This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/990fda-5905-4e49-a630-15357cd5ece4/1/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.mft File: kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.mft (raw, json) Hash identifier: uPcIivBASAub/W+AfQVtw3t01zJRgL9dAYRR2L5fYUk= Subject key identifier: FE:D3:93:FC:FA:A4:E5:C0:E4:98:CC:50:D5:39:57:30:A7:2F:50:9E Authority key identifier: 91:D3:38:37:0E:10:62:7A:4C:D6:31:E3:FD:E1:86:E1:94:89:8C:81 Certificate issuer: /CN=91d338370e10627a4cd631e3fde186e194898c81 Certificate serial: 019B2EF92AD2FB96B1B62B1F24FB978A8731 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/990fda-5905-4e49-a630-15357cd5ece4/1/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.mft Manifest number: 0D6C Signing time: Thu 18 Dec 2025 01:00:39 +0000 Manifest this update: Thu 18 Dec 2025 01:00:39 +0000 Manifest next update: Fri 19 Dec 2025 01:00:39 +0000 Files and hashes: 1: kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.crl (hash: xTN5aKWqLS+CALbWwzcA424/btzQzQlVgyDZAiS08W0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/46/990fda-5905-4e49-a630-15357cd5ece4/1/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.crl rsync://rpki.ripe.net/repository/DEFAULT/46/990fda-5905-4e49-a630-15357cd5ece4/1/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.mft rsync://rpki.ripe.net/repository/DEFAULT/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 01:00:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2e:f9:2a:d2:fb:96:b1:b6:2b:1f:24:fb:97:8a:87:31 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=91d338370e10627a4cd631e3fde186e194898c81 Validity Not Before: Dec 18 01:00:39 2025 GMT Not After : Dec 19 01:00:39 2025 GMT Subject: CN=fed393fcfaa4e5c0e498cc50d5395730a72f509e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:06:b7:b8:01:fc:fa:fd:6d:2f:68:d3:35:cf: 12:23:7c:9e:54:c5:17:cd:a4:7e:0a:d5:07:9c:12: a2:2c:90:90:a8:53:45:9d:71:72:fd:d7:e2:2d:de: c1:f1:0d:5f:d1:aa:40:d0:d5:b9:07:79:e4:42:48: dc:8a:3b:aa:fe:b9:46:82:53:49:64:b1:58:2b:3a: ab:89:73:d9:63:2e:03:64:f2:77:32:fa:be:4d:0b: c0:b8:b8:31:58:39:ee:9e:7c:79:b6:38:a6:f3:ae: f7:50:20:f1:28:27:69:7b:40:83:7a:b8:0f:3b:6a: a4:d7:02:98:da:6c:f4:77:83:d0:4a:9e:59:aa:97: 9a:54:b1:b2:67:4d:73:e8:f7:13:c4:ae:39:aa:7e: da:83:84:a5:60:bd:fb:33:e7:50:ff:86:e1:81:5a: 76:de:88:c4:7a:bc:88:ef:28:49:8b:e2:8e:b4:1a: e3:c5:22:2b:68:e3:03:1a:43:5d:9e:54:02:c5:b2: 5e:9b:63:e8:11:82:04:43:1b:18:17:7d:e3:1c:89: 30:bf:2f:ef:5c:0e:84:07:cd:dd:25:a6:30:dc:cf: b5:52:cd:5d:9e:b4:97:40:3a:68:87:91:b8:a2:dd: c7:b4:76:fb:6d:f4:3f:b3:ab:a0:cd:de:17:46:01: 11:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FE:D3:93:FC:FA:A4:E5:C0:E4:98:CC:50:D5:39:57:30:A7:2F:50:9E X509v3 Authority Key Identifier: keyid:91:D3:38:37:0E:10:62:7A:4C:D6:31:E3:FD:E1:86:E1:94:89:8C:81 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/990fda-5905-4e49-a630-15357cd5ece4/1/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/46/990fda-5905-4e49-a630-15357cd5ece4/1/kdM4Nw4QYnpM1jHj_eGG4ZSJjIE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 38:16:a2:7d:6c:6f:97:0b:9b:b0:ce:d9:d1:ba:2f:cd:88:ab: 9e:29:2e:b4:93:e2:f9:6a:b3:2f:49:ca:bd:54:9c:af:ee:42: 37:89:32:7b:f1:0c:bc:c2:7f:38:8d:07:d6:6a:51:5e:6b:38: ff:17:ee:80:e8:63:5c:0a:e3:e9:37:b2:7b:2e:12:3b:44:64: 81:1f:e7:5a:fc:39:04:f0:6f:ae:d5:e3:e9:01:78:a2:63:65: 80:7e:72:a4:b1:ff:70:01:b0:5e:1f:62:58:df:b7:74:a8:53: 93:10:b8:39:99:32:0b:64:1f:17:66:0c:54:87:ca:5f:45:14: 72:1c:39:e0:fa:3c:a7:74:4c:c3:e8:75:a8:48:2d:ce:68:3c: 7d:3f:45:1f:ed:fd:f5:d9:d0:63:0c:35:fb:95:12:df:2a:8d: f7:23:0f:d4:17:22:5b:7d:87:25:9f:83:b1:10:1a:07:17:3a: 68:36:82:f3:bd:13:b5:06:a1:9c:ab:87:54:7d:56:6f:75:cf: 66:07:65:43:5c:a9:19:46:df:20:83:c4:aa:49:d5:fa:5f:2f: 9f:a7:8f:d1:8e:a9:56:86:4c:f4:58:ee:8f:64:9d:8b:21:81: 6f:de:f9:2f:99:d2:19:0c:12:d7:4d:a9:b9:6e:be:3d:1f:06: 86:23:e9:38 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsu+SrS+5axtisfJPuXiocxMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkxZDMzODM3MGUxMDYyN2E0Y2Q2MzFlM2ZkZTE4NmUxOTQ4 OThjODEwHhcNMjUxMjE4MDEwMDM5WhcNMjUxMjE5MDEwMDM5WjAzMTEwLwYDVQQD EyhmZWQzOTNmY2ZhYTRlNWMwZTQ5OGNjNTBkNTM5NTczMGE3MmY1MDllMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnQa3uAH8+v1tL2jTNc8SI3yeVMUX zaR+CtUHnBKiLJCQqFNFnXFy/dfiLd7B8Q1f0apA0NW5B3nkQkjcijuq/rlGglNJ ZLFYKzqriXPZYy4DZPJ3Mvq+TQvAuLgxWDnunnx5tjim8673UCDxKCdpe0CDergP O2qk1wKY2mz0d4PQSp5ZqpeaVLGyZ01z6PcTxK45qn7ag4SlYL37M+dQ/4bhgVp2 3ojEeryI7yhJi+KOtBrjxSIraOMDGkNdnlQCxbJem2PoEYIEQxsYF33jHIkwvy/v XA6EB83dJaYw3M+1Us1dnrSXQDpoh5G4ot3HtHb7bfQ/s6ugzd4XRgEReQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFP7Tk/z6pOXA5JjMUNU5VzCnL1CeMB8GA1UdIwQY MBaAFJHTODcOEGJ6TNYx4/3hhuGUiYyBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva2RNNE53NFFZbnBNMWpIal9lR0c0WlNKaklFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni85OTBmZGEtNTkwNS00ZTQ5LWE2MzAt MTUzNTdjZDVlY2U0LzEva2RNNE53NFFZbnBNMWpIal9lR0c0WlNKaklFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Ni85OTBmZGEtNTkwNS00ZTQ5LWE2MzAtMTUzNTdjZDVlY2U0 LzEva2RNNE53NFFZbnBNMWpIal9lR0c0WlNKaklFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOBaifWxv lwubsM7Z0bovzYirnikutJPi+WqzL0nKvVScr+5CN4kye/EMvMJ/OI0H1mpRXms4 /xfugOhjXArj6Teyey4SO0RkgR/nWvw5BPBvrtXj6QF4omNlgH5ypLH/cAGwXh9i WN+3dKhTkxC4OZkyC2QfF2YMVIfKX0UUchw54Po8p3RMw+h1qEgtzmg8fT9FH+39 9dnQYww1+5US3yqN9yMP1BciW32HJZ+DsRAaBxc6aDaC870TtQahnKuHVH1Wb3XP ZgdlQ1ypGUbfIIPEqknV+l8vn6eP0Y6pVoZM9Fjuj2SdiyGBb975L5nSGQwS102p uW6+PR8GhiPpOA== -----END CERTIFICATE-----Generated at Thu Dec 18 09:26:11 2025 by rpki-client