This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/e6d373-44c6-48f7-8b76-fa91c75fb9dc/1/kzIOi-fHTKZVx8PpeLwapg_Y20Q.mft File: kzIOi-fHTKZVx8PpeLwapg_Y20Q.mft (raw, json) Hash identifier: 0FpNh9/Dh0sSgVKwYXgdzk65iNUVbbw71lpTGaglEDQ= Subject key identifier: 2E:DF:C5:E5:B5:8D:0D:87:36:8D:C1:25:58:3B:47:3D:6E:0C:81:17 Authority key identifier: 93:32:0E:8B:E7:C7:4C:A6:55:C7:C3:E9:78:BC:1A:A6:0F:D8:DB:44 Certificate issuer: /CN=93320e8be7c74ca655c7c3e978bc1aa60fd8db44 Certificate serial: 019AF389C2E6E0584B0B3986D00633D6E973 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kzIOi-fHTKZVx8PpeLwapg_Y20Q.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/e6d373-44c6-48f7-8b76-fa91c75fb9dc/1/kzIOi-fHTKZVx8PpeLwapg_Y20Q.mft Manifest number: 16F2 Signing time: Sat 06 Dec 2025 12:01:23 +0000 Manifest this update: Sat 06 Dec 2025 12:01:23 +0000 Manifest next update: Sun 07 Dec 2025 12:01:23 +0000 Files and hashes: 1: kzIOi-fHTKZVx8PpeLwapg_Y20Q.crl (hash: /YyzA0zLThNJEbK3At1kZrk1veJHZ1SnvaOHxbY85EQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/e6d373-44c6-48f7-8b76-fa91c75fb9dc/1/kzIOi-fHTKZVx8PpeLwapg_Y20Q.crl rsync://rpki.ripe.net/repository/DEFAULT/99/e6d373-44c6-48f7-8b76-fa91c75fb9dc/1/kzIOi-fHTKZVx8PpeLwapg_Y20Q.mft rsync://rpki.ripe.net/repository/DEFAULT/kzIOi-fHTKZVx8PpeLwapg_Y20Q.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 12:01:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:89:c2:e6:e0:58:4b:0b:39:86:d0:06:33:d6:e9:73 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=93320e8be7c74ca655c7c3e978bc1aa60fd8db44 Validity Not Before: Dec 6 12:01:23 2025 GMT Not After : Dec 7 12:01:23 2025 GMT Subject: CN=2edfc5e5b58d0d87368dc125583b473d6e0c8117 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:1f:a6:30:1f:2f:6f:83:12:9b:ed:a8:f9:76: 4c:e4:24:73:0d:14:86:48:a0:be:cb:5f:32:00:69: 97:94:ac:70:e7:6e:50:55:94:10:49:b5:bf:69:a4: 2c:bc:56:09:88:25:55:37:4d:af:ce:77:a8:fb:8f: cf:cf:43:f4:82:23:b1:8c:c8:3c:c6:d7:e6:4c:71: d7:10:a1:83:bc:06:1f:c6:2b:13:15:6a:7b:a2:78: 43:f7:10:65:b5:92:40:4e:10:ff:a8:87:41:96:b1: d5:ab:34:61:bb:62:e3:52:2e:39:5e:13:6c:bf:be: 24:9c:1d:8e:05:0f:55:eb:ad:2c:5d:5b:f3:a4:60: 11:81:1e:fb:43:cb:b2:4d:e8:57:b5:a5:85:e8:a7: 87:08:89:6b:cc:3a:6e:a6:2b:67:8f:3d:c9:b0:94: f1:89:dd:bc:b1:e8:97:8b:c0:41:32:1c:6a:b1:62: 75:3c:bb:16:b4:aa:f9:e9:84:b2:ce:d1:6c:07:d4: c3:90:6e:b9:93:e8:45:40:d0:a8:9a:37:f9:ee:e4: 70:71:78:56:23:67:34:8d:c1:c9:dd:47:72:db:44: 20:e4:50:d9:27:04:8b:e9:e3:d0:72:e4:ba:ec:3c: 1b:4c:0d:d8:50:3d:0b:56:c5:b0:f1:78:f4:b9:0b: 66:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2E:DF:C5:E5:B5:8D:0D:87:36:8D:C1:25:58:3B:47:3D:6E:0C:81:17 X509v3 Authority Key Identifier: keyid:93:32:0E:8B:E7:C7:4C:A6:55:C7:C3:E9:78:BC:1A:A6:0F:D8:DB:44 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kzIOi-fHTKZVx8PpeLwapg_Y20Q.