This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/8300f8-9ece-47cd-837d-f1990b0c705a/1/ckgd2Q0QC9W8I8BLEMCoQxzJpbU.mft File: ckgd2Q0QC9W8I8BLEMCoQxzJpbU.mft (raw, json) Hash identifier: Y6Sza8ivI8TawFneavyctmykTuxCOxh9/SKiiT6ZFk8= Subject key identifier: 99:34:38:92:AC:40:E2:FD:1B:53:D0:54:83:49:CC:B7:72:8E:55:ED Authority key identifier: 72:48:1D:D9:0D:10:0B:D5:BC:23:C0:4B:10:C0:A8:43:1C:C9:A5:B5 Certificate issuer: /CN=72481dd90d100bd5bc23c04b10c0a8431cc9a5b5 Certificate serial: 019B2475A730C124E1E4CF3F27E99307C69C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ckgd2Q0QC9W8I8BLEMCoQxzJpbU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/8300f8-9ece-47cd-837d-f1990b0c705a/1/ckgd2Q0QC9W8I8BLEMCoQxzJpbU.mft Manifest number: 16BF Signing time: Tue 16 Dec 2025 00:00:48 +0000 Manifest this update: Tue 16 Dec 2025 00:00:48 +0000 Manifest next update: Wed 17 Dec 2025 00:00:48 +0000 Files and hashes: 1: ckgd2Q0QC9W8I8BLEMCoQxzJpbU.crl (hash: ikXsY5CEiUvXp/AsNd8nv38kNrHag0viWm3mkcrC6lI=) 2: hML-Tag6b9qlpG18VlhLUkClkKg.roa (hash: LEX7BjdOFqa/vQo+qGyu7UsdS3xFcEis6fY7DeQDRek=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/8300f8-9ece-47cd-837d-f1990b0c705a/1/ckgd2Q0QC9W8I8BLEMCoQxzJpbU.crl rsync://rpki.ripe.net/repository/DEFAULT/28/8300f8-9ece-47cd-837d-f1990b0c705a/1/ckgd2Q0QC9W8I8BLEMCoQxzJpbU.mft rsync://rpki.ripe.net/repository/DEFAULT/ckgd2Q0QC9W8I8BLEMCoQxzJpbU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 17 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:24:75:a7:30:c1:24:e1:e4:cf:3f:27:e9:93:07:c6:9c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=72481dd90d100bd5bc23c04b10c0a8431cc9a5b5 Validity Not Before: Dec 16 00:00:48 2025 GMT Not After : Dec 17 00:00:48 2025 GMT Subject: CN=99343892ac40e2fd1b53d0548349ccb7728e55ed Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:ee:24:de:c6:38:14:14:28:84:b9:ab:f5:f7: f2:cd:4f:17:84:ce:13:f8:9d:8a:a0:c7:f9:58:fd: fd:17:9e:ad:36:80:11:97:e0:ca:85:94:55:05:f5: ac:62:6f:a2:72:36:fc:2b:b6:5b:4f:5c:f5:bd:16: 51:5b:22:ea:ce:c5:dd:53:a2:07:6e:88:d8:5b:b4: 7a:79:48:69:0f:ef:1b:24:78:61:99:78:64:22:de: a5:49:87:0f:c0:18:fc:f6:ab:92:29:4c:af:50:4a: 54:54:1a:6c:ec:38:d5:02:16:bd:d7:9d:cd:39:6b: 71:84:75:0f:0a:0d:50:a3:ce:cc:57:9b:a9:4c:67: cf:9b:e8:73:06:b1:9b:e2:cb:4a:10:45:02:b3:24: 95:81:bd:4d:d9:53:ed:b1:09:47:c7:6c:f1:6b:b2: a5:7c:71:ce:ae:b1:1c:f6:22:c0:88:f1:e4:98:6d: 36:0a:74:1b:f1:22:04:46:04:80:c7:5f:b4:21:e0: f0:72:39:32:cb:8b:20:d0:32:3a:54:f1:0d:32:b5: d0:ff:e3:8c:c9:2e:c1:d1:eb:65:51:95:59:03:19: d0:bd:2c:64:5d:79:e9:cb:af:6e:87:95:bf:d8:01: a0:e2:8e:6a:ce:ef:0c:7c:c4:63:75:62:cd:88:86: 1e:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 99:34:38:92:AC:40:E2:FD:1B:53:D0:54:83:49:CC:B7:72:8E:55:ED X509v3 Authority Key Identifier: keyid:72:48:1D:D9:0D:10:0B:D5:BC:23:C0:4B:10:C0:A8:43:1C:C9:A5:B5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ckgd2Q0QC9W8I8BLEMCoQxzJpbU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/8300f8-9ece-47cd-837d-f1990b0c705a/1/ckgd2Q0QC9W8I8BLEMCoQxzJpbU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/28/8300f8-9ece-47cd-837d-f1990b0c705a/1/ckgd2Q0QC9W8I8BLEMCoQxzJpbU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 97:0b:21:aa:8a:d2:0a:e9:e2:53:01:15:4d:3e:d2:11:99:a4: 9f:91:95:1e:b6:28:4c:24:d0:f7:d6:c7:6e:c3:0e:18:ac:e7: 46:29:d0:54:4b:9a:0c:48:c4:f5:c7:8d:62:27:23:e1:0a:70: ea:53:36:11:ca:c7:68:e7:5f:7f:b6:1a:01:50:ba:d7:cf:92: 58:68:d3:a9:61:cf:fb:13:c0:01:cb:f2:69:f1:fa:a0:05:81: d4:34:3a:71:b3:cc:d7:01:a3:3e:dc:ba:14:8a:9d:e1:20:5f: 83:78:bf:18:02:98:13:65:22:64:73:52:7e:3b:31:2e:23:69: 04:82:7d:3f:a1:36:1a:66:a6:7b:ad:01:a9:6c:eb:b4:d9:55: 54:d2:64:67:72:b1:3e:86:c8:fc:14:59:f9:bb:48:b6:62:02: ba:de:3f:ea:84:91:75:da:31:dd:c2:40:fe:d8:e0:f6:b6:66: e3:e0:3a:08:86:1c:4a:75:84:6d:2b:37:28:43:a5:e6:b0:41: a7:0d:74:3f:d4:9e:83:93:4a:7c:fe:4c:13:a8:d2:5a:23:3e: e6:00:a1:96:24:9e:49:bd:4b:6a:61:a6:ef:19:2f:d5:c6:33: fe:16:c7:dd:4a:f4:93:40:a3:a7:9b:bb:ba:a6:0d:74:fa:d9: 1d:6c:78:fe -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZskdacwwSTh5M8/J+mTB8acMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDcyNDgxZGQ5MGQxMDBiZDViYzIzYzA0YjEwYzBhODQzMWNj OWE1YjUwHhcNMjUxMjE2MDAwMDQ4WhcNMjUxMjE3MDAwMDQ4WjAzMTEwLwYDVQQD Eyg5OTM0Mzg5MmFjNDBlMmZkMWI1M2QwNTQ4MzQ5Y2NiNzcyOGU1NWVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+4k3sY4FBQohLmr9ffyzU8XhM4T +J2KoMf5WP39F56tNoARl+DKhZRVBfWsYm+icjb8K7ZbT1z1vRZRWyLqzsXdU6IH bojYW7R6eUhpD+8bJHhhmXhkIt6lSYcPwBj89quSKUyvUEpUVBps7DjVAha9153N OWtxhHUPCg1Qo87MV5upTGfPm+hzBrGb4stKEEUCsySVgb1N2VPtsQlHx2zxa7Kl fHHOrrEc9iLAiPHkmG02CnQb8SIERgSAx1+0IeDwcjkyy4sg0DI6VPENMrXQ/+OM yS7B0etlUZVZAxnQvSxkXXnpy69uh5W/2AGg4o5qzu8MfMRjdWLNiIYelwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJk0OJKsQOL9G1PQVINJzLdyjlXtMB8GA1UdIwQY MBaAFHJIHdkNEAvVvCPASxDAqEMcyaW1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY2tnZDJRMFFDOVc4SThCTEVNQ29ReHpKcGJVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC84MzAwZjgtOWVjZS00N2NkLTgzN2Qt ZjE5OTBiMGM3MDVhLzEvY2tnZDJRMFFDOVc4SThCTEVNQ29ReHpKcGJVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yOC84MzAwZjgtOWVjZS00N2NkLTgzN2QtZjE5OTBiMGM3MDVh LzEvY2tnZDJRMFFDOVc4SThCTEVNQ29ReHpKcGJVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlwshqorS CuniUwEVTT7SEZmkn5GVHrYoTCTQ99bHbsMOGKznRinQVEuaDEjE9ceNYicj4Qpw 6lM2EcrHaOdff7YaAVC618+SWGjTqWHP+xPAAcvyafH6oAWB1DQ6cbPM1wGjPty6 FIqd4SBfg3i/GAKYE2UiZHNSfjsxLiNpBIJ9P6E2Gmame60BqWzrtNlVVNJkZ3Kx PobI/BRZ+btItmICut4/6oSRddox3cJA/tjg9rZm4+A6CIYcSnWEbSs3KEOl5rBB pw10P9Seg5NKfP5ME6jSWiM+5gChliSeSb1LamGm7xkv1cYz/hbH3Ur0k0Cjp5u7 uqYNdPrZHWx4/g== -----END CERTIFICATE-----Generated at Tue Dec 16 09:02:45 2025 by rpki-client