This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/f08170-8d92-4cfa-b733-fbdbe514df5a/1/KYm1iRINOeoU_1OWO_IxV9Mkleo.mft File: KYm1iRINOeoU_1OWO_IxV9Mkleo.mft (raw, json) Hash identifier: hPZs3hywq86F7fvjgMIIAZnFIfLjQTpxDWjV+CGOQWE= Subject key identifier: B2:02:5F:55:A3:8A:0C:AA:AF:97:2B:ED:E8:E8:8B:C4:5A:81:FC:7F Authority key identifier: 29:89:B5:89:12:0D:39:EA:14:FF:53:96:3B:F2:31:57:D3:24:95:EA Certificate issuer: /CN=2989b589120d39ea14ff53963bf23157d32495ea Certificate serial: 019AF088C475ADC8CE73D3B67A4AA9056B5D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KYm1iRINOeoU_1OWO_IxV9Mkleo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/f08170-8d92-4cfa-b733-fbdbe514df5a/1/KYm1iRINOeoU_1OWO_IxV9Mkleo.mft Manifest number: 175E Signing time: Fri 05 Dec 2025 22:01:26 +0000 Manifest this update: Fri 05 Dec 2025 22:01:26 +0000 Manifest next update: Sat 06 Dec 2025 22:01:26 +0000 Files and hashes: 1: KYm1iRINOeoU_1OWO_IxV9Mkleo.crl (hash: NFCevmFwb669hdpJ8KANSzTs9Oj+E4K3AYpdG6q8rZQ=) 2: qCYAPp7Dim0U2WN8VdnzBt9dUOY.roa (hash: A0zVfMWFcmAvQiJtyOik4/Esuwb1ukoj8nbTE0+n850=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/f08170-8d92-4cfa-b733-fbdbe514df5a/1/KYm1iRINOeoU_1OWO_IxV9Mkleo.crl rsync://rpki.ripe.net/repository/DEFAULT/7a/f08170-8d92-4cfa-b733-fbdbe514df5a/1/KYm1iRINOeoU_1OWO_IxV9Mkleo.mft rsync://rpki.ripe.net/repository/DEFAULT/KYm1iRINOeoU_1OWO_IxV9Mkleo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 22:01:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f0:88:c4:75:ad:c8:ce:73:d3:b6:7a:4a:a9:05:6b:5d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2989b589120d39ea14ff53963bf23157d32495ea Validity Not Before: Dec 5 22:01:26 2025 GMT Not After : Dec 6 22:01:26 2025 GMT Subject: CN=b2025f55a38a0caaaf972bede8e88bc45a81fc7f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:63:b1:ca:cc:96:8d:80:d5:2e:db:cb:db:0a: d8:f6:52:e8:50:5a:b6:01:98:45:9a:db:29:4a:44: 22:27:f2:33:46:9b:b2:a3:ea:d3:c3:eb:74:dd:84: b0:03:67:2b:8b:e2:b6:41:6a:be:0f:d1:6e:aa:fc: 1f:ae:2d:88:8a:2b:ed:c2:61:a2:21:33:24:94:9a: bb:c4:b6:87:08:7e:e1:88:3b:93:aa:d8:ed:e1:1c: 00:cb:9a:3c:70:84:f7:1d:c7:b2:fb:ed:0a:18:24: 7f:cf:59:33:c9:43:ce:d0:51:0f:c2:9e:ff:0a:3d: f6:2a:b4:f4:c5:8c:9d:ea:5e:c5:31:02:42:81:1f: 41:b2:7c:c3:6d:cd:7e:f8:a4:61:0d:4c:8f:63:a2: 91:f1:5a:9f:c1:40:e2:e2:d6:2d:0e:e7:4a:80:cc: 7f:c8:00:48:71:be:8a:29:99:b8:9a:cb:ac:b9:dc: 2d:78:d9:d8:a1:ab:da:36:69:0e:f7:97:03:07:46: b9:10:35:eb:e7:27:39:49:24:50:40:54:f6:24:58: 48:dd:2f:b0:0b:c6:c3:13:8e:15:c4:78:00:d3:68: 07:cc:c9:cc:27:82:dc:c3:c4:1c:ff:6c:e5:7a:82: 56:54:80:31:7d:49:be:61:a6:80:8f:c9:b6:fa:d6: 10:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B2:02:5F:55:A3:8A:0C:AA:AF:97:2B:ED:E8:E8:8B:C4:5A:81:FC:7F X509v3 Authority Key Identifier: