This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/d7a794-5e38-4e84-8156-460656fe3ab5/1/K7LQI0HBGUmoyHFT-GbA9o8bvXM.mft File: K7LQI0HBGUmoyHFT-GbA9o8bvXM.mft (raw, json) Hash identifier: b+imW/XeNpU0i1fG+pCebUzSNCUShXJeue+ngC8P7Cc= Subject key identifier: A7:6F:8D:AD:1E:F8:30:45:CD:D3:0F:D1:1A:F7:B5:8F:A0:F4:93:C5 Authority key identifier: 2B:B2:D0:23:41:C1:19:49:A8:C8:71:53:F8:66:C0:F6:8F:1B:BD:73 Certificate issuer: /CN=2bb2d02341c11949a8c87153f866c0f68f1bbd73 Certificate serial: 019B39461AA9214C9779DAB3BA1D3E946E8F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K7LQI0HBGUmoyHFT-GbA9o8bvXM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/d7a794-5e38-4e84-8156-460656fe3ab5/1/K7LQI0HBGUmoyHFT-GbA9o8bvXM.mft Manifest number: 0953 Signing time: Sat 20 Dec 2025 01:00:54 +0000 Manifest this update: Sat 20 Dec 2025 01:00:54 +0000 Manifest next update: Sun 21 Dec 2025 01:00:54 +0000 Files and hashes: 1: K7LQI0HBGUmoyHFT-GbA9o8bvXM.crl (hash: R0MFfd+e6L6wMGQ7jNFmi0Whff1Imw0H4J/AUBuTUPo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e1/d7a794-5e38-4e84-8156-460656fe3ab5/1/K7LQI0HBGUmoyHFT-GbA9o8bvXM.crl rsync://rpki.ripe.net/repository/DEFAULT/e1/d7a794-5e38-4e84-8156-460656fe3ab5/1/K7LQI0HBGUmoyHFT-GbA9o8bvXM.mft rsync://rpki.ripe.net/repository/DEFAULT/K7LQI0HBGUmoyHFT-GbA9o8bvXM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 01:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:39:46:1a:a9:21:4c:97:79:da:b3:ba:1d:3e:94:6e:8f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2bb2d02341c11949a8c87153f866c0f68f1bbd73 Validity Not Before: Dec 20 01:00:54 2025 GMT Not After : Dec 21 01:00:54 2025 GMT Subject: CN=a76f8dad1ef83045cdd30fd11af7b58fa0f493c5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:40:53:33:4d:73:bc:98:60:78:b0:b7:37:e4: 7e:fe:a3:8f:9f:9a:4f:48:ef:fe:bb:a6:ed:75:01: ae:be:de:7b:ed:05:3f:ad:74:68:82:60:4e:3c:d7: 34:4b:75:27:ab:4d:95:75:33:1a:21:8f:a3:b2:83: 1a:9a:ae:9a:39:08:95:71:3c:ae:ed:e5:9a:0f:1f: 04:aa:be:7b:93:74:5b:07:46:64:e8:e6:98:bb:5c: 8a:12:c9:5a:1e:75:9a:ee:fc:ad:28:e0:18:f2:52: bb:2a:fc:00:6d:f2:4b:e9:f1:b5:f7:ef:ee:4b:d5: e0:a4:55:84:be:48:4d:64:fb:5f:3d:61:c7:cf:29: d6:19:56:08:38:0d:3d:bd:af:09:91:f8:4a:c8:4e: 3b:83:cf:56:f8:27:0a:58:86:a8:36:27:21:64:f9: 5d:40:a2:b4:ac:7a:cc:62:73:b4:17:04:4b:c8:e9: c2:68:e9:b5:52:17:1d:ed:38:4b:fc:62:ee:ff:0d: 06:ea:e8:7f:dd:bf:ef:c5:4d:9b:95:7a:c3:00:ac: 84:93:79:12:be:b2:15:52:a3:58:9c:01:1b:43:43: b9:5b:dc:9d:67:fc:6b:ad:39:30:41:18:c7:da:f8: 2a:0d:08:3b:af:05:97:81:1b:f8:19:01:b1:8f:76: b9:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A7:6F:8D:AD:1E:F8:30:45:CD:D3:0F:D1:1A:F7:B5:8F:A0:F4:93:C5 X509v3 Authority Key Identifier: keyid:2B:B2:D0:23:41:C1:19:49:A8:C8:71:53:F8:66:C0:F6:8F:1B:BD:73 