This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/d978ff-74a1-4915-959a-c03568dc08b3/1/KgV9tw5HTrSgd_oT875N17Y4C1Q.mft File: KgV9tw5HTrSgd_oT875N17Y4C1Q.mft (raw, json) Hash identifier: FBE32Wy0/fip0DqGpNrdnEz1CiTQQezK2VZL4+X5qWs= Subject key identifier: 82:A8:49:D2:A5:FE:7D:68:40:BA:6D:D6:6A:3D:C7:40:C3:79:02:30 Authority key identifier: 2A:05:7D:B7:0E:47:4E:B4:A0:77:FA:13:F3:BE:4D:D7:B6:38:0B:54 Certificate issuer: /CN=2a057db70e474eb4a077fa13f3be4dd7b6380b54 Certificate serial: 019AF0F5E32FF74DCB153D50D49E4A99D666 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KgV9tw5HTrSgd_oT875N17Y4C1Q.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/d978ff-74a1-4915-959a-c03568dc08b3/1/KgV9tw5HTrSgd_oT875N17Y4C1Q.mft Manifest number: 1159 Signing time: Sat 06 Dec 2025 00:00:37 +0000 Manifest this update: Sat 06 Dec 2025 00:00:37 +0000 Manifest next update: Sun 07 Dec 2025 00:00:37 +0000 Files and hashes: 1: KgV9tw5HTrSgd_oT875N17Y4C1Q.crl (hash: Jwsj9ykcjWd9jR296HDYIE8xZJu1jEEdl799KYtopLY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cc/d978ff-74a1-4915-959a-c03568dc08b3/1/KgV9tw5HTrSgd_oT875N17Y4C1Q.crl rsync://rpki.ripe.net/repository/DEFAULT/cc/d978ff-74a1-4915-959a-c03568dc08b3/1/KgV9tw5HTrSgd_oT875N17Y4C1Q.mft rsync://rpki.ripe.net/repository/DEFAULT/KgV9tw5HTrSgd_oT875N17Y4C1Q.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 00:00:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f0:f5:e3:2f:f7:4d:cb:15:3d:50:d4:9e:4a:99:d6:66 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a057db70e474eb4a077fa13f3be4dd7b6380b54 Validity Not Before: Dec 6 00:00:37 2025 GMT Not After : Dec 7 00:00:37 2025 GMT Subject: CN=82a849d2a5fe7d6840ba6dd66a3dc740c3790230 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:76:0d:6c:f0:60:a5:2c:ae:f8:d0:75:50:f9: 9f:c2:d1:6b:03:07:33:c0:8b:d3:50:84:74:bc:9a: d8:7a:11:2d:40:5e:b9:b6:3a:74:da:86:df:ea:4b: 42:45:40:42:bc:4d:56:2e:20:eb:c5:b2:b4:09:87: b5:bb:4b:9a:2b:04:27:10:9f:2d:99:54:71:c3:49: a9:b5:46:58:21:90:3a:2d:11:b4:ca:79:8c:4f:89: ba:a3:de:7e:6b:90:65:82:4c:1c:03:ca:95:f5:22: d3:17:fb:0b:26:6e:29:c3:24:03:0d:45:60:a6:b8: 47:ab:cf:a9:dd:92:8e:04:90:66:83:cf:1e:68:e8: 94:59:b2:f1:39:88:ce:1a:14:0e:60:1c:71:20:4e: 4c:a4:7d:51:ab:0b:21:5e:85:ad:17:7b:93:4e:17: 2d:36:f6:4b:ab:f8:00:ca:2c:76:9c:5b:f5:b7:0f: 47:96:96:90:0e:69:f8:08:ee:da:c8:12:55:04:6b: df:c7:ce:92:17:20:9d:39:8a:9c:4c:3b:e4:3f:78: 49:a5:53:46:88:63:d5:82:7e:5d:fb:38:3f:1d:87: 10:ae:f8:7e:d7:58:b3:1d:c6:e6:09:7a:03:0d:ac: 0e:52:ce:13:53:ba:ff:46:2f:da:7b:69:cf:66:b7: 7d:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 82:A8:49:D2:A5:FE:7D:68:40:BA:6D:D6:6A:3D:C7:40:C3:79:02:30 X509v3 Authority Key Identifier: keyid:2A:05:7D:B7:0E:47:4E:B4:A0:77:FA:13:F3:BE:4D:D7:B6:38:0B:54 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KgV9tw5HTrSgd_oT875N17Y4C1Q.