This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/24ec8e-1cc6-45e3-9063-99149867dbf7/1/kERLB53wCKfHy-KPy6Xb4GIOjhc.mft File: kERLB53wCKfHy-KPy6Xb4GIOjhc.mft (raw, json) Hash identifier: 1QOaNSLZLAwAYYAPEQlV6jVD3b3jmJVae2cU2rjWXE0= Subject key identifier: D1:73:41:39:59:2E:32:2F:13:57:04:55:9A:16:17:26:97:6C:92:B6 Authority key identifier: 90:44:4B:07:9D:F0:08:A7:C7:CB:E2:8F:CB:A5:DB:E0:62:0E:8E:17 Certificate issuer: /CN=90444b079df008a7c7cbe28fcba5dbe0620e8e17 Certificate serial: 019B3D59D7DCD8C38CC7AFF02DD1B0050F84 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kERLB53wCKfHy-KPy6Xb4GIOjhc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/24ec8e-1cc6-45e3-9063-99149867dbf7/1/kERLB53wCKfHy-KPy6Xb4GIOjhc.mft Manifest number: 15FB Signing time: Sat 20 Dec 2025 20:00:56 +0000 Manifest this update: Sat 20 Dec 2025 20:00:56 +0000 Manifest next update: Sun 21 Dec 2025 20:00:56 +0000 Files and hashes: 1: kERLB53wCKfHy-KPy6Xb4GIOjhc.crl (hash: whxc+X7q4LmCbPtn1BhBDohLvkP2tEpHGBrv4GzVW5Y=) 2: o9Mrd_Zp-119sDj-V8VZv-bH4Po.roa (hash: T/Zr25wueuSL7uIuxkLz/YPHfupfyL0OiqXaAJQQ9Uw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/24ec8e-1cc6-45e3-9063-99149867dbf7/1/kERLB53wCKfHy-KPy6Xb4GIOjhc.crl rsync://rpki.ripe.net/repository/DEFAULT/0e/24ec8e-1cc6-45e3-9063-99149867dbf7/1/kERLB53wCKfHy-KPy6Xb4GIOjhc.mft rsync://rpki.ripe.net/repository/DEFAULT/kERLB53wCKfHy-KPy6Xb4GIOjhc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 19:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3d:59:d7:dc:d8:c3:8c:c7:af:f0:2d:d1:b0:05:0f:84 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=90444b079df008a7c7cbe28fcba5dbe0620e8e17 Validity Not Before: Dec 20 20:00:56 2025 GMT Not After : Dec 21 20:00:56 2025 GMT Subject: CN=d1734139592e322f135704559a161726976c92b6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:76:98:15:27:a6:fe:14:61:fe:0e:24:34:62: 49:ca:11:78:ce:23:ac:06:b6:ac:79:5b:f1:83:ea: e8:78:79:3b:ec:92:f5:be:56:87:4d:27:e2:df:be: eb:12:32:fc:d7:f9:39:9b:12:9f:0a:fe:c5:75:37: 19:5e:a9:1d:5d:b2:a1:7e:be:40:34:59:b2:20:9a: a9:81:74:b8:3f:e6:ad:74:5a:af:1e:72:61:79:c5: 3f:3f:d3:c8:7d:f9:8f:fc:66:0e:a0:d3:23:e8:f8: 81:fe:0d:08:07:80:16:50:62:ee:2d:82:7c:a8:b2: bf:15:92:65:51:6c:0c:fb:2b:ff:a0:01:15:9c:30: 56:6a:17:08:52:21:9f:65:66:38:88:21:c4:6d:db: e8:a5:24:a1:8e:ae:e7:66:a8:20:49:c7:da:53:ca: c0:ca:56:4c:8d:0b:0c:fa:3e:3c:fe:be:e5:c4:26: 58:8f:ee:3f:4e:eb:08:0c:8a:bf:64:8f:3f:3f:ac: 57:b6:76:7b:38:a1:b2:d8:fb:cd:d5:6c:f9:78:ec: a7:8b:81:05:76:ff:e6:e5:06:d7:b3:ee:3e:95:17: 48:6c:5e:84:07:e5:ed:37:79:c5:90:44:b7:d9:7c: 8d:9d:d9:12:b2:cd:15:3c:92:44:6f:27:bc:a7:08: 4e:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D1:73:41:39:59:2E:32:2F:13:57:04:55:9A:16:17:26:97:6C:92:B6 X509v3 Authority Key Identifier: keyid:90:44:4B:07:9D:F0:08:A7:C7:CB:E2:8F:CB:A5:DB:E0:62:0E:8E:17 