This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/d2388f-f8a9-4485-937f-840fd5352dc0/1/KmU0qslEKjlNE5oagwPcBJWcHaA.mft File: KmU0qslEKjlNE5oagwPcBJWcHaA.mft (raw, json) Hash identifier: D1j7GXUQ17DCK2hmlHd8O4tia5e87Nb8MQRPcDXEBYo= Subject key identifier: E9:9E:EB:44:A4:57:CE:EB:8E:3D:8C:CC:EF:75:03:72:63:F2:EB:9D Authority key identifier: 2A:65:34:AA:C9:44:2A:39:4D:13:9A:1A:83:03:DC:04:95:9C:1D:A0 Certificate issuer: /CN=2a6534aac9442a394d139a1a8303dc04959c1da0 Certificate serial: 019B21766A6D1EC8ACE5F97666226CC82F26 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KmU0qslEKjlNE5oagwPcBJWcHaA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/d2388f-f8a9-4485-937f-840fd5352dc0/1/KmU0qslEKjlNE5oagwPcBJWcHaA.mft Manifest number: 108E Signing time: Mon 15 Dec 2025 10:02:47 +0000 Manifest this update: Mon 15 Dec 2025 10:02:47 +0000 Manifest next update: Tue 16 Dec 2025 10:02:47 +0000 Files and hashes: 1: KmU0qslEKjlNE5oagwPcBJWcHaA.crl (hash: +bgPDPc2e5iNSMg77Bvt8qnaJKmm2JdqMq+Y2dJNAy4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/d2388f-f8a9-4485-937f-840fd5352dc0/1/KmU0qslEKjlNE5oagwPcBJWcHaA.crl rsync://rpki.ripe.net/repository/DEFAULT/0c/d2388f-f8a9-4485-937f-840fd5352dc0/1/KmU0qslEKjlNE5oagwPcBJWcHaA.mft rsync://rpki.ripe.net/repository/DEFAULT/KmU0qslEKjlNE5oagwPcBJWcHaA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 10:02:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:21:76:6a:6d:1e:c8:ac:e5:f9:76:66:22:6c:c8:2f:26 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a6534aac9442a394d139a1a8303dc04959c1da0 Validity Not Before: Dec 15 10:02:47 2025 GMT Not After : Dec 16 10:02:47 2025 GMT Subject: CN=e99eeb44a457ceeb8e3d8cccef75037263f2eb9d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:b0:29:fb:22:de:4c:b7:53:e7:ad:09:3d:b1: 95:f4:f3:04:8e:e2:f9:a5:77:bf:bf:25:f0:77:9f: 8d:ec:c5:f4:99:be:16:43:bc:61:b3:07:e7:18:b2: eb:14:32:3e:8d:b9:f6:03:22:2f:f5:0a:4b:2b:c7: 0e:8f:74:fb:06:08:cd:61:01:6e:a4:cf:b4:2f:33: 3e:4a:1f:77:4f:56:5e:c5:7c:ea:b2:f1:2b:84:23: 13:65:84:93:b1:b3:08:97:69:72:18:07:7c:b1:61: 4b:9e:ac:22:8b:ea:22:b4:6d:8b:b9:68:f1:0d:1c: 87:b1:27:7a:2a:65:a8:8b:12:4a:2e:0d:d2:02:b3: a3:aa:5e:e8:ba:31:9e:b5:85:93:85:30:98:ec:a1: 2d:45:00:e0:f3:a8:ab:d7:1d:a3:4f:08:06:0d:39: 14:5f:55:de:5a:60:0c:c0:b3:c1:c7:f0:50:96:e8: ec:d2:b5:b6:0c:a4:fc:e0:69:44:31:4a:a1:46:bc: b2:87:1c:19:82:7e:1e:63:2a:2a:7a:bc:6c:09:60: a8:fa:07:fb:07:9f:e2:4d:3c:24:c1:a2:f6:88:4e: 13:3b:6b:2d:8f:06:c9:89:fa:e6:af:16:ec:81:fd: a0:bb:96:2f:59:f1:49:67:54:b1:a5:d2:80:5c:e4: 83:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E9:9E:EB:44:A4:57:CE:EB:8E:3D:8C:CC:EF:75:03:72:63:F2:EB:9D X509v3 Authority Key Identifier: keyid:2A:65:34:AA:C9:44:2A:39:4D:13:9A:1A:83:03:DC:04:95:9C:1D:A0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KmU0qslEKjlNE5oagwPcBJWcHaA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/d2388f-f8a9-4485-937f-840fd5352dc0/1/KmU0qslEKjlNE5oagwPcBJWcHaA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/d2388f-f8a9-4485-937f-840fd5352dc0/1/KmU0qslEKjlNE5oagwPcBJWcHaA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 51:6f:91:1b:b7:2d:20:33:e4:97:9d:d0:70:e2:15:87:94:cb: c8:53:22:5a:05:3a:cb:fe:25:56:15:95:fe:7a:e8:4d:24:9a: bd:38:30:78:84:cb:75:ee:17:e2:67:3a:47:b5:fa:68:97:54: 15:50:02:33:e4:20:be:6c:b3:0c:c5:38:29:3c:68:de:b5:40: 3b:1c:75:4e:a9:91:3a:3b:e0:bf:3d:1f:44:f9:7b:e2:1a:1b: 46:92:68:29:8f:fc:3e:ce:dc:8d:2c:36:46:d3:88:0b:d1:b8: c9:e4:00:05:ac:16:43:50:65:9c:b1:fc:11:e0:d2:71:42:6f: f2:06:97:bd:cc:6a:b8:19:d9:42:ef:cd:64:31:ef:bb:f9:c2: ee:9b:52:76:b8:ef:7f:3a:19:3a:89:38:b9:f6:65:a1:91:ab: c2:f8:a6:cc:36:41:10:33:e7:35:ad:d0:ca:bc:79:d6:be:3f: 42:52:26:fa:5e:df:71:b8:6f:95:18:25:9a:43:0d:05:5d:cd: ac:53:62:63:db:ee:4b:33:44:ca:e1:76:b8:18:66:f0:8c:8a: 5d:28:a8:a4:cb:37:62:a6:1a:96:00:89:3b:58:f9:52:a3:a1: ac:0b:26:6c:83:ff:2a:2c:2d:53:e7:c5:ee:64:0a:25:bb:01: 4b:15:33:50 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZshdmptHsis5fl2ZiJsyC8mMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhNjUzNGFhYzk0NDJhMzk0ZDEzOWExYTgzMDNkYzA0OTU5 YzFkYTAwHhcNMjUxMjE1MTAwMjQ3WhcNMjUxMjE2MTAwMjQ3WjAzMTEwLwYDVQQD EyhlOTllZWI0NGE0NTdjZWViOGUzZDhjY2NlZjc1MDM3MjYzZjJlYjlkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAobAp+yLeTLdT560JPbGV9PMEjuL5 pXe/vyXwd5+N7MX0mb4WQ7xhswfnGLLrFDI+jbn2AyIv9QpLK8cOj3T7BgjNYQFu pM+0LzM+Sh93T1ZexXzqsvErhCMTZYSTsbMIl2lyGAd8sWFLnqwii+oitG2LuWjx DRyHsSd6KmWoixJKLg3SArOjql7oujGetYWThTCY7KEtRQDg86ir1x2jTwgGDTkU X1XeWmAMwLPBx/BQlujs0rW2DKT84GlEMUqhRryyhxwZgn4eYyoqerxsCWCo+gf7 B5/iTTwkwaL2iE4TO2stjwbJifrmrxbsgf2gu5YvWfFJZ1SxpdKAXOSDVwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOme60SkV87rjj2MzO91A3Jj8uudMB8GA1UdIwQY MBaAFCplNKrJRCo5TROaGoMD3ASVnB2gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS21VMHFzbEVLamxORTVvYWd3UGNCSldjSGFBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9kMjM4OGYtZjhhOS00NDg1LTkzN2Yt ODQwZmQ1MzUyZGMwLzEvS21VMHFzbEVLamxORTVvYWd3UGNCSldjSGFBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wYy9kMjM4OGYtZjhhOS00NDg1LTkzN2YtODQwZmQ1MzUyZGMw LzEvS21VMHFzbEVLamxORTVvYWd3UGNCSldjSGFBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAUW+RG7ct IDPkl53QcOIVh5TLyFMiWgU6y/4lVhWV/nroTSSavTgweITLde4X4mc6R7X6aJdU FVACM+QgvmyzDMU4KTxo3rVAOxx1TqmROjvgvz0fRPl74hobRpJoKY/8Ps7cjSw2 RtOIC9G4yeQABawWQ1BlnLH8EeDScUJv8gaXvcxquBnZQu/NZDHvu/nC7ptSdrjv fzoZOok4ufZloZGrwvimzDZBEDPnNa3Qyrx51r4/QlIm+l7fcbhvlRglmkMNBV3N rFNiY9vuSzNEyuF2uBhm8IyKXSiopMs3YqYalgCJO1j5UqOhrAsmbIP/KiwtU+fF 7mQKJbsBSxUzUA== -----END CERTIFICATE-----Generated at Mon Dec 15 16:53:07 2025 by rpki-client