This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/597975-7117-44f6-9400-e1606be92b98/1/KdIywSew2DMQPDH7UlTsuZVrDEw.mft File: KdIywSew2DMQPDH7UlTsuZVrDEw.mft (raw, json) Hash identifier: fGyEtBeu/+bgFFPlJxLBFvSXQsWwr0Wo/50eedG4aS0= Subject key identifier: 1A:55:3B:00:B9:80:49:C7:3F:FF:B9:68:65:44:A6:6B:B3:0A:DA:8F Authority key identifier: 29:D2:32:C1:27:B0:D8:33:10:3C:31:FB:52:54:EC:B9:95:6B:0C:4C Certificate issuer: /CN=29d232c127b0d833103c31fb5254ecb9956b0c4c Certificate serial: 019AF5AE52DE3E9AA829EB549954774C361A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KdIywSew2DMQPDH7UlTsuZVrDEw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/597975-7117-44f6-9400-e1606be92b98/1/KdIywSew2DMQPDH7UlTsuZVrDEw.mft Manifest number: 030F Signing time: Sat 06 Dec 2025 22:00:33 +0000 Manifest this update: Sat 06 Dec 2025 22:00:33 +0000 Manifest next update: Sun 07 Dec 2025 22:00:33 +0000 Files and hashes: 1: KdIywSew2DMQPDH7UlTsuZVrDEw.crl (hash: A46Z3MlAPNtJef3cPgpYBztdv6yDI6p/pELlUQUl1c8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/597975-7117-44f6-9400-e1606be92b98/1/KdIywSew2DMQPDH7UlTsuZVrDEw.crl rsync://rpki.ripe.net/repository/DEFAULT/8e/597975-7117-44f6-9400-e1606be92b98/1/KdIywSew2DMQPDH7UlTsuZVrDEw.mft rsync://rpki.ripe.net/repository/DEFAULT/KdIywSew2DMQPDH7UlTsuZVrDEw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 14:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:ae:52:de:3e:9a:a8:29:eb:54:99:54:77:4c:36:1a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=29d232c127b0d833103c31fb5254ecb9956b0c4c Validity Not Before: Dec 6 22:00:33 2025 GMT Not After : Dec 7 22:00:33 2025 GMT Subject: CN=1a553b00b98049c73fffb9686544a66bb30ada8f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:c7:28:3c:9c:6f:e2:3d:d9:c2:6c:ee:58:9e: ed:85:8b:16:89:14:30:dc:89:b2:3e:67:79:e8:72: bd:37:50:d8:61:80:ed:25:6a:28:d0:c1:ec:1e:3f: c7:20:d9:ab:6b:b7:d5:b6:11:ac:40:3c:f1:46:8e: 12:c8:05:7b:1e:dc:66:da:33:30:e5:62:ce:6b:c7: cc:3e:3f:bb:a2:eb:7c:ee:bf:13:b5:0c:1c:47:3b: 31:4c:19:a5:f4:bd:f9:71:22:3d:53:ca:17:19:64: 5c:a3:a4:a8:78:86:a0:8b:cf:5c:06:f0:78:cc:f5: d4:82:0a:d0:33:3a:58:fe:70:61:c9:fc:54:90:3d: da:76:61:00:65:2a:8d:e5:29:91:6a:75:cc:ae:74: 28:88:15:ba:3e:88:0c:0b:08:34:08:d7:03:a4:97: c9:76:b2:3b:ea:9f:d9:50:6f:13:ae:72:4d:63:37: 4d:b3:fc:57:12:38:ce:04:0e:ed:2e:05:9c:2c:b8: ac:cd:d6:c7:9b:57:11:79:7e:f9:5a:bc:15:b6:89: b3:0f:f0:33:96:c3:38:b5:e1:16:1a:86:90:ea:1d: d0:31:83:6a:4d:2a:f5:b1:84:ee:2b:2f:1c:c7:be: e8:95:1b:e5:bf:77:83:cc:69:0e:00:4e:11:8d:3d: fd:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1A:55:3B:00:B9:80:49:C7:3F:FF:B9:68:65:44:A6:6B:B3:0A:DA:8F X509v3 Authority Key Identifier: