This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/d81bd9-7d58-4380-9707-45b8b8573419/1/Kn-4HcfsycpmKnTuO347rS6k3nE.mft File: Kn-4HcfsycpmKnTuO347rS6k3nE.mft (raw, json) Hash identifier: 0PxyLuuj7M/BHCjg4TKSL3qu4bhJYKnaqN+jZPoLBmo= Subject key identifier: 99:79:DC:A6:38:25:97:EC:84:DD:A5:1D:BD:BB:09:09:76:63:B4:DC Authority key identifier: 2A:7F:B8:1D:C7:EC:C9:CA:66:2A:74:EE:3B:7E:3B:AD:2E:A4:DE:71 Certificate issuer: /CN=2a7fb81dc7ecc9ca662a74ee3b7e3bad2ea4de71 Certificate serial: 019B5AF63C8D5DB878F6A6D8B5EC2DB8A510 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Kn-4HcfsycpmKnTuO347rS6k3nE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/d81bd9-7d58-4380-9707-45b8b8573419/1/Kn-4HcfsycpmKnTuO347rS6k3nE.mft Manifest number: 0186 Signing time: Fri 26 Dec 2025 14:00:45 +0000 Manifest this update: Fri 26 Dec 2025 14:00:45 +0000 Manifest next update: Sat 27 Dec 2025 14:00:45 +0000 Files and hashes: 1: Kn-4HcfsycpmKnTuO347rS6k3nE.crl (hash: 34vLuDKPxnV63zQrowx2ZZDeU+JViapdLOLw547w8zg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/d81bd9-7d58-4380-9707-45b8b8573419/1/Kn-4HcfsycpmKnTuO347rS6k3nE.crl rsync://rpki.ripe.net/repository/DEFAULT/10/d81bd9-7d58-4380-9707-45b8b8573419/1/Kn-4HcfsycpmKnTuO347rS6k3nE.mft rsync://rpki.ripe.net/repository/DEFAULT/Kn-4HcfsycpmKnTuO347rS6k3nE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 11:47:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:f6:3c:8d:5d:b8:78:f6:a6:d8:b5:ec:2d:b8:a5:10 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a7fb81dc7ecc9ca662a74ee3b7e3bad2ea4de71 Validity Not Before: Dec 26 14:00:45 2025 GMT Not After : Dec 27 14:00:45 2025 GMT Subject: CN=9979dca6382597ec84dda51dbdbb09097663b4dc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:1b:cc:92:54:16:a4:23:27:6e:da:b4:61:da: e2:ae:1d:b5:c3:93:ff:95:74:fa:30:fb:72:c2:ee: a1:f7:cb:f3:a1:0c:a7:ed:1f:e5:f1:ab:07:09:99: b3:a8:67:0d:eb:2f:c5:81:6c:86:b9:4f:01:e8:8d: 99:f6:28:97:df:76:1f:13:06:63:20:99:5c:68:04: 7c:b9:65:79:28:1f:ae:62:50:f7:94:08:84:19:9c: a9:13:14:77:7c:1f:73:2c:62:8e:71:bb:67:84:de: 6c:dd:cf:c4:f2:9d:02:e2:cb:6e:42:38:59:d4:53: 22:ac:73:b7:10:c4:3a:25:19:a5:60:2f:10:07:14: ca:cd:aa:88:57:65:61:6d:ea:6c:86:37:fa:53:4c: e8:7d:e3:c8:4d:b4:1e:0b:eb:53:70:a0:ac:31:93: ff:c7:33:72:15:58:93:91:29:1e:a5:ca:85:54:78: bd:0d:40:e3:a3:26:93:c3:8c:61:9b:a0:0d:6e:f1: 16:69:5e:33:1b:ce:71:ec:e6:74:1e:2d:84:ac:86: 8d:59:27:4d:fb:ed:b5:17:5a:74:ea:5e:4e:80:8f: 5b:d3:5d:bc:61:8c:70:3e:e5:00:d0:cd:d1:13:19: b1:8d:ae:6c:92:41:50:1e:1a:82:be:32:ed:a4:43: 60:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 99:79:DC:A6:38:25:97:EC:84:DD:A5:1D:BD:BB:09:09:76:63:B4:DC X509v3 Authority Key Identifier: keyid:2A:7F:B8:1D:C7:EC:C9:CA:66:2A:74:EE:3B:7E:3B:AD:2E:A4:DE:71 