This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/695d71-bba1-425d-b9f3-c2677809b4a7/1/kyIxLx0huzs4bKOqlzrGzSVLcDk.mft File: kyIxLx0huzs4bKOqlzrGzSVLcDk.mft (raw, json) Hash identifier: a/SI5ZNsdPsm6ZK5lYo0HLl5OK0kdi500/RNr7QFW+g= Subject key identifier: EF:7F:22:35:65:EE:E7:1C:CB:DC:2F:3F:CB:15:96:2D:1E:EB:D8:EC Authority key identifier: 93:22:31:2F:1D:21:BB:3B:38:6C:A3:AA:97:3A:C6:CD:25:4B:70:39 Certificate issuer: /CN=9322312f1d21bb3b386ca3aa973ac6cd254b7039 Certificate serial: 019B337ADC327B622F4D8FFD0831A6288386 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kyIxLx0huzs4bKOqlzrGzSVLcDk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/695d71-bba1-425d-b9f3-c2677809b4a7/1/kyIxLx0huzs4bKOqlzrGzSVLcDk.mft Manifest number: 177F Signing time: Thu 18 Dec 2025 22:00:48 +0000 Manifest this update: Thu 18 Dec 2025 22:00:48 +0000 Manifest next update: Fri 19 Dec 2025 22:00:48 +0000 Files and hashes: 1: kyIxLx0huzs4bKOqlzrGzSVLcDk.crl (hash: cNwIBXB2ejYTkobGLTFXXh2oGeEMx8+19WTKpPTdUwI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/695d71-bba1-425d-b9f3-c2677809b4a7/1/kyIxLx0huzs4bKOqlzrGzSVLcDk.crl rsync://rpki.ripe.net/repository/DEFAULT/a0/695d71-bba1-425d-b9f3-c2677809b4a7/1/kyIxLx0huzs4bKOqlzrGzSVLcDk.mft rsync://rpki.ripe.net/repository/DEFAULT/kyIxLx0huzs4bKOqlzrGzSVLcDk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:33:7a:dc:32:7b:62:2f:4d:8f:fd:08:31:a6:28:83:86 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9322312f1d21bb3b386ca3aa973ac6cd254b7039 Validity Not Before: Dec 18 22:00:48 2025 GMT Not After : Dec 19 22:00:48 2025 GMT Subject: CN=ef7f223565eee71ccbdc2f3fcb15962d1eebd8ec Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:0e:b8:05:78:d4:0d:65:b0:86:3e:23:0b:3c: 24:25:12:f4:8e:8d:b0:79:ae:32:9b:a2:e5:15:e3: c8:af:5b:ea:83:5f:01:9b:d0:4d:af:45:89:95:64: 82:80:91:77:7f:50:d0:89:98:db:6e:fc:cb:2a:01: 6d:6c:42:54:48:b9:44:92:f7:f4:7d:54:86:57:47: 27:84:64:8d:ea:f0:64:04:8b:42:ed:f7:bc:32:3f: 8d:cd:91:95:68:bb:22:7f:77:69:b3:5c:fd:70:1b: d7:e7:8b:05:6c:93:7c:cf:84:f1:dc:f7:e7:a8:5b: 50:a0:1e:fd:45:e1:96:ea:84:9a:12:69:b3:ee:7f: 6c:02:a4:de:fc:1e:65:99:de:9c:e0:bf:ca:b9:1a: e3:9a:f7:9a:fc:f8:d9:a1:48:93:22:81:37:ae:9d: 30:7f:39:8c:c2:b2:16:14:19:9b:73:49:1a:43:00: b4:bb:1b:ed:db:44:2e:50:14:67:49:33:df:fd:c4: bd:22:4e:da:ca:a9:28:f5:bf:46:5e:30:12:0f:0c: 47:c8:9a:0f:fb:7d:7a:a4:44:79:49:8c:a6:db:8f: 75:51:1e:84:11:a6:29:d6:c8:8a:68:e2:ae:99:de: 5b:29:23:4f:21:67:a4:5f:65:7d:9f:80:dc:07:7e: 6b:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EF:7F:22:35:65:EE:E7:1C:CB:DC:2F:3F:CB:15:96:2D:1E:EB:D8:EC X509v3 Authority Key Identifier: keyid:93:22:31:2F:1D:21:BB:3B:38:6C:A3:AA:97:3A:C6:CD:25:4B:70:39 