This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/75c964-354e-46a3-b39e-ed82379cfa32/1/kbDB4HajRpZoEluN05XzBN-i55Q.mft File: kbDB4HajRpZoEluN05XzBN-i55Q.mft (raw, json) Hash identifier: Z0NiNvRk/f8CdkESaHJPKGBpUt/Aso+V5AUlf6czkUQ= Subject key identifier: 0A:AE:E8:45:D4:5E:84:35:C3:CF:F8:C6:EE:FE:A8:F8:65:26:8B:CF Authority key identifier: 91:B0:C1:E0:76:A3:46:96:68:12:5B:8D:D3:95:F3:04:DF:A2:E7:94 Certificate issuer: /CN=91b0c1e076a3469668125b8dd395f304dfa2e794 Certificate serial: 019B59773FEF8E064003E9266DA6F11E7CA2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kbDB4HajRpZoEluN05XzBN-i55Q.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/75c964-354e-46a3-b39e-ed82379cfa32/1/kbDB4HajRpZoEluN05XzBN-i55Q.mft Manifest number: 0193 Signing time: Fri 26 Dec 2025 07:02:25 +0000 Manifest this update: Fri 26 Dec 2025 07:02:25 +0000 Manifest next update: Sat 27 Dec 2025 07:02:25 +0000 Files and hashes: 1: kbDB4HajRpZoEluN05XzBN-i55Q.crl (hash: BjBVC/I3SiM0kLTO4csKNV6uaQxB1SiQ7xft1j2QlEI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1d/75c964-354e-46a3-b39e-ed82379cfa32/1/kbDB4HajRpZoEluN05XzBN-i55Q.crl rsync://rpki.ripe.net/repository/DEFAULT/1d/75c964-354e-46a3-b39e-ed82379cfa32/1/kbDB4HajRpZoEluN05XzBN-i55Q.mft rsync://rpki.ripe.net/repository/DEFAULT/kbDB4HajRpZoEluN05XzBN-i55Q.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:77:3f:ef:8e:06:40:03:e9:26:6d:a6:f1:1e:7c:a2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=91b0c1e076a3469668125b8dd395f304dfa2e794 Validity Not Before: Dec 26 07:02:25 2025 GMT Not After : Dec 27 07:02:25 2025 GMT Subject: CN=0aaee845d45e8435c3cff8c6eefea8f865268bcf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:44:c3:22:b0:37:d7:d8:d8:01:5d:d9:3a:16: cc:ae:3e:af:e1:52:1e:c8:cb:d9:ed:82:eb:6b:a4: a4:13:5f:35:2e:cf:53:3b:90:33:57:fc:8a:de:ee: 80:38:1a:4c:69:0c:76:95:4b:51:0e:2f:8f:c2:f6: 26:97:20:50:f9:87:d2:10:61:ca:5b:ef:99:42:f2: ef:db:36:4c:9a:88:0f:b9:b0:f5:38:1f:25:05:ee: c1:b0:78:96:5c:e0:cb:e9:cf:bf:19:35:98:b6:0f: 7e:b7:51:42:af:a6:3a:05:51:9a:05:11:8f:47:94: 00:f7:33:2d:19:55:e7:2d:fb:5e:86:f6:b7:27:5b: c7:b9:ff:1e:76:05:b0:41:6f:d1:61:26:2d:98:47: ec:2f:2d:19:e5:6b:d3:24:36:02:6f:bf:96:12:5b: fa:bd:28:fc:b7:7e:f3:00:f6:a9:12:43:94:19:ed: 79:ca:56:85:d6:34:95:3c:ce:1d:f9:06:2b:e5:29: 03:48:d6:6a:b0:fb:88:31:98:b5:6e:f8:99:40:99: 5a:16:19:7a:52:0a:6b:64:69:4d:07:2a:1f:be:cc: 5d:9c:57:37:6f:3a:e9:42:86:ee:0a:85:bd:47:e1: c6:4e:f7:96:02:5b:d3:b3:2b:32:14:43:64:57:69: 15:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:AE:E8:45:D4:5E:84:35:C3:CF:F8:C6:EE:FE:A8:F8:65:26:8B:CF X509v3 Authority Key Identifier: keyid:91:B0:C1:E0:76:A3:46:96:68:12:5B:8D:D3:95:F3:04:DF:A2:E7:94 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kbDB4HajRpZoEluN05XzBN-i55Q.