This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/93574e-d811-43c2-bd1c-990ba0c06326/1/kUS2KYi--9kYP26_brLRlMso5uM.mft File: kUS2KYi--9kYP26_brLRlMso5uM.mft (raw, json) Hash identifier: H/agrXKc4WKHAxIYfEvDO3QinBzA+eOuN+YVXndr0aA= Subject key identifier: F0:7C:02:53:45:04:4C:6C:D1:D2:CE:92:7F:04:97:1E:27:0B:F5:B4 Authority key identifier: 91:44:B6:29:88:BE:FB:D9:18:3F:6E:BF:6E:B2:D1:94:CB:28:E6:E3 Certificate issuer: /CN=9144b62988befbd9183f6ebf6eb2d194cb28e6e3 Certificate serial: 019AF12CF29CB337F7B104C23D513B74AC57 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kUS2KYi--9kYP26_brLRlMso5uM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/93574e-d811-43c2-bd1c-990ba0c06326/1/kUS2KYi--9kYP26_brLRlMso5uM.mft Manifest number: 0921 Signing time: Sat 06 Dec 2025 01:00:45 +0000 Manifest this update: Sat 06 Dec 2025 01:00:45 +0000 Manifest next update: Sun 07 Dec 2025 01:00:45 +0000 Files and hashes: 1: kUS2KYi--9kYP26_brLRlMso5uM.crl (hash: tB14uAlxlv4WcZPQBNaRL5O5t7SlbC+/fTtaFCEhWgM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/93574e-d811-43c2-bd1c-990ba0c06326/1/kUS2KYi--9kYP26_brLRlMso5uM.crl rsync://rpki.ripe.net/repository/DEFAULT/fb/93574e-d811-43c2-bd1c-990ba0c06326/1/kUS2KYi--9kYP26_brLRlMso5uM.mft rsync://rpki.ripe.net/repository/DEFAULT/kUS2KYi--9kYP26_brLRlMso5uM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:00:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2c:f2:9c:b3:37:f7:b1:04:c2:3d:51:3b:74:ac:57 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9144b62988befbd9183f6ebf6eb2d194cb28e6e3 Validity Not Before: Dec 6 01:00:45 2025 GMT Not After : Dec 7 01:00:45 2025 GMT Subject: CN=f07c025345044c6cd1d2ce927f04971e270bf5b4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8d:77:d5:49:a7:ab:45:c3:ee:28:9c:79:b8:7a: 37:c3:86:f5:bd:0c:7b:5e:57:c9:29:62:04:8f:b0: ad:fb:3d:9a:e2:3c:2a:0f:9b:bd:93:29:4b:85:9a: 94:e1:a5:2b:15:4a:5b:91:d9:60:68:81:e7:aa:2b: bb:c4:42:ac:4f:9d:61:d1:c1:88:25:e8:c9:b8:d0: c4:de:fb:81:69:ce:d2:b7:20:65:f0:71:7a:c3:8b: aa:2f:0f:fa:cf:b7:0c:44:1c:f6:07:59:3d:c9:39: 51:98:df:81:a4:59:71:7d:81:3b:1e:9e:af:0a:7d: a2:b4:96:95:1f:0a:ab:cc:74:89:e3:3e:2f:55:f9: 84:ae:6f:31:44:65:2e:17:94:85:1a:64:5a:2e:d1: fd:2b:03:72:30:04:11:eb:5c:55:41:4b:f1:6e:09: ba:bd:dc:13:0e:8c:16:bc:d9:51:89:11:68:a3:89: 4d:54:d9:b1:c6:5a:e8:80:b5:09:51:cb:70:2e:f7: 6f:84:b9:aa:0a:5c:31:fa:46:ed:76:ca:e7:b3:83: 14:46:b9:aa:dd:5b:02:1b:dd:43:50:c0:81:55:63: 40:34:ca:d9:c9:b2:0d:d1:1f:4c:6d:e0:0b:6b:82: 60:7d:cb:c2:bc:d6:9a:8b:ca:06:3f:f0:20:a8:ce: 6b:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F0:7C:02:53:45:04:4C:6C:D1:D2:CE:92:7F:04:97:1E:27:0B:F5:B4 X509v3 Authority Key Identifier: