This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/d3b3ab-53a1-48ff-a344-82d33f4bac45/1/ky-4K40CkLHKWMx_G-1j5OQ3oMs.mft File: ky-4K40CkLHKWMx_G-1j5OQ3oMs.mft (raw, json) Hash identifier: Vniw51MS8zhu0+vGAMDfX7o1tyDM5WcnL9sY/mpoHX8= Subject key identifier: 22:A7:66:F1:44:48:86:3C:68:BB:CB:92:8C:E5:F3:1E:CF:1B:3F:71 Authority key identifier: 93:2F:B8:2B:8D:02:90:B1:CA:58:CC:7F:1B:ED:63:E4:E4:37:A0:CB Certificate issuer: /CN=932fb82b8d0290b1ca58cc7f1bed63e4e437a0cb Certificate serial: 019AF1D1E9A6F3D7E300741A8118E526EAC4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ky-4K40CkLHKWMx_G-1j5OQ3oMs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/d3b3ab-53a1-48ff-a344-82d33f4bac45/1/ky-4K40CkLHKWMx_G-1j5OQ3oMs.mft Manifest number: 0F4B Signing time: Sat 06 Dec 2025 04:00:57 +0000 Manifest this update: Sat 06 Dec 2025 04:00:57 +0000 Manifest next update: Sun 07 Dec 2025 04:00:57 +0000 Files and hashes: 1: ky-4K40CkLHKWMx_G-1j5OQ3oMs.crl (hash: oxLJT/LQkcoLljWDQg/dryuze7TJT5Mb7mAZ+/Z+IKE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8b/d3b3ab-53a1-48ff-a344-82d33f4bac45/1/ky-4K40CkLHKWMx_G-1j5OQ3oMs.crl rsync://rpki.ripe.net/repository/DEFAULT/8b/d3b3ab-53a1-48ff-a344-82d33f4bac45/1/ky-4K40CkLHKWMx_G-1j5OQ3oMs.mft rsync://rpki.ripe.net/repository/DEFAULT/ky-4K40CkLHKWMx_G-1j5OQ3oMs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:d1:e9:a6:f3:d7:e3:00:74:1a:81:18:e5:26:ea:c4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=932fb82b8d0290b1ca58cc7f1bed63e4e437a0cb Validity Not Before: Dec 6 04:00:57 2025 GMT Not After : Dec 7 04:00:57 2025 GMT Subject: CN=22a766f14448863c68bbcb928ce5f31ecf1b3f71 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:31:4d:fa:b3:9c:ab:4e:d4:26:a3:31:ce:bc: 87:f6:46:f7:0c:2c:9b:3b:72:97:d9:42:9c:89:f5: d1:d8:14:09:41:a6:e1:2d:6b:af:a0:aa:83:97:3d: bf:7f:4e:ec:90:4e:6e:ce:c7:de:a4:6f:dd:e0:6c: 95:1e:7c:2e:b3:a8:bd:a8:4d:ad:26:55:7d:bc:8a: ca:87:5f:72:62:16:9c:dd:5e:55:01:49:05:33:cd: c0:28:8d:0d:69:d6:13:cb:dc:be:23:23:32:7a:b7: 75:0a:3b:97:98:ae:02:a8:8a:3d:d5:36:cf:ee:c2: 2b:b6:1a:e5:ca:34:63:5d:f1:79:0c:8e:25:c1:ff: 1f:6f:9c:6b:02:5c:b1:20:34:8c:2f:2d:eb:21:d5: da:41:84:ed:50:ec:6e:c6:44:01:6b:9b:ef:32:e9: b9:1f:c7:f0:c1:07:42:c6:03:28:0b:ba:9e:89:91: 80:98:88:f1:26:bb:aa:f9:77:82:95:0a:47:de:24: cb:14:14:2d:69:22:21:ab:df:d8:15:e9:d3:81:cb: 04:7c:16:1c:bc:c4:e4:78:c8:af:db:37:2c:5a:9c: 1c:49:ed:93:ac:7a:cd:05:62:59:eb:fd:6c:52:44: ac:3c:c5:2b:03:f5:6b:93:b3:ae:c6:5a:9d:ba:a6: f4:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 22:A7:66:F1:44:48:86:3C:68:BB:CB:92:8C:E5:F3:1E:CF:1B:3F:71 X509v3 Authority Key Identifier: keyid:93:2F:B8:2B:8D:02:90:B1:CA:58:CC:7F:1B:ED:63:E4:E4:37:A0:CB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ky-4K40CkLHKWMx_G-1j5OQ3oMs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/d3b3ab-53a1-48ff-a344-82d33f4bac45/1/ky-4K40CkLHKWMx_G-1j5OQ3oMs.