This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/e5dfa9-5196-48cd-9178-5a31f620b04a/1/KD3ro7EwXJpI03S6Rzab8fgn7gg.mft File: KD3ro7EwXJpI03S6Rzab8fgn7gg.mft (raw, json) Hash identifier: aMxvoWj6mV2q274YgjJCilAAfddodwhMA0B05rTMdZA= Subject key identifier: E6:38:F9:F0:B4:85:17:24:25:F5:86:30:8C:15:0B:43:B3:02:40:D9 Authority key identifier: 28:3D:EB:A3:B1:30:5C:9A:48:D3:74:BA:47:36:9B:F1:F8:27:EE:08 Certificate issuer: /CN=283deba3b1305c9a48d374ba47369bf1f827ee08 Certificate serial: 019B243F719336F8FE60A3647EAAC54B06A1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KD3ro7EwXJpI03S6Rzab8fgn7gg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/e5dfa9-5196-48cd-9178-5a31f620b04a/1/KD3ro7EwXJpI03S6Rzab8fgn7gg.mft Manifest number: 0AC9 Signing time: Mon 15 Dec 2025 23:01:36 +0000 Manifest this update: Mon 15 Dec 2025 23:01:36 +0000 Manifest next update: Tue 16 Dec 2025 23:01:36 +0000 Files and hashes: 1: KD3ro7EwXJpI03S6Rzab8fgn7gg.crl (hash: /ux7M9fkQ/MM1rYeP194za+H8B81mLc5601GF2uWB6w=) 2: hy1vd6FMybZThTm3SvjJ_hE7qn4.roa (hash: vLPWUWT2tszs2HUF2XNEiqkWjYMRC5uDHz+kbz1YJLg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/e5dfa9-5196-48cd-9178-5a31f620b04a/1/KD3ro7EwXJpI03S6Rzab8fgn7gg.crl rsync://rpki.ripe.net/repository/DEFAULT/1a/e5dfa9-5196-48cd-9178-5a31f620b04a/1/KD3ro7EwXJpI03S6Rzab8fgn7gg.mft rsync://rpki.ripe.net/repository/DEFAULT/KD3ro7EwXJpI03S6Rzab8fgn7gg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 23:01:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:24:3f:71:93:36:f8:fe:60:a3:64:7e:aa:c5:4b:06:a1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=283deba3b1305c9a48d374ba47369bf1f827ee08 Validity Not Before: Dec 15 23:01:36 2025 GMT Not After : Dec 16 23:01:36 2025 GMT Subject: CN=e638f9f0b485172425f586308c150b43b30240d9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:70:68:0a:62:30:87:94:5e:62:e1:37:50:c3: 16:f4:ce:e6:ec:9f:5c:d4:a1:35:93:41:12:ef:30: 58:28:d8:34:a2:3f:01:14:fd:a7:b6:2c:ea:ff:89: 06:c6:87:9b:b7:13:3f:d9:76:8f:f1:bf:30:e6:4f: 6d:35:40:40:f2:be:1e:ef:55:e2:ef:b2:0c:c4:85: 7c:23:1e:ae:e7:df:37:9b:37:1f:07:05:0d:5f:b5: 64:62:f1:a5:67:e4:49:48:90:20:4d:fe:48:67:07: 03:21:fd:a6:04:75:bd:7a:93:68:f4:12:94:bb:db: 31:bc:af:cf:c0:40:1f:9e:b0:96:9f:16:06:e8:12: ce:e6:7f:53:14:f0:82:bc:ab:dc:67:c4:0d:d9:5b: 95:9d:78:2d:6a:55:8e:9d:5a:d0:ef:40:51:5c:a4: 16:02:a5:f0:a1:26:c9:c3:56:33:c5:47:6b:2e:5b: e1:8e:6b:ee:3f:16:b4:77:10:a0:5e:bd:a6:c1:fb: 54:71:52:5a:23:33:68:ae:53:68:d5:dc:91:84:a6: 01:8a:ff:d2:54:d1:17:bc:01:bd:df:06:75:5f:32: 9b:59:9a:70:13:10:65:e9:92:c3:06:e4:a4:24:4a: 37:bf:89:d5:71:dd:75:3b:21:60:8f:10:1a:e8:e1: f1:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E6:38:F9:F0:B4:85:17:24:25:F5:86:30:8C:15:0B:43:B3:02:40:D9 X509v3 Authority Key Identifier: