This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/8d8372-e079-4831-afd2-437934c58453/1/001KO3R_ynAQOxfz29xQRcrOMt8.mft File: 001KO3R_ynAQOxfz29xQRcrOMt8.mft (raw, json) Hash identifier: 4NRVx5kUblhbek20XGoj52jJWjdB+q4Z2G3krYM9DQ8= Subject key identifier: BA:7D:17:51:18:A7:FD:7E:99:C6:DD:8A:5F:1E:6A:31:A8:79:9C:AA Authority key identifier: D3:4D:4A:3B:74:7F:CA:70:10:3B:17:F3:DB:DC:50:45:CA:CE:32:DF Certificate issuer: /CN=d34d4a3b747fca70103b17f3dbdc5045cace32df Certificate serial: 019B4F5FEAC7556FE428292BA1A24A64DD8E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/001KO3R_ynAQOxfz29xQRcrOMt8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/8d8372-e079-4831-afd2-437934c58453/1/001KO3R_ynAQOxfz29xQRcrOMt8.mft Manifest number: 1793 Signing time: Wed 24 Dec 2025 08:00:44 +0000 Manifest this update: Wed 24 Dec 2025 08:00:44 +0000 Manifest next update: Thu 25 Dec 2025 08:00:44 +0000 Files and hashes: 1: 001KO3R_ynAQOxfz29xQRcrOMt8.crl (hash: FhgrTM2P143ca0KwbrVWqmXY24QfryoRrgHV2dWb540=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/8d8372-e079-4831-afd2-437934c58453/1/001KO3R_ynAQOxfz29xQRcrOMt8.crl rsync://rpki.ripe.net/repository/DEFAULT/42/8d8372-e079-4831-afd2-437934c58453/1/001KO3R_ynAQOxfz29xQRcrOMt8.mft rsync://rpki.ripe.net/repository/DEFAULT/001KO3R_ynAQOxfz29xQRcrOMt8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 08:00:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4f:5f:ea:c7:55:6f:e4:28:29:2b:a1:a2:4a:64:dd:8e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d34d4a3b747fca70103b17f3dbdc5045cace32df Validity Not Before: Dec 24 08:00:44 2025 GMT Not After : Dec 25 08:00:44 2025 GMT Subject: CN=ba7d175118a7fd7e99c6dd8a5f1e6a31a8799caa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:65:67:73:bf:de:23:63:0a:db:c9:9e:51:dd: 3b:c6:c8:81:26:c1:99:ee:a3:63:5f:d6:8c:18:67: d2:31:a7:61:ad:45:8a:07:50:5c:84:cf:ee:97:c6: ef:d6:6b:dd:ca:f1:18:db:7c:3a:4a:e4:d0:4e:86: 96:88:79:63:98:ef:7b:d3:54:55:34:e3:6d:8c:67: 2a:08:d3:6f:5e:2c:b0:68:27:db:11:83:fa:a9:8d: 23:f7:18:b2:3c:b8:bd:43:a9:6d:c3:a4:19:24:49: 8d:9f:5b:0d:77:84:3d:55:7c:d5:c8:9e:f5:16:a7: b1:74:bf:b2:f7:12:88:c1:98:3f:49:3d:83:8c:5f: 49:e9:5b:dd:62:ae:11:16:e7:69:af:40:f3:e4:54: e8:f0:2a:6b:ca:f6:38:6a:6c:92:39:da:2e:ed:a5: 57:0c:11:d6:70:62:36:83:18:55:6a:84:8d:88:4e: ce:65:54:93:59:42:a4:63:a2:b4:9f:af:99:68:b6: 15:69:6e:4b:16:02:94:8e:80:a3:41:b9:57:be:ef: e2:2c:dc:8b:a3:ef:c0:eb:26:74:54:36:4c:44:a8: 47:cc:4e:a3:b4:05:a9:af:a7:e6:66:89:03:04:de: 37:bb:9d:6f:72:16:d0:a1:c7:8f:78:c4:fc:ae:e8: ca:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BA:7D:17:51:18:A7:FD:7E:99:C6:DD:8A:5F:1E:6A:31:A8:79:9C:AA X509v3 Authority Key Identifier: keyid:D3:4D:4A:3B:74:7F:CA:70:10:3B:17:F3:DB:DC:50:45:CA:CE:32:DF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/001KO3R_ynAQOxfz29xQRcrOMt8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/8d8372-e079-4831-afd2-437934c58453/1/001KO3R_ynAQOxfz29xQRcrOMt8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/42/8d8372-e079-4831-afd2-437934c58453/1/001KO3R_ynAQOxfz29xQRcrOMt8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption c1:a3:02:9e:08:a5:93:82:58:b7:cd:b9:2f:79:70:06:97:76: 3f:d7:bd:c8:9e:58:a4:08:0a:8f:05:84:3b:6f:02:28:8d:24: a2:d8:85:11:c7:e0:eb:35:03:62:94:83:70:3a:9b:03:cc:4f: bf:7f:3c:26:7c:cf:95:b9:a7:2b:65:78:7c:ec:a2:e0:23:47: 5a:e8:18:94:94:4c:38:f2:3d:0a:e2:9b:ec:17:06:a7:38:a8: 54:dc:5b:0e:c4:ee:b4:ab:ea:8d:97:a0:1f:54:80:71:4a:47: 82:df:dc:6e:e4:3a:5e:05:90:11:73:b5:56:a7:6c:0e:83:f5: db:a0:db:3c:0f:94:ec:fd:b9:66:24:a5:0c:78:5b:80:96:49: b1:11:9e:92:5f:ca:b5:22:64:17:60:b7:d4:72:20:6a:f7:59: f8:78:84:e1:79:b3:f2:c6:69:2b:99:dc:f7:6e:f3:ff:33:f6: 8e:78:ac:15:c9:b2:5f:4c:e7:c9:4a:cb:a3:ce:77:ef:8d:9b: 56:c9:44:96:e7:d9:bd:e4:dd:14:8c:5f:89:b0:3f:b4:1d:0c: d9:a3:6e:78:e0:35:db:8c:d6:69:a0:e8:90:71:b5:b5:35:1a: 36:b5:2f:41:6f:2d:ce:45:df:17:13:f7:a6:fa:25:d2:00:d5: 25:89:c3:88 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtPX+rHVW/kKCkroaJKZN2OMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQzNGQ0YTNiNzQ3ZmNhNzAxMDNiMTdmM2RiZGM1MDQ1Y2Fj ZTMyZGYwHhcNMjUxMjI0MDgwMDQ0WhcNMjUxMjI1MDgwMDQ0WjAzMTEwLwYDVQQD EyhiYTdkMTc1MTE4YTdmZDdlOTljNmRkOGE1ZjFlNmEzMWE4Nzk5Y2FhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0GVnc7/eI2MK28meUd07xsiBJsGZ 7qNjX9aMGGfSMadhrUWKB1BchM/ul8bv1mvdyvEY23w6SuTQToaWiHljmO9701RV NONtjGcqCNNvXiywaCfbEYP6qY0j9xiyPLi9Q6ltw6QZJEmNn1sNd4Q9VXzVyJ71 FqexdL+y9xKIwZg/ST2DjF9J6VvdYq4RFudpr0Dz5FTo8CpryvY4amySOdou7aVX DBHWcGI2gxhVaoSNiE7OZVSTWUKkY6K0n6+ZaLYVaW5LFgKUjoCjQblXvu/iLNyL o+/A6yZ0VDZMRKhHzE6jtAWpr6fmZokDBN43u51vchbQocePeMT8rujK5QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLp9F1EYp/1+mcbdil8eajGoeZyqMB8GA1UdIwQY MBaAFNNNSjt0f8pwEDsX89vcUEXKzjLfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMDAxS08zUl95bkFRT3hmejI5eFFSY3JPTXQ4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi84ZDgzNzItZTA3OS00ODMxLWFmZDIt NDM3OTM0YzU4NDUzLzEvMDAxS08zUl95bkFRT3hmejI5eFFSY3JPTXQ4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Mi84ZDgzNzItZTA3OS00ODMxLWFmZDItNDM3OTM0YzU4NDUz LzEvMDAxS08zUl95bkFRT3hmejI5eFFSY3JPTXQ4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwaMCngil k4JYt825L3lwBpd2P9e9yJ5YpAgKjwWEO28CKI0kotiFEcfg6zUDYpSDcDqbA8xP v388JnzPlbmnK2V4fOyi4CNHWugYlJRMOPI9CuKb7BcGpzioVNxbDsTutKvqjZeg H1SAcUpHgt/cbuQ6XgWQEXO1VqdsDoP126DbPA+U7P25ZiSlDHhbgJZJsRGekl/K tSJkF2C31HIgavdZ+HiE4Xmz8sZpK5nc927z/zP2jnisFcmyX0znyUrLo853742b VslElufZveTdFIxfibA/tB0M2aNueOA124zWaaDokHG1tTUaNrUvQW8tzkXfFxP3 pvol0gDVJYnDiA== -----END CERTIFICATE-----Generated at Wed Dec 24 13:23:01 2025 by rpki-client