This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/352f9a-4fde-484a-b923-c87fbbd03e86/1/KPmBwgqmUqqF4Ai9Ji97wfhWw1g.mft File: KPmBwgqmUqqF4Ai9Ji97wfhWw1g.mft (raw, json) Hash identifier: Uy913QFqXYU/wsn2yPEarzj2OQSpSn7r2sHnql9I+9k= Subject key identifier: F3:DA:CB:49:58:FA:EE:E1:EF:F6:3D:72:70:62:61:8C:B6:7B:71:81 Authority key identifier: 28:F9:81:C2:0A:A6:52:AA:85:E0:08:BD:26:2F:7B:C1:F8:56:C3:58 Certificate issuer: /CN=28f981c20aa652aa85e008bd262f7bc1f856c358 Certificate serial: 019B2251120C98E490C75E38506AEF391BB5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KPmBwgqmUqqF4Ai9Ji97wfhWw1g.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/352f9a-4fde-484a-b923-c87fbbd03e86/1/KPmBwgqmUqqF4Ai9Ji97wfhWw1g.mft Manifest number: 11C4 Signing time: Mon 15 Dec 2025 14:01:36 +0000 Manifest this update: Mon 15 Dec 2025 14:01:36 +0000 Manifest next update: Tue 16 Dec 2025 14:01:36 +0000 Files and hashes: 1: KPmBwgqmUqqF4Ai9Ji97wfhWw1g.crl (hash: qrPUQgJzDxbNwtMe5ADVCzqKCberrR4W3XpMx6jOo/o=) 2: rYNJq30hG9TfQKEAUAnbb-JlarU.roa (hash: bobhiWtsSX2sPVTtreNAJF6ae9i50YxHtcGAHPsK84U=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/352f9a-4fde-484a-b923-c87fbbd03e86/1/KPmBwgqmUqqF4Ai9Ji97wfhWw1g.crl rsync://rpki.ripe.net/repository/DEFAULT/11/352f9a-4fde-484a-b923-c87fbbd03e86/1/KPmBwgqmUqqF4Ai9Ji97wfhWw1g.mft rsync://rpki.ripe.net/repository/DEFAULT/KPmBwgqmUqqF4Ai9Ji97wfhWw1g.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 14:01:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:22:51:12:0c:98:e4:90:c7:5e:38:50:6a:ef:39:1b:b5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=28f981c20aa652aa85e008bd262f7bc1f856c358 Validity Not Before: Dec 15 14:01:36 2025 GMT Not After : Dec 16 14:01:36 2025 GMT Subject: CN=f3dacb4958faeee1eff63d727062618cb67b7181 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:25:6c:39:61:cd:45:84:ec:21:dd:14:76:96: 70:2f:f9:d3:29:25:96:c9:6d:ca:68:0e:74:67:ed: 24:a6:95:75:96:d1:c1:be:ab:0e:9a:0b:ee:62:da: 24:f0:f8:99:3e:63:e8:ee:18:1b:9a:ec:90:e1:20: ca:cc:18:08:a9:c2:9b:0d:e2:6b:fd:72:f3:df:d8: fb:a2:4c:ee:d1:44:e3:3a:3a:b8:1e:d1:b2:66:9b: f0:e1:ac:cf:0a:70:d0:57:4f:c9:5e:9d:3a:94:f0: eb:f7:9d:ee:82:51:91:11:32:5c:62:50:03:15:74: 14:8b:9b:a9:62:df:45:87:ef:90:a9:9e:e2:e7:eb: 38:68:82:e3:e4:de:e6:c4:9a:76:97:8f:f8:f7:77: 23:76:33:32:1e:6e:20:57:4b:af:4b:fc:e1:77:95: fe:1f:31:0c:45:ff:90:59:b4:91:9e:59:66:70:32: 17:ca:fe:b6:7a:1e:c4:a3:01:45:75:6c:b0:8c:51: 88:d5:eb:81:fd:99:b9:5e:d7:1f:f4:c5:a3:11:2c: b0:0f:bf:42:34:8e:e8:d8:bd:67:69:05:23:d1:00: 6a:ba:7a:d7:0b:a6:31:5c:1a:84:39:15:92:ae:4b: 8f:16:c6:a8:3e:99:3c:22:b2:ef:26:95:9d:6a:e6: b5:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F3:DA:CB:49:58:FA:EE:E1:EF:F6:3D:72:70:62:61:8C:B6:7B:71:81 X509v3 Authority Key Identifier: keyid:28:F9:81:C2:0A:A6:52:AA:85:E0:08:BD:26:2F:7B:C1:F8:56:C3:58 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KPmBwgqmUqqF4Ai9Ji97wfhWw1g.