This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.mft File: KY2bT7TP4nih65-iA1oInEwlaFg.mft (raw, json) Hash identifier: SzGc8Id7x0B9iRHutTydFboWe2ou6Q+cL6CcLe9NRY0= Subject key identifier: 5F:7F:A9:60:9F:26:7C:98:D2:66:A6:5F:38:E2:9A:F5:C5:AD:D8:EB Authority key identifier: 29:8D:9B:4F:B4:CF:E2:78:A1:EB:9F:A2:03:5A:08:9C:4C:25:68:58 Certificate issuer: /CN=298d9b4fb4cfe278a1eb9fa2035a089c4c256858 Certificate serial: 019B2FD58D74738060F840759444E14904EA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KY2bT7TP4nih65-iA1oInEwlaFg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.mft Manifest number: 0D07 Signing time: Thu 18 Dec 2025 05:01:22 +0000 Manifest this update: Thu 18 Dec 2025 05:01:22 +0000 Manifest next update: Fri 19 Dec 2025 05:01:22 +0000 Files and hashes: 1: KY2bT7TP4nih65-iA1oInEwlaFg.crl (hash: nj1DOwTSZQjFvGbcJ84h6NHZVAZQMOWd+Ok/Qh1IAjg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.crl rsync://rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.mft rsync://rpki.ripe.net/repository/DEFAULT/KY2bT7TP4nih65-iA1oInEwlaFg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 05:01:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2f:d5:8d:74:73:80:60:f8:40:75:94:44:e1:49:04:ea Signature Algorithm: sha256WithRSAEncryption Issuer: CN=298d9b4fb4cfe278a1eb9fa2035a089c4c256858 Validity Not Before: Dec 18 05:01:22 2025 GMT Not After : Dec 19 05:01:22 2025 GMT Subject: CN=5f7fa9609f267c98d266a65f38e29af5c5add8eb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:a9:eb:c6:5e:8c:30:16:02:51:92:6c:ef:0a: 35:7d:8d:dc:b5:cd:93:79:76:65:e2:37:6a:ce:dc: ff:e7:44:20:88:7d:4b:a3:af:bd:97:d5:44:ef:32: 4b:02:7f:74:a3:ef:0a:b6:60:97:63:2c:75:fa:69: 2b:48:92:64:88:e5:9b:79:bd:81:11:24:94:d3:aa: 8e:3d:da:a0:e2:75:6c:39:2c:69:c6:4c:f4:92:82: ef:a1:ec:6c:fd:0c:cb:f2:1b:49:be:f9:06:d2:55: 61:7e:aa:b6:8b:52:b6:1f:22:96:d3:23:b5:de:16: 8a:a5:2c:25:80:d6:ad:88:ae:98:a3:39:0f:45:d8: c6:de:28:4b:92:13:d9:54:79:0a:67:5e:7b:0c:9a: 4a:b5:25:c9:c0:e6:a6:63:cc:5b:3e:ae:c5:98:85: 98:c3:08:d5:c2:82:eb:e5:a3:9d:a2:7e:ff:92:cc: 41:cd:7e:84:14:41:29:09:de:0e:2f:b9:57:ab:31: c4:18:4b:0b:83:c4:d2:4b:77:50:db:7a:64:5a:c9: 7a:f8:f6:23:73:d7:be:29:42:ee:56:b4:60:79:11: 00:4b:96:b5:75:1d:1a:cb:c7:2f:cd:44:57:94:c2: 51:6f:d0:61:11:fa:41:cc:b9:53:93:8d:d4:f8:3d: 89:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5F:7F:A9:60:9F:26:7C:98:D2:66:A6:5F:38:E2:9A:F5:C5:AD:D8:EB X509v3 Authority Key Identifier: keyid:29:8D:9B:4F:B4:CF:E2:78:A1:EB:9F:A2:03:5A:08:9C:4C:25:68:58 