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/d978ff-74a1-4915-959a-c03568dc08b3/1/KgV9tw5HTrSgd_oT875N17Y4C1Q.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/d978ff-74a1-4915-959a-c03568dc08b3/1/KgV9tw5HTrSgd_oT875N17Y4C1Q.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 95:56:12:a6:f6:5a:f5:43:79:a5:06:37:5e:28:b5:f6:35:4a: 7a:d1:93:d9:f6:a1:d6:76:8a:5c:54:de:aa:5b:0e:ba:98:38: d3:57:35:b4:29:cc:c4:59:dc:44:25:58:6f:ce:61:5e:fa:01: 5b:1b:d5:e4:9c:41:36:1d:d8:35:c0:d6:36:c2:e6:b0:15:38: ad:21:c1:a0:85:d0:5b:c2:cb:fc:39:87:bb:46:c9:17:bc:41: 1c:67:97:55:8b:65:ae:83:50:ec:5d:ca:ef:fa:ba:22:66:61: 82:33:b4:7b:50:72:13:c5:87:01:cf:86:ba:2f:ee:53:3d:92: 58:73:19:7c:40:ff:af:ef:7f:19:6c:35:b9:05:28:6e:78:f6: b9:98:69:f6:12:ae:67:ae:6e:8a:48:e2:76:88:4e:8e:a1:f2: e7:c7:bb:85:7f:88:95:57:38:c2:bf:eb:7f:67:1e:75:4e:7d: e0:7b:88:f9:69:70:2a:fc:75:f2:53:ab:8c:3c:b2:90:3a:86: 21:97:22:df:0c:f8:48:a4:68:ab:2a:68:59:23:b5:ca:39:14: 94:fd:05:5d:d8:3e:8d:e2:e6:82:ef:00:01:b0:3e:49:e9:15: d1:19:f6:be:74:78:e4:85:0e:f6:49:cd:f7:c9:86:27:82:28: d2:af:cf:43 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrw9eMv903LFT1Q1J5KmdZmMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhMDU3ZGI3MGU0NzRlYjRhMDc3ZmExM2YzYmU0ZGQ3YjYz ODBiNTQwHhcNMjUxMjA2MDAwMDM3WhcNMjUxMjA3MDAwMDM3WjAzMTEwLwYDVQQD Eyg4MmE4NDlkMmE1ZmU3ZDY4NDBiYTZkZDY2YTNkYzc0MGMzNzkwMjMwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAznYNbPBgpSyu+NB1UPmfwtFrAwcz wIvTUIR0vJrYehEtQF65tjp02obf6ktCRUBCvE1WLiDrxbK0CYe1u0uaKwQnEJ8t mVRxw0mptUZYIZA6LRG0ynmMT4m6o95+a5BlgkwcA8qV9SLTF/sLJm4pwyQDDUVg prhHq8+p3ZKOBJBmg88eaOiUWbLxOYjOGhQOYBxxIE5MpH1RqwshXoWtF3uTThct NvZLq/gAyix2nFv1tw9HlpaQDmn4CO7ayBJVBGvfx86SFyCdOYqcTDvkP3hJpVNG iGPVgn5d+zg/HYcQrvh+11izHcbmCXoDDawOUs4TU7r/Ri/ae2nPZrd9rQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIKoSdKl/n1oQLpt1mo9x0DDeQIwMB8GA1UdIwQY MBaAFCoFfbcOR060oHf6E/O+Tde2OAtUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS2dWOXR3NUhUclNnZF9vVDg3NU4xN1k0QzFRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy9kOTc4ZmYtNzRhMS00OTE1LTk1OWEt YzAzNTY4ZGMwOGIzLzEvS2dWOXR3NUhUclNnZF9vVDg3NU4xN1k0QzFRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jYy9kOTc4ZmYtNzRhMS00OTE1LTk1OWEtYzAzNTY4ZGMwOGIz LzEvS2dWOXR3NUhUclNnZF9vVDg3NU4xN1k0QzFRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlVYSpvZa 9UN5pQY3Xii19jVKetGT2fah1naKXFTeqlsOupg401c1tCnMxFncRCVYb85hXvoB WxvV5JxBNh3YNcDWNsLmsBU4rSHBoIXQW8LL/DmHu0bJF7xBHGeXVYtlroNQ7F3K 7/q6ImZhgjO0e1ByE8WHAc+Gui/uUz2SWHMZfED/r+9/GWw1uQUobnj2uZhp9hKu Z65uikjidohOjqHy58e7hX+IlVc4wr/rf2cedU594HuI+WlwKvx18lOrjDyykDqG IZci3wz4SKRoqypoWSO1yjkUlP0FXdg+jeLmgu8AAbA+SekV0Rn2vnR45IUO9knN 98mGJ4Io0q/PQw== -----END CERTIFICATE-----Generated at Sat Dec 6 08:51:40 2025 by rpki-client