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/352f9a-4fde-484a-b923-c87fbbd03e86/1/KPmBwgqmUqqF4Ai9Ji97wfhWw1g.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/11/352f9a-4fde-484a-b923-c87fbbd03e86/1/KPmBwgqmUqqF4Ai9Ji97wfhWw1g.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8d:b9:60:1f:bc:3a:db:5b:27:aa:ae:77:db:48:43:5f:2c:a9: b8:5c:5c:80:40:bc:40:da:b9:84:2d:3b:cf:a8:5a:f6:97:43: 4e:40:79:59:11:af:ac:9e:b8:86:07:44:02:26:1f:14:66:88: 38:ff:62:73:3a:1c:de:bf:a4:65:41:b2:39:6c:95:c6:f5:08: 49:4f:9c:33:8c:fb:71:65:f8:92:b5:09:ba:58:10:f4:bc:ef: 34:86:71:69:6e:64:7c:0e:7a:be:a9:67:69:25:34:00:3d:c6: 0e:69:38:5a:cd:6e:c0:2a:74:28:03:07:ad:55:f7:92:08:e7: e5:6e:fa:2f:16:4d:7d:b6:89:79:d4:3f:09:3c:1c:6f:83:47: 70:1b:6d:68:24:c1:07:df:64:4d:f1:34:58:5d:dd:8e:cc:fe: d1:39:df:8f:01:2d:a1:61:d3:46:47:c1:4e:bf:6d:07:36:9e: 95:2e:37:8b:c6:a9:86:a2:fd:7b:32:07:e2:26:ba:46:b0:54: b8:b8:ff:4b:0c:21:ad:a2:99:9c:cb:aa:5d:1d:c2:f1:46:21: 43:5f:ac:c9:b5:21:af:5d:4d:1e:66:e2:11:cf:74:ba:5c:53: ed:3c:1f:01:bf:00:75:6e:f1:dd:fd:b5:59:17:bd:ba:af:33: f2:5e:4f:da -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsiURIMmOSQx144UGrvORu1MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI4Zjk4MWMyMGFhNjUyYWE4NWUwMDhiZDI2MmY3YmMxZjg1 NmMzNTgwHhcNMjUxMjE1MTQwMTM2WhcNMjUxMjE2MTQwMTM2WjAzMTEwLwYDVQQD EyhmM2RhY2I0OTU4ZmFlZWUxZWZmNjNkNzI3MDYyNjE4Y2I2N2I3MTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyiVsOWHNRYTsId0UdpZwL/nTKSWW yW3KaA50Z+0kppV1ltHBvqsOmgvuYtok8PiZPmPo7hgbmuyQ4SDKzBgIqcKbDeJr /XLz39j7okzu0UTjOjq4HtGyZpvw4azPCnDQV0/JXp06lPDr953uglGRETJcYlAD FXQUi5upYt9Fh++QqZ7i5+s4aILj5N7mxJp2l4/493cjdjMyHm4gV0uvS/zhd5X+ HzEMRf+QWbSRnllmcDIXyv62eh7EowFFdWywjFGI1euB/Zm5Xtcf9MWjESywD79C NI7o2L1naQUj0QBqunrXC6YxXBqEORWSrkuPFsaoPpk8IrLvJpWdaua1NQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPPay0lY+u7h7/Y9cnBiYYy2e3GBMB8GA1UdIwQY MBaAFCj5gcIKplKqheAIvSYve8H4VsNYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS1BtQndncW1VcXFGNEFpOUppOTd3ZmhXdzFnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS8zNTJmOWEtNGZkZS00ODRhLWI5MjMt Yzg3ZmJiZDAzZTg2LzEvS1BtQndncW1VcXFGNEFpOUppOTd3ZmhXdzFnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xMS8zNTJmOWEtNGZkZS00ODRhLWI5MjMtYzg3ZmJiZDAzZTg2 LzEvS1BtQndncW1VcXFGNEFpOUppOTd3ZmhXdzFnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjblgH7w6 21snqq5320hDXyypuFxcgEC8QNq5hC07z6ha9pdDTkB5WRGvrJ64hgdEAiYfFGaI OP9iczoc3r+kZUGyOWyVxvUISU+cM4z7cWX4krUJulgQ9LzvNIZxaW5kfA56vqln aSU0AD3GDmk4Ws1uwCp0KAMHrVX3kgjn5W76LxZNfbaJedQ/CTwcb4NHcBttaCTB B99kTfE0WF3djsz+0TnfjwEtoWHTRkfBTr9tBzaelS43i8aphqL9ezIH4ia6RrBU uLj/SwwhraKZnMuqXR3C8UYhQ1+sybUhr11NHmbiEc90ulxT7TwfAb8AdW7x3f21 WRe9uq8z8l5P2g== -----END CERTIFICATE-----Generated at Tue Dec 16 00:21:19 2025 by rpki-client