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/e6d373-44c6-48f7-8b76-fa91c75fb9dc/1/kzIOi-fHTKZVx8PpeLwapg_Y20Q.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/99/e6d373-44c6-48f7-8b76-fa91c75fb9dc/1/kzIOi-fHTKZVx8PpeLwapg_Y20Q.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 95:0e:66:e6:8d:f2:bd:9a:6c:e4:c8:0a:f3:b7:f7:fa:58:3a: 25:0c:26:76:c9:75:ee:ca:5f:18:a7:5d:4f:1f:14:5b:96:5a: ee:90:2e:16:0e:07:2f:3a:df:e7:28:b7:bc:fe:94:17:83:b2: 60:25:6a:3a:21:5e:6a:bd:60:ca:52:2b:f8:70:42:4c:38:29: ed:c9:d8:5f:37:fc:3e:6a:cc:5a:1e:e3:c1:98:34:af:41:a7: dc:c4:2e:39:c3:9e:39:80:83:9e:dd:5c:7c:63:a7:b4:cd:e5: e9:58:20:d8:7e:98:45:49:76:6d:f1:4a:9f:b0:45:81:22:c4: b9:b2:55:a2:40:1b:05:e5:c7:f3:49:37:5f:1b:f1:3f:e3:e2: d5:22:96:42:17:99:c6:5a:fd:8b:b5:d8:dc:c7:2a:d8:f0:e4: af:6e:ca:f6:78:23:ca:21:7b:ab:82:43:e2:f5:44:cd:3c:2f: 8c:df:c1:57:a9:d1:11:6e:76:12:a3:9a:b1:20:2c:44:f1:db: f6:4c:84:92:5d:a8:6b:d4:93:74:b8:24:6c:55:4b:0a:f0:10: e2:ed:c7:84:2c:fd:fb:45:f5:52:7b:79:19:94:10:3c:7d:68: ad:be:7f:ec:43:dd:d5:ff:33:4c:6b:39:5a:2d:27:1e:0c:aa: 07:6f:85:07 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzicLm4FhLCzmG0AYz1ulzMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkzMzIwZThiZTdjNzRjYTY1NWM3YzNlOTc4YmMxYWE2MGZk OGRiNDQwHhcNMjUxMjA2MTIwMTIzWhcNMjUxMjA3MTIwMTIzWjAzMTEwLwYDVQQD EygyZWRmYzVlNWI1OGQwZDg3MzY4ZGMxMjU1ODNiNDczZDZlMGM4MTE3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnB+mMB8vb4MSm+2o+XZM5CRzDRSG SKC+y18yAGmXlKxw525QVZQQSbW/aaQsvFYJiCVVN02vzneo+4/Pz0P0giOxjMg8 xtfmTHHXEKGDvAYfxisTFWp7onhD9xBltZJAThD/qIdBlrHVqzRhu2LjUi45XhNs v74knB2OBQ9V660sXVvzpGARgR77Q8uyTehXtaWF6KeHCIlrzDpupitnjz3JsJTx id28seiXi8BBMhxqsWJ1PLsWtKr56YSyztFsB9TDkG65k+hFQNComjf57uRwcXhW I2c0jcHJ3Udy20Qg5FDZJwSL6ePQcuS67DwbTA3YUD0LVsWw8Xj0uQtmsQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFC7fxeW1jQ2HNo3BJVg7Rz1uDIEXMB8GA1UdIwQY MBaAFJMyDovnx0ymVcfD6Xi8GqYP2NtEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva3pJT2ktZkhUS1pWeDhQcGVMd2FwZ19ZMjBRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9lNmQzNzMtNDRjNi00OGY3LThiNzYt ZmE5MWM3NWZiOWRjLzEva3pJT2ktZkhUS1pWeDhQcGVMd2FwZ19ZMjBRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85OS9lNmQzNzMtNDRjNi00OGY3LThiNzYtZmE5MWM3NWZiOWRj LzEva3pJT2ktZkhUS1pWeDhQcGVMd2FwZ19ZMjBRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlQ5m5o3y vZps5MgK87f3+lg6JQwmdsl17spfGKddTx8UW5Za7pAuFg4HLzrf5yi3vP6UF4Oy YCVqOiFear1gylIr+HBCTDgp7cnYXzf8PmrMWh7jwZg0r0Gn3MQuOcOeOYCDnt1c fGOntM3l6Vgg2H6YRUl2bfFKn7BFgSLEubJVokAbBeXH80k3XxvxP+Pi1SKWQheZ xlr9i7XY3Mcq2PDkr27K9ngjyiF7q4JD4vVEzTwvjN/BV6nREW52EqOasSAsRPHb 9kyEkl2oa9STdLgkbFVLCvAQ4u3HhCz9+0X1Unt5GZQQPH1orb5/7EPd1f8zTGs5 Wi0nHgyqB2+FBw== -----END CERTIFICATE-----Generated at Sat Dec 6 21:27:49 2025 by rpki-client