This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/074aad-c947-4311-aff1-ae92b6ae1bfe/1/KAYV5gBqhh9mz3MH0w_JNQx2994.mft File: KAYV5gBqhh9mz3MH0w_JNQx2994.mft (raw, json) Hash identifier: SKTCtUMlXNwYVAsRmdGiXAo8elSpex6+NRpnZ0ae+6M= Subject key identifier: B3:F5:CC:76:7F:57:20:58:45:E8:08:71:9A:C8:F1:5A:78:EC:FF:73 Authority key identifier: 28:06:15:E6:00:6A:86:1F:66:CF:73:07:D3:0F:C9:35:0C:76:F7:DE Certificate issuer: /CN=280615e6006a861f66cf7307d30fc9350c76f7de Certificate serial: 019B59E3C909B476336B1BDD5651CE2B04D2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KAYV5gBqhh9mz3MH0w_JNQx2994.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/074aad-c947-4311-aff1-ae92b6ae1bfe/1/KAYV5gBqhh9mz3MH0w_JNQx2994.mft Manifest number: 1794 Signing time: Fri 26 Dec 2025 09:00:58 +0000 Manifest this update: Fri 26 Dec 2025 09:00:58 +0000 Manifest next update: Sat 27 Dec 2025 09:00:58 +0000 Files and hashes: 1: KAYV5gBqhh9mz3MH0w_JNQx2994.crl (hash: oZIufOBxpqfDd51xI15/As1a4h8DHdWR6dpAqn4LNs4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cc/074aad-c947-4311-aff1-ae92b6ae1bfe/1/KAYV5gBqhh9mz3MH0w_JNQx2994.crl rsync://rpki.ripe.net/repository/DEFAULT/cc/074aad-c947-4311-aff1-ae92b6ae1bfe/1/KAYV5gBqhh9mz3MH0w_JNQx2994.mft rsync://rpki.ripe.net/repository/DEFAULT/KAYV5gBqhh9mz3MH0w_JNQx2994.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:e3:c9:09:b4:76:33:6b:1b:dd:56:51:ce:2b:04:d2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=280615e6006a861f66cf7307d30fc9350c76f7de Validity Not Before: Dec 26 09:00:58 2025 GMT Not After : Dec 27 09:00:58 2025 GMT Subject: CN=b3f5cc767f57205845e808719ac8f15a78ecff73 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:69:cb:8c:72:50:17:46:ad:cd:1e:a8:89:ff: 0e:bd:64:08:51:5c:9d:f6:3c:f7:ad:50:ef:45:4f: c8:5f:c0:1c:86:41:0d:0f:d1:21:d5:ae:d4:78:e8: 11:46:85:0e:62:e7:a8:68:87:eb:9f:e8:70:bb:1c: d5:07:19:bc:b6:0e:c0:7b:ec:5a:fe:b1:c9:f0:6b: 8f:79:5c:e9:1f:a4:d1:9b:73:ed:55:6d:42:6e:7f: 09:65:7a:02:06:f3:9a:df:ed:c7:eb:3c:55:c3:12: c5:0c:26:4c:16:ab:39:ce:dc:34:6e:cd:12:8c:79: 18:fa:91:a8:10:45:45:5e:41:c2:99:cd:89:0b:e6: 38:cd:5c:e3:fb:ad:c9:1d:5a:97:c4:70:bf:17:be: 39:69:f6:fb:c3:50:31:3f:b1:46:07:d1:b6:4d:af: 91:f6:49:c1:94:5a:e1:af:ee:6a:50:27:c1:a4:7c: 67:8f:4f:59:09:31:f6:97:65:43:e9:26:cf:bc:ca: ce:01:e9:93:ba:4e:b0:09:dc:4f:24:b4:a9:b2:77: 69:fa:25:88:a6:2b:ad:76:03:b6:43:85:51:c5:ca: ad:6d:cf:a5:84:d0:30:62:70:90:7d:38:c6:97:62: d1:78:53:f7:fa:b3:e2:83:3c:56:cb:36:0a:e7:ce: 8c:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B3:F5:CC:76:7F:57:20:58:45:E8:08:71:9A:C8:F1:5A:78:EC:FF:73 X509v3 Authority Key Identifier: keyid:28:06:15:E6:00:6A:86:1F:66:CF:73:07:D3:0F:C9:35:0C:76:F7:DE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KAYV5gBqhh9mz3MH0w_JNQx2994.