This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/597975-7117-44f6-9400-e1606be92b98/1/KdIywSew2DMQPDH7UlTsuZVrDEw.mft File: KdIywSew2DMQPDH7UlTsuZVrDEw.mft (raw, json) Hash identifier: 336z0tJhJ5kr4NYwCMjHTBk9eZ0uyfseW82AlLeq490= Subject key identifier: C0:D9:B8:63:D4:58:77:F5:8C:B4:68:7A:8F:92:3A:3C:27:94:2E:67 Authority key identifier: 29:D2:32:C1:27:B0:D8:33:10:3C:31:FB:52:54:EC:B9:95:6B:0C:4C Certificate issuer: /CN=29d232c127b0d833103c31fb5254ecb9956b0c4c Certificate serial: 019B42EEB7774AEB3885EEF06AA491B19412 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KdIywSew2DMQPDH7UlTsuZVrDEw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/597975-7117-44f6-9400-e1606be92b98/1/KdIywSew2DMQPDH7UlTsuZVrDEw.mft Manifest number: 0337 Signing time: Sun 21 Dec 2025 22:01:39 +0000 Manifest this update: Sun 21 Dec 2025 22:01:39 +0000 Manifest next update: Mon 22 Dec 2025 22:01:39 +0000 Files and hashes: 1: KdIywSew2DMQPDH7UlTsuZVrDEw.crl (hash: +9THhpetC37Ddgx3l+ba/i61AngeUgNv1rpV6O701QU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/597975-7117-44f6-9400-e1606be92b98/1/KdIywSew2DMQPDH7UlTsuZVrDEw.crl rsync://rpki.ripe.net/repository/DEFAULT/8e/597975-7117-44f6-9400-e1606be92b98/1/KdIywSew2DMQPDH7UlTsuZVrDEw.mft rsync://rpki.ripe.net/repository/DEFAULT/KdIywSew2DMQPDH7UlTsuZVrDEw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:42:ee:b7:77:4a:eb:38:85:ee:f0:6a:a4:91:b1:94:12 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=29d232c127b0d833103c31fb5254ecb9956b0c4c Validity Not Before: Dec 21 22:01:39 2025 GMT Not After : Dec 22 22:01:39 2025 GMT Subject: CN=c0d9b863d45877f58cb4687a8f923a3c27942e67 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f1:e0:53:ff:8a:9e:20:99:a2:97:ce:e7:c9:fd: a1:7a:40:02:5a:ac:d2:e3:05:2e:ff:d1:b2:b1:2c: 1e:7b:ea:5b:25:bb:19:bb:db:e0:39:de:dc:79:47: 1c:72:9c:54:ba:03:f1:91:10:42:c1:56:bb:e4:ba: 02:1c:42:74:d0:b0:88:4d:35:e5:a6:0a:cc:27:65: 52:21:ad:74:4b:8f:e4:52:c4:48:38:15:9c:c3:b6: cb:2e:df:88:f7:c4:a0:86:1e:ad:16:de:5a:c4:de: 20:1b:2e:b2:d8:69:99:e3:c2:a6:a1:f5:ef:41:2d: 9f:4e:4a:e5:c9:27:eb:47:69:08:aa:1f:79:80:d1: 58:d2:bf:32:8b:d7:59:13:53:50:9f:3e:69:3b:a2: c4:ab:71:38:9b:98:d3:c7:60:34:cc:1d:d0:bb:80: 2e:f0:af:33:c7:5a:78:67:27:38:0a:0a:71:91:e2: 59:c7:22:d7:88:41:02:83:1b:67:4b:5c:54:f5:dc: 4b:2b:15:0a:b0:68:f1:b0:44:09:eb:77:50:7b:56: 2b:48:78:df:9e:cf:85:c8:00:ec:de:d7:a4:b8:16: 7f:21:9c:f2:fc:6b:bc:63:5a:fa:ce:8a:bd:b6:5a: 71:c5:4d:09:59:51:69:06:cd:c6:a2:a8:9b:bb:fa: ac:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C0:D9:B8:63:D4:58:77:F5:8C:B4:68:7A:8F:92:3A:3C:27:94:2E:67 X509v3 Authority Key Identifier: keyid:29:D2:32:C1:27:B0:D8:33:10:3C:31:FB:52:54:EC:B9:95:6B:0C:4C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdIywSew2DMQPDH7UlTsuZVrDEw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/597975-7117-44f6-9400-e1606be92b98/1/KdIywSew2DMQPDH7UlTsuZVrDEw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/597975-7117-44f6-9400-e1606be92b98/1/KdIywSew2DMQPDH7UlTsuZVrDEw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 93:22:39:21:a4:8a:6b:55:59:56:41:ae:97:53:06:45:76:b9: bf:78:6e:8e:18:5c:fd:a5:75:61:a9:c3:c4:67:4d:fa:e7:c8: c5:39:21:ed:c1:f8:2f:05:70:15:ef:32:9e:6a:b5:6e:a6:f0: 95:7b:18:b0:d2:db:07:99:4c:84:49:13:35:55:6d:ab:96:67: 2d:5a:d6:99:16:5f:ab:bd:1f:75:32:c7:b3:c7:55:70:06:19: f7:7e:42:67:b0:01:e2:0f:0b:66:d9:dd:11:81:62:7e:0a:1f: 82:24:37:9d:1d:b7:a7:dd:83:16:f2:c9:fe:ea:83:bc:2e:bd: d3:52:b1:8c:99:b0:92:0f:25:5c:33:bd:e6:93:f1:a0:66:11: 3c:f7:84:46:07:f3:23:35:87:11:dc:8b:fb:24:11:4e:77:b4: 8f:bf:3a:68:a7:91:90:07:93:31:38:0a:fe:16:ca:ad:e4:dd: 42:89:ad:96:6c:64:37:6f:f7:c3:43:3f:65:8f:82:7c:ab:8c: 39:6c:df:01:69:9e:d3:8f:08:71:12:55:85:fb:cc:c3:54:2c: 0f:39:77:46:47:53:10:9d:77:bc:e7:26:6b:a0:df:ba:91:14: 96:a7:51:dc:1f:47:9b:62:59:62:15:3e:18:5c:48:d2:8a:e3: 0d:a1:c7:aa -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtC7rd3Sus4he7waqSRsZQSMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI5ZDIzMmMxMjdiMGQ4MzMxMDNjMzFmYjUyNTRlY2I5OTU2 YjBjNGMwHhcNMjUxMjIxMjIwMTM5WhcNMjUxMjIyMjIwMTM5WjAzMTEwLwYDVQQD EyhjMGQ5Yjg2M2Q0NTg3N2Y1OGNiNDY4N2E4ZjkyM2EzYzI3OTQyZTY3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8eBT/4qeIJmil87nyf2hekACWqzS 4wUu/9GysSwee+pbJbsZu9vgOd7ceUcccpxUugPxkRBCwVa75LoCHEJ00LCITTXl pgrMJ2VSIa10S4/kUsRIOBWcw7bLLt+I98Sghh6tFt5axN4gGy6y2GmZ48KmofXv QS2fTkrlySfrR2kIqh95gNFY0r8yi9dZE1NQnz5pO6LEq3E4m5jTx2A0zB3Qu4Au 8K8zx1p4Zyc4CgpxkeJZxyLXiEECgxtnS1xU9dxLKxUKsGjxsEQJ63dQe1YrSHjf ns+FyADs3tekuBZ/IZzy/Gu8Y1r6zoq9tlpxxU0JWVFpBs3Goqibu/qs3wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMDZuGPUWHf1jLRoeo+SOjwnlC5nMB8GA1UdIwQY MBaAFCnSMsEnsNgzEDwx+1JU7LmVawxMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS2RJeXdTZXcyRE1RUERIN1VsVHN1WlZyREV3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS81OTc5NzUtNzExNy00NGY2LTk0MDAt ZTE2MDZiZTkyYjk4LzEvS2RJeXdTZXcyRE1RUERIN1VsVHN1WlZyREV3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84ZS81OTc5NzUtNzExNy00NGY2LTk0MDAtZTE2MDZiZTkyYjk4 LzEvS2RJeXdTZXcyRE1RUERIN1VsVHN1WlZyREV3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkyI5IaSK a1VZVkGul1MGRXa5v3hujhhc/aV1YanDxGdN+ufIxTkh7cH4LwVwFe8ynmq1bqbw lXsYsNLbB5lMhEkTNVVtq5ZnLVrWmRZfq70fdTLHs8dVcAYZ935CZ7AB4g8LZtnd EYFifgofgiQ3nR23p92DFvLJ/uqDvC6901KxjJmwkg8lXDO95pPxoGYRPPeERgfz IzWHEdyL+yQRTne0j786aKeRkAeTMTgK/hbKreTdQomtlmxkN2/3w0M/ZY+CfKuM OWzfAWme048IcRJVhfvMw1QsDzl3RkdTEJ13vOcma6DfupEUlqdR3B9Hm2JZYhU+ GFxI0orjDaHHqg== -----END CERTIFICATE-----Generated at Mon Dec 22 05:35:19 2025 by rpki-client