This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/83226a-4291-4f03-9be3-89e39ac1ed81/1/kYaHyFQkQhcMxR71MW05Y2CXCNw.mft File: kYaHyFQkQhcMxR71MW05Y2CXCNw.mft (raw, json) Hash identifier: e9J+kA22ojuYhp07+wVhYtY9lmwplQos/LQ0gWqj0Mw= Subject key identifier: DF:FC:53:92:CE:E7:7D:E2:8F:1B:B8:1C:72:6F:2C:49:CE:AA:F6:BD Authority key identifier: 91:86:87:C8:54:24:42:17:0C:C5:1E:F5:31:6D:39:63:60:97:08:DC Certificate issuer: /CN=918687c8542442170cc51ef5316d3963609708dc Certificate serial: 019B46265A52DA38BE859D5AD291EED7E5A1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kYaHyFQkQhcMxR71MW05Y2CXCNw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/83226a-4291-4f03-9be3-89e39ac1ed81/1/kYaHyFQkQhcMxR71MW05Y2CXCNw.mft Manifest number: 1399 Signing time: Mon 22 Dec 2025 13:01:16 +0000 Manifest this update: Mon 22 Dec 2025 13:01:16 +0000 Manifest next update: Tue 23 Dec 2025 13:01:16 +0000 Files and hashes: 1: kYaHyFQkQhcMxR71MW05Y2CXCNw.crl (hash: 4pf40G3fF4cZPwNoZ76QeS95sdTlBUVoZ7e8F9ChQUQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/83226a-4291-4f03-9be3-89e39ac1ed81/1/kYaHyFQkQhcMxR71MW05Y2CXCNw.crl rsync://rpki.ripe.net/repository/DEFAULT/3b/83226a-4291-4f03-9be3-89e39ac1ed81/1/kYaHyFQkQhcMxR71MW05Y2CXCNw.mft rsync://rpki.ripe.net/repository/DEFAULT/kYaHyFQkQhcMxR71MW05Y2CXCNw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 13:01:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:46:26:5a:52:da:38:be:85:9d:5a:d2:91:ee:d7:e5:a1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=918687c8542442170cc51ef5316d3963609708dc Validity Not Before: Dec 22 13:01:16 2025 GMT Not After : Dec 23 13:01:16 2025 GMT Subject: CN=dffc5392cee77de28f1bb81c726f2c49ceaaf6bd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:09:5f:10:b1:4b:c8:29:02:ba:cd:c5:59:0f: 6b:26:f0:6f:4e:da:0c:ce:50:55:a8:1b:cf:31:94: d5:6a:08:c5:d7:ba:27:1d:0f:fe:52:68:0f:56:24: 87:10:75:89:45:af:81:e1:13:32:b9:32:25:bd:2b: 77:fd:a8:3d:49:bc:77:a9:e0:fa:18:65:ad:ac:9e: 90:73:e2:14:16:56:d0:48:5b:f9:8e:33:23:8a:a1: e3:85:55:52:0f:e0:a1:ab:83:71:29:a1:1b:13:95: f2:a2:6c:5b:5d:a1:ae:2f:a6:9c:7a:3e:74:f3:d8: a8:7f:29:73:b6:2c:eb:3f:8e:b3:b9:e8:57:65:8c: 71:51:cc:e5:91:27:7d:27:e1:0e:48:6d:d9:0b:06: 69:e5:f1:d1:3d:5a:c8:43:54:31:6e:af:57:b6:53: d8:bd:43:ba:7e:1b:be:1e:d7:3f:c2:bc:67:d5:dc: 93:7e:99:3d:7e:3b:0c:9e:8f:d3:0f:c7:ff:dd:4e: 91:a0:6d:e4:18:e9:2d:a3:05:63:56:11:18:63:01: 81:7b:18:cf:0a:3b:40:9d:7d:3e:5d:54:a8:d6:88: f1:51:2f:82:68:ec:fc:99:c0:cd:50:78:67:d9:d8: 13:bf:e0:97:75:3b:a8:b0:c1:e1:6c:fa:4d:61:16: b2:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:FC:53:92:CE:E7:7D:E2:8F:1B:B8:1C:72:6F:2C:49:CE:AA:F6:BD X509v3 Authority Key Identifier: keyid:91:86:87:C8:54:24:42:17:0C:C5:1E:F5:31:6D:39:63:60:97:08:DC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kYaHyFQkQhcMxR71MW05Y2CXCNw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/83226a-4291-4f03-9be3-89e39ac1ed81/1/kYaHyFQkQhcMxR71MW05Y2CXCNw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/83226a-4291-4f03-9be3-89e39ac1ed81/1/kYaHyFQkQhcMxR71MW05Y2CXCNw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 00:cd:45:c3:10:73:56:29:74:52:c0:24:79:6d:6c:4b:63:3d: e0:13:f6:3b:30:17:73:d1:53:18:dc:19:87:45:98:5c:97:bd: 2b:6f:bc:53:ed:6d:83:e8:ba:2b:36:37:00:2c:81:08:46:d9: c5:51:5a:7d:b4:35:97:73:d7:1b:9a:ad:03:81:cf:74:41:b9: 2f:85:e7:bb:80:7d:b2:af:00:64:a5:00:05:37:b4:ed:f5:87: 7f:87:0f:e1:b3:b0:2a:73:f5:a7:03:ed:7e:69:2b:96:47:b8: ae:4b:0f:1f:ef:de:c5:ad:ce:25:f0:38:c1:3e:bf:04:bc:b6: eb:4e:fb:e8:40:08:69:33:c7:1d:1f:11:e0:df:3d:0d:7f:b9: 76:c6:b4:4f:f2:fb:5b:7a:6a:3d:92:8a:3f:40:3a:7b:2b:35: f9:d8:fa:60:0f:01:0e:34:c4:47:0d:c3:11:fc:4e:38:53:da: b1:2f:91:90:be:48:b6:47:e7:2a:cf:7f:14:84:8a:d9:10:a3: 63:b3:4e:f7:ac:b7:02:da:b8:10:8d:29:96:8e:e8:aa:29:2b: 7a:6e:8f:c6:81:d6:6c:55:71:7a:32:3c:67:6d:49:17:c2:9f: 24:55:f3:22:55:8a:08:74:56:e2:c4:18:13:09:23:1f:27:f7: b2:8a:c8:75 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtGJlpS2ji+hZ1a0pHu1+WhMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkxODY4N2M4NTQyNDQyMTcwY2M1MWVmNTMxNmQzOTYzNjA5 NzA4ZGMwHhcNMjUxMjIyMTMwMTE2WhcNMjUxMjIzMTMwMTE2WjAzMTEwLwYDVQQD EyhkZmZjNTM5MmNlZTc3ZGUyOGYxYmI4MWM3MjZmMmM0OWNlYWFmNmJkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsQlfELFLyCkCus3FWQ9rJvBvTtoM zlBVqBvPMZTVagjF17onHQ/+UmgPViSHEHWJRa+B4RMyuTIlvSt3/ag9Sbx3qeD6 GGWtrJ6Qc+IUFlbQSFv5jjMjiqHjhVVSD+Chq4NxKaEbE5XyomxbXaGuL6acej50 89iofylztizrP46zuehXZYxxUczlkSd9J+EOSG3ZCwZp5fHRPVrIQ1Qxbq9XtlPY vUO6fhu+Htc/wrxn1dyTfpk9fjsMno/TD8f/3U6RoG3kGOktowVjVhEYYwGBexjP CjtAnX0+XVSo1ojxUS+CaOz8mcDNUHhn2dgTv+CXdTuosMHhbPpNYRaytQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFN/8U5LO533ijxu4HHJvLEnOqva9MB8GA1UdIwQY MBaAFJGGh8hUJEIXDMUe9TFtOWNglwjcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva1lhSHlGUWtRaGNNeFI3MU1XMDVZMkNYQ053LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi84MzIyNmEtNDI5MS00ZjAzLTliZTMt ODllMzlhYzFlZDgxLzEva1lhSHlGUWtRaGNNeFI3MU1XMDVZMkNYQ053Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYi84MzIyNmEtNDI5MS00ZjAzLTliZTMtODllMzlhYzFlZDgx LzEva1lhSHlGUWtRaGNNeFI3MU1XMDVZMkNYQ053LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAAM1FwxBz Vil0UsAkeW1sS2M94BP2OzAXc9FTGNwZh0WYXJe9K2+8U+1tg+i6KzY3ACyBCEbZ xVFafbQ1l3PXG5qtA4HPdEG5L4Xnu4B9sq8AZKUABTe07fWHf4cP4bOwKnP1pwPt fmkrlke4rksPH+/exa3OJfA4wT6/BLy260776EAIaTPHHR8R4N89DX+5dsa0T/L7 W3pqPZKKP0A6eys1+dj6YA8BDjTERw3DEfxOOFPasS+RkL5ItkfnKs9/FISK2RCj Y7NO96y3Atq4EI0plo7oqikrem6PxoHWbFVxejI8Z21JF8KfJFXzIlWKCHRW4sQY EwkjHyf3sorIdQ== -----END CERTIFICATE-----Generated at Mon Dec 22 20:24:33 2025 by rpki-client