keyid:29:D2:32:C1:27:B0:D8:33:10:3C:31:FB:52:54:EC:B9:95:6B:0C:4C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdIywSew2DMQPDH7UlTsuZVrDEw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/597975-7117-44f6-9400-e1606be92b98/1/KdIywSew2DMQPDH7UlTsuZVrDEw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/597975-7117-44f6-9400-e1606be92b98/1/KdIywSew2DMQPDH7UlTsuZVrDEw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a3:99:67:c9:a9:05:fb:64:6f:80:eb:7d:10:87:fd:b4:5e:bb: c0:56:74:0f:f9:74:5d:49:c3:6b:a7:d0:92:3d:bf:43:5f:92: 07:76:29:e1:04:d2:2f:90:09:4a:e9:ec:23:19:15:3a:22:d7: ef:65:0c:21:de:ee:9a:fa:37:9e:99:d6:06:0b:a6:66:a0:f6: 4d:56:c9:6a:7b:5f:f8:24:5c:ff:9c:fd:f6:05:99:3c:a2:36: 44:f4:0d:27:d1:a8:b4:ee:bd:7f:9a:ce:5c:aa:20:c9:eb:34: ec:19:ca:8b:e3:4b:6a:37:b1:ee:78:21:42:f5:6d:40:2a:3e: 5a:18:71:c4:4f:16:5e:58:0b:56:e5:5b:e2:ed:b1:7c:13:3d: 42:2d:19:85:c1:44:a4:75:45:03:b0:80:a2:95:6e:7b:ef:07: 2d:aa:7c:f0:0a:ed:54:ca:54:12:ea:72:6f:90:ff:40:9e:3b: 42:54:1d:88:f4:99:a8:b7:7f:20:6f:f7:ca:95:70:11:da:e7: 4a:c4:09:34:e4:1a:f1:69:c4:65:02:fe:d6:0a:b8:6b:c8:71: 91:d4:d5:63:fb:ac:10:df:b1:df:8a:2e:d9:3e:49:e1:55:27: 68:25:4e:7d:31:5f:f2:e5:82:c4:86:76:8d:f0:0f:34:93:b3: 65:3c:29:80 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr1rlLePpqoKetUmVR3TDYaMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI5ZDIzMmMxMjdiMGQ4MzMxMDNjMzFmYjUyNTRlY2I5OTU2 YjBjNGMwHhcNMjUxMjA2MjIwMDMzWhcNMjUxMjA3MjIwMDMzWjAzMTEwLwYDVQQD EygxYTU1M2IwMGI5ODA0OWM3M2ZmZmI5Njg2NTQ0YTY2YmIzMGFkYThmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArccoPJxv4j3ZwmzuWJ7thYsWiRQw 3ImyPmd56HK9N1DYYYDtJWoo0MHsHj/HINmra7fVthGsQDzxRo4SyAV7Htxm2jMw 5WLOa8fMPj+7out87r8TtQwcRzsxTBml9L35cSI9U8oXGWRco6SoeIagi89cBvB4 zPXUggrQMzpY/nBhyfxUkD3admEAZSqN5SmRanXMrnQoiBW6PogMCwg0CNcDpJfJ drI76p/ZUG8TrnJNYzdNs/xXEjjOBA7tLgWcLLiszdbHm1cReX75WrwVtomzD/Az lsM4teEWGoaQ6h3QMYNqTSr1sYTuKy8cx77olRvlv3eDzGkOAE4RjT39EwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBpVOwC5gEnHP/+5aGVEpmuzCtqPMB8GA1UdIwQY MBaAFCnSMsEnsNgzEDwx+1JU7LmVawxMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS2RJeXdTZXcyRE1RUERIN1VsVHN1WlZyREV3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS81OTc5NzUtNzExNy00NGY2LTk0MDAt ZTE2MDZiZTkyYjk4LzEvS2RJeXdTZXcyRE1RUERIN1VsVHN1WlZyREV3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84ZS81OTc5NzUtNzExNy00NGY2LTk0MDAtZTE2MDZiZTkyYjk4 LzEvS2RJeXdTZXcyRE1RUERIN1VsVHN1WlZyREV3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAo5lnyakF +2RvgOt9EIf9tF67wFZ0D/l0XUnDa6fQkj2/Q1+SB3Yp4QTSL5AJSunsIxkVOiLX 72UMId7umvo3npnWBgumZqD2TVbJantf+CRc/5z99gWZPKI2RPQNJ9GotO69f5rO XKogyes07BnKi+NLajex7nghQvVtQCo+WhhxxE8WXlgLVuVb4u2xfBM9Qi0ZhcFE pHVFA7CAopVue+8HLap88ArtVMpUEupyb5D/QJ47QlQdiPSZqLd/IG/3ypVwEdrn SsQJNOQa8WnEZQL+1gq4a8hxkdTVY/usEN+x34ou2T5J4VUnaCVOfTFf8uWCxIZ2 jfAPNJOzZTwpgA== -----END CERTIFICATE-----Generated at Sat Dec 6 23:21:04 2025 by rpki-client