This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/9eab6d-6b35-4a5a-afb1-251f22093d04/1/KrmiSem1jILhRV6yM5RVsDHn3d8.mft File: KrmiSem1jILhRV6yM5RVsDHn3d8.mft (raw, json) Hash identifier: sV2gY8mljmN33mpmrkjjCWucjdyht+6ZNkw/lDpyvGA= Subject key identifier: 98:C1:42:AF:DB:E8:F5:2B:5B:7E:94:D1:B5:79:B6:98:CE:CA:C6:12 Authority key identifier: 2A:B9:A2:49:E9:B5:8C:82:E1:45:5E:B2:33:94:55:B0:31:E7:DD:DF Certificate issuer: /CN=2ab9a249e9b58c82e1455eb2339455b031e7dddf Certificate serial: 019AF19B9BB8F18CBD45A15712FB97C30EB9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KrmiSem1jILhRV6yM5RVsDHn3d8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/9eab6d-6b35-4a5a-afb1-251f22093d04/1/KrmiSem1jILhRV6yM5RVsDHn3d8.mft Manifest number: 175E Signing time: Sat 06 Dec 2025 03:01:38 +0000 Manifest this update: Sat 06 Dec 2025 03:01:38 +0000 Manifest next update: Sun 07 Dec 2025 03:01:38 +0000 Files and hashes: 1: KrmiSem1jILhRV6yM5RVsDHn3d8.crl (hash: cUl5qUhrsih9JJI+91z+lZVcZXscwJJJSDzkIL5iiwA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/9eab6d-6b35-4a5a-afb1-251f22093d04/1/KrmiSem1jILhRV6yM5RVsDHn3d8.crl rsync://rpki.ripe.net/repository/DEFAULT/a2/9eab6d-6b35-4a5a-afb1-251f22093d04/1/KrmiSem1jILhRV6yM5RVsDHn3d8.mft rsync://rpki.ripe.net/repository/DEFAULT/KrmiSem1jILhRV6yM5RVsDHn3d8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 03:01:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:9b:9b:b8:f1:8c:bd:45:a1:57:12:fb:97:c3:0e:b9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2ab9a249e9b58c82e1455eb2339455b031e7dddf Validity Not Before: Dec 6 03:01:38 2025 GMT Not After : Dec 7 03:01:38 2025 GMT Subject: CN=98c142afdbe8f52b5b7e94d1b579b698cecac612 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:e8:67:c5:72:7d:c7:5f:c3:44:51:12:cb:11: 04:30:03:55:b1:f7:4e:0e:2e:36:20:73:93:31:1f: 39:5b:f9:ad:6e:9f:61:46:01:0d:c6:af:e4:84:f4: 89:b4:7a:c3:d4:ec:2b:cb:4e:5b:e2:72:5e:1d:80: f4:68:2f:63:4b:43:3d:e0:97:3b:b6:4b:39:f7:20: 77:3d:c0:74:fb:a5:0d:e5:02:8f:35:36:7f:d3:33: e5:3f:71:2e:e9:57:1c:e1:42:4f:64:ba:8f:dc:aa: 6f:76:f6:e7:07:7b:5d:0a:0d:4e:c2:68:c0:e4:f1: cb:2c:90:fa:dc:8a:29:95:cd:3d:e7:fa:21:87:7e: 9d:c8:d4:10:9e:d8:34:95:05:43:02:8f:ca:62:d7: 5b:c3:2b:e1:b9:c9:3d:6b:71:5d:3e:d4:00:a1:3e: 8e:f5:ee:f4:01:13:f5:e1:71:eb:57:09:2f:2f:60: 17:1e:39:93:5b:c0:a2:11:c0:09:8d:b6:41:27:a3: 66:16:10:af:b8:98:b1:20:22:04:39:e1:af:ea:f4: 1c:05:30:fa:9b:31:f7:f2:15:71:04:b1:d9:99:b0: 91:87:44:f3:52:27:99:10:6d:4f:c6:f7:7f:12:ae: 53:1d:79:73:50:22:bd:25:5b:6d:75:ed:e1:66:e4: 80:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 98:C1:42:AF:DB:E8:F5:2B:5B:7E:94:D1:B5:79:B6:98:CE:CA:C6:12 X509v3 Authority Key Identifier: keyid:2A:B9:A2:49:E9:B5:8C:82:E1:45:5E:B2:33:94:55:B0:31:E7:DD:DF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KrmiSem1jILhRV6yM5RVsDHn3d8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/9eab6d-6b35-4a5a-afb1-251f22093d04/1/KrmiSem1jILhRV6yM5RVsDHn3d8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/9eab6d-6b35-4a5a-afb1-251f22093d04/1/KrmiSem1jILhRV6yM5RVsDHn3d8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption da:e8:b3:81:9a:f0:b9:ca:0a:85:f1:27:00:a0:28:7d:1a:7f: cb:50:48:7d:b7:c5:42:b6:77:5c:5b:50:ca:be:9b:f2:dd:b5: 51:df:24:44:e0:95:50:69:85:25:0a:76:04:8e:49:67:f7:15: dc:71:1e:61:bf:48:c9:27:a2:c1:7a:6f:96:d1:9e:8b:c8:37: f3:11:f9:75:58:19:2f:ee:01:4c:c5:ca:fb:f2:3b:fe:e7:17: bd:ce:3e:e9:3a:2f:74:56:55:a2:28:e8:01:fd:a7:29:8d:6f: cf:76:ee:46:e8:b7:10:18:6e:d1:22:c4:5a:e7:94:0d:1f:02: 91:35:f7:ad:6e:2d:cf:45:59:58:52:e5:1f:b0:bb:b0:a8:82: 01:04:9a:8a:3d:c1:b5:ab:99:89:33:54:b6:72:4d:4c:52:4c: 25:69:77:62:3b:67:1f:5a:67:5c:1f:33:1c:ad:59:1f:1c:5b: 13:2c:f8:8b:67:8e:10:98:03:d9:c0:81:d0:f1:75:4d:7b:fe: ff:ef:fd:5a:31:3e:a9:36:e9:6f:35:2a:32:f2:57:53:eb:17: 18:52:95:6a:1f:8e:79:1e:18:fa:63:8e:ac:4c:92:26:c5:c9: 0d:02:5f:4e:2f:dd:bd:57:aa:fa:0b:64:cb:5d:f8:f7:8f:2c: 7d:fa:46:5d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxm5u48Yy9RaFXEvuXww65MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhYjlhMjQ5ZTliNThjODJlMTQ1NWViMjMzOTQ1NWIwMzFl N2RkZGYwHhcNMjUxMjA2MDMwMTM4WhcNMjUxMjA3MDMwMTM4WjAzMTEwLwYDVQQD Eyg5OGMxNDJhZmRiZThmNTJiNWI3ZTk0ZDFiNTc5YjY5OGNlY2FjNjEyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwOhnxXJ9x1/DRFESyxEEMANVsfdO Di42IHOTMR85W/mtbp9hRgENxq/khPSJtHrD1Owry05b4nJeHYD0aC9jS0M94Jc7 tks59yB3PcB0+6UN5QKPNTZ/0zPlP3Eu6Vcc4UJPZLqP3KpvdvbnB3tdCg1OwmjA 5PHLLJD63Ioplc095/ohh36dyNQQntg0lQVDAo/KYtdbwyvhuck9a3FdPtQAoT6O 9e70ARP14XHrVwkvL2AXHjmTW8CiEcAJjbZBJ6NmFhCvuJixICIEOeGv6vQcBTD6 mzH38hVxBLHZmbCRh0TzUieZEG1Pxvd/Eq5THXlzUCK9JVttde3hZuSA1wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJjBQq/b6PUrW36U0bV5tpjOysYSMB8GA1UdIwQY MBaAFCq5oknptYyC4UVesjOUVbAx593fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS3JtaVNlbTFqSUxoUlY2eU01UlZzREhuM2Q4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi85ZWFiNmQtNmIzNS00YTVhLWFmYjEt MjUxZjIyMDkzZDA0LzEvS3JtaVNlbTFqSUxoUlY2eU01UlZzREhuM2Q4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMi85ZWFiNmQtNmIzNS00YTVhLWFmYjEtMjUxZjIyMDkzZDA0 LzEvS3JtaVNlbTFqSUxoUlY2eU01UlZzREhuM2Q4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA2uizgZrw ucoKhfEnAKAofRp/y1BIfbfFQrZ3XFtQyr6b8t21Ud8kROCVUGmFJQp2BI5JZ/cV 3HEeYb9IySeiwXpvltGei8g38xH5dVgZL+4BTMXK+/I7/ucXvc4+6TovdFZVoijo Af2nKY1vz3buRui3EBhu0SLEWueUDR8CkTX3rW4tz0VZWFLlH7C7sKiCAQSaij3B tauZiTNUtnJNTFJMJWl3YjtnH1pnXB8zHK1ZHxxbEyz4i2eOEJgD2cCB0PF1TXv+ /+/9WjE+qTbpbzUqMvJXU+sXGFKVah+OeR4Y+mOOrEySJsXJDQJfTi/dvVeq+gtk y134948sffpGXQ== -----END CERTIFICATE-----Generated at Sat Dec 6 11:05:52 2025 by rpki-client