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/75c964-354e-46a3-b39e-ed82379cfa32/1/kbDB4HajRpZoEluN05XzBN-i55Q.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/75c964-354e-46a3-b39e-ed82379cfa32/1/kbDB4HajRpZoEluN05XzBN-i55Q.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 81:e8:04:3c:05:de:da:d5:89:d0:37:27:61:6f:4e:e9:c2:ee: 3f:f6:72:82:b7:f5:7b:df:52:63:c9:0a:84:58:b8:ce:f2:58: 75:c1:bf:dd:e6:06:80:e1:1c:ce:a4:11:63:cf:8f:a8:82:71: a7:78:58:35:82:e9:04:0f:11:ab:cc:57:1b:6e:d8:c1:17:e1: e7:98:37:ef:a8:c7:02:cc:0d:82:f2:31:28:75:61:71:17:42: ce:53:a1:e4:83:30:ea:65:8c:a7:73:39:4a:04:3c:6d:1b:b6: 55:fd:85:92:a3:6a:50:18:ca:e2:19:2a:db:4c:29:da:90:e0: 35:a0:a2:f6:7b:92:65:bc:ea:8d:dc:72:af:d7:93:c9:8f:2e: 76:7b:b8:5b:d0:3d:d8:05:90:d2:6a:10:2f:9b:d3:95:64:f5: c3:01:04:53:60:23:af:be:46:8d:16:0f:fd:71:9a:84:62:f0: 08:a4:5c:27:64:51:39:d8:82:5c:9b:97:aa:61:13:c9:b8:b9: cb:30:d3:31:f6:3e:16:52:33:9e:33:9e:03:ab:16:3e:56:1f: 36:f5:d7:28:71:1f:3f:de:6d:e6:76:d2:78:4c:a6:85:2c:21: 78:22:db:13:59:9e:35:32:80:9d:4f:83:1d:00:ef:86:91:08: c4:d8:10:19 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZdz/vjgZAA+kmbabxHnyiMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkxYjBjMWUwNzZhMzQ2OTY2ODEyNWI4ZGQzOTVmMzA0ZGZh MmU3OTQwHhcNMjUxMjI2MDcwMjI1WhcNMjUxMjI3MDcwMjI1WjAzMTEwLwYDVQQD EygwYWFlZTg0NWQ0NWU4NDM1YzNjZmY4YzZlZWZlYThmODY1MjY4YmNmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApkTDIrA319jYAV3ZOhbMrj6v4VIe yMvZ7YLra6SkE181Ls9TO5AzV/yK3u6AOBpMaQx2lUtRDi+PwvYmlyBQ+YfSEGHK W++ZQvLv2zZMmogPubD1OB8lBe7BsHiWXODL6c+/GTWYtg9+t1FCr6Y6BVGaBRGP R5QA9zMtGVXnLftehva3J1vHuf8edgWwQW/RYSYtmEfsLy0Z5WvTJDYCb7+WElv6 vSj8t37zAPapEkOUGe15ylaF1jSVPM4d+QYr5SkDSNZqsPuIMZi1bviZQJlaFhl6 UgprZGlNByofvsxdnFc3bzrpQobuCoW9R+HGTveWAlvTsysyFENkV2kVFQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAqu6EXUXoQ1w8/4xu7+qPhlJovPMB8GA1UdIwQY MBaAFJGwweB2o0aWaBJbjdOV8wTfoueUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva2JEQjRIYWpScFpvRWx1TjA1WHpCTi1pNTVRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC83NWM5NjQtMzU0ZS00NmEzLWIzOWUt ZWQ4MjM3OWNmYTMyLzEva2JEQjRIYWpScFpvRWx1TjA1WHpCTi1pNTVRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xZC83NWM5NjQtMzU0ZS00NmEzLWIzOWUtZWQ4MjM3OWNmYTMy LzEva2JEQjRIYWpScFpvRWx1TjA1WHpCTi1pNTVRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgegEPAXe 2tWJ0DcnYW9O6cLuP/Zygrf1e99SY8kKhFi4zvJYdcG/3eYGgOEczqQRY8+PqIJx p3hYNYLpBA8Rq8xXG27YwRfh55g376jHAswNgvIxKHVhcRdCzlOh5IMw6mWMp3M5 SgQ8bRu2Vf2FkqNqUBjK4hkq20wp2pDgNaCi9nuSZbzqjdxyr9eTyY8udnu4W9A9 2AWQ0moQL5vTlWT1wwEEU2Ajr75GjRYP/XGahGLwCKRcJ2RROdiCXJuXqmETybi5 yzDTMfY+FlIznjOeA6sWPlYfNvXXKHEfP95t5nbSeEymhSwheCLbE1meNTKAnU+D HQDvhpEIxNgQGQ== -----END CERTIFICATE-----Generated at Fri Dec 26 14:18:24 2025 by rpki-client