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kyIxLx0huzs4bKOqlzrGzSVLcDk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/695d71-bba1-425d-b9f3-c2677809b4a7/1/kyIxLx0huzs4bKOqlzrGzSVLcDk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/695d71-bba1-425d-b9f3-c2677809b4a7/1/kyIxLx0huzs4bKOqlzrGzSVLcDk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 42:63:63:98:06:0c:2d:91:f1:2e:18:00:71:68:06:5d:09:77: 72:ea:15:38:ca:6e:51:e9:d4:44:32:71:16:d1:58:11:3b:ac: 86:89:7e:b2:57:78:d5:3c:f1:16:55:a0:08:cb:4f:65:c4:c1: 95:d6:e6:42:04:0e:ec:e0:0f:c9:ac:2e:53:87:87:00:5b:f3: 6b:b9:b6:40:ac:cb:03:6a:76:de:ce:db:4e:2e:0a:db:92:15: c8:25:8a:9d:ba:20:0b:6a:02:b1:81:ee:59:17:f6:68:2c:36: 66:56:e7:ca:5c:75:99:ba:ba:54:36:5f:87:cc:eb:61:27:96: 36:8c:45:9d:1d:8d:41:2d:0f:20:ed:6b:e0:b5:63:63:e4:76: d8:ab:80:8c:3f:44:d2:11:fe:25:0a:e6:2f:ed:d0:c4:98:20: 7a:15:34:61:c7:1c:91:b7:92:cf:0a:95:6c:04:22:b3:84:10: 9f:24:ec:12:a1:bc:a5:0b:ae:29:1b:9e:a9:af:bf:f6:67:6f: 84:70:3b:04:4a:9f:fb:14:61:19:ca:da:6c:a5:ff:93:e4:bc: 6d:56:03:f3:2c:ea:c7:cc:a1:98:d4:4a:7f:1c:49:0a:d9:07: 50:48:7e:7c:dc:40:a0:44:ff:c7:85:9f:b9:18:0e:d0:ae:38: aa:84:73:a1 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZszetwye2IvTY/9CDGmKIOGMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkzMjIzMTJmMWQyMWJiM2IzODZjYTNhYTk3M2FjNmNkMjU0 YjcwMzkwHhcNMjUxMjE4MjIwMDQ4WhcNMjUxMjE5MjIwMDQ4WjAzMTEwLwYDVQQD EyhlZjdmMjIzNTY1ZWVlNzFjY2JkYzJmM2ZjYjE1OTYyZDFlZWJkOGVjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsg64BXjUDWWwhj4jCzwkJRL0jo2w ea4ym6LlFePIr1vqg18Bm9BNr0WJlWSCgJF3f1DQiZjbbvzLKgFtbEJUSLlEkvf0 fVSGV0cnhGSN6vBkBItC7fe8Mj+NzZGVaLsif3dps1z9cBvX54sFbJN8z4Tx3Pfn qFtQoB79ReGW6oSaEmmz7n9sAqTe/B5lmd6c4L/KuRrjmvea/PjZoUiTIoE3rp0w fzmMwrIWFBmbc0kaQwC0uxvt20QuUBRnSTPf/cS9Ik7ayqko9b9GXjASDwxHyJoP +316pER5SYym2491UR6EEaYp1siKaOKumd5bKSNPIWekX2V9n4DcB35rWQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFO9/IjVl7uccy9wvP8sVli0e69jsMB8GA1UdIwQY MBaAFJMiMS8dIbs7OGyjqpc6xs0lS3A5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva3lJeEx4MGh1enM0YktPcWx6ckd6U1ZMY0RrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC82OTVkNzEtYmJhMS00MjVkLWI5ZjMt YzI2Nzc4MDliNGE3LzEva3lJeEx4MGh1enM0YktPcWx6ckd6U1ZMY0RrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMC82OTVkNzEtYmJhMS00MjVkLWI5ZjMtYzI2Nzc4MDliNGE3 LzEva3lJeEx4MGh1enM0YktPcWx6ckd6U1ZMY0RrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQmNjmAYM LZHxLhgAcWgGXQl3cuoVOMpuUenURDJxFtFYETushol+sld41TzxFlWgCMtPZcTB ldbmQgQO7OAPyawuU4eHAFvza7m2QKzLA2p23s7bTi4K25IVyCWKnbogC2oCsYHu WRf2aCw2Zlbnylx1mbq6VDZfh8zrYSeWNoxFnR2NQS0PIO1r4LVjY+R22KuAjD9E 0hH+JQrmL+3QxJggehU0YccckbeSzwqVbAQis4QQnyTsEqG8pQuuKRueqa+/9mdv hHA7BEqf+xRhGcrabKX/k+S8bVYD8yzqx8yhmNRKfxxJCtkHUEh+fNxAoET/x4Wf uRgO0K44qoRzoQ== -----END CERTIFICATE-----Generated at Fri Dec 19 04:51:04 2025 by rpki-client