This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/b95866-7096-4bad-b509-077d52eab70d/1/KsN4tjvKSHwy6M6BL0-F18bvh2Y.mft File: KsN4tjvKSHwy6M6BL0-F18bvh2Y.mft (raw, json) Hash identifier: FFJmdxTk500LaEKSBjoXjm6qptJSsZxlCwXABbMJSV8= Subject key identifier: AE:99:E5:0B:B4:05:40:F8:F0:A2:F3:78:3A:AD:F9:B0:72:55:5F:BF Authority key identifier: 2A:C3:78:B6:3B:CA:48:7C:32:E8:CE:81:2F:4F:85:D7:C6:EF:87:66 Certificate issuer: /CN=2ac378b63bca487c32e8ce812f4f85d7c6ef8766 Certificate serial: 019B3BA2866603CF05DC5A500498C4F61967 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsN4tjvKSHwy6M6BL0-F18bvh2Y.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/b95866-7096-4bad-b509-077d52eab70d/1/KsN4tjvKSHwy6M6BL0-F18bvh2Y.mft Manifest number: 0918 Signing time: Sat 20 Dec 2025 12:01:05 +0000 Manifest this update: Sat 20 Dec 2025 12:01:05 +0000 Manifest next update: Sun 21 Dec 2025 12:01:05 +0000 Files and hashes: 1: KsN4tjvKSHwy6M6BL0-F18bvh2Y.crl (hash: S2/odNs7jcK7uKzXeHfNk1Uu3bfghN7YXUsQi26F5B8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/b95866-7096-4bad-b509-077d52eab70d/1/KsN4tjvKSHwy6M6BL0-F18bvh2Y.crl rsync://rpki.ripe.net/repository/DEFAULT/b0/b95866-7096-4bad-b509-077d52eab70d/1/KsN4tjvKSHwy6M6BL0-F18bvh2Y.mft rsync://rpki.ripe.net/repository/DEFAULT/KsN4tjvKSHwy6M6BL0-F18bvh2Y.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 10:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3b:a2:86:66:03:cf:05:dc:5a:50:04:98:c4:f6:19:67 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2ac378b63bca487c32e8ce812f4f85d7c6ef8766 Validity Not Before: Dec 20 12:01:05 2025 GMT Not After : Dec 21 12:01:05 2025 GMT Subject: CN=ae99e50bb40540f8f0a2f3783aadf9b072555fbf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:49:86:5c:21:e3:66:09:f4:54:48:f7:4a:1e: 0e:a7:38:fe:75:a3:79:c0:77:65:d6:de:8c:55:99: 01:8d:04:4f:68:3b:82:19:d8:36:34:96:b2:e5:a1: 21:6e:bf:db:3e:fb:13:2b:f3:00:d6:a5:86:58:a3: 0c:1a:50:02:65:b8:a2:24:49:78:68:63:44:cc:cf: ba:94:7b:03:9c:af:65:63:8c:d0:da:30:82:f2:4f: 5d:7a:76:04:6a:8d:f0:33:1b:e8:f9:41:bc:10:29: 40:27:36:98:a2:df:cf:1f:b1:f8:9f:7e:55:80:3e: bc:ce:cf:5f:7c:d0:f2:ce:71:db:ba:6d:2e:11:3f: e3:a3:34:26:a8:fc:4c:ae:93:6c:dc:31:46:41:61: 3e:f5:20:3a:ae:20:85:79:69:32:65:7b:ce:e6:c4: 1b:5b:72:14:3c:1b:eb:c1:e5:1f:db:d7:7e:08:e6: 95:ee:e9:62:a1:78:88:5a:4c:90:18:b1:e1:14:79: ac:f7:40:12:93:28:6f:56:39:29:ba:90:ea:c1:b4: a5:18:d9:2a:23:56:0e:1f:18:08:67:8b:d6:1f:3c: 6e:1a:fa:fc:4a:02:b8:54:91:c1:52:6c:e3:4f:b4: 4a:55:c8:23:9e:8f:b1:09:f8:62:83:40:a4:94:60: f8:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AE:99:E5:0B:B4:05:40:F8:F0:A2:F3:78:3A:AD:F9:B0:72:55:5F:BF X509v3 Authority Key Identifier: keyid:2A:C3:78:B6:3B:CA:48:7C:32:E8:CE:81:2F:4F:85:D7:C6:EF:87:66 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsN4tjvKSHwy6M6BL0-F18bvh2Y.