This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/edf435-1abf-470e-ba6d-eff6fd7d3b28/1/ksrhHed02u8FJ0JGPOlU9SHG0nI.mft File: ksrhHed02u8FJ0JGPOlU9SHG0nI.mft (raw, json) Hash identifier: tYsUGsR1r7WPHiPIWmtqx4KQZHWAQCC6An4UKl/xhCE= Subject key identifier: 79:32:E9:26:14:46:3E:96:9A:1F:AE:4D:48:18:AD:21:72:C4:B5:30 Authority key identifier: 92:CA:E1:1D:E7:74:DA:EF:05:27:42:46:3C:E9:54:F5:21:C6:D2:72 Certificate issuer: /CN=92cae11de774daef052742463ce954f521c6d272 Certificate serial: 019AF31B3816FD55A230EE6357B2949A05FD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ksrhHed02u8FJ0JGPOlU9SHG0nI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/edf435-1abf-470e-ba6d-eff6fd7d3b28/1/ksrhHed02u8FJ0JGPOlU9SHG0nI.mft Manifest number: 115A Signing time: Sat 06 Dec 2025 10:00:38 +0000 Manifest this update: Sat 06 Dec 2025 10:00:38 +0000 Manifest next update: Sun 07 Dec 2025 10:00:38 +0000 Files and hashes: 1: ksrhHed02u8FJ0JGPOlU9SHG0nI.crl (hash: Rhu8StcrpnL8M7/CIKLBwWUm4Tm96x3zZ/xL1Ldro7E=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/edf435-1abf-470e-ba6d-eff6fd7d3b28/1/ksrhHed02u8FJ0JGPOlU9SHG0nI.crl rsync://rpki.ripe.net/repository/DEFAULT/d1/edf435-1abf-470e-ba6d-eff6fd7d3b28/1/ksrhHed02u8FJ0JGPOlU9SHG0nI.mft rsync://rpki.ripe.net/repository/DEFAULT/ksrhHed02u8FJ0JGPOlU9SHG0nI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 10:00:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1b:38:16:fd:55:a2:30:ee:63:57:b2:94:9a:05:fd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=92cae11de774daef052742463ce954f521c6d272 Validity Not Before: Dec 6 10:00:38 2025 GMT Not After : Dec 7 10:00:38 2025 GMT Subject: CN=7932e92614463e969a1fae4d4818ad2172c4b530 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:49:1f:45:16:68:7d:39:88:a1:ec:05:8e:6a: 1f:4a:50:bd:a1:55:d9:c2:13:35:49:cc:30:b2:23: 27:65:d2:2a:7c:bc:5d:c3:6d:6a:99:b5:6e:e3:d1: 9a:19:08:3d:af:75:14:bd:ba:87:b0:1b:c6:de:68: 77:04:8b:dd:f0:a5:70:af:18:bc:d6:d0:8f:63:dc: 0c:b8:38:40:5c:43:27:06:0e:97:d6:d9:52:7d:34: 8a:9f:44:d9:4b:bb:5a:c7:03:42:c8:b0:84:f5:55: fe:35:c3:13:f0:d1:31:b7:88:b7:33:22:59:bc:7f: 30:11:91:06:16:60:26:75:dd:00:a4:75:37:18:ba: e4:b5:fb:f1:dc:9a:4a:b9:40:7f:f6:40:f3:2a:fa: ac:f2:82:e9:90:da:4a:09:8d:d3:69:bd:8b:77:0b: bc:5a:9b:fe:69:e6:de:15:b5:38:7c:53:42:27:f4: d7:0a:fc:08:30:d5:d9:a9:5d:29:85:08:9a:64:95: 37:f5:8e:16:f7:58:39:85:ea:37:bf:79:c8:a1:7d: 04:05:4d:42:d9:4c:aa:8a:c7:5d:73:b1:6c:40:b6: ef:36:3e:7f:a9:9e:e7:e6:a3:59:54:36:3d:3c:38: de:d3:98:cb:fe:2d:f1:9e:68:f3:49:d4:0a:a7:ef: 11:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 79:32:E9:26:14:46:3E:96:9A:1F:AE:4D:48:18:AD:21:72:C4:B5:30 X509v3 Authority Key Identifier: keyid:92:CA:E1:1D:E7:74:DA:EF:05:27:42:46:3C:E9:54:F5:21:C6:D2:72 