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/074aad-c947-4311-aff1-ae92b6ae1bfe/1/KAYV5gBqhh9mz3MH0w_JNQx2994.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/074aad-c947-4311-aff1-ae92b6ae1bfe/1/KAYV5gBqhh9mz3MH0w_JNQx2994.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption d5:5a:6b:3d:e1:61:9f:c7:22:6d:0d:37:30:e5:05:58:cf:02: 92:ea:b3:34:9d:c0:bc:77:ee:25:0d:92:3b:8f:36:7d:2d:f1: 85:5b:f5:19:1e:96:c4:49:fa:de:24:e9:1c:cc:da:5c:e5:38: 8e:bb:db:af:c3:fe:60:4c:f0:02:60:9f:64:65:72:97:99:6b: 78:19:fa:40:30:f9:e2:56:1d:7d:45:2d:24:09:96:cf:ef:4f: c4:81:49:40:fd:a1:3f:e2:8e:eb:92:ad:01:64:e7:67:4b:d9: 18:21:66:46:36:44:b7:4b:ea:d9:52:c5:10:d7:a0:89:8b:58: eb:e5:0d:16:e2:48:c5:9b:51:4d:6f:1c:79:34:5b:f9:33:ad: 3c:55:4c:f3:fe:a9:f3:30:11:6d:42:e5:ee:9f:3b:78:21:d2: 8f:d6:b0:8d:9f:66:aa:f7:8b:2f:65:0d:86:58:60:46:0d:ff: 9c:3a:c6:59:13:ec:6e:e9:59:0c:0b:fc:b8:39:59:25:ab:f9: 99:8f:d4:0e:65:47:23:e5:04:15:76:4f:ee:81:84:36:7a:b5: 23:ed:d2:d0:a8:02:f4:7c:d4:a2:74:a5:f2:9f:a1:05:61:6c: 0a:bd:a8:d1:6b:a2:7c:7c:72:19:b3:7b:b7:14:2d:2d:3b:6b: 4b:dc:7b:ea -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZ48kJtHYzaxvdVlHOKwTSMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI4MDYxNWU2MDA2YTg2MWY2NmNmNzMwN2QzMGZjOTM1MGM3 NmY3ZGUwHhcNMjUxMjI2MDkwMDU4WhcNMjUxMjI3MDkwMDU4WjAzMTEwLwYDVQQD EyhiM2Y1Y2M3NjdmNTcyMDU4NDVlODA4NzE5YWM4ZjE1YTc4ZWNmZjczMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuWnLjHJQF0atzR6oif8OvWQIUVyd 9jz3rVDvRU/IX8AchkEND9Eh1a7UeOgRRoUOYueoaIfrn+hwuxzVBxm8tg7Ae+xa /rHJ8GuPeVzpH6TRm3PtVW1Cbn8JZXoCBvOa3+3H6zxVwxLFDCZMFqs5ztw0bs0S jHkY+pGoEEVFXkHCmc2JC+Y4zVzj+63JHVqXxHC/F745afb7w1AxP7FGB9G2Ta+R 9knBlFrhr+5qUCfBpHxnj09ZCTH2l2VD6SbPvMrOAemTuk6wCdxPJLSpsndp+iWI piutdgO2Q4VRxcqtbc+lhNAwYnCQfTjGl2LReFP3+rPigzxWyzYK586M+QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLP1zHZ/VyBYRegIcZrI8Vp47P9zMB8GA1UdIwQY MBaAFCgGFeYAaoYfZs9zB9MPyTUMdvfeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS0FZVjVnQnFoaDltejNNSDB3X0pOUXgyOTk0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy8wNzRhYWQtYzk0Ny00MzExLWFmZjEt YWU5MmI2YWUxYmZlLzEvS0FZVjVnQnFoaDltejNNSDB3X0pOUXgyOTk0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jYy8wNzRhYWQtYzk0Ny00MzExLWFmZjEtYWU5MmI2YWUxYmZl LzEvS0FZVjVnQnFoaDltejNNSDB3X0pOUXgyOTk0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEA1VprPeFh n8cibQ03MOUFWM8CkuqzNJ3AvHfuJQ2SO482fS3xhVv1GR6WxEn63iTpHMzaXOU4 jrvbr8P+YEzwAmCfZGVyl5lreBn6QDD54lYdfUUtJAmWz+9PxIFJQP2hP+KO65Kt AWTnZ0vZGCFmRjZEt0vq2VLFENegiYtY6+UNFuJIxZtRTW8ceTRb+TOtPFVM8/6p 8zARbULl7p87eCHSj9awjZ9mqveLL2UNhlhgRg3/nDrGWRPsbulZDAv8uDlZJav5 mY/UDmVHI+UEFXZP7oGENnq1I+3S0KgC9HzUonSl8p+hBWFsCr2o0WuifHxyGbN7 txQtLTtrS9x76g== -----END CERTIFICATE-----Generated at Fri Dec 26 16:03:47 2025 by rpki-client