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/d3b3ab-53a1-48ff-a344-82d33f4bac45/1/ky-4K40CkLHKWMx_G-1j5OQ3oMs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 52:6c:21:cc:b6:43:30:bb:89:0f:0f:aa:9d:57:4a:d0:02:44: 98:ec:db:db:0a:e6:87:a4:16:05:75:45:03:eb:97:b3:cc:34: 04:09:dc:35:3f:f2:c4:b1:1d:86:d9:05:05:ee:21:f1:34:9e: 01:d7:ec:3c:f8:5d:3d:a2:c0:43:ff:4e:13:29:ee:cd:ce:d9: b4:c0:61:4f:95:52:1a:2e:f4:79:49:fe:73:7c:38:04:e8:87: 87:43:f1:54:3f:3f:69:5f:4e:0e:da:66:00:1a:72:cb:6d:8a: 25:4a:42:20:a8:76:4b:0b:b6:7e:12:c0:5f:8b:47:cb:33:2b: 63:83:45:3e:bd:96:28:27:2c:0a:d7:64:62:7c:43:ad:3c:49: ed:e8:ea:fd:26:fd:16:85:3b:00:82:49:68:8c:ea:f2:f3:3f: 1b:ba:6e:40:91:d6:fd:51:29:8a:e0:50:b8:10:e6:c0:d1:8b: e1:c8:14:86:c0:1e:0a:25:f6:52:fc:79:2d:f7:0b:94:4d:41: 47:60:4e:75:f5:23:b8:ac:e9:3c:a4:f2:42:2a:6e:15:cb:6a: d7:b2:43:30:b0:78:cc:1f:ec:61:db:12:15:e9:43:33:8e:a3: d1:22:a4:de:12:8c:92:cb:63:59:98:b0:a5:bf:6b:fc:7b:46: 97:5e:05:ec -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrx0emm89fjAHQagRjlJurEMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkzMmZiODJiOGQwMjkwYjFjYTU4Y2M3ZjFiZWQ2M2U0ZTQz N2EwY2IwHhcNMjUxMjA2MDQwMDU3WhcNMjUxMjA3MDQwMDU3WjAzMTEwLwYDVQQD EygyMmE3NjZmMTQ0NDg4NjNjNjhiYmNiOTI4Y2U1ZjMxZWNmMWIzZjcxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5zFN+rOcq07UJqMxzryH9kb3DCyb O3KX2UKcifXR2BQJQabhLWuvoKqDlz2/f07skE5uzsfepG/d4GyVHnwus6i9qE2t JlV9vIrKh19yYhac3V5VAUkFM83AKI0NadYTy9y+IyMyerd1CjuXmK4CqIo91TbP 7sIrthrlyjRjXfF5DI4lwf8fb5xrAlyxIDSMLy3rIdXaQYTtUOxuxkQBa5vvMum5 H8fwwQdCxgMoC7qeiZGAmIjxJruq+XeClQpH3iTLFBQtaSIhq9/YFenTgcsEfBYc vMTkeMiv2zcsWpwcSe2TrHrNBWJZ6/1sUkSsPMUrA/Vrk7Ouxlqduqb0yQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCKnZvFESIY8aLvLkozl8x7PGz9xMB8GA1UdIwQY MBaAFJMvuCuNApCxyljMfxvtY+TkN6DLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva3ktNEs0MENrTEhLV014X0ctMWo1T1Ezb01zLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9kM2IzYWItNTNhMS00OGZmLWEzNDQt ODJkMzNmNGJhYzQ1LzEva3ktNEs0MENrTEhLV014X0ctMWo1T1Ezb01zLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Yi9kM2IzYWItNTNhMS00OGZmLWEzNDQtODJkMzNmNGJhYzQ1 LzEva3ktNEs0MENrTEhLV014X0ctMWo1T1Ezb01zLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUmwhzLZD MLuJDw+qnVdK0AJEmOzb2wrmh6QWBXVFA+uXs8w0BAncNT/yxLEdhtkFBe4h8TSe AdfsPPhdPaLAQ/9OEynuzc7ZtMBhT5VSGi70eUn+c3w4BOiHh0PxVD8/aV9ODtpm ABpyy22KJUpCIKh2Swu2fhLAX4tHyzMrY4NFPr2WKCcsCtdkYnxDrTxJ7ejq/Sb9 FoU7AIJJaIzq8vM/G7puQJHW/VEpiuBQuBDmwNGL4cgUhsAeCiX2Uvx5LfcLlE1B R2BOdfUjuKzpPKTyQipuFctq17JDMLB4zB/sYdsSFelDM46j0SKk3hKMkstjWZiw pb9r/HtGl14F7A== -----END CERTIFICATE-----Generated at Sat Dec 6 09:19:19 2025 by rpki-client