keyid:91:44:B6:29:88:BE:FB:D9:18:3F:6E:BF:6E:B2:D1:94:CB:28:E6:E3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kUS2KYi--9kYP26_brLRlMso5uM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/93574e-d811-43c2-bd1c-990ba0c06326/1/kUS2KYi--9kYP26_brLRlMso5uM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/93574e-d811-43c2-bd1c-990ba0c06326/1/kUS2KYi--9kYP26_brLRlMso5uM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption ad:d3:1f:89:c7:fd:42:6e:c4:b9:85:84:da:8e:87:c4:42:0c: 61:2a:a5:5b:2f:c8:c6:15:77:0f:89:b1:ef:9e:38:bb:cd:16: 78:1b:a5:e1:f7:63:6d:15:7e:92:a9:40:d1:35:47:49:ed:2a: f0:af:b1:90:7a:76:39:b1:82:31:f5:f2:c5:38:1f:4e:56:56: 08:59:e0:d5:19:1c:9e:f3:92:b3:95:9f:98:fd:2e:2e:11:a8: d9:62:e0:61:01:69:73:19:5e:11:ea:b3:13:d1:4f:85:33:f9: db:f0:62:58:43:6f:9c:f1:d8:79:65:ed:de:2f:09:74:c4:68: 9d:33:bf:b6:f0:ed:ed:22:91:71:ef:06:91:d2:f1:b5:d7:a9: fb:03:ab:20:93:4c:59:8c:d7:40:3e:6f:c7:27:19:c9:54:69: 3e:de:ca:70:44:a2:76:65:c8:20:4e:28:48:d2:c4:d6:f3:7a: e9:53:26:75:2e:03:7f:55:76:55:04:d9:1d:d8:2c:32:34:a9: 72:35:50:99:c9:b1:10:2f:ac:a2:3f:7e:dd:04:69:72:d7:f8: 60:bb:3d:0a:74:e6:10:9a:b6:ba:c6:48:d4:a7:b6:a0:c2:d7: e9:1c:23:ef:36:98:cc:d8:2b:54:69:1c:d6:c7:7d:f1:96:5b: 21:f3:6e:3d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLPKcszf3sQTCPVE7dKxXMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkxNDRiNjI5ODhiZWZiZDkxODNmNmViZjZlYjJkMTk0Y2Iy OGU2ZTMwHhcNMjUxMjA2MDEwMDQ1WhcNMjUxMjA3MDEwMDQ1WjAzMTEwLwYDVQQD EyhmMDdjMDI1MzQ1MDQ0YzZjZDFkMmNlOTI3ZjA0OTcxZTI3MGJmNWI0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjXfVSaerRcPuKJx5uHo3w4b1vQx7 XlfJKWIEj7Ct+z2a4jwqD5u9kylLhZqU4aUrFUpbkdlgaIHnqiu7xEKsT51h0cGI JejJuNDE3vuBac7StyBl8HF6w4uqLw/6z7cMRBz2B1k9yTlRmN+BpFlxfYE7Hp6v Cn2itJaVHwqrzHSJ4z4vVfmErm8xRGUuF5SFGmRaLtH9KwNyMAQR61xVQUvxbgm6 vdwTDowWvNlRiRFoo4lNVNmxxlrogLUJUctwLvdvhLmqClwx+kbtdsrns4MURrmq 3VsCG91DUMCBVWNANMrZybIN0R9MbeALa4JgfcvCvNaai8oGP/AgqM5rLQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPB8AlNFBExs0dLOkn8Elx4nC/W0MB8GA1UdIwQY MBaAFJFEtimIvvvZGD9uv26y0ZTLKObjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva1VTMktZaS0tOWtZUDI2X2JyTFJsTXNvNXVNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi85MzU3NGUtZDgxMS00M2MyLWJkMWMt OTkwYmEwYzA2MzI2LzEva1VTMktZaS0tOWtZUDI2X2JyTFJsTXNvNXVNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mYi85MzU3NGUtZDgxMS00M2MyLWJkMWMtOTkwYmEwYzA2MzI2 LzEva1VTMktZaS0tOWtZUDI2X2JyTFJsTXNvNXVNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArdMficf9 Qm7EuYWE2o6HxEIMYSqlWy/IxhV3D4mx7544u80WeBul4fdjbRV+kqlA0TVHSe0q 8K+xkHp2ObGCMfXyxTgfTlZWCFng1RkcnvOSs5WfmP0uLhGo2WLgYQFpcxleEeqz E9FPhTP52/BiWENvnPHYeWXt3i8JdMRonTO/tvDt7SKRce8GkdLxtdep+wOrIJNM WYzXQD5vxycZyVRpPt7KcESidmXIIE4oSNLE1vN66VMmdS4Df1V2VQTZHdgsMjSp cjVQmcmxEC+soj9+3QRpctf4YLs9CnTmEJq2usZI1Ke2oMLX6Rwj7zaYzNgrVGkc 1sd98ZZbIfNuPQ== -----END CERTIFICATE-----Generated at Sat Dec 6 11:39:29 2025 by rpki-client