This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/0ced58-5b1d-42e3-8da6-3db7fe8f6783/1/kiGxuiPNnBINnmfHS16SkKcq3SA.mft File: kiGxuiPNnBINnmfHS16SkKcq3SA.mft (raw, json) Hash identifier: p6zY8E+xdUg1sVggcz6tJoa9GXjrNPuRJXRqv8wtl8w= Subject key identifier: 66:AE:19:03:A5:3E:34:7F:2E:4F:BD:25:36:C6:51:86:23:97:41:00 Authority key identifier: 92:21:B1:BA:23:CD:9C:12:0D:9E:67:C7:4B:5E:92:90:A7:2A:DD:20 Certificate issuer: /CN=9221b1ba23cd9c120d9e67c74b5e9290a72add20 Certificate serial: 019B5A88A1BB651A46936A8EF8C04093E3E5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kiGxuiPNnBINnmfHS16SkKcq3SA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/0ced58-5b1d-42e3-8da6-3db7fe8f6783/1/kiGxuiPNnBINnmfHS16SkKcq3SA.mft Manifest number: 0172 Signing time: Fri 26 Dec 2025 12:01:02 +0000 Manifest this update: Fri 26 Dec 2025 12:01:02 +0000 Manifest next update: Sat 27 Dec 2025 12:01:02 +0000 Files and hashes: 1: kiGxuiPNnBINnmfHS16SkKcq3SA.crl (hash: i9qEuJ1zo5Rdq3YL5aHePG2dbl8CjQNaKoJsQhlFWus=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0a/0ced58-5b1d-42e3-8da6-3db7fe8f6783/1/kiGxuiPNnBINnmfHS16SkKcq3SA.crl rsync://rpki.ripe.net/repository/DEFAULT/0a/0ced58-5b1d-42e3-8da6-3db7fe8f6783/1/kiGxuiPNnBINnmfHS16SkKcq3SA.mft rsync://rpki.ripe.net/repository/DEFAULT/kiGxuiPNnBINnmfHS16SkKcq3SA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:88:a1:bb:65:1a:46:93:6a:8e:f8:c0:40:93:e3:e5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9221b1ba23cd9c120d9e67c74b5e9290a72add20 Validity Not Before: Dec 26 12:01:02 2025 GMT Not After : Dec 27 12:01:02 2025 GMT Subject: CN=66ae1903a53e347f2e4fbd2536c6518623974100 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:eb:b2:f4:fa:9d:ee:77:4f:bf:a7:9a:49:44: 93:db:be:43:2c:31:f5:a3:7f:a6:42:7d:44:bd:90: b5:fd:a6:2e:bc:c2:ff:96:cf:64:d8:46:14:37:d0: ca:d6:0b:6f:9c:d4:5a:54:ae:1e:62:df:96:e8:7f: d2:9f:25:42:17:c2:43:2b:d1:49:93:fe:32:d8:2d: dc:e0:c6:4b:6d:8b:4b:5a:34:8c:a7:55:53:52:09: 3b:43:13:00:15:f2:6c:7d:61:fb:cd:59:3b:5d:bb: 92:f2:19:2e:7d:df:00:43:ef:58:01:77:e3:14:86: 6a:3c:b6:a7:14:c9:85:2a:9c:44:6d:d0:d8:69:11: 79:76:95:7f:a1:0d:72:f0:01:c1:70:8d:b0:94:d1: 0a:a9:76:a0:75:7f:a0:0f:e4:36:8e:95:a9:f0:c1: 6f:ba:02:29:23:84:1e:2c:24:1a:c3:e1:79:f3:d5: 92:a2:e2:ca:2d:93:fa:50:2a:e7:80:3b:83:7e:9d: 0b:93:9f:ef:a7:3c:05:52:fc:0a:ea:ae:66:e1:8e: 1a:b5:14:49:82:2a:7d:ea:d4:50:5c:ad:a2:af:31: 45:22:e0:a4:27:22:95:73:3d:54:08:d9:42:a2:fe: c6:1a:0d:b3:44:e4:dd:e1:70:c1:9b:f7:9c:43:45: a5:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:AE:19:03:A5:3E:34:7F:2E:4F:BD:25:36:C6:51:86:23:97:41:00 X509v3 Authority Key Identifier: keyid:92:21:B1:BA:23:CD:9C:12:0D:9E:67:C7:4B:5E:92:90:A7:2A:DD:20 