This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.mft File: KY2bT7TP4nih65-iA1oInEwlaFg.mft (raw, json) Hash identifier: IPMMyl6umQ5HKFkHOvp9qcq1dSrQgLcEBp87iOaSO94= Subject key identifier: FC:25:C8:7A:73:C9:8D:9E:82:92:75:F6:ED:F4:E9:38:56:3A:3C:7C Authority key identifier: 29:8D:9B:4F:B4:CF:E2:78:A1:EB:9F:A2:03:5A:08:9C:4C:25:68:58 Certificate issuer: /CN=298d9b4fb4cfe278a1eb9fa2035a089c4c256858 Certificate serial: 019AF208E9906E71FBFAAF5482AE1535E720 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KY2bT7TP4nih65-iA1oInEwlaFg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.mft Manifest number: 0CE7 Signing time: Sat 06 Dec 2025 05:01:01 +0000 Manifest this update: Sat 06 Dec 2025 05:01:01 +0000 Manifest next update: Sun 07 Dec 2025 05:01:01 +0000 Files and hashes: 1: KY2bT7TP4nih65-iA1oInEwlaFg.crl (hash: K/l4KkBmsrPmcK0uc6yhT2LusTChPoGZ+zg4P0upOEY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.crl rsync://rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.mft rsync://rpki.ripe.net/repository/DEFAULT/KY2bT7TP4nih65-iA1oInEwlaFg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:08:e9:90:6e:71:fb:fa:af:54:82:ae:15:35:e7:20 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=298d9b4fb4cfe278a1eb9fa2035a089c4c256858 Validity Not Before: Dec 6 05:01:01 2025 GMT Not After : Dec 7 05:01:01 2025 GMT Subject: CN=fc25c87a73c98d9e829275f6edf4e938563a3c7c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:88:e0:58:e0:72:e7:aa:ca:40:07:b1:24:d5: fe:a2:78:e3:39:48:53:b5:b0:d0:9e:85:45:8d:ae: c4:af:3e:85:9b:2f:28:38:e3:01:29:c9:a0:a9:aa: f4:85:a9:3a:0b:ef:d6:51:ec:bb:7a:ac:0a:aa:cd: 77:3c:7c:21:2c:b8:97:9a:58:83:99:9c:7b:0a:26: b6:81:8e:44:b2:34:18:95:8f:47:cd:14:2d:00:5f: f3:ab:77:39:12:01:43:bf:1d:2b:3e:00:d4:e9:ab: 65:dd:7b:a5:4c:93:23:af:aa:f4:c0:d3:a2:3d:4c: ca:ec:5c:d3:ca:f6:25:f1:5a:6d:50:8a:f6:eb:cf: 26:e1:1d:c7:26:d3:ec:41:e4:06:ff:30:24:5f:ef: b1:ed:6e:2a:c0:00:63:ca:b5:dc:44:01:0a:8d:38: d2:b8:68:06:6a:a3:06:25:e4:03:42:b8:cb:51:df: 04:ba:dd:42:bf:2a:a0:12:7a:eb:b3:94:17:2a:23: 45:a0:c3:e8:45:d0:03:de:53:c6:b5:95:f0:b8:40: 63:10:38:9c:92:56:67:c3:02:16:72:a2:8f:30:8b: e7:15:b2:94:3d:e7:26:58:61:16:f0:25:ca:13:73: 1d:be:61:d4:03:69:86:55:75:03:4e:6c:76:a0:87: 2d:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FC:25:C8:7A:73:C9:8D:9E:82:92:75:F6:ED:F4:E9:38:56:3A:3C:7C X509v3 Authority Key Identifier: keyid:29:8D:9B:4F:B4:CF:E2:78:A1:EB:9F:A2:03:5A:08:9C:4C:25:68:58 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KY2bT7TP4nih65-iA1oInEwlaFg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/99/737703-c8c1-4682-bb02-d800bdd686e3/1/KY2bT7TP4nih65-iA1oInEwlaFg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 