This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/869f62-7a2e-4175-9202-b2a2b8b847b9/1/kHpcTqRTtGyByxNtkrkwmxRsPkU.mft File: kHpcTqRTtGyByxNtkrkwmxRsPkU.mft (raw, json) Hash identifier: I0daEVVE7O4bsxgBkR9AGJTFKf+gCXwggPodqLo1QT8= Subject key identifier: 2C:13:09:DA:7A:D3:D1:87:6B:F7:E6:BE:57:D4:81:08:5D:5B:B6:55 Authority key identifier: 90:7A:5C:4E:A4:53:B4:6C:81:CB:13:6D:92:B9:30:9B:14:6C:3E:45 Certificate issuer: /CN=907a5c4ea453b46c81cb136d92b9309b146c3e45 Certificate serial: 019B59774AE0B3A3748B5DAD7E9481B7AB95 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kHpcTqRTtGyByxNtkrkwmxRsPkU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/869f62-7a2e-4175-9202-b2a2b8b847b9/1/kHpcTqRTtGyByxNtkrkwmxRsPkU.mft Manifest number: 0AA2 Signing time: Fri 26 Dec 2025 07:02:28 +0000 Manifest this update: Fri 26 Dec 2025 07:02:28 +0000 Manifest next update: Sat 27 Dec 2025 07:02:28 +0000 Files and hashes: 1: kHpcTqRTtGyByxNtkrkwmxRsPkU.crl (hash: vIwFr/s82iNur1eU5FR0May1H20zZrMy5IXjTBVYdCw=) 2: y00kCOm4x0sTFaBDOqD5L5fES6Y.roa (hash: G4M+BrvsrjKhmQGsYy0izNdpM9hsyiGzIDC7Si8ke98=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/869f62-7a2e-4175-9202-b2a2b8b847b9/1/kHpcTqRTtGyByxNtkrkwmxRsPkU.crl rsync://rpki.ripe.net/repository/DEFAULT/1a/869f62-7a2e-4175-9202-b2a2b8b847b9/1/kHpcTqRTtGyByxNtkrkwmxRsPkU.mft rsync://rpki.ripe.net/repository/DEFAULT/kHpcTqRTtGyByxNtkrkwmxRsPkU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:77:4a:e0:b3:a3:74:8b:5d:ad:7e:94:81:b7:ab:95 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=907a5c4ea453b46c81cb136d92b9309b146c3e45 Validity Not Before: Dec 26 07:02:28 2025 GMT Not After : Dec 27 07:02:28 2025 GMT Subject: CN=2c1309da7ad3d1876bf7e6be57d481085d5bb655 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:8c:70:48:ca:38:61:01:2b:32:6b:84:36:54: a8:1f:fe:6c:42:64:3d:52:66:9b:38:36:57:4f:ca: 28:df:ed:43:88:27:a4:f2:b4:15:a2:37:c0:d6:df: 4c:3d:fb:b9:0f:98:d9:0e:33:8e:62:4c:d8:11:d7: f4:36:cf:9f:24:4a:e2:3a:f3:9b:28:5c:30:bb:0f: 84:64:c0:cd:95:dc:29:59:ed:73:72:13:92:fb:70: 19:4e:fa:0e:58:10:06:48:e4:b2:20:87:81:40:2d: 71:bd:9f:1f:82:91:44:ba:4d:60:c8:68:a6:07:91: 61:6c:9f:6c:89:96:f8:26:f3:62:34:78:d5:b2:7e: e0:76:f4:3e:fb:fc:aa:f4:51:5d:6f:97:8d:2f:d9: e6:04:c1:2d:ca:8b:17:87:3c:e9:49:d0:67:50:ab: 03:53:bc:e5:3b:ab:a3:77:c6:a1:e9:b1:ae:6d:60: 71:4b:e3:11:2f:23:b5:f9:a1:43:7e:f9:94:37:c3: 86:5f:8a:8f:63:49:de:4c:45:0c:12:a3:10:a5:f0: 88:50:30:ee:89:5f:fc:fd:08:ed:61:1a:0f:c4:8d: a0:64:fb:74:92:f4:b3:23:60:25:49:ca:9b:dc:23: d7:7c:dd:6d:08:1a:87:37:ae:d0:57:04:3b:af:33: df:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2C:13:09:DA:7A:D3:D1:87:6B:F7:E6:BE:57:D4:81:08:5D:5B:B6:55 X509v3 Authority Key Identifier: keyid:90:7A:5C:4E:A4:53:B4:6C:81:CB:13:6D:92:B9:30:9B:14:6C:3E:45 