This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/f08170-8d92-4cfa-b733-fbdbe514df5a/1/KYm1iRINOeoU_1OWO_IxV9Mkleo.mft File: KYm1iRINOeoU_1OWO_IxV9Mkleo.mft (raw, json) Hash identifier: 15Wj4m3npQvQo6X7sKn28Ckzs8ZZkJrO2IJnATWG3jk= Subject key identifier: 1B:16:7B:03:94:40:F7:AC:1B:01:FB:75:22:0E:0B:70:34:C4:91:F5 Authority key identifier: 29:89:B5:89:12:0D:39:EA:14:FF:53:96:3B:F2:31:57:D3:24:95:EA Certificate issuer: /CN=2989b589120d39ea14ff53963bf23157d32495ea Certificate serial: 019B22BE822B67D8975E6B22BE5436BAB976 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KYm1iRINOeoU_1OWO_IxV9Mkleo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/f08170-8d92-4cfa-b733-fbdbe514df5a/1/KYm1iRINOeoU_1OWO_IxV9Mkleo.mft Manifest number: 1778 Signing time: Mon 15 Dec 2025 16:01:09 +0000 Manifest this update: Mon 15 Dec 2025 16:01:09 +0000 Manifest next update: Tue 16 Dec 2025 16:01:09 +0000 Files and hashes: 1: KYm1iRINOeoU_1OWO_IxV9Mkleo.crl (hash: GxKgadiwnbQXVmupVO4/jS/zQ5oouXgYWZ4lD1LM3mY=) 2: qCYAPp7Dim0U2WN8VdnzBt9dUOY.roa (hash: A0zVfMWFcmAvQiJtyOik4/Esuwb1ukoj8nbTE0+n850=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/f08170-8d92-4cfa-b733-fbdbe514df5a/1/KYm1iRINOeoU_1OWO_IxV9Mkleo.crl rsync://rpki.ripe.net/repository/DEFAULT/7a/f08170-8d92-4cfa-b733-fbdbe514df5a/1/KYm1iRINOeoU_1OWO_IxV9Mkleo.mft rsync://rpki.ripe.net/repository/DEFAULT/KYm1iRINOeoU_1OWO_IxV9Mkleo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 15:30:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:22:be:82:2b:67:d8:97:5e:6b:22:be:54:36:ba:b9:76 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2989b589120d39ea14ff53963bf23157d32495ea Validity Not Before: Dec 15 16:01:09 2025 GMT Not After : Dec 16 16:01:09 2025 GMT Subject: CN=1b167b039440f7ac1b01fb75220e0b7034c491f5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:92:0e:13:cd:39:03:26:67:95:ee:d4:14:9d:53: 9c:09:5c:80:30:e5:ea:7f:c9:85:db:95:ad:84:de: 58:1a:09:93:60:af:d2:88:98:16:34:6e:52:9f:c9: 25:e0:55:58:60:72:85:3f:f7:1c:36:33:c6:58:6c: 57:f1:21:44:32:59:58:3c:6d:38:d2:c9:fc:1a:dc: bb:1a:ed:59:06:df:1a:d6:2e:2b:19:eb:45:1c:f8: 05:16:d9:75:1a:fc:7e:a9:fb:40:0b:93:0a:8f:32: f1:7d:5e:98:51:9b:f0:7b:04:ea:87:34:17:ad:1e: 24:b1:df:b9:c1:c7:f9:7c:51:cb:47:37:29:37:7f: b0:62:fb:7a:3a:ce:5b:39:45:29:1c:f8:32:dd:36: ee:95:58:80:27:ba:11:a2:eb:44:b0:17:c8:93:bd: 7b:fd:11:fd:b4:51:c4:28:16:ce:18:b3:de:bc:dc: 11:ae:bb:1a:b7:d6:02:94:78:86:5c:0f:75:5b:15: 20:79:c9:76:02:82:3a:40:d0:af:dc:98:a9:72:15: ea:30:1a:39:6b:be:db:b2:f1:33:20:4b:48:f4:58: da:96:f3:33:01:bb:72:86:f1:15:e7:a0:46:d9:3c: 62:40:3a:10:2b:1a:3e:8a:10:d1:cf:74:5e:3c:d2: dd:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1B:16:7B:03:94:40:F7:AC:1B:01:FB:75:22:0E:0B:70:34:C4:91:F5 X509v3 Authority Key Identifier: