This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/3d6b1a-6d61-44b8-8cbb-23608f6ae2ea/1/khxP2jZ8U4OxXCpxQ61LEMlVzqA.mft File: khxP2jZ8U4OxXCpxQ61LEMlVzqA.mft (raw, json) Hash identifier: l8R1SFjOsVM3MAI58cXcZJj2bgyzeELtoZ8lzcc0E9g= Subject key identifier: 7C:C6:BB:51:05:AD:68:C9:6C:24:65:A5:92:09:FD:16:9C:21:F5:D8 Authority key identifier: 92:1C:4F:DA:36:7C:53:83:B1:5C:2A:71:43:AD:4B:10:C9:55:CE:A0 Certificate issuer: /CN=921c4fda367c5383b15c2a7143ad4b10c955cea0 Certificate serial: 019B3946B5059262EB14811A2C73026DFF34 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/khxP2jZ8U4OxXCpxQ61LEMlVzqA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/3d6b1a-6d61-44b8-8cbb-23608f6ae2ea/1/khxP2jZ8U4OxXCpxQ61LEMlVzqA.mft Manifest number: 1499 Signing time: Sat 20 Dec 2025 01:01:33 +0000 Manifest this update: Sat 20 Dec 2025 01:01:33 +0000 Manifest next update: Sun 21 Dec 2025 01:01:33 +0000 Files and hashes: 1: K_0VKEBHZ8AzTGdtRKig6YmReAg.roa (hash: V6KL9KuDWKfGzsEoPpZURMCt8ttu62n0nd3Y+gExuwA=) 2: khxP2jZ8U4OxXCpxQ61LEMlVzqA.crl (hash: Jvj/CYk3P1X0DkSoQF/aSp7NxyjxouxCchpUaVh1Zdc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/3d6b1a-6d61-44b8-8cbb-23608f6ae2ea/1/khxP2jZ8U4OxXCpxQ61LEMlVzqA.crl rsync://rpki.ripe.net/repository/DEFAULT/19/3d6b1a-6d61-44b8-8cbb-23608f6ae2ea/1/khxP2jZ8U4OxXCpxQ61LEMlVzqA.mft rsync://rpki.ripe.net/repository/DEFAULT/khxP2jZ8U4OxXCpxQ61LEMlVzqA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 01:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:39:46:b5:05:92:62:eb:14:81:1a:2c:73:02:6d:ff:34 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=921c4fda367c5383b15c2a7143ad4b10c955cea0 Validity Not Before: Dec 20 01:01:33 2025 GMT Not After : Dec 21 01:01:33 2025 GMT Subject: CN=7cc6bb5105ad68c96c2465a59209fd169c21f5d8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:0a:d8:fe:94:14:f3:3d:d1:f2:9e:07:69:da: 63:c5:29:69:9d:b0:5f:65:b9:42:8e:bc:5a:f6:25: 49:55:b4:be:df:48:9c:be:5d:e5:87:63:54:66:5b: 90:ec:51:0a:88:37:d9:26:18:41:05:71:d9:92:ad: ca:20:aa:01:19:ef:2d:83:b3:24:73:87:28:d8:49: a9:ce:9b:d1:96:4b:58:4b:12:cd:2a:5b:f0:84:eb: 3e:03:a6:c3:f1:6e:9c:36:16:d8:e0:d0:bc:95:57: a3:53:25:21:3a:43:a5:7e:d4:9f:ef:8c:4f:50:73: 43:11:78:3d:5d:b8:fe:75:bb:7a:60:61:1a:bf:7a: 94:48:ba:5c:24:44:a3:68:76:5b:a9:35:ac:9c:a6: 1d:76:1f:e7:e1:fc:3c:6b:73:1c:f2:41:b7:a0:02: bb:48:09:a7:26:b5:9d:b1:a0:e6:e0:d9:c7:ea:0b: e7:ec:7e:56:74:16:67:db:f1:96:83:6d:5d:ff:cd: b7:b8:aa:66:07:ef:11:7b:93:63:13:48:e4:61:fe: 38:54:a4:3c:5a:62:bc:20:18:2d:f1:1b:f2:fa:16: a6:ac:d4:2b:85:94:1a:b4:9b:ad:97:50:ca:2b:99: c5:1c:eb:ef:33:d0:83:a7:45:b3:53:4f:c9:50:d7: 20:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7C:C6:BB:51:05:AD:68:C9:6C:24:65:A5:92:09:FD:16:9C:21:F5:D8 X509v3 Authority Key Identifier: keyid:92:1C:4F:DA:36:7C:53:83:B1:5C:2A:71:43:AD:4B:10:C9:55:CE:A0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/khxP2jZ8U4OxXCpxQ61LEMlVzqA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/3d6b1a-6d61-44b8-8cbb-23608f6ae2ea/1/khxP2jZ8U4OxXCpxQ61LEMlVzqA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/19/3d6b1a-6d61-44b8-8cbb-23608f6ae2ea/1/khxP2jZ8U4OxXCpxQ61LEMlVzqA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6d:4b:43:27:1e:02:c3:b5:6a:44:38:a4:45:a7:36:ad:bc:b5: 3a:cd:9b:d3:ae:42:09:7f:8c:eb:80:04:2b:5f:ff:76:9c:5f: c2:49:a6:03:cf:f4:4b:ed:4e:6a:f4:68:45:2f:14:23:b9:83: b7:33:d4:5d:3f:fe:33:51:f0:22:cc:15:ca:88:72:a8:6d:11: 13:27:ad:3f:b5:4d:66:64:93:8e:bc:84:aa:d2:25:8a:90:fe: 9f:64:54:b9:8c:0a:3f:1e:6a:df:04:1b:fd:1c:fb:10:6c:b0: 6c:22:91:5d:68:6b:7a:11:7a:21:c1:be:74:86:70:68:11:bf: 2f:af:b9:fe:a5:ef:c8:44:3d:ee:c6:40:09:cc:4e:9b:d4:a2: b1:d4:b8:93:04:3a:a8:8f:18:78:90:74:e4:0b:58:c7:03:30: d5:23:18:82:5d:6c:13:48:c2:25:4a:95:de:96:84:49:8b:44: 7c:e6:ed:1e:87:95:74:2d:cd:9c:32:96:4d:6d:57:11:eb:ed: 7b:90:81:da:b1:6e:b0:28:1f:80:33:f1:57:c2:fb:7f:3a:91: 60:8f:4c:04:9a:01:43:fa:e5:99:57:77:38:0c:e2:15:bc:f1: 62:d6:af:48:4e:a1:eb:30:32:53:5f:62:e8:89:2e:ec:8d:6d: df:38:da:9b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs5RrUFkmLrFIEaLHMCbf80MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkyMWM0ZmRhMzY3YzUzODNiMTVjMmE3MTQzYWQ0YjEwYzk1 NWNlYTAwHhcNMjUxMjIwMDEwMTMzWhcNMjUxMjIxMDEwMTMzWjAzMTEwLwYDVQQD Eyg3Y2M2YmI1MTA1YWQ2OGM5NmMyNDY1YTU5MjA5ZmQxNjljMjFmNWQ4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoArY/pQU8z3R8p4HadpjxSlpnbBf ZblCjrxa9iVJVbS+30icvl3lh2NUZluQ7FEKiDfZJhhBBXHZkq3KIKoBGe8tg7Mk c4co2EmpzpvRlktYSxLNKlvwhOs+A6bD8W6cNhbY4NC8lVejUyUhOkOlftSf74xP UHNDEXg9Xbj+dbt6YGEav3qUSLpcJESjaHZbqTWsnKYddh/n4fw8a3Mc8kG3oAK7 SAmnJrWdsaDm4NnH6gvn7H5WdBZn2/GWg21d/823uKpmB+8Re5NjE0jkYf44VKQ8 WmK8IBgt8Rvy+hamrNQrhZQatJutl1DKK5nFHOvvM9CDp0WzU0/JUNcgpQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHzGu1EFrWjJbCRlpZIJ/RacIfXYMB8GA1UdIwQY MBaAFJIcT9o2fFODsVwqcUOtSxDJVc6gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva2h4UDJqWjhVNE94WENweFE2MUxFTWxWenFBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8zZDZiMWEtNmQ2MS00NGI4LThjYmIt MjM2MDhmNmFlMmVhLzEva2h4UDJqWjhVNE94WENweFE2MUxFTWxWenFBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xOS8zZDZiMWEtNmQ2MS00NGI4LThjYmItMjM2MDhmNmFlMmVh LzEva2h4UDJqWjhVNE94WENweFE2MUxFTWxWenFBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbUtDJx4C w7VqRDikRac2rby1Os2b065CCX+M64AEK1//dpxfwkmmA8/0S+1OavRoRS8UI7mD tzPUXT/+M1HwIswVyohyqG0REyetP7VNZmSTjryEqtIlipD+n2RUuYwKPx5q3wQb /Rz7EGywbCKRXWhrehF6IcG+dIZwaBG/L6+5/qXvyEQ97sZACcxOm9SisdS4kwQ6 qI8YeJB05AtYxwMw1SMYgl1sE0jCJUqV3paESYtEfObtHoeVdC3NnDKWTW1XEevt e5CB2rFusCgfgDPxV8L7fzqRYI9MBJoBQ/rlmVd3OAziFbzxYtavSE6h6zAyU19i 6Iku7I1t3zjamw== -----END CERTIFICATE-----Generated at Sat Dec 20 10:47:17 2025 by rpki-client