keyid:29:89:B5:89:12:0D:39:EA:14:FF:53:96:3B:F2:31:57:D3:24:95:EA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KYm1iRINOeoU_1OWO_IxV9Mkleo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/f08170-8d92-4cfa-b733-fbdbe514df5a/1/KYm1iRINOeoU_1OWO_IxV9Mkleo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/f08170-8d92-4cfa-b733-fbdbe514df5a/1/KYm1iRINOeoU_1OWO_IxV9Mkleo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 72:a2:0d:ab:0d:60:30:f4:bf:31:3b:cf:0f:85:cc:87:00:c1: bd:cb:a8:73:b2:8d:22:f9:c4:69:07:81:c8:2b:de:43:c7:9d: b1:11:14:c2:67:9b:0a:bb:5c:c8:7e:f0:b2:0b:9d:b3:fe:04: 04:01:69:50:79:a4:99:dc:2b:fe:85:90:9d:52:5a:d6:bc:0c: d5:26:89:a4:85:13:7d:b9:1f:46:12:01:af:55:cc:7e:5b:d6: 78:48:22:02:1b:d8:6f:5b:39:44:2f:61:59:39:db:05:34:c9: b2:76:c0:df:11:28:73:94:75:5a:f8:13:6b:f0:47:6e:c6:32: 7c:62:38:90:57:91:36:f5:48:97:6a:77:f6:c1:e6:df:a6:e2: 24:af:38:20:1e:0e:16:76:1f:52:70:d0:ef:bd:75:45:67:06: f7:9c:2c:e3:70:1f:ac:ad:45:85:15:f1:13:36:d8:64:12:e8: 40:a3:af:49:53:bc:95:33:81:a8:d4:8c:c2:67:4e:c5:fd:25: ed:fd:18:86:2e:8c:63:bf:ed:37:c6:df:bb:59:aa:53:74:39: 95:17:ff:83:53:d6:e8:75:73:48:8f:a3:92:7c:51:75:01:70: a7:d3:cc:2f:75:31:f8:08:4e:59:56:c7:3a:fa:76:a9:51:0e: 95:ff:d8:33 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrwiMR1rcjOc9O2ekqpBWtdMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI5ODliNTg5MTIwZDM5ZWExNGZmNTM5NjNiZjIzMTU3ZDMy NDk1ZWEwHhcNMjUxMjA1MjIwMTI2WhcNMjUxMjA2MjIwMTI2WjAzMTEwLwYDVQQD EyhiMjAyNWY1NWEzOGEwY2FhYWY5NzJiZWRlOGU4OGJjNDVhODFmYzdmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsGOxysyWjYDVLtvL2wrY9lLoUFq2 AZhFmtspSkQiJ/IzRpuyo+rTw+t03YSwA2cri+K2QWq+D9Fuqvwfri2IiivtwmGi ITMklJq7xLaHCH7hiDuTqtjt4RwAy5o8cIT3Hcey++0KGCR/z1kzyUPO0FEPwp7/ Cj32KrT0xYyd6l7FMQJCgR9BsnzDbc1++KRhDUyPY6KR8VqfwUDi4tYtDudKgMx/ yABIcb6KKZm4msusudwteNnYoavaNmkO95cDB0a5EDXr5yc5SSRQQFT2JFhI3S+w C8bDE44VxHgA02gHzMnMJ4Lcw8Qc/2zleoJWVIAxfUm+YaaAj8m2+tYQ7QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLICX1Wjigyqr5cr7ejoi8Ragfx/MB8GA1UdIwQY MBaAFCmJtYkSDTnqFP9TljvyMVfTJJXqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS1ltMWlSSU5PZW9VXzFPV09fSXhWOU1rbGVvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9mMDgxNzAtOGQ5Mi00Y2ZhLWI3MzMt ZmJkYmU1MTRkZjVhLzEvS1ltMWlSSU5PZW9VXzFPV09fSXhWOU1rbGVvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83YS9mMDgxNzAtOGQ5Mi00Y2ZhLWI3MzMtZmJkYmU1MTRkZjVh LzEvS1ltMWlSSU5PZW9VXzFPV09fSXhWOU1rbGVvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcqINqw1g MPS/MTvPD4XMhwDBvcuoc7KNIvnEaQeByCveQ8edsREUwmebCrtcyH7wsguds/4E BAFpUHmkmdwr/oWQnVJa1rwM1SaJpIUTfbkfRhIBr1XMflvWeEgiAhvYb1s5RC9h WTnbBTTJsnbA3xEoc5R1WvgTa/BHbsYyfGI4kFeRNvVIl2p39sHm36biJK84IB4O FnYfUnDQ7711RWcG95ws43AfrK1FhRXxEzbYZBLoQKOvSVO8lTOBqNSMwmdOxf0l 7f0Yhi6MY7/tN8bfu1mqU3Q5lRf/g1PW6HVzSI+jknxRdQFwp9PML3Ux+AhOWVbH Ovp2qVEOlf/YMw== -----END CERTIFICATE-----Generated at Sat Dec 6 08:08:50 2025 by rpki-client