This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/86bd09-32b0-494c-9755-f1792bd77a53/1/kjlpG6eScAY69DZNMIYxNl6QEWo.mft File: kjlpG6eScAY69DZNMIYxNl6QEWo.mft (raw, json) Hash identifier: Y2drnnH7wRRY7FIxqEAPAqpnxoHXUz9SZSTVhAapOn8= Subject key identifier: E1:E7:8A:F3:6E:A7:97:F2:90:1F:03:74:97:FF:85:B5:BE:8E:FC:2E Authority key identifier: 92:39:69:1B:A7:92:70:06:3A:F4:36:4D:30:86:31:36:5E:90:11:6A Certificate issuer: /CN=9239691ba79270063af4364d308631365e90116a Certificate serial: 019B2251314882336C4FA48D9F259BB7F1B7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kjlpG6eScAY69DZNMIYxNl6QEWo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/86bd09-32b0-494c-9755-f1792bd77a53/1/kjlpG6eScAY69DZNMIYxNl6QEWo.mft Manifest number: 0ED4 Signing time: Mon 15 Dec 2025 14:01:44 +0000 Manifest this update: Mon 15 Dec 2025 14:01:44 +0000 Manifest next update: Tue 16 Dec 2025 14:01:44 +0000 Files and hashes: 1: kjlpG6eScAY69DZNMIYxNl6QEWo.crl (hash: ia0T3tPwD3thKcPkJKV/mnyqXx+JOMjBO46RYIfvkn8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/74/86bd09-32b0-494c-9755-f1792bd77a53/1/kjlpG6eScAY69DZNMIYxNl6QEWo.crl rsync://rpki.ripe.net/repository/DEFAULT/74/86bd09-32b0-494c-9755-f1792bd77a53/1/kjlpG6eScAY69DZNMIYxNl6QEWo.mft rsync://rpki.ripe.net/repository/DEFAULT/kjlpG6eScAY69DZNMIYxNl6QEWo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 14:01:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:22:51:31:48:82:33:6c:4f:a4:8d:9f:25:9b:b7:f1:b7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9239691ba79270063af4364d308631365e90116a Validity Not Before: Dec 15 14:01:44 2025 GMT Not After : Dec 16 14:01:44 2025 GMT Subject: CN=e1e78af36ea797f2901f037497ff85b5be8efc2e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:cc:76:80:b6:e5:d9:12:b9:93:3a:36:7f:fc: d5:86:80:5e:7c:e9:99:df:9a:5d:17:3a:f5:d5:87: 55:b2:f8:89:f2:7d:96:f7:19:60:74:ff:fb:c4:d1: 31:dd:04:cd:f1:bc:5d:34:6e:3d:d0:dd:14:07:03: 70:93:00:53:95:58:39:c1:e6:12:5f:b1:8b:ba:e8: 1a:12:b4:13:7c:6c:c1:0e:22:a5:42:f7:9c:4d:00: 86:64:78:d2:37:63:c4:12:ab:a7:1f:cd:23:18:11: 3b:37:cd:63:bc:89:70:87:67:ba:0b:35:30:ca:60: 90:79:5b:89:f2:55:42:78:1b:b9:b9:50:3b:64:c6: 46:5f:88:b0:1e:73:d2:4f:5b:4c:f9:88:30:58:cc: 4e:e0:53:a3:de:96:8e:05:f8:59:cd:cc:7f:0f:7f: de:94:35:80:5f:00:20:f0:c4:47:33:b4:03:c9:7c: 50:d4:0c:c8:0c:8c:c5:02:f3:ae:f5:69:f8:17:f6: 36:b0:d1:66:4f:5e:c4:fb:ec:6d:aa:a8:96:e8:c5: cc:00:3a:64:5e:da:50:1f:cf:f7:67:0d:9e:1d:94: 03:9e:08:7c:ba:c3:b5:c5:e9:f2:39:37:da:26:1a: d4:d9:11:d8:7e:c3:08:83:b9:42:4c:5d:c6:49:00: ff:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E1:E7:8A:F3:6E:A7:97:F2:90:1F:03:74:97:FF:85:B5:BE:8E:FC:2E X509v3 Authority Key Identifier: keyid:92:39:69:1B:A7:92:70:06:3A:F4:36:4D:30:86:31:36:5E:90:11:6A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kjlpG6eScAY69DZNMIYxNl6QEWo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/86bd09-32b0-494c-9755-f1792bd77a53/1/kjlpG6eScAY69DZNMIYxNl6QEWo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/74/86bd09-32b0-494c-9755-f1792bd77a53/1/kjlpG6eScAY69DZNMIYxNl6QEWo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0d:8b:62:cb:09:3f:67:9a:cd:37:3c:f1:81:d4:0d:d4:c6:09: d9:1b:02:fb:92:10:78:f5:cd:9d:70:1a:a0:7c:a0:c7:76:ec: 2d:28:55:7e:38:e4:d6:13:23:e9:da:65:fd:43:63:7c:ba:e5: cf:48:ef:94:57:4c:80:a7:96:1a:44:34:0d:02:c3:3e:52:ff: e0:a4:3c:6b:26:df:98:e4:10:82:74:08:54:3b:f4:28:07:26: 2f:3c:8b:20:0f:01:a0:ae:f1:a8:71:59:0a:57:75:aa:40:57: 03:10:67:64:eb:5e:b3:6e:6a:9e:53:98:51:4c:35:ba:e4:74: 10:4f:63:23:87:7b:81:46:cf:2a:47:a7:49:68:6a:b1:03:6a: 8a:6c:2b:c3:58:22:18:14:3b:c5:e1:ec:a4:36:63:13:df:da: 81:d2:c7:57:b9:2b:99:25:f3:4c:03:85:6a:cb:2b:62:e2:25: 4e:60:95:45:77:da:37:0b:58:11:bb:bc:6a:fd:51:b5:cc:ca: da:21:11:90:26:c2:51:22:cf:ea:1c:50:ea:5c:00:3f:5e:16: 94:c3:46:61:e7:bc:0a:0e:2a:aa:76:dc:70:0c:fc:7e:63:7c: 84:dd:f5:a5:18:64:a9:83:cb:1f:2b:66:9f:eb:51:7e:6c:6d: 99:38:09:12 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsiUTFIgjNsT6SNnyWbt/G3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkyMzk2OTFiYTc5MjcwMDYzYWY0MzY0ZDMwODYzMTM2NWU5 MDExNmEwHhcNMjUxMjE1MTQwMTQ0WhcNMjUxMjE2MTQwMTQ0WjAzMTEwLwYDVQQD EyhlMWU3OGFmMzZlYTc5N2YyOTAxZjAzNzQ5N2ZmODViNWJlOGVmYzJlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn8x2gLbl2RK5kzo2f/zVhoBefOmZ 35pdFzr11YdVsviJ8n2W9xlgdP/7xNEx3QTN8bxdNG490N0UBwNwkwBTlVg5weYS X7GLuugaErQTfGzBDiKlQvecTQCGZHjSN2PEEqunH80jGBE7N81jvIlwh2e6CzUw ymCQeVuJ8lVCeBu5uVA7ZMZGX4iwHnPST1tM+YgwWMxO4FOj3paOBfhZzcx/D3/e lDWAXwAg8MRHM7QDyXxQ1AzIDIzFAvOu9Wn4F/Y2sNFmT17E++xtqqiW6MXMADpk XtpQH8/3Zw2eHZQDngh8usO1xenyOTfaJhrU2RHYfsMIg7lCTF3GSQD/SwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOHnivNup5fykB8DdJf/hbW+jvwuMB8GA1UdIwQY MBaAFJI5aRunknAGOvQ2TTCGMTZekBFqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva2pscEc2ZVNjQVk2OURaTk1JWXhObDZRRVdvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC84NmJkMDktMzJiMC00OTRjLTk3NTUt ZjE3OTJiZDc3YTUzLzEva2pscEc2ZVNjQVk2OURaTk1JWXhObDZRRVdvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83NC84NmJkMDktMzJiMC00OTRjLTk3NTUtZjE3OTJiZDc3YTUz LzEva2pscEc2ZVNjQVk2OURaTk1JWXhObDZRRVdvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADYtiywk/ Z5rNNzzxgdQN1MYJ2RsC+5IQePXNnXAaoHygx3bsLShVfjjk1hMj6dpl/UNjfLrl z0jvlFdMgKeWGkQ0DQLDPlL/4KQ8aybfmOQQgnQIVDv0KAcmLzyLIA8BoK7xqHFZ Cld1qkBXAxBnZOtes25qnlOYUUw1uuR0EE9jI4d7gUbPKkenSWhqsQNqimwrw1gi GBQ7xeHspDZjE9/agdLHV7krmSXzTAOFassrYuIlTmCVRXfaNwtYEbu8av1RtczK 2iERkCbCUSLP6hxQ6lwAP14WlMNGYee8Cg4qqnbccAz8fmN8hN31pRhkqYPLHytm n+tRfmxtmTgJEg== -----END CERTIFICATE-----Generated at Mon Dec 15 18:50:40 2025 by rpki-client