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ksrhHed02u8FJ0JGPOlU9SHG0nI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/edf435-1abf-470e-ba6d-eff6fd7d3b28/1/ksrhHed02u8FJ0JGPOlU9SHG0nI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/edf435-1abf-470e-ba6d-eff6fd7d3b28/1/ksrhHed02u8FJ0JGPOlU9SHG0nI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 82:a1:56:be:30:73:24:cf:6d:67:86:78:e2:33:b4:88:56:2f: 37:e0:b8:d4:3c:23:cb:c9:29:df:51:66:05:b3:60:40:8f:9a: 37:4d:ec:d1:17:83:63:77:11:1a:68:f2:70:f9:e4:a1:e9:00: 1f:c9:ba:15:36:03:4b:a2:59:70:7a:2a:13:d7:40:c4:36:46: 1d:b1:ca:e2:2c:49:e3:df:62:ef:f1:10:67:06:f0:12:55:3e: 6f:0b:90:f4:66:25:37:34:17:dc:c0:d7:6e:f1:da:33:cc:7f: fb:27:8f:7a:46:6d:f9:32:c6:e1:f3:5d:3c:af:f5:ab:8d:74: 7c:ab:62:f6:4a:52:75:de:a9:8b:fc:e4:c0:7a:87:84:1a:2e: 4b:77:c3:1f:4c:b9:26:a2:9b:78:a6:85:85:87:d5:d7:76:02: 2f:08:88:b3:1f:22:c8:2d:a9:5d:a3:20:2f:df:6d:4e:b6:78: 17:c8:e4:2a:73:3c:a9:2a:36:82:25:b7:65:77:fa:55:d8:c0: b8:a0:24:cb:1e:06:01:c9:3a:51:85:ae:4b:22:f5:02:9a:e4: 64:36:5d:71:7a:df:7a:91:0e:7d:bd:d5:07:98:d2:3e:4d:ce: c3:2b:07:52:1e:eb:ec:83:38:89:b9:d9:c1:cc:00:66:fc:1a: b8:be:76:1d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzGzgW/VWiMO5jV7KUmgX9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkyY2FlMTFkZTc3NGRhZWYwNTI3NDI0NjNjZTk1NGY1MjFj NmQyNzIwHhcNMjUxMjA2MTAwMDM4WhcNMjUxMjA3MTAwMDM4WjAzMTEwLwYDVQQD Eyg3OTMyZTkyNjE0NDYzZTk2OWExZmFlNGQ0ODE4YWQyMTcyYzRiNTMwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtEkfRRZofTmIoewFjmofSlC9oVXZ whM1ScwwsiMnZdIqfLxdw21qmbVu49GaGQg9r3UUvbqHsBvG3mh3BIvd8KVwrxi8 1tCPY9wMuDhAXEMnBg6X1tlSfTSKn0TZS7taxwNCyLCE9VX+NcMT8NExt4i3MyJZ vH8wEZEGFmAmdd0ApHU3GLrktfvx3JpKuUB/9kDzKvqs8oLpkNpKCY3Tab2Ldwu8 Wpv+aebeFbU4fFNCJ/TXCvwIMNXZqV0phQiaZJU39Y4W91g5heo3v3nIoX0EBU1C 2Uyqisddc7FsQLbvNj5/qZ7n5qNZVDY9PDje05jL/i3xnmjzSdQKp+8RRQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHky6SYURj6Wmh+uTUgYrSFyxLUwMB8GA1UdIwQY MBaAFJLK4R3ndNrvBSdCRjzpVPUhxtJyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva3NyaEhlZDAydThGSjBKR1BPbFU5U0hHMG5JLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9lZGY0MzUtMWFiZi00NzBlLWJhNmQt ZWZmNmZkN2QzYjI4LzEva3NyaEhlZDAydThGSjBKR1BPbFU5U0hHMG5JLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMS9lZGY0MzUtMWFiZi00NzBlLWJhNmQtZWZmNmZkN2QzYjI4 LzEva3NyaEhlZDAydThGSjBKR1BPbFU5U0hHMG5JLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgqFWvjBz JM9tZ4Z44jO0iFYvN+C41Dwjy8kp31FmBbNgQI+aN03s0ReDY3cRGmjycPnkoekA H8m6FTYDS6JZcHoqE9dAxDZGHbHK4ixJ499i7/EQZwbwElU+bwuQ9GYlNzQX3MDX bvHaM8x/+yePekZt+TLG4fNdPK/1q410fKti9kpSdd6pi/zkwHqHhBouS3fDH0y5 JqKbeKaFhYfV13YCLwiIsx8iyC2pXaMgL99tTrZ4F8jkKnM8qSo2giW3ZXf6VdjA uKAkyx4GAck6UYWuSyL1AprkZDZdcXrfepEOfb3VB5jSPk3OwysHUh7r7IM4ibnZ wcwAZvwauL52HQ== -----END CERTIFICATE-----Generated at Sat Dec 6 16:26:09 2025 by rpki-client