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K7LQI0HBGUmoyHFT-GbA9o8bvXM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/d7a794-5e38-4e84-8156-460656fe3ab5/1/K7LQI0HBGUmoyHFT-GbA9o8bvXM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/d7a794-5e38-4e84-8156-460656fe3ab5/1/K7LQI0HBGUmoyHFT-GbA9o8bvXM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 75:26:40:99:60:95:56:12:c8:50:69:94:f9:44:72:fe:86:6a: c0:6e:89:b1:be:67:20:14:13:4d:81:97:89:e1:71:b1:b1:90: 14:a9:57:88:30:8d:2d:5b:95:8d:5b:92:09:4a:8d:c1:c7:4d: 49:80:72:96:9d:13:d1:c6:5b:05:20:bf:a8:4d:17:a3:3f:32: dc:4a:f4:88:3e:46:2b:89:94:3a:f3:56:e7:c3:e6:ae:dc:04: 6c:0e:13:70:7d:d1:8d:4b:5b:38:3a:76:f7:a2:ae:7e:e4:01: 0e:81:92:60:05:28:90:ba:bf:8b:67:9d:f5:d6:5f:6c:60:8f: fe:fa:62:df:eb:7e:81:40:97:48:69:55:f7:ae:36:52:c3:7a: 28:8c:88:6e:10:dd:10:e3:c7:5b:30:93:e6:5b:94:cf:a6:bb: 7b:7f:2e:bd:56:dc:c7:08:35:07:c1:2a:31:3b:4c:b1:c0:2c: c4:7e:d3:9a:62:d9:8a:2e:50:b0:38:6a:46:60:b4:68:1e:e6: d6:79:72:c9:99:05:91:b6:7a:3e:02:cc:3b:4f:24:8f:31:f8: 03:b3:65:1d:97:ec:75:fc:d2:08:5a:69:f8:e8:88:8b:99:bc: e6:1b:5a:83:0b:be:80:cc:7e:80:df:d3:cc:8d:48:52:de:1b: 8d:0d:e4:4a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs5RhqpIUyXedqzuh0+lG6PMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJiYjJkMDIzNDFjMTE5NDlhOGM4NzE1M2Y4NjZjMGY2OGYx YmJkNzMwHhcNMjUxMjIwMDEwMDU0WhcNMjUxMjIxMDEwMDU0WjAzMTEwLwYDVQQD EyhhNzZmOGRhZDFlZjgzMDQ1Y2RkMzBmZDExYWY3YjU4ZmEwZjQ5M2M1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6EBTM01zvJhgeLC3N+R+/qOPn5pP SO/+u6btdQGuvt577QU/rXRogmBOPNc0S3Unq02VdTMaIY+jsoMamq6aOQiVcTyu 7eWaDx8Eqr57k3RbB0Zk6OaYu1yKEslaHnWa7vytKOAY8lK7KvwAbfJL6fG19+/u S9XgpFWEvkhNZPtfPWHHzynWGVYIOA09va8JkfhKyE47g89W+CcKWIaoNichZPld QKK0rHrMYnO0FwRLyOnCaOm1Uhcd7ThL/GLu/w0G6uh/3b/vxU2blXrDAKyEk3kS vrIVUqNYnAEbQ0O5W9ydZ/xrrTkwQRjH2vgqDQg7rwWXgRv4GQGxj3a5HwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKdvja0e+DBFzdMP0Rr3tY+g9JPFMB8GA1UdIwQY MBaAFCuy0CNBwRlJqMhxU/hmwPaPG71zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSzdMUUkwSEJHVW1veUhGVC1HYkE5bzhidlhNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9kN2E3OTQtNWUzOC00ZTg0LTgxNTYt NDYwNjU2ZmUzYWI1LzEvSzdMUUkwSEJHVW1veUhGVC1HYkE5bzhidlhNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lMS9kN2E3OTQtNWUzOC00ZTg0LTgxNTYtNDYwNjU2ZmUzYWI1 LzEvSzdMUUkwSEJHVW1veUhGVC1HYkE5bzhidlhNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAdSZAmWCV VhLIUGmU+URy/oZqwG6Jsb5nIBQTTYGXieFxsbGQFKlXiDCNLVuVjVuSCUqNwcdN SYBylp0T0cZbBSC/qE0Xoz8y3Er0iD5GK4mUOvNW58PmrtwEbA4TcH3RjUtbODp2 96KufuQBDoGSYAUokLq/i2ed9dZfbGCP/vpi3+t+gUCXSGlV9642UsN6KIyIbhDd EOPHWzCT5luUz6a7e38uvVbcxwg1B8EqMTtMscAsxH7TmmLZii5QsDhqRmC0aB7m 1nlyyZkFkbZ6PgLMO08kjzH4A7NlHZfsdfzSCFpp+OiIi5m85htagwu+gMx+gN/T zI1IUt4bjQ3kSg== -----END CERTIFICATE-----Generated at Sat Dec 20 07:16:51 2025 by rpki-client