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kHpcTqRTtGyByxNtkrkwmxRsPkU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/869f62-7a2e-4175-9202-b2a2b8b847b9/1/kHpcTqRTtGyByxNtkrkwmxRsPkU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/869f62-7a2e-4175-9202-b2a2b8b847b9/1/kHpcTqRTtGyByxNtkrkwmxRsPkU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 70:fd:1b:59:ce:4c:da:43:86:fd:b7:f8:16:dc:48:b3:f2:5a: ea:ad:ee:56:e1:97:9c:0d:93:83:ad:1a:6c:1e:76:23:b8:0e: 65:38:91:5a:c3:2f:8b:c7:97:89:87:75:fd:28:ba:74:10:0b: ba:e6:26:dd:73:44:5b:e9:c4:58:c6:76:3d:21:05:e3:7f:6f: 38:b7:4e:9a:6e:97:6a:2f:b0:22:e9:94:cd:9d:57:a3:0e:29: 9e:9b:52:ac:64:e8:c6:e8:19:28:66:31:93:9b:92:a3:14:d0: fe:47:3e:94:d4:39:62:41:e8:eb:3c:d3:f4:9d:7d:57:eb:f9: fb:18:84:47:a8:d0:6e:50:8b:7c:88:e0:6b:8a:06:d5:22:a7: 1a:ca:88:a3:5d:41:a5:30:35:8f:f5:75:42:11:cd:01:36:28: 68:9e:a1:10:fd:23:31:ff:84:ca:04:f2:6b:81:11:11:b1:2c: 32:97:0c:16:8e:e1:47:69:4f:65:75:61:4f:46:27:20:09:48: 98:52:92:e9:08:1f:0d:bd:0f:fe:6e:d7:9d:73:dd:d0:25:2a: 35:d8:c3:8f:df:29:3d:ec:c1:92:ff:ee:e9:d6:f4:e8:5d:95: ef:f2:78:f9:78:bc:3f:ba:39:8b:2c:4b:b3:f2:b7:41:d6:92: dd:e7:fb:f2 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZd0rgs6N0i12tfpSBt6uVMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkwN2E1YzRlYTQ1M2I0NmM4MWNiMTM2ZDkyYjkzMDliMTQ2 YzNlNDUwHhcNMjUxMjI2MDcwMjI4WhcNMjUxMjI3MDcwMjI4WjAzMTEwLwYDVQQD EygyYzEzMDlkYTdhZDNkMTg3NmJmN2U2YmU1N2Q0ODEwODVkNWJiNjU1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxIxwSMo4YQErMmuENlSoH/5sQmQ9 UmabODZXT8oo3+1DiCek8rQVojfA1t9MPfu5D5jZDjOOYkzYEdf0Ns+fJEriOvOb KFwwuw+EZMDNldwpWe1zchOS+3AZTvoOWBAGSOSyIIeBQC1xvZ8fgpFEuk1gyGim B5FhbJ9siZb4JvNiNHjVsn7gdvQ++/yq9FFdb5eNL9nmBMEtyosXhzzpSdBnUKsD U7zlO6ujd8ah6bGubWBxS+MRLyO1+aFDfvmUN8OGX4qPY0neTEUMEqMQpfCIUDDu iV/8/QjtYRoPxI2gZPt0kvSzI2AlScqb3CPXfN1tCBqHN67QVwQ7rzPfZwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCwTCdp609GHa/fmvlfUgQhdW7ZVMB8GA1UdIwQY MBaAFJB6XE6kU7RsgcsTbZK5MJsUbD5FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva0hwY1RxUlR0R3lCeXhOdGtya3dteFJzUGtVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS84NjlmNjItN2EyZS00MTc1LTkyMDIt YjJhMmI4Yjg0N2I5LzEva0hwY1RxUlR0R3lCeXhOdGtya3dteFJzUGtVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xYS84NjlmNjItN2EyZS00MTc1LTkyMDItYjJhMmI4Yjg0N2I5 LzEva0hwY1RxUlR0R3lCeXhOdGtya3dteFJzUGtVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcP0bWc5M 2kOG/bf4FtxIs/Ja6q3uVuGXnA2Tg60abB52I7gOZTiRWsMvi8eXiYd1/Si6dBAL uuYm3XNEW+nEWMZ2PSEF439vOLdOmm6Xai+wIumUzZ1Xow4pnptSrGToxugZKGYx k5uSoxTQ/kc+lNQ5YkHo6zzT9J19V+v5+xiER6jQblCLfIjga4oG1SKnGsqIo11B pTA1j/V1QhHNATYoaJ6hEP0jMf+EygTya4EREbEsMpcMFo7hR2lPZXVhT0YnIAlI mFKS6QgfDb0P/m7XnXPd0CUqNdjDj98pPezBkv/u6db06F2V7/J4+Xi8P7o5iyxL s/K3QdaS3ef78g== -----END CERTIFICATE-----Generated at Fri Dec 26 15:55:53 2025 by rpki-client