keyid:29:89:B5:89:12:0D:39:EA:14:FF:53:96:3B:F2:31:57:D3:24:95:EA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KYm1iRINOeoU_1OWO_IxV9Mkleo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/f08170-8d92-4cfa-b733-fbdbe514df5a/1/KYm1iRINOeoU_1OWO_IxV9Mkleo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/f08170-8d92-4cfa-b733-fbdbe514df5a/1/KYm1iRINOeoU_1OWO_IxV9Mkleo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 75:ef:0c:37:59:4b:2c:07:6a:a4:77:94:2a:73:8b:15:4f:29: 7e:d3:b0:24:0e:20:67:20:90:bc:ac:26:45:eb:13:ac:c4:4a: 28:d3:16:39:8b:ab:07:53:48:27:6e:49:49:9d:e9:c5:e8:56: 57:17:81:53:9d:ab:90:c7:51:31:e2:b3:81:2d:f9:f5:13:1a: d3:51:69:1a:1e:1e:94:70:5f:7f:bd:73:88:17:3f:e8:ba:86: e1:39:ad:80:b3:e8:4d:fc:54:82:60:cd:10:9b:bc:83:ae:4a: 60:da:14:64:05:a6:59:7c:b4:53:79:4f:08:78:03:d8:7e:77: 0f:5c:11:01:94:c7:67:e2:21:8f:b3:3f:ef:0e:d2:8b:6e:3b: 45:be:6d:cb:b7:8d:24:9f:d0:7e:c8:d5:d4:61:33:a9:06:7f: 1c:6d:88:42:6b:17:ab:4e:09:e8:c4:c8:a7:9f:e9:4b:17:20: 72:fc:ff:a3:5e:f6:ef:ad:bf:99:c7:ac:63:39:0c:b3:4f:b4: 97:4c:db:6c:a8:8d:1a:b6:11:53:44:9b:8d:f7:20:bf:fa:86: 53:b8:70:5e:6b:82:01:e0:88:82:42:7f:b6:5f:a8:46:60:e4: f7:4e:e1:1f:35:28:75:49:1c:c7:33:ae:c9:fc:8b:38:3d:54: d0:f1:60:c2 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsivoIrZ9iXXmsivlQ2url2MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI5ODliNTg5MTIwZDM5ZWExNGZmNTM5NjNiZjIzMTU3ZDMy NDk1ZWEwHhcNMjUxMjE1MTYwMTA5WhcNMjUxMjE2MTYwMTA5WjAzMTEwLwYDVQQD EygxYjE2N2IwMzk0NDBmN2FjMWIwMWZiNzUyMjBlMGI3MDM0YzQ5MWY1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkg4TzTkDJmeV7tQUnVOcCVyAMOXq f8mF25WthN5YGgmTYK/SiJgWNG5Sn8kl4FVYYHKFP/ccNjPGWGxX8SFEMllYPG04 0sn8Gty7Gu1ZBt8a1i4rGetFHPgFFtl1Gvx+qftAC5MKjzLxfV6YUZvwewTqhzQX rR4ksd+5wcf5fFHLRzcpN3+wYvt6Os5bOUUpHPgy3TbulViAJ7oRoutEsBfIk717 /RH9tFHEKBbOGLPevNwRrrsat9YClHiGXA91WxUgecl2AoI6QNCv3JipchXqMBo5 a77bsvEzIEtI9FjalvMzAbtyhvEV56BG2TxiQDoQKxo+ihDRz3RePNLdAwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBsWewOUQPesGwH7dSIOC3A0xJH1MB8GA1UdIwQY MBaAFCmJtYkSDTnqFP9TljvyMVfTJJXqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS1ltMWlSSU5PZW9VXzFPV09fSXhWOU1rbGVvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9mMDgxNzAtOGQ5Mi00Y2ZhLWI3MzMt ZmJkYmU1MTRkZjVhLzEvS1ltMWlSSU5PZW9VXzFPV09fSXhWOU1rbGVvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83YS9mMDgxNzAtOGQ5Mi00Y2ZhLWI3MzMtZmJkYmU1MTRkZjVh LzEvS1ltMWlSSU5PZW9VXzFPV09fSXhWOU1rbGVvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAde8MN1lL LAdqpHeUKnOLFU8pftOwJA4gZyCQvKwmResTrMRKKNMWOYurB1NIJ25JSZ3pxehW VxeBU52rkMdRMeKzgS359RMa01FpGh4elHBff71ziBc/6LqG4TmtgLPoTfxUgmDN EJu8g65KYNoUZAWmWXy0U3lPCHgD2H53D1wRAZTHZ+Ihj7M/7w7Si247Rb5ty7eN JJ/QfsjV1GEzqQZ/HG2IQmsXq04J6MTIp5/pSxcgcvz/o172762/mcesYzkMs0+0 l0zbbKiNGrYRU0Sbjfcgv/qGU7hwXmuCAeCIgkJ/tl+oRmDk907hHzUodUkcxzOu yfyLOD1U0PFgwg== -----END CERTIFICATE-----Generated at Mon Dec 15 19:56:06 2025 by rpki-client