This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/c7afbc-b885-4755-8d15-893b8dd2d2b0/1/kd3H2eAtRMa_jGNcHQcV9uicEBI.mft File: kd3H2eAtRMa_jGNcHQcV9uicEBI.mft (raw, json) Hash identifier: UILsazrPJWQIvmZ6QRrf25vkR/WRadrNYosyUN++cKk= Subject key identifier: F4:2F:68:EF:02:25:88:D3:1E:C1:04:50:77:E0:AB:BC:16:BD:48:09 Authority key identifier: 91:DD:C7:D9:E0:2D:44:C6:BF:8C:63:5C:1D:07:15:F6:E8:9C:10:12 Certificate issuer: /CN=91ddc7d9e02d44c6bf8c635c1d0715f6e89c1012 Certificate serial: 019B59ACDBC1F3E97FC47706019E6748249D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kd3H2eAtRMa_jGNcHQcV9uicEBI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/c7afbc-b885-4755-8d15-893b8dd2d2b0/1/kd3H2eAtRMa_jGNcHQcV9uicEBI.mft Manifest number: 0152 Signing time: Fri 26 Dec 2025 08:00:59 +0000 Manifest this update: Fri 26 Dec 2025 08:00:59 +0000 Manifest next update: Sat 27 Dec 2025 08:00:59 +0000 Files and hashes: 1: kd3H2eAtRMa_jGNcHQcV9uicEBI.crl (hash: YL49NIfmmbtzAUm/YgXQS/NsAg7JagZtD5el0eRO7Bc=) 2: s5q2oTWE63BKKJHezuXxV23_1ao.roa (hash: kxGqoLV/rWB0wj/sYCOZiA+1BQk6TjqEiRvVL8/Fnps=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/c7afbc-b885-4755-8d15-893b8dd2d2b0/1/kd3H2eAtRMa_jGNcHQcV9uicEBI.crl rsync://rpki.ripe.net/repository/DEFAULT/01/c7afbc-b885-4755-8d15-893b8dd2d2b0/1/kd3H2eAtRMa_jGNcHQcV9uicEBI.mft rsync://rpki.ripe.net/repository/DEFAULT/kd3H2eAtRMa_jGNcHQcV9uicEBI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:ac:db:c1:f3:e9:7f:c4:77:06:01:9e:67:48:24:9d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=91ddc7d9e02d44c6bf8c635c1d0715f6e89c1012 Validity Not Before: Dec 26 08:00:59 2025 GMT Not After : Dec 27 08:00:59 2025 GMT Subject: CN=f42f68ef022588d31ec1045077e0abbc16bd4809 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:87:a7:d3:cd:8a:e5:ae:3a:7c:dc:bb:c1:91:9a: 2d:3d:b0:6c:7e:a1:8e:22:f8:31:b9:5b:a1:c7:49: f5:fb:df:4a:20:92:90:da:58:a9:bc:f4:89:b2:9e: 9b:71:de:8e:03:ff:52:a0:e7:7a:46:b6:ed:cd:6b: 61:05:6c:e8:7f:42:36:22:e3:16:17:b4:57:50:7e: 62:b4:18:86:43:6a:78:1b:aa:bc:32:9c:b5:2c:1b: 2f:09:0c:0e:df:a8:08:75:60:6b:51:e8:ce:fa:80: 94:6b:eb:82:aa:bb:eb:36:7f:da:f0:93:f2:0d:e4: 3c:74:f0:68:04:af:e8:4e:74:e0:7c:88:f7:58:86: 5c:d0:be:ae:90:5f:b7:c7:e2:5e:c9:42:c5:58:3b: 80:fe:f9:c6:23:82:66:79:3a:b6:83:c4:eb:90:8e: 9d:32:48:14:85:10:c2:53:e7:35:03:70:ec:17:d3: 3b:ad:45:3a:a5:47:26:b5:f4:1a:a2:3e:b7:58:78: 0f:2c:00:d6:89:63:9f:b2:fc:75:b8:2f:04:a4:0b: 9e:ee:32:e4:d9:5d:0b:71:c6:85:52:cf:3e:6b:37: 58:48:2d:71:35:71:3e:08:b8:9f:f4:01:70:48:29: eb:63:6c:70:b6:1e:25:54:ae:ea:60:af:cf:f0:22: cb:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F4:2F:68:EF:02:25:88:D3:1E:C1:04:50:77:E0:AB:BC:16:BD:48:09 X509v3 Authority Key Identifier: keyid:91:DD:C7:D9:E0:2D:44:C6:BF:8C:63:5C:1D:07:15:F6:E8:9C:10:12 