c: df:e0:de:4f:5a:13:14:d4:31:b7:5f:52:9c:9d:84: 55:ac:b5:1e:26:c0:0a:45:9f:4c:46:e8:f0:84:dd: e0:db:53:98:e0:16:38:11:c5:7d:d0:c3:02:51:ef: 14:c1:45:26:26:d8:27:cc:fa:78:51:27:37:12:c2: 60:5a:e7:f2:b8:9c:06:69:4d:f1:35:7e:67:13:cb: ab:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F5:A1:4F:FA:F7:9F:EA:12:C5:80:40:5A:78:BF:CF:6C:38:56:61:3A X509v3 Authority Key Identifier: keyid:91:D3:38:37:0E:10:62:7A:4C:D6:31:E3:FD:E1:86:E1:94:89:8C:81 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/990fda-5905-4e49-a630-15357cd5ece4/1/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/46/990fda-5905-4e49-a630-15357cd5ece4/1/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 64:8d:84:64:79:70:d9:36:9f:74:db:81:d4:17:2f:ab:8b:39: f9:e4:3b:a8:cb:6a:17:37:2f:c1:a2:d4:4f:c3:d4:b7:bb:2f: ac:48:84:a8:23:af:34:b5:83:43:31:c5:2a:82:b5:39:f6:6b: cd:cd:28:a6:9a:87:55:eb:01:20:6e:b7:d8:be:ab:04:bc:c4: 77:0a:82:b8:30:81:97:9c:e7:f1:06:5a:7c:2a:1e:c3:74:c5: ad:e5:c3:06:d3:96:78:7b:21:6e:65:07:43:52:00:68:a7:fc: eb:9f:07:d4:cd:25:92:de:c6:2e:40:32:b9:a3:34:af:8a:70: 48:4f:a1:66:09:8d:63:e8:fb:69:14:66:60:a0:2b:34:f9:d4: 25:86:db:93:2c:8e:13:60:22:ad:3a:27:c1:c4:3b:7e:ff:39: 98:5e:88:12:ae:30:2a:55:14:3f:1a:bc:77:fd:20:7d:3d:35: c5:f5:a2:fa:c9:66:68:9c:d5:09:8a:1d:79:9c:76:d9:b5:e4: 34:0e:18:9f:8b:ff:d1:9d:14:12:c5:7e:cf:9e:f0:e9:49:d5: 94:8b:e2:3f:1c:14:31:90:b2:43:6d:32:b8:31:56:58:66:8e: 67:8c:be:9d:77:a3:b1:99:52:bd:09:b1:e5:1c:fa:e1:e9:73: 88:db:30:f0 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLkPbTLg8YFaH/QQL4kK+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkxZDMzODM3MGUxMDYyN2E0Y2Q2MzFlM2ZkZTE4NmUxOTQ4 OThjODEwHhcNMjUxMjA2MDEwMjEyWhcNMjUxMjA3MDEwMjEyWjAzMTEwLwYDVQQD EyhmNWExNGZmYWY3OWZlYTEyYzU4MDQwNWE3OGJmY2Y2YzM4NTY2MTNhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7eq1k6hyC0UOg8hdjXIzYWlFXU8P CuAcwd3rmzCRob82hO0+zmPuC/S03pmVJwQuGfrB3eJMxLrcysCEIrwIQrEjyLgn Wpf2xeA0d9aJEV7o+v2dfzHSNkz2W5kk8xsSX4xz9IWJAW7hgkc6+/fqVZuz9IyA dIGefw1tGaXIJBPR/1jclCqxMHoVdjb9mR9oiiAvquhJb/r8evEiYr8PdITvIl9I bmcbMOIV6f5NK8iXsIzf4N5PWhMU1DG3X1KcnYRVrLUeJsAKRZ9MRujwhN3g21OY 4BY4EcV90MMCUe8UwUUmJtgnzPp4USc3EsJgWufyuJwGaU3xNX5nE8urXQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPWhT/r3n+oSxYBAWni/z2w4VmE6MB8GA1UdIwQY MBaAFJHTODcOEGJ6TNYx4/3hhuGUiYyBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva2RNNE53NFFZbnBNMWpIal9lR0c0WlNKaklFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni85OTBmZGEtNTkwNS00ZTQ5LWE2MzAt MTUzNTdjZDVlY2U0LzEva2RNNE53NFFZbnBNMWpIal9lR0c0WlNKaklFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Ni85OTBmZGEtNTkwNS00ZTQ5LWE2MzAtMTUzNTdjZDVlY2U0 LzEva2RNNE53NFFZbnBNMWpIal9lR0c0WlNKaklFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZI2EZHlw 2TafdNuB1Bcvq4s5+eQ7qMtqFzcvwaLUT8PUt7svrEiEqCOvNLWDQzHFKoK1OfZr zc0oppqHVesBIG632L6rBLzEdwqCuDCBl5zn8QZafCoew3TFreXDBtOWeHshbmUH Q1IAaKf8658H1M0lkt7GLkAyuaM0r4pwSE+hZgmNY+j7aRRmYKArNPnUJYbbkyyO E2AirTonwcQ7fv85mF6IEq4wKlUUPxq8d/0gfT01xfWi+slmaJzVCYodeZx22bXk NA4Yn4v/0Z0UEsV+z57w6UnVlIviPxwUMZCyQ20yuDFWWGaOZ4y+nXejsZlSvQmx 5Rz64elziNsw8A== -----END CERTIFICATE-----Generated at Sat Dec 6 09:21:38 2025 by rpki-client