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/b95866-7096-4bad-b509-077d52eab70d/1/KsN4tjvKSHwy6M6BL0-F18bvh2Y.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/b95866-7096-4bad-b509-077d52eab70d/1/KsN4tjvKSHwy6M6BL0-F18bvh2Y.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 78:6a:f6:a5:bf:d6:98:9b:31:9c:3c:d7:2c:e6:34:d9:80:aa: 25:a1:ac:3a:bd:68:1a:48:e7:e8:57:91:60:37:e8:f3:97:20: cb:62:6e:66:2b:ec:3b:da:9b:2b:b4:58:12:21:dd:f7:ac:46: d1:76:f8:6c:41:18:ab:d8:cf:0e:75:57:2c:fe:57:7b:01:03: a2:ba:69:eb:95:8f:2f:77:06:22:ce:7d:10:a0:ef:14:a5:b3: 9c:5f:d5:6f:a0:a9:e9:10:56:5b:65:9f:35:c2:ea:27:71:f2: f4:29:7c:ba:d4:fd:86:af:ea:76:18:60:75:c1:38:a0:c7:b0: e1:0b:2e:42:f9:99:2a:8b:38:a3:df:99:b6:7d:e1:ae:e5:cb: 51:12:56:41:c5:8b:bd:63:1f:58:d4:97:6e:23:fa:c9:61:72: 63:26:1a:90:b5:06:9b:44:13:65:d4:7e:c8:91:7d:34:08:77: 5e:4e:ef:61:72:26:b3:4f:2e:32:a1:a0:f1:49:c3:5e:95:1c: cc:e2:df:85:78:cc:8a:b7:0d:c2:9c:be:46:35:4e:82:3b:39: 1c:c2:ae:4b:ca:f9:90:ca:0d:ff:e6:71:78:43:3b:2b:f1:3f: a2:b4:7c:67:3a:47:de:5c:3d:44:70:de:cd:f3:51:de:2c:8b: 80:a1:52:55 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs7ooZmA88F3FpQBJjE9hlnMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhYzM3OGI2M2JjYTQ4N2MzMmU4Y2U4MTJmNGY4NWQ3YzZl Zjg3NjYwHhcNMjUxMjIwMTIwMTA1WhcNMjUxMjIxMTIwMTA1WjAzMTEwLwYDVQQD EyhhZTk5ZTUwYmI0MDU0MGY4ZjBhMmYzNzgzYWFkZjliMDcyNTU1ZmJmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvUmGXCHjZgn0VEj3Sh4Opzj+daN5 wHdl1t6MVZkBjQRPaDuCGdg2NJay5aEhbr/bPvsTK/MA1qWGWKMMGlACZbiiJEl4 aGNEzM+6lHsDnK9lY4zQ2jCC8k9denYEao3wMxvo+UG8EClAJzaYot/PH7H4n35V gD68zs9ffNDyznHbum0uET/jozQmqPxMrpNs3DFGQWE+9SA6riCFeWkyZXvO5sQb W3IUPBvrweUf29d+COaV7ulioXiIWkyQGLHhFHms90ASkyhvVjkpupDqwbSlGNkq I1YOHxgIZ4vWHzxuGvr8SgK4VJHBUmzjT7RKVcgjno+xCfhig0CklGD4TwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFK6Z5Qu0BUD48KLzeDqt+bByVV+/MB8GA1UdIwQY MBaAFCrDeLY7ykh8MujOgS9PhdfG74dmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS3NONHRqdktTSHd5Nk02QkwwLUYxOGJ2aDJZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC9iOTU4NjYtNzA5Ni00YmFkLWI1MDkt MDc3ZDUyZWFiNzBkLzEvS3NONHRqdktTSHd5Nk02QkwwLUYxOGJ2aDJZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMC9iOTU4NjYtNzA5Ni00YmFkLWI1MDktMDc3ZDUyZWFiNzBk LzEvS3NONHRqdktTSHd5Nk02QkwwLUYxOGJ2aDJZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeGr2pb/W mJsxnDzXLOY02YCqJaGsOr1oGkjn6FeRYDfo85cgy2JuZivsO9qbK7RYEiHd96xG 0Xb4bEEYq9jPDnVXLP5XewEDorpp65WPL3cGIs59EKDvFKWznF/Vb6Cp6RBWW2Wf NcLqJ3Hy9Cl8utT9hq/qdhhgdcE4oMew4QsuQvmZKos4o9+Ztn3hruXLURJWQcWL vWMfWNSXbiP6yWFyYyYakLUGm0QTZdR+yJF9NAh3Xk7vYXIms08uMqGg8UnDXpUc zOLfhXjMircNwpy+RjVOgjs5HMKuS8r5kMoN/+ZxeEM7K/E/orR8ZzpH3lw9RHDe zfNR3iyLgKFSVQ== -----END CERTIFICATE-----Generated at Sat Dec 20 18:13:28 2025 by rpki-client