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kiGxuiPNnBINnmfHS16SkKcq3SA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/0ced58-5b1d-42e3-8da6-3db7fe8f6783/1/kiGxuiPNnBINnmfHS16SkKcq3SA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/0ced58-5b1d-42e3-8da6-3db7fe8f6783/1/kiGxuiPNnBINnmfHS16SkKcq3SA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 18:0f:b9:75:80:bf:5b:ff:60:81:27:c5:ac:1b:e1:d5:13:8d: 94:8f:1b:1d:ff:88:e4:86:5c:5c:31:27:00:b7:69:00:aa:a0: 3d:31:d1:aa:83:2c:44:1b:90:32:99:22:89:10:e4:2d:b9:dc: c7:40:e8:8b:78:10:29:ef:48:36:15:2b:af:0a:94:00:7d:f6: a0:2d:f5:6a:be:03:a2:c0:c1:75:33:ef:ac:51:93:4c:d3:5c: 5d:ca:3f:c3:c2:0c:70:09:55:46:d7:bf:9d:9e:de:51:27:7f: e7:fe:2e:b2:ff:dd:4a:fa:94:ab:f9:93:99:a3:d4:4b:a8:1f: d3:26:7e:32:81:07:de:7a:51:31:8c:b5:b9:77:11:54:71:92: 87:6e:77:ca:ef:bd:63:92:d2:c3:df:9b:91:ec:3d:17:42:4f: 9a:53:b3:ff:10:d9:68:fb:e4:00:f7:3c:13:ef:4c:4e:e9:fa: 75:01:a9:4c:47:ba:57:99:27:78:b4:eb:42:d9:3d:cb:3f:8c: 7a:83:df:d3:46:3f:5d:10:6d:94:cb:2d:cf:09:f7:a7:dd:7d: 6b:7e:3f:35:fc:62:34:cd:6e:53:70:94:ba:b5:83:57:20:33: 02:ed:a0:12:94:c5:6f:3e:66:fb:0b:52:87:33:b2:44:50:a4: c2:02:02:7a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtaiKG7ZRpGk2qO+MBAk+PlMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkyMjFiMWJhMjNjZDljMTIwZDllNjdjNzRiNWU5MjkwYTcy YWRkMjAwHhcNMjUxMjI2MTIwMTAyWhcNMjUxMjI3MTIwMTAyWjAzMTEwLwYDVQQD Eyg2NmFlMTkwM2E1M2UzNDdmMmU0ZmJkMjUzNmM2NTE4NjIzOTc0MTAwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2uuy9Pqd7ndPv6eaSUST275DLDH1 o3+mQn1EvZC1/aYuvML/ls9k2EYUN9DK1gtvnNRaVK4eYt+W6H/SnyVCF8JDK9FJ k/4y2C3c4MZLbYtLWjSMp1VTUgk7QxMAFfJsfWH7zVk7XbuS8hkufd8AQ+9YAXfj FIZqPLanFMmFKpxEbdDYaRF5dpV/oQ1y8AHBcI2wlNEKqXagdX+gD+Q2jpWp8MFv ugIpI4QeLCQaw+F589WSouLKLZP6UCrngDuDfp0Lk5/vpzwFUvwK6q5m4Y4atRRJ gip96tRQXK2irzFFIuCkJyKVcz1UCNlCov7GGg2zROTd4XDBm/ecQ0WlFwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGauGQOlPjR/Lk+9JTbGUYYjl0EAMB8GA1UdIwQY MBaAFJIhsbojzZwSDZ5nx0tekpCnKt0gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva2lHeHVpUE5uQklObm1mSFMxNlNrS2NxM1NBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS8wY2VkNTgtNWIxZC00MmUzLThkYTYt M2RiN2ZlOGY2NzgzLzEva2lHeHVpUE5uQklObm1mSFMxNlNrS2NxM1NBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wYS8wY2VkNTgtNWIxZC00MmUzLThkYTYtM2RiN2ZlOGY2Nzgz LzEva2lHeHVpUE5uQklObm1mSFMxNlNrS2NxM1NBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGA+5dYC/ W/9ggSfFrBvh1RONlI8bHf+I5IZcXDEnALdpAKqgPTHRqoMsRBuQMpkiiRDkLbnc x0Doi3gQKe9INhUrrwqUAH32oC31ar4DosDBdTPvrFGTTNNcXco/w8IMcAlVRte/ nZ7eUSd/5/4usv/dSvqUq/mTmaPUS6gf0yZ+MoEH3npRMYy1uXcRVHGSh253yu+9 Y5LSw9+bkew9F0JPmlOz/xDZaPvkAPc8E+9MTun6dQGpTEe6V5kneLTrQtk9yz+M eoPf00Y/XRBtlMstzwn3p919a34/NfxiNM1uU3CUurWDVyAzAu2gEpTFbz5m+wtS hzOyRFCkwgICeg== -----END CERTIFICATE-----Generated at Fri Dec 26 14:17:00 2025 by rpki-client