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kn-4HcfsycpmKnTuO347rS6k3nE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/d81bd9-7d58-4380-9707-45b8b8573419/1/Kn-4HcfsycpmKnTuO347rS6k3nE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/10/d81bd9-7d58-4380-9707-45b8b8573419/1/Kn-4HcfsycpmKnTuO347rS6k3nE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 58:cd:08:7c:4c:67:b4:d0:06:d6:aa:2a:8e:99:4b:03:1e:bb: 77:cc:bf:c8:67:47:f6:69:3f:02:cd:af:67:c5:83:60:90:fa: f9:d1:c4:9c:e4:c2:0e:7c:8c:75:94:2d:93:00:5d:6c:d2:91: 91:3f:94:3c:91:a1:b7:bb:3c:55:60:6b:b5:0b:c0:cb:17:91: dc:cf:68:ee:2a:b6:4c:21:a2:f8:1b:a3:43:ec:1a:82:5b:fe: 29:7d:d1:6a:67:f2:73:72:b6:2e:ea:4c:45:26:58:8c:3f:00: c3:f2:7b:4a:9d:96:ab:3f:2c:b3:30:fd:3c:fa:0e:7c:62:bf: 69:0c:5e:5b:52:b2:4d:e9:e3:a8:30:f7:8a:a4:73:21:4c:42: aa:3b:2a:8c:71:a4:bc:3e:f0:4e:b6:e2:ce:cd:70:6b:90:5c: 91:f5:b9:35:15:32:af:ce:bf:70:f4:87:3e:0e:a4:e4:2f:09: 08:79:70:c1:f1:a9:61:a1:b8:d1:94:35:46:81:ea:3f:ba:ea: 16:a5:96:89:d6:d1:0e:0b:d4:69:9f:b4:c5:0e:dd:5b:73:ec: 2d:4f:e2:44:de:b5:7d:22:a2:ba:ec:2b:34:a9:82:4b:d4:45: 8f:83:3b:bf:85:78:a7:f6:b4:6c:61:b7:67:35:b1:25:31:ff: 47:61:b5:24 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZta9jyNXbh49qbYtewtuKUQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhN2ZiODFkYzdlY2M5Y2E2NjJhNzRlZTNiN2UzYmFkMmVh NGRlNzEwHhcNMjUxMjI2MTQwMDQ1WhcNMjUxMjI3MTQwMDQ1WjAzMTEwLwYDVQQD Eyg5OTc5ZGNhNjM4MjU5N2VjODRkZGE1MWRiZGJiMDkwOTc2NjNiNGRjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqhvMklQWpCMnbtq0Ydrirh21w5P/ lXT6MPtywu6h98vzoQyn7R/l8asHCZmzqGcN6y/FgWyGuU8B6I2Z9iiX33YfEwZj IJlcaAR8uWV5KB+uYlD3lAiEGZypExR3fB9zLGKOcbtnhN5s3c/E8p0C4stuQjhZ 1FMirHO3EMQ6JRmlYC8QBxTKzaqIV2Vhbepshjf6U0zofePITbQeC+tTcKCsMZP/ xzNyFViTkSkepcqFVHi9DUDjoyaTw4xhm6ANbvEWaV4zG85x7OZ0Hi2ErIaNWSdN ++21F1p06l5OgI9b0128YYxwPuUA0M3RExmxja5skkFQHhqCvjLtpENgewIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJl53KY4JZfshN2lHb27CQl2Y7TcMB8GA1UdIwQY MBaAFCp/uB3H7MnKZip07jt+O60upN5xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS24tNEhjZnN5Y3BtS25UdU8zNDdyUzZrM25FLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC9kODFiZDktN2Q1OC00MzgwLTk3MDct NDViOGI4NTczNDE5LzEvS24tNEhjZnN5Y3BtS25UdU8zNDdyUzZrM25FLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xMC9kODFiZDktN2Q1OC00MzgwLTk3MDctNDViOGI4NTczNDE5 LzEvS24tNEhjZnN5Y3BtS25UdU8zNDdyUzZrM25FLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWM0IfExn tNAG1qoqjplLAx67d8y/yGdH9mk/As2vZ8WDYJD6+dHEnOTCDnyMdZQtkwBdbNKR kT+UPJGht7s8VWBrtQvAyxeR3M9o7iq2TCGi+BujQ+waglv+KX3Ramfyc3K2LupM RSZYjD8Aw/J7Sp2Wqz8sszD9PPoOfGK/aQxeW1KyTenjqDD3iqRzIUxCqjsqjHGk vD7wTrbizs1wa5BckfW5NRUyr86/cPSHPg6k5C8JCHlwwfGpYaG40ZQ1RoHqP7rq FqWWidbRDgvUaZ+0xQ7dW3PsLU/iRN61fSKiuuwrNKmCS9RFj4M7v4V4p/a0bGG3 ZzWxJTH/R2G1JA== -----END CERTIFICATE-----Generated at Fri Dec 26 16:04:02 2025 by rpki-client