This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/af528c-ff41-4eef-8a93-42dd985cd7b0/1/K0nohKRB8Et_Xi7UdLWEfoMhK8s.mft File: K0nohKRB8Et_Xi7UdLWEfoMhK8s.mft (raw, json) Hash identifier: I2S3nTMgn9RWlc+KC6GZ0NQAYyf40AxgoK3DazRA69w= Subject key identifier: 95:26:6B:0A:7A:DF:59:AA:22:00:0B:75:83:D3:80:AE:25:52:ED:30 Authority key identifier: 2B:49:E8:84:A4:41:F0:4B:7F:5E:2E:D4:74:B5:84:7E:83:21:2B:CB Certificate issuer: /CN=2b49e884a441f04b7f5e2ed474b5847e83212bcb Certificate serial: 019B1F87081C263CD1A5B60C6ACDF89E1D67 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K0nohKRB8Et_Xi7UdLWEfoMhK8s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/af528c-ff41-4eef-8a93-42dd985cd7b0/1/K0nohKRB8Et_Xi7UdLWEfoMhK8s.mft Manifest number: 1774 Signing time: Mon 15 Dec 2025 01:01:41 +0000 Manifest this update: Mon 15 Dec 2025 01:01:41 +0000 Manifest next update: Tue 16 Dec 2025 01:01:41 +0000 Files and hashes: 1: K0nohKRB8Et_Xi7UdLWEfoMhK8s.crl (hash: fzZ5KIeK7wWlkNMnFk9Sr2FLSvji40MoGb/xPsRe+a4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/af528c-ff41-4eef-8a93-42dd985cd7b0/1/K0nohKRB8Et_Xi7UdLWEfoMhK8s.crl rsync://rpki.ripe.net/repository/DEFAULT/2c/af528c-ff41-4eef-8a93-42dd985cd7b0/1/K0nohKRB8Et_Xi7UdLWEfoMhK8s.mft rsync://rpki.ripe.net/repository/DEFAULT/K0nohKRB8Et_Xi7UdLWEfoMhK8s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 15 Dec 2025 23:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:1f:87:08:1c:26:3c:d1:a5:b6:0c:6a:cd:f8:9e:1d:67 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2b49e884a441f04b7f5e2ed474b5847e83212bcb Validity Not Before: Dec 15 01:01:41 2025 GMT Not After : Dec 16 01:01:41 2025 GMT Subject: CN=95266b0a7adf59aa22000b7583d380ae2552ed30 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:5e:9d:2f:e9:e0:27:00:d3:b9:8c:6d:d9:ef: 70:24:f0:f0:ab:d2:35:fb:85:8f:a0:67:50:b0:76: 83:9b:57:15:49:be:c4:f1:7f:cb:24:8f:8e:82:55: 67:6f:a0:10:b1:8e:f2:9e:ac:c4:2d:5e:0f:9f:b4: 4c:6a:67:69:f6:c3:9c:54:23:a8:e0:15:91:26:f3: 74:0f:c3:e7:41:41:45:21:c0:32:7b:f4:a9:06:5e: 59:01:37:a4:d4:38:11:a1:02:5b:a4:5c:6f:07:e8: 7d:d9:32:75:24:eb:74:57:e3:22:65:02:7a:dd:7d: 27:6c:4c:1c:55:91:83:bc:a0:b0:80:f1:ac:ec:78: c6:13:7c:3f:0a:8f:7d:e5:89:0f:14:36:1d:5f:b3: 2d:aa:06:e3:bd:7f:7a:c8:d2:76:e4:13:c5:5d:d1: f6:2e:bf:bd:08:84:68:0b:02:bc:d5:3e:de:e4:12: 39:f4:98:57:4b:3b:a8:6c:3d:c0:5a:31:9c:0b:10: e2:7a:9a:95:e5:3a:ea:98:af:38:3b:32:77:69:18: 6f:23:cf:b0:64:10:92:b8:b5:3b:dc:d2:6f:74:43: 5f:93:d7:aa:50:15:e1:c5:ef:9d:72:b5:e8:78:08: 60:4f:57:7a:fa:2f:44:e0:44:54:46:08:bb:92:ee: 17:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 95:26:6B:0A:7A:DF:59:AA:22:00:0B:75:83:D3:80:AE:25:52:ED:30 X509v3 Authority Key Identifier: keyid:2B:49:E8:84:A4:41:F0:4B:7F:5E:2E:D4:74:B5:84:7E:83:21:2B:CB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K0nohKRB8Et_Xi7UdLWEfoMhK8s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/af528c-ff41-4eef-8a93-42dd985cd7b0/1/K0nohKRB8Et_Xi7UdLWEfoMhK8s.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/af528c-ff41-4eef-8a93-42dd985cd7b0/1/K0nohKRB8Et_Xi7UdLWEfoMhK8s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a4:28:bb:f5:03:40:f3:9b:7a:39:80:96:3e:b4:f4:76:f0:bd: 1f:e1:f6:06:a3:e1:f4:62:e4:a5:4a:33:25:18:7e:62:92:9a: 7c:4f:fa:92:09:13:b5:ab:e5:16:ac:df:61:11:69:85:3d:88: f8:e0:12:2e:8e:22:22:12:19:66:5a:7b:d7:53:a2:5f:3d:8f: a7:7d:2c:ee:cb:2b:09:a9:07:f7:a1:d4:51:f8:81:8c:8d:5d: 1a:dc:d3:39:e5:99:ab:74:0c:20:5e:e5:75:31:00:48:64:1c: 83:fb:a3:84:6a:4b:1b:ee:a4:87:9e:92:56:19:fe:77