This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/e8f344-edb2-4400-b3ca-527ac54c2357/1/kTg2hZxs4YaTQO3x8nNwm4CU2dQ.mft File: kTg2hZxs4YaTQO3x8nNwm4CU2dQ.mft (raw, json) Hash identifier: ItFLB5XxtYSHwrAPcrTVBH6MnGZXW4+qPY/fG4kimSM= Subject key identifier: CC:39:85:01:37:3E:CA:A5:0E:19:53:E2:41:42:2E:F3:1E:CD:9A:E7 Authority key identifier: 91:38:36:85:9C:6C:E1:86:93:40:ED:F1:F2:73:70:9B:80:94:D9:D4 Certificate issuer: /CN=913836859c6ce1869340edf1f273709b8094d9d4 Certificate serial: 019B3BA277483D6E9B5E46335B79FB0A65D2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kTg2hZxs4YaTQO3x8nNwm4CU2dQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/e8f344-edb2-4400-b3ca-527ac54c2357/1/kTg2hZxs4YaTQO3x8nNwm4CU2dQ.mft Manifest number: 16EF Signing time: Sat 20 Dec 2025 12:01:01 +0000 Manifest this update: Sat 20 Dec 2025 12:01:01 +0000 Manifest next update: Sun 21 Dec 2025 12:01:01 +0000 Files and hashes: 1: i0znYyDIsk78QzCDDCTg60lK9ig.roa (hash: aeDo1wq5VczgcfrDX0J+4eB6IcjwVsRwiJM6vkXROSk=) 2: kTg2hZxs4YaTQO3x8nNwm4CU2dQ.crl (hash: O50rcyohYld436pMg5gIoYPzNunm27VT+SN/owrO7+Y=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/04/e8f344-edb2-4400-b3ca-527ac54c2357/1/kTg2hZxs4YaTQO3x8nNwm4CU2dQ.crl rsync://rpki.ripe.net/repository/DEFAULT/04/e8f344-edb2-4400-b3ca-527ac54c2357/1/kTg2hZxs4YaTQO3x8nNwm4CU2dQ.mft rsync://rpki.ripe.net/repository/DEFAULT/kTg2hZxs4YaTQO3x8nNwm4CU2dQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 10:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3b:a2:77:48:3d:6e:9b:5e:46:33:5b:79:fb:0a:65:d2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=913836859c6ce1869340edf1f273709b8094d9d4 Validity Not Before: Dec 20 12:01:01 2025 GMT Not After : Dec 21 12:01:01 2025 GMT Subject: CN=cc398501373ecaa50e1953e241422ef31ecd9ae7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:f7:36:8d:3b:e1:b2:5d:82:9a:9b:47:e5:17: 26:08:25:1b:0f:94:aa:ed:ca:83:06:87:73:ac:f4: 5f:bc:e9:d7:ed:b7:e5:1e:f7:03:d2:89:8e:b8:c9: 14:ad:68:4b:7e:a3:17:46:77:55:b4:63:9a:0d:38: b3:e1:ad:6a:d0:e1:03:d4:cd:a4:3a:87:bc:8d:c0: 3c:a9:87:ab:fc:ae:8c:cc:1a:96:c6:01:b1:c6:3a: 1e:66:8b:12:7c:d2:0e:f2:48:d3:ab:c4:70:55:d6: 11:e7:3c:7a:1f:9b:7f:2e:46:62:f9:5e:61:68:9c: 8d:c5:6d:53:29:f8:96:a6:1c:65:7a:a7:03:a3:b8: f5:f9:a0:99:7b:d3:0c:6a:3a:4b:a0:95:1c:00:08: 9f:52:c4:92:63:f4:68:2f:7f:57:1e:30:83:71:36: 11:67:66:83:16:3f:0e:64:da:28:e8:f3:8c:a2:d3: cd:00:d6:c2:4a:0a:a7:58:cc:c4:95:38:f0:ea:9b: ab:11:1f:c0:3e:84:ab:c2:2a:74:3d:92:54:6e:e5: 1e:b1:a5:ee:cb:a5:42:6e:a6:2e:18:72:a9:63:a6: a8:25:91:8d:3c:8c:16:be:28:c9:c2:7d:32:a1:4e: 30:82:1d:b3:ee:19:7e:6e:fa:ec:04:ce:2e:14:f9: 93:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CC:39:85:01:37:3E:CA:A5:0E:19:53:E2:41:42:2E:F3:1E:CD:9A:E7 X509v3 Authority Key Identifier: keyid:91:38:36:85:9C:6C:E1:86:93:40:ED:F1:F2:73:70:9B:80:94:D9:D4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kTg2hZxs4YaTQO3x8nNwm4CU2dQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/e8f344-edb2-4400-b3ca-527ac54c2357/1/kTg2hZxs4YaTQO3x8nNwm4CU2dQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/04/e8f344-edb2-4400-b3ca-527ac54c2357/1/kTg2hZxs4YaTQO3x8nNwm4CU2dQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 97:b8:27:8c:9f:53:2a:ea:25:fe:aa:9d:6a:0e:c9:50:c1:d5: 90:1f:55:9c:b0:81:9a:6c:7d:56:cb:b6:db:31:a9:79:2a:2e: e5:cf:bc:f0:8f:ca:d1:58:7f:33:a2:49:41:a5:a6:0c:d6:21: 1b:a2:91:ce:04:97:51:50:fb:1f:7b:b2:e6:29:2f:a6:4f:8a: 9e:d3:ed:b7:81:f4:f6:a1:59:76:f9:6e:a7:71:5f:7a:55:88: f9:cc:54:f4:3d:09:3a:87:21:cf:f1:1a:fd:60:3c:f1:42:37: c1:0f:71:d3:f1:26:98:53:06:b5:65:32:2d:f1:1a:92:0f:57: 30:51:25:a8:fa:f0:21:f9:30:95:b0:93:c2:80:74:9d:19:54: 4d:c3:7c:71:5f:c9:cc:ba:c2:60:93:74:7f:3d:ed:fa:98:7f: 8b:51:4b:df:31:8a:f2:6d:1d:c1:c9:02:37:7e:56:ff:8f:6b: 4b:2c:7c:17:90:3a:0c:5b:09:fd:62:47:4e:7e:43:d1:21:54: 23:6c:91:d7:2b:62:dc:1e:6f:ab:23:19:b7:23:f8:92:39:0f: ff:75:ea:8d:e0:82:75:2b:7a:b3:f4:09:53:f3:5a:72:18:98: 58:9f:50:bb:57:78:b9:d0:8d:cc:81:16:83:93:e7:dc:eb:c4: d5:5a:d8:37 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs7ondIPW6bXkYzW3n7CmXSMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkxMzgzNjg1OWM2Y2UxODY5MzQwZWRmMWYyNzM3MDliODA5 NGQ5ZDQwHhcNMjUxMjIwMTIwMTAxWhcNMjUxMjIxMTIwMTAxWjAzMTEwLwYDVQQD EyhjYzM5ODUwMTM3M2VjYWE1MGUxOTUzZTI0MTQyMmVmMzFlY2Q5YWU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqvc2jTvhsl2CmptH5RcmCCUbD5Sq 7cqDBodzrPRfvOnX7bflHvcD0omOuMkUrWhLfqMXRndVtGOaDTiz4a1q0OED1M2k Ooe8jcA8qYer/K6MzBqWxgGxxjoeZosSfNIO8kjTq8RwVdYR5zx6H5t/LkZi+V5h aJyNxW1TKfiWphxleqcDo7j1+aCZe9MMajpLoJUcAAifUsSSY/RoL39XHjCDcTYR Z2aDFj8OZNoo6POMotPNANbCSgqnWMzElTjw6purER/APoSrwip0PZJUbuUesaXu y6VCbqYuGHKpY6aoJZGNPIwWvijJwn0yoU4wgh2z7hl+bvrsBM4uFPmTNQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMw5hQE3PsqlDhlT4kFCLvMezZrnMB8GA1UdIwQY MBaAFJE4NoWcbOGGk0Dt8fJzcJuAlNnUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva1RnMmhaeHM0WWFUUU8zeDhuTndtNENVMmRRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC9lOGYzNDQtZWRiMi00NDAwLWIzY2Et NTI3YWM1NGMyMzU3LzEva1RnMmhaeHM0WWFUUU8zeDhuTndtNENVMmRRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wNC9lOGYzNDQtZWRiMi00NDAwLWIzY2EtNTI3YWM1NGMyMzU3 LzEva1RnMmhaeHM0WWFUUU8zeDhuTndtNENVMmRRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAl7gnjJ9T Kuol/qqdag7JUMHVkB9VnLCBmmx9Vsu22zGpeSou5c+88I/K0Vh/M6JJQaWmDNYh G6KRzgSXUVD7H3uy5ikvpk+KntPtt4H09qFZdvlup3FfelWI+cxU9D0JOochz/Ea /WA88UI3wQ9x0/EmmFMGtWUyLfEakg9XMFElqPrwIfkwlbCTwoB0nRlUTcN8cV/J zLrCYJN0fz3t+ph/i1FL3zGK8m0dwckCN35W/49rSyx8F5A6DFsJ/WJHTn5D0SFU I2yR1yti3B5vqyMZtyP4kjkP/3XqjeCCdSt6s/QJU/NachiYWJ9Qu1d4udCNzIEW g5Pn3OvE1VrYNw== -----END CERTIFICATE-----Generated at Sat Dec 20 18:13:56 2025 by rpki-client