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kERLB53wCKfHy-KPy6Xb4GIOjhc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/24ec8e-1cc6-45e3-9063-99149867dbf7/1/kERLB53wCKfHy-KPy6Xb4GIOjhc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/24ec8e-1cc6-45e3-9063-99149867dbf7/1/kERLB53wCKfHy-KPy6Xb4GIOjhc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 41:91:6e:41:65:1b:89:58:25:00:fd:55:7a:ca:45:75:f9:63: 91:c2:db:5f:d3:60:0e:50:bb:08:18:99:14:0d:4e:73:0d:25: fb:37:02:9b:e3:b4:de:4e:45:a2:8a:47:65:2b:28:47:9c:a4: 44:92:54:d9:60:1d:9f:21:a1:60:4f:d8:85:3c:17:c1:6e:69: e6:32:f1:5a:41:30:dd:e1:50:2a:6f:a7:ee:7c:32:1a:8c:61: 09:8c:66:46:1c:c9:6d:a4:3e:fd:60:76:31:cb:a3:e6:10:90: 3c:3d:d3:fd:ea:4a:a8:ae:b8:6f:5e:c7:45:2b:a8:c7:fe:e0: ae:1f:1c:2f:ad:12:92:1d:94:79:e6:e9:35:5d:56:af:c6:32: 34:66:95:84:ac:49:f3:0c:a9:7d:7c:4d:77:d8:14:e1:7e:4c: 8d:dc:69:f3:67:42:4a:37:1e:f1:99:53:8d:61:aa:2a:60:5a: 33:a2:c9:da:38:df:32:83:77:2d:e3:72:29:94:f5:dc:99:80: a6:45:37:0a:0e:52:44:b0:09:cf:b1:6f:dd:a0:d6:20:86:4f: 4f:1e:35:2d:c2:30:3f:bd:f4:7e:b0:ca:3b:be:8a:0e:d7:b3: 11:84:aa:74:b4:16:36:76:cd:07:21:76:06:89:91:17:ef:3e: 11:49:92:9b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs9Wdfc2MOMx6/wLdGwBQ+EMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkwNDQ0YjA3OWRmMDA4YTdjN2NiZTI4ZmNiYTVkYmUwNjIw ZThlMTcwHhcNMjUxMjIwMjAwMDU2WhcNMjUxMjIxMjAwMDU2WjAzMTEwLwYDVQQD EyhkMTczNDEzOTU5MmUzMjJmMTM1NzA0NTU5YTE2MTcyNjk3NmM5MmI2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1HaYFSem/hRh/g4kNGJJyhF4ziOs BraseVvxg+roeHk77JL1vlaHTSfi377rEjL81/k5mxKfCv7FdTcZXqkdXbKhfr5A NFmyIJqpgXS4P+atdFqvHnJhecU/P9PIffmP/GYOoNMj6PiB/g0IB4AWUGLuLYJ8 qLK/FZJlUWwM+yv/oAEVnDBWahcIUiGfZWY4iCHEbdvopSShjq7nZqggScfaU8rA ylZMjQsM+j48/r7lxCZYj+4/TusIDIq/ZI8/P6xXtnZ7OKGy2PvN1Wz5eOyni4EF dv/m5QbXs+4+lRdIbF6EB+XtN3nFkES32XyNndkSss0VPJJEbye8pwhOgQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNFzQTlZLjIvE1cEVZoWFyaXbJK2MB8GA1UdIwQY MBaAFJBESwed8Ainx8vij8ul2+BiDo4XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva0VSTEI1M3dDS2ZIeS1LUHk2WGI0R0lPamhjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8yNGVjOGUtMWNjNi00NWUzLTkwNjMt OTkxNDk4NjdkYmY3LzEva0VSTEI1M3dDS2ZIeS1LUHk2WGI0R0lPamhjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wZS8yNGVjOGUtMWNjNi00NWUzLTkwNjMtOTkxNDk4NjdkYmY3 LzEva0VSTEI1M3dDS2ZIeS1LUHk2WGI0R0lPamhjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQZFuQWUb iVglAP1VespFdfljkcLbX9NgDlC7CBiZFA1Ocw0l+zcCm+O03k5FoopHZSsoR5yk RJJU2WAdnyGhYE/YhTwXwW5p5jLxWkEw3eFQKm+n7nwyGoxhCYxmRhzJbaQ+/WB2 Mcuj5hCQPD3T/epKqK64b17HRSuox/7grh8cL60Skh2UeebpNV1Wr8YyNGaVhKxJ 8wypfXxNd9gU4X5Mjdxp82dCSjce8ZlTjWGqKmBaM6LJ2jjfMoN3LeNyKZT13JmA pkU3Cg5SRLAJz7Fv3aDWIIZPTx41LcIwP730frDKO76KDtezEYSqdLQWNnbNByF2 BomRF+8+EUmSmw== -----END CERTIFICATE-----Generated at Sun Dec 21 03:32:23 2025 by rpki-client