This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/352f9a-4fde-484a-b923-c87fbbd03e86/1/KPmBwgqmUqqF4Ai9Ji97wfhWw1g.mft File: KPmBwgqmUqqF4Ai9Ji97wfhWw1g.mft (raw, json) Hash identifier: zZ1xNNNZjCM+uJMwM/mdMpW9nH4RFRGmacu/f6x2AIA= Subject key identifier: B0:51:0E:3E:E3:C7:B2:78:0D:E8:4A:AF:07:19:CE:89:51:62:D1:89 Authority key identifier: 28:F9:81:C2:0A:A6:52:AA:85:E0:08:BD:26:2F:7B:C1:F8:56:C3:58 Certificate issuer: /CN=28f981c20aa652aa85e008bd262f7bc1f856c358 Certificate serial: 019B397DB657E4EBD85DCF10F630A859DE9B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KPmBwgqmUqqF4Ai9Ji97wfhWw1g.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/352f9a-4fde-484a-b923-c87fbbd03e86/1/KPmBwgqmUqqF4Ai9Ji97wfhWw1g.mft Manifest number: 11D0 Signing time: Sat 20 Dec 2025 02:01:38 +0000 Manifest this update: Sat 20 Dec 2025 02:01:38 +0000 Manifest next update: Sun 21 Dec 2025 02:01:38 +0000 Files and hashes: 1: KPmBwgqmUqqF4Ai9Ji97wfhWw1g.crl (hash: +T/hB3z8tTEqEh4hK/12MGRmsy4k0QT/aKmULAFDJ18=) 2: rYNJq30hG9TfQKEAUAnbb-JlarU.roa (hash: bobhiWtsSX2sPVTtreNAJF6ae9i50YxHtcGAHPsK84U=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/352f9a-4fde-484a-b923-c87fbbd03e86/1/KPmBwgqmUqqF4Ai9Ji97wfhWw1g.crl rsync://rpki.ripe.net/repository/DEFAULT/11/352f9a-4fde-484a-b923-c87fbbd03e86/1/KPmBwgqmUqqF4Ai9Ji97wfhWw1g.mft rsync://rpki.ripe.net/repository/DEFAULT/KPmBwgqmUqqF4Ai9Ji97wfhWw1g.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 01:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:39:7d:b6:57:e4:eb:d8:5d:cf:10:f6:30:a8:59:de:9b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=28f981c20aa652aa85e008bd262f7bc1f856c358 Validity Not Before: Dec 20 02:01:38 2025 GMT Not After : Dec 21 02:01:38 2025 GMT Subject: CN=b0510e3ee3c7b2780de84aaf0719ce895162d189 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:81:42:ac:a1:30:96:91:60:08:8f:98:f3:db: c0:42:be:1d:09:c0:c4:04:2d:f2:a6:03:b0:d0:06: 07:67:ac:f4:c3:6e:a1:32:0f:46:5f:76:5c:bd:8e: 35:d5:c7:8f:8a:66:c3:1f:8a:fe:ec:19:d6:c0:ae: 90:19:de:35:98:97:c2:b8:fd:96:1f:81:73:5f:51: ed:76:9b:1f:bf:7c:58:6b:d1:2d:49:de:70:6d:bc: 06:61:8e:63:3d:0b:b4:93:e7:66:3a:4f:69:00:ed: 38:6e:8a:3a:58:c5:a5:93:19:3e:a9:e1:58:59:3d: c5:f0:89:61:92:2c:55:4d:49:fe:2e:05:e5:cc:d3: 4a:f2:0f:de:33:00:ea:23:73:d8:85:72:a3:6e:49: b2:2b:2d:c0:b1:a6:b0:af:0c:a3:0d:eb:7f:0e:2b: 36:66:88:97:f4:ac:1c:43:6d:5a:ab:ab:0e:57:8d: 47:7c:ce:1b:7c:8c:dc:27:0d:95:4a:c3:13:76:41: e5:7e:74:67:c1:5f:c4:49:73:d3:8e:ea:a9:1b:dc: 9f:89:ac:87:94:cb:19:ed:58:09:59:9c:24:fd:c9: e1:db:5d:bf:56:40:a8:a8:19:27:6b:91:07:4b:34: 06:85:57:b2:20:cb:ff:fd:a8:28:d7:17:9c:11:aa: 19:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B0:51:0E:3E:E3:C7:B2:78:0D:E8:4A:AF:07:19:CE:89:51:62:D1:89 X509v3 Authority Key Identifier: keyid:28:F9:81:C2:0A:A6:52:AA:85:E0:08:BD:26:2F:7B:C1:F8:56:C3:58 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KPmBwgqmUqqF4Ai9Ji97wfhWw1g.