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KY2bT7TP4nih65-iA1oInEwlaFg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5b:cc:47:7e:a6:ff:d4:33:d7:32:ad:2d:5e:db:58:64:bc:40: 35:64:0c:7e:df:45:b2:91:57:8b:66:51:27:08:13:5f:3c:ee: fd:22:fc:44:21:20:f8:d0:ef:c1:c3:bb:f7:08:95:2c:9a:4f: a4:c2:8e:18:cc:c8:c6:66:13:e9:9e:b3:d3:02:0c:bc:cc:f0: f1:bd:6d:35:63:a8:ea:b6:5e:35:7e:b0:ed:bf:07:78:6f:48: fc:e8:24:1a:2f:bf:cb:8c:b9:e9:1e:5c:d8:b0:64:63:1e:56: ed:cc:76:38:2b:74:2e:35:50:c5:6b:96:9a:82:e0:9f:62:b1: 48:be:af:7a:ed:c1:09:58:b7:44:cd:2f:a8:9d:41:54:80:5c: be:4b:9d:cd:ed:ff:ef:f7:98:1d:4d:30:98:b7:92:06:6e:9f: f6:c4:35:43:f0:71:c0:0f:8d:ee:ea:cb:3c:0a:94:6b:cd:86: 1f:60:e5:66:43:76:bf:4a:60:36:b4:fb:ab:0b:e3:84:7d:25: b0:7a:19:18:82:ae:21:7c:52:34:f2:f4:f3:5c:0b:d4:a1:f6: f9:24:12:1c:e0:eb:9c:7d:da:4d:fe:a1:73:5c:3c:e7:1f:ad: 90:1c:21:a1:f5:f0:9a:9c:d0:34:a8:c3:7e:ba:60:e1:a3:f9: 59:8c:c4:a6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsv1Y10c4Bg+EB1lEThSQTqMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI5OGQ5YjRmYjRjZmUyNzhhMWViOWZhMjAzNWEwODljNGMy NTY4NTgwHhcNMjUxMjE4MDUwMTIyWhcNMjUxMjE5MDUwMTIyWjAzMTEwLwYDVQQD Eyg1ZjdmYTk2MDlmMjY3Yzk4ZDI2NmE2NWYzOGUyOWFmNWM1YWRkOGViMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxqnrxl6MMBYCUZJs7wo1fY3ctc2T eXZl4jdqztz/50QgiH1Lo6+9l9VE7zJLAn90o+8KtmCXYyx1+mkrSJJkiOWbeb2B ESSU06qOPdqg4nVsOSxpxkz0koLvoexs/QzL8htJvvkG0lVhfqq2i1K2HyKW0yO1 3haKpSwlgNatiK6YozkPRdjG3ihLkhPZVHkKZ157DJpKtSXJwOamY8xbPq7FmIWY wwjVwoLr5aOdon7/ksxBzX6EFEEpCd4OL7lXqzHEGEsLg8TSS3dQ23pkWsl6+PYj c9e+KULuVrRgeREAS5a1dR0ay8cvzURXlMJRb9BhEfpBzLlTk43U+D2J+QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFF9/qWCfJnyY0mamXzjimvXFrdjrMB8GA1UdIwQY MBaAFCmNm0+0z+J4oeufogNaCJxMJWhYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS1kyYlQ3VFA0bmloNjUtaUExb0luRXdsYUZnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS83Mzc3MDMtYzhjMS00NjgyLWJiMDIt ZDgwMGJkZDY4NmUzLzEvS1kyYlQ3VFA0bmloNjUtaUExb0luRXdsYUZnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85OS83Mzc3MDMtYzhjMS00NjgyLWJiMDItZDgwMGJkZDY4NmUz LzEvS1kyYlQ3VFA0bmloNjUtaUExb0luRXdsYUZnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW8xHfqb/ 1DPXMq0tXttYZLxANWQMft9FspFXi2ZRJwgTXzzu/SL8RCEg+NDvwcO79wiVLJpP pMKOGMzIxmYT6Z6z0wIMvMzw8b1tNWOo6rZeNX6w7b8HeG9I/OgkGi+/y4y56R5c 2LBkYx5W7cx2OCt0LjVQxWuWmoLgn2KxSL6veu3BCVi3RM0vqJ1BVIBcvkudze3/ 7/eYHU0wmLeSBm6f9sQ1Q/BxwA+N7urLPAqUa82GH2DlZkN2v0pgNrT7qwvjhH0l sHoZGIKuIXxSNPL081wL1KH2+SQSHODrnH3aTf6hc1w85x+tkBwhofXwmpzQNKjD frpg4aP5WYzEpg== -----END CERTIFICATE-----Generated at Thu Dec 18 14:17:47 2025 by rpki-client