This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/d3a55c-1f62-4779-86b9-61b50f6a6c02/1/KIQ9uW5PRZuH34wnkFfu1pu5uGI.mft File: KIQ9uW5PRZuH34wnkFfu1pu5uGI.mft (raw, json) Hash identifier: wYPbe/NlFNWHYzAWe/whlP2UHvUMaJsCRiSImNkU+bw= Subject key identifier: C8:CA:39:8E:EF:D8:1A:01:F5:34:27:A6:81:F4:8A:C0:C1:CB:DD:C8 Authority key identifier: 28:84:3D:B9:6E:4F:45:9B:87:DF:8C:27:90:57:EE:D6:9B:B9:B8:62 Certificate issuer: /CN=28843db96e4f459b87df8c279057eed69bb9b862 Certificate serial: 019B5ABFE46FD541ABFF91A769A6B81EEF58 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KIQ9uW5PRZuH34wnkFfu1pu5uGI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/d3a55c-1f62-4779-86b9-61b50f6a6c02/1/KIQ9uW5PRZuH34wnkFfu1pu5uGI.mft Manifest number: 1799 Signing time: Fri 26 Dec 2025 13:01:23 +0000 Manifest this update: Fri 26 Dec 2025 13:01:23 +0000 Manifest next update: Sat 27 Dec 2025 13:01:23 +0000 Files and hashes: 1: C5Gcuv2gc5uFwke_GvIiYxRqvf4.roa (hash: aAHqvnwWD8oItQ342R5b0KuB97GMKDOjFhJ8IpWVibI=) 2: KIQ9uW5PRZuH34wnkFfu1pu5uGI.crl (hash: zygMrHqE7/1Itcq0/CW76fol/oEHMQcm38jluCdSTXI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/18/d3a55c-1f62-4779-86b9-61b50f6a6c02/1/KIQ9uW5PRZuH34wnkFfu1pu5uGI.crl rsync://rpki.ripe.net/repository/DEFAULT/18/d3a55c-1f62-4779-86b9-61b50f6a6c02/1/KIQ9uW5PRZuH34wnkFfu1pu5uGI.mft rsync://rpki.ripe.net/repository/DEFAULT/KIQ9uW5PRZuH34wnkFfu1pu5uGI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:bf:e4:6f:d5:41:ab:ff:91:a7:69:a6:b8:1e:ef:58 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=28843db96e4f459b87df8c279057eed69bb9b862 Validity Not Before: Dec 26 13:01:23 2025 GMT Not After : Dec 27 13:01:23 2025 GMT Subject: CN=c8ca398eefd81a01f53427a681f48ac0c1cbddc8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:e2:98:4c:09:38:a9:a0:f4:24:29:1b:0e:f7: df:87:0d:95:a0:94:ee:49:54:ab:3e:32:e5:49:b6: fc:ec:54:25:58:6c:47:ff:79:02:e6:e7:7b:44:8c: 1e:ed:cb:fc:61:07:60:6f:6e:a0:4a:ac:cc:6d:53: 2c:8a:50:82:19:a0:3a:0c:09:13:94:52:75:fb:37: e4:82:35:bf:0e:71:51:35:fd:73:6c:e5:2a:34:26: 15:44:26:df:c7:14:09:05:c5:3b:bf:7a:39:68:e5: b4:f0:0a:03:93:1a:d3:ce:21:65:44:fd:ba:0e:22: 9d:c4:70:2a:e0:67:ea:26:08:47:f5:85:dd:39:41: 77:3c:f8:14:88:c4:7c:44:ba:58:4d:d0:e1:0b:30: 79:bd:6e:de:f1:63:6e:ef:7f:ea:bf:84:d7:0c:7e: a7:85:f0:60:c5:08:45:89:96:db:06:b3:f0:1c:29: db:90:6d:63:38:b0:85:e6:85:95:7b:a9:1b:eb:a7: db:1f:a7:ce:f7:2e:6f:ca:12:f6:e3:ad:f8:3b:15: 3f:e2:75:34:4d:7e:5a:d8:85:06:93:81:d0:0f:64: 57:64:fb:e2:8a:bc:37:3e:26:64:44:5c:bb:91:4b: 43:a3:97:9f:77:4b:9e:05:6d:33:37:6e:2e:dd:bd: 4f:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:CA:39:8E:EF:D8:1A:01:F5:34:27:A6:81:F4:8A:C0:C1:CB:DD:C8 X509v3 Authority Key Identifier: keyid:28:84:3D:B9:6E:4F:45:9B:87:DF:8C:27:90:57:EE:D6:9B:B9:B8:62 