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/352f9a-4fde-484a-b923-c87fbbd03e86/1/KPmBwgqmUqqF4Ai9Ji97wfhWw1g.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/11/352f9a-4fde-484a-b923-c87fbbd03e86/1/KPmBwgqmUqqF4Ai9Ji97wfhWw1g.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption ac:fd:73:6e:be:3a:72:e9:43:64:48:02:60:7a:b2:cd:06:c7: 68:bf:df:b6:e5:50:c5:d2:00:7e:d4:ba:37:0e:25:c5:2a:6a: d7:26:22:5d:df:c3:35:14:92:4a:05:3a:06:8b:44:80:76:84: 69:ad:d3:ef:fd:a6:c2:ca:21:96:6f:1a:d9:43:c7:07:8b:bb: 74:af:04:3b:3b:92:a2:f9:6d:1e:f1:7d:83:68:80:9e:b6:ed: 42:8c:64:d4:78:84:84:71:72:4a:d3:05:e7:cf:52:f9:c3:eb: 3a:72:80:0d:00:bd:46:5f:ab:38:13:87:a8:e3:83:73:85:5d: 3e:17:37:62:44:00:18:c0:64:2a:38:8f:19:03:ca:24:bb:bc: 0f:0d:c3:42:2a:f4:a9:6a:7e:b6:75:d8:b9:27:94:80:da:ed: 14:a3:34:29:71:55:70:d9:52:0b:17:c5:99:cd:fa:d9:04:85: b5:e1:a7:33:54:10:b0:16:c2:43:20:85:47:c9:b0:bc:1b:30: 68:51:52:0d:1b:8c:f0:32:7c:2a:7b:fb:de:dd:5b:df:68:0c: 08:41:ac:46:b1:c4:29:f8:22:3b:ed:0e:ec:3b:80:86:09:e1: 86:52:de:20:ad:4c:da:53:db:27:1a:98:0c:a2:c5:94:02:2e: e5:1e:85:e7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs5fbZX5OvYXc8Q9jCoWd6bMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI4Zjk4MWMyMGFhNjUyYWE4NWUwMDhiZDI2MmY3YmMxZjg1 NmMzNTgwHhcNMjUxMjIwMDIwMTM4WhcNMjUxMjIxMDIwMTM4WjAzMTEwLwYDVQQD EyhiMDUxMGUzZWUzYzdiMjc4MGRlODRhYWYwNzE5Y2U4OTUxNjJkMTg5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqoFCrKEwlpFgCI+Y89vAQr4dCcDE BC3ypgOw0AYHZ6z0w26hMg9GX3ZcvY411cePimbDH4r+7BnWwK6QGd41mJfCuP2W H4FzX1Htdpsfv3xYa9EtSd5wbbwGYY5jPQu0k+dmOk9pAO04boo6WMWlkxk+qeFY WT3F8IlhkixVTUn+LgXlzNNK8g/eMwDqI3PYhXKjbkmyKy3AsaawrwyjDet/Dis2 ZoiX9KwcQ21aq6sOV41HfM4bfIzcJw2VSsMTdkHlfnRnwV/ESXPTjuqpG9yfiayH lMsZ7VgJWZwk/cnh212/VkCoqBkna5EHSzQGhVeyIMv//ago1xecEaoZSQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLBRDj7jx7J4DehKrwcZzolRYtGJMB8GA1UdIwQY MBaAFCj5gcIKplKqheAIvSYve8H4VsNYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS1BtQndncW1VcXFGNEFpOUppOTd3ZmhXdzFnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS8zNTJmOWEtNGZkZS00ODRhLWI5MjMt Yzg3ZmJiZDAzZTg2LzEvS1BtQndncW1VcXFGNEFpOUppOTd3ZmhXdzFnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xMS8zNTJmOWEtNGZkZS00ODRhLWI5MjMtYzg3ZmJiZDAzZTg2 LzEvS1BtQndncW1VcXFGNEFpOUppOTd3ZmhXdzFnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArP1zbr46 culDZEgCYHqyzQbHaL/ftuVQxdIAftS6Nw4lxSpq1yYiXd/DNRSSSgU6BotEgHaE aa3T7/2mwsohlm8a2UPHB4u7dK8EOzuSovltHvF9g2iAnrbtQoxk1HiEhHFyStMF 589S+cPrOnKADQC9Rl+rOBOHqOODc4VdPhc3YkQAGMBkKjiPGQPKJLu8Dw3DQir0 qWp+tnXYuSeUgNrtFKM0KXFVcNlSCxfFmc362QSFteGnM1QQsBbCQyCFR8mwvBsw aFFSDRuM8DJ8Knv73t1b32gMCEGsRrHEKfgiO+0O7DuAhgnhhlLeIK1M2lPbJxqY DKLFlAIu5R6F5w== -----END CERTIFICATE-----Generated at Sat Dec 20 10:47:22 2025 by rpki-client