keyid:28:3D:EB:A3:B1:30:5C:9A:48:D3:74:BA:47:36:9B:F1:F8:27:EE:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KD3ro7EwXJpI03S6Rzab8fgn7gg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/e5dfa9-5196-48cd-9178-5a31f620b04a/1/KD3ro7EwXJpI03S6Rzab8fgn7gg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/e5dfa9-5196-48cd-9178-5a31f620b04a/1/KD3ro7EwXJpI03S6Rzab8fgn7gg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 45:f8:c7:1b:05:9d:82:17:76:79:8f:42:f2:d3:5c:45:68:9a: 1b:8e:9f:a0:15:33:ca:eb:a0:b7:00:58:4a:ae:62:b5:8b:dd: 31:6c:8e:40:c4:16:82:9c:a1:a8:db:e8:59:10:a1:f3:84:66: 9e:25:c7:3d:71:25:5b:49:c9:f9:c2:57:d8:3e:36:ff:64:9c: 73:66:c2:97:9c:f4:b6:0e:79:fe:9a:3c:a8:59:6d:72:c0:58: 29:17:ee:a1:c4:03:8a:ba:b2:d9:2e:63:4a:e9:fd:c5:71:24: 9e:e6:ec:35:f5:6e:d6:a3:85:13:8e:e3:e6:3b:4c:93:05:0c: a8:09:b3:ca:54:4f:23:03:a4:ca:da:98:13:56:68:2b:7f:9c: 79:88:73:a7:8d:d3:eb:2e:03:ee:85:bf:18:a9:fe:b2:b8:4f: 6d:18:e2:09:ba:21:6e:3b:2e:e5:d1:20:e6:94:d5:f1:0f:67: 3e:08:de:91:53:97:6f:c0:ea:f3:82:d0:04:a4:46:91:5e:4c: 48:16:d9:07:2d:20:6d:bf:66:75:c0:59:4c:b0:c2:f8:1a:4f: 7d:77:b1:a9:29:99:42:ad:e9:ae:6e:66:df:0b:33:10:ad:43: 74:3a:27:2a:bf:aa:9a:e6:16:e3:58:44:c5:3e:88:91:a6:d3: 23:66:c9:b8 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZskP3GTNvj+YKNkfqrFSwahMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI4M2RlYmEzYjEzMDVjOWE0OGQzNzRiYTQ3MzY5YmYxZjgy N2VlMDgwHhcNMjUxMjE1MjMwMTM2WhcNMjUxMjE2MjMwMTM2WjAzMTEwLwYDVQQD EyhlNjM4ZjlmMGI0ODUxNzI0MjVmNTg2MzA4YzE1MGI0M2IzMDI0MGQ5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA43BoCmIwh5ReYuE3UMMW9M7m7J9c 1KE1k0ES7zBYKNg0oj8BFP2ntizq/4kGxoebtxM/2XaP8b8w5k9tNUBA8r4e71Xi 77IMxIV8Ix6u5983mzcfBwUNX7VkYvGlZ+RJSJAgTf5IZwcDIf2mBHW9epNo9BKU u9sxvK/PwEAfnrCWnxYG6BLO5n9TFPCCvKvcZ8QN2VuVnXgtalWOnVrQ70BRXKQW AqXwoSbJw1YzxUdrLlvhjmvuPxa0dxCgXr2mwftUcVJaIzNorlNo1dyRhKYBiv/S VNEXvAG93wZ1XzKbWZpwExBl6ZLDBuSkJEo3v4nVcd11OyFgjxAa6OHxYwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOY4+fC0hRckJfWGMIwVC0OzAkDZMB8GA1UdIwQY MBaAFCg966OxMFyaSNN0ukc2m/H4J+4IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS0Qzcm83RXdYSnBJMDNTNlJ6YWI4ZmduN2dnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS9lNWRmYTktNTE5Ni00OGNkLTkxNzgt NWEzMWY2MjBiMDRhLzEvS0Qzcm83RXdYSnBJMDNTNlJ6YWI4ZmduN2dnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xYS9lNWRmYTktNTE5Ni00OGNkLTkxNzgtNWEzMWY2MjBiMDRh LzEvS0Qzcm83RXdYSnBJMDNTNlJ6YWI4ZmduN2dnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARfjHGwWd ghd2eY9C8tNcRWiaG46foBUzyuugtwBYSq5itYvdMWyOQMQWgpyhqNvoWRCh84Rm niXHPXElW0nJ+cJX2D42/2Scc2bCl5z0tg55/po8qFltcsBYKRfuocQDirqy2S5j Sun9xXEknubsNfVu1qOFE47j5jtMkwUMqAmzylRPIwOkytqYE1ZoK3+ceYhzp43T 6y4D7oW/GKn+srhPbRjiCbohbjsu5dEg5pTV8Q9nPgjekVOXb8Dq84LQBKRGkV5M SBbZBy0gbb9mdcBZTLDC+BpPfXexqSmZQq3prm5m3wszEK1DdDonKr+qmuYW41hE xT6IkabTI2bJuA== -----END CERTIFICATE-----Generated at Tue Dec 16 06:20:04 2025 by rpki-client