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KIQ9uW5PRZuH34wnkFfu1pu5uGI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/d3a55c-1f62-4779-86b9-61b50f6a6c02/1/KIQ9uW5PRZuH34wnkFfu1pu5uGI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/18/d3a55c-1f62-4779-86b9-61b50f6a6c02/1/KIQ9uW5PRZuH34wnkFfu1pu5uGI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1d:4d:42:78:8e:d8:70:e2:69:1e:ec:79:1e:55:91:b6:db:b5: fc:13:5e:3f:51:0c:7e:74:9e:11:bb:3c:c6:31:a7:28:0d:ee: b8:7c:ca:22:11:10:cb:d9:ca:aa:b7:d2:27:db:09:91:d8:54: 87:62:86:8c:14:3a:27:d2:6d:97:7c:e2:4a:f8:48:6e:d9:7d: 05:37:b1:23:ed:05:4f:18:22:17:ce:05:76:3f:6f:53:86:d1: 3d:99:a4:db:62:63:bf:f6:56:27:a3:0a:04:57:1a:00:11:27: 53:3b:d0:56:87:5a:a2:39:c0:d8:52:66:3a:32:a3:38:71:eb: 51:1b:42:a4:6c:75:5e:c6:5b:9e:0a:c0:84:b2:24:29:3d:fd: 1f:1d:fb:ad:1e:78:d1:df:a7:b8:04:ae:67:81:1f:f5:a5:a8: d4:40:f0:d3:cd:b2:a0:ad:67:b4:84:dd:20:c2:4a:b3:98:88: e7:66:1f:07:cd:71:a0:48:c6:f0:21:1f:bd:00:fd:fd:09:f9: 01:c7:2e:e8:37:63:92:f3:09:ff:34:56:35:3c:1d:df:2b:cd: 8d:64:d3:15:b0:7a:56:37:79:c1:c0:18:67:60:fd:1f:ef:34: 0f:56:7b:51:3d:96:15:d6:a3:0c:a5:ab:73:bd:9e:8b:92:5c: 53:b5:55:43 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtav+Rv1UGr/5Gnaaa4Hu9YMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI4ODQzZGI5NmU0ZjQ1OWI4N2RmOGMyNzkwNTdlZWQ2OWJi OWI4NjIwHhcNMjUxMjI2MTMwMTIzWhcNMjUxMjI3MTMwMTIzWjAzMTEwLwYDVQQD EyhjOGNhMzk4ZWVmZDgxYTAxZjUzNDI3YTY4MWY0OGFjMGMxY2JkZGM4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxeKYTAk4qaD0JCkbDvffhw2VoJTu SVSrPjLlSbb87FQlWGxH/3kC5ud7RIwe7cv8YQdgb26gSqzMbVMsilCCGaA6DAkT lFJ1+zfkgjW/DnFRNf1zbOUqNCYVRCbfxxQJBcU7v3o5aOW08AoDkxrTziFlRP26 DiKdxHAq4GfqJghH9YXdOUF3PPgUiMR8RLpYTdDhCzB5vW7e8WNu73/qv4TXDH6n hfBgxQhFiZbbBrPwHCnbkG1jOLCF5oWVe6kb66fbH6fO9y5vyhL24634OxU/4nU0 TX5a2IUGk4HQD2RXZPviirw3PiZkRFy7kUtDo5efd0ueBW0zN24u3b1PGQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMjKOY7v2BoB9TQnpoH0isDBy93IMB8GA1UdIwQY MBaAFCiEPbluT0Wbh9+MJ5BX7tabubhiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS0lROXVXNVBSWnVIMzR3bmtGZnUxcHU1dUdJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9kM2E1NWMtMWY2Mi00Nzc5LTg2Yjkt NjFiNTBmNmE2YzAyLzEvS0lROXVXNVBSWnVIMzR3bmtGZnUxcHU1dUdJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xOC9kM2E1NWMtMWY2Mi00Nzc5LTg2YjktNjFiNTBmNmE2YzAy LzEvS0lROXVXNVBSWnVIMzR3bmtGZnUxcHU1dUdJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHU1CeI7Y cOJpHux5HlWRttu1/BNeP1EMfnSeEbs8xjGnKA3uuHzKIhEQy9nKqrfSJ9sJkdhU h2KGjBQ6J9Jtl3ziSvhIbtl9BTexI+0FTxgiF84Fdj9vU4bRPZmk22Jjv/ZWJ6MK BFcaABEnUzvQVodaojnA2FJmOjKjOHHrURtCpGx1XsZbngrAhLIkKT39Hx37rR54 0d+nuASuZ4Ef9aWo1EDw082yoK1ntITdIMJKs5iI52YfB81xoEjG8CEfvQD9/Qn5 Accu6DdjkvMJ/zRWNTwd3yvNjWTTFbB6Vjd5wcAYZ2D9H+80D1Z7UT2WFdajDKWr c72ei5JcU7VVQw== -----END CERTIFICATE-----Generated at Fri Dec 26 16:03:28 2025 by rpki-client