38:31:f0:c9:ca:0b:a9:c5:22:93:0f:0c:9a:83:d5:84:0a:e6: 43:13:e3:8b:57:4a:d4:3e:46:2e:f9:fc:b1:cc:3e:40:13:6f: 6f:2a:6a:f4:6d:dc:28:6b:be:ff:d1:f5:13:2a:bb:68:57:2b: 65:a6:4a:12:68:58:d1:4f:56:2f:a2:41:76:e1:0d:78:b5:ea: ca:94:63:54:ad:81:83:b0:c3:9e:a4:8c:a9:68:17:eb:7b:f2: 9f:0b:5f:74:50:94:72:9e:1c:cf:3c:39:01:15:73:28:92:98: 81:03:4e:d7:b5:07:00:0d:de:33:5b:ef:16:0e:14:60:25:7e: 2c:90:09:e4:f7:57:10:98:72:ca:36:b6:23:82:f2:4c:58:59: b8:f2:11:f6:db:de:00:cc:ea:11:0e:4a:e7:b3:60:c7:77:0e: aa:ca:c8:c9:b5:4d:16:6e:bd:1b:cf:04:9c:77:18:54:09:d5: 02:70:ee:70:85:d5:cc:12:b1:f4:6b:01:fa:01:41:fa:49:a9: 75:36:d3:27:00:12:2c:0b:e1:2e:a9:16:3e:a6:b8:93:ea:f9: 51:e9:82:27:0a:93:42:69:00:9c:a0:a8:39:6c:f9:a6:8e:a4: bd:ff:a9:a6:c5:64:ad:4f:55:62:1b:69:12:d0:ac:43:86:24: 1f:e0:65:c0 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryCOmQbnH7+q9Ugq4VNecgMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI5OGQ5YjRmYjRjZmUyNzhhMWViOWZhMjAzNWEwODljNGMy NTY4NTgwHhcNMjUxMjA2MDUwMTAxWhcNMjUxMjA3MDUwMTAxWjAzMTEwLwYDVQQD EyhmYzI1Yzg3YTczYzk4ZDllODI5Mjc1ZjZlZGY0ZTkzODU2M2EzYzdjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqIjgWOBy56rKQAexJNX+onjjOUhT tbDQnoVFja7Erz6Fmy8oOOMBKcmgqar0hak6C+/WUey7eqwKqs13PHwhLLiXmliD mZx7Cia2gY5EsjQYlY9HzRQtAF/zq3c5EgFDvx0rPgDU6atl3XulTJMjr6r0wNOi PUzK7FzTyvYl8VptUIr2688m4R3HJtPsQeQG/zAkX++x7W4qwABjyrXcRAEKjTjS uGgGaqMGJeQDQrjLUd8Eut1CvyqgEnrrs5QXKiNFoMPoRdAD3lPGtZXwuEBjEDic klZnwwIWcqKPMIvnFbKUPecmWGEW8CXKE3MdvmHUA2mGVXUDTmx2oIctwQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPwlyHpzyY2egpJ19u306ThWOjx8MB8GA1UdIwQY MBaAFCmNm0+0z+J4oeufogNaCJxMJWhYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS1kyYlQ3VFA0bmloNjUtaUExb0luRXdsYUZnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS83Mzc3MDMtYzhjMS00NjgyLWJiMDIt ZDgwMGJkZDY4NmUzLzEvS1kyYlQ3VFA0bmloNjUtaUExb0luRXdsYUZnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85OS83Mzc3MDMtYzhjMS00NjgyLWJiMDItZDgwMGJkZDY4NmUz LzEvS1kyYlQ3VFA0bmloNjUtaUExb0luRXdsYUZnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAODHwycoL qcUikw8MmoPVhArmQxPji1dK1D5GLvn8scw+QBNvbypq9G3cKGu+/9H1Eyq7aFcr ZaZKEmhY0U9WL6JBduENeLXqypRjVK2Bg7DDnqSMqWgX63vynwtfdFCUcp4czzw5 ARVzKJKYgQNO17UHAA3eM1vvFg4UYCV+LJAJ5PdXEJhyyja2I4LyTFhZuPIR9tve AMzqEQ5K57Ngx3cOqsrIybVNFm69G88EnHcYVAnVAnDucIXVzBKx9GsB+gFB+kmp dTbTJwASLAvhLqkWPqa4k+r5UemCJwqTQmkAnKCoOWz5po6kvf+ppsVkrU9VYhtp EtCsQ4YkH+BlwA== -----END CERTIFICATE-----Generated at Sat Dec 6 12:59:11 2025 by rpki-client