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kd3H2eAtRMa_jGNcHQcV9uicEBI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/c7afbc-b885-4755-8d15-893b8dd2d2b0/1/kd3H2eAtRMa_jGNcHQcV9uicEBI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/01/c7afbc-b885-4755-8d15-893b8dd2d2b0/1/kd3H2eAtRMa_jGNcHQcV9uicEBI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9c:02:b8:dd:ea:0b:8b:d5:fc:9f:50:b8:4f:28:b0:57:47:52: 8c:08:90:3f:b6:ac:bd:41:59:c8:2b:48:63:4e:21:27:3c:9d: c8:45:10:6c:e5:60:d1:1e:95:95:0a:76:40:f4:16:a7:9d:e5: a3:b4:11:8f:8d:40:43:15:0a:be:d1:5b:2a:35:58:56:33:43: cb:29:af:0b:68:13:27:d2:be:1e:c7:e0:56:96:7e:5e:f1:73: 5a:b6:cc:b1:9f:03:36:5a:29:c9:06:65:b8:3d:2b:53:2f:c2: d8:97:4e:5e:c1:23:3f:19:af:75:35:c0:59:37:93:b0:b3:fa: b8:af:10:c1:ae:e6:17:1b:ee:83:5a:1c:04:18:72:6f:9a:f9: 74:1a:d8:ec:37:8b:20:3a:91:68:f4:0a:36:f6:81:9e:98:2e: 42:d4:ca:bd:ce:09:07:ec:60:a8:d3:ad:0f:1c:46:86:9d:ad: 9c:34:61:f7:81:f8:47:23:1d:19:b4:5e:53:03:17:47:13:24: c9:37:f2:06:46:e2:70:ff:68:a4:85:7d:7e:fd:27:72:f0:e8: e0:97:51:4c:f5:8d:15:11:71:85:88:8c:a3:ed:e4:c7:17:41: 54:27:0d:cb:b7:8a:d0:86:8a:d6:a8:eb:17:d1:15:27:b6:86: d8:c4:5a:b0 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZrNvB8+l/xHcGAZ5nSCSdMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkxZGRjN2Q5ZTAyZDQ0YzZiZjhjNjM1YzFkMDcxNWY2ZTg5 YzEwMTIwHhcNMjUxMjI2MDgwMDU5WhcNMjUxMjI3MDgwMDU5WjAzMTEwLwYDVQQD EyhmNDJmNjhlZjAyMjU4OGQzMWVjMTA0NTA3N2UwYWJiYzE2YmQ0ODA5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh6fTzYrlrjp83LvBkZotPbBsfqGO IvgxuVuhx0n1+99KIJKQ2lipvPSJsp6bcd6OA/9SoOd6RrbtzWthBWzof0I2IuMW F7RXUH5itBiGQ2p4G6q8Mpy1LBsvCQwO36gIdWBrUejO+oCUa+uCqrvrNn/a8JPy DeQ8dPBoBK/oTnTgfIj3WIZc0L6ukF+3x+JeyULFWDuA/vnGI4JmeTq2g8TrkI6d MkgUhRDCU+c1A3DsF9M7rUU6pUcmtfQaoj63WHgPLADWiWOfsvx1uC8EpAue7jLk 2V0LccaFUs8+azdYSC1xNXE+CLif9AFwSCnrY2xwth4lVK7qYK/P8CLLxQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPQvaO8CJYjTHsEEUHfgq7wWvUgJMB8GA1UdIwQY MBaAFJHdx9ngLUTGv4xjXB0HFfbonBASMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva2QzSDJlQXRSTWFfakdOY0hRY1Y5dWljRUJJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9jN2FmYmMtYjg4NS00NzU1LThkMTUt ODkzYjhkZDJkMmIwLzEva2QzSDJlQXRSTWFfakdOY0hRY1Y5dWljRUJJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMS9jN2FmYmMtYjg4NS00NzU1LThkMTUtODkzYjhkZDJkMmIw LzEva2QzSDJlQXRSTWFfakdOY0hRY1Y5dWljRUJJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnAK43eoL i9X8n1C4TyiwV0dSjAiQP7asvUFZyCtIY04hJzydyEUQbOVg0R6VlQp2QPQWp53l o7QRj41AQxUKvtFbKjVYVjNDyymvC2gTJ9K+HsfgVpZ+XvFzWrbMsZ8DNlopyQZl uD0rUy/C2JdOXsEjPxmvdTXAWTeTsLP6uK8Qwa7mFxvug1ocBBhyb5r5dBrY7DeL IDqRaPQKNvaBnpguQtTKvc4JB+xgqNOtDxxGhp2tnDRh94H4RyMdGbReUwMXRxMk yTfyBkbicP9opIV9fv0ncvDo4JdRTPWNFRFxhYiMo+3kxxdBVCcNy7eK0IaK1qjr F9EVJ7aG2MRasA== -----END CERTIFICATE-----Generated at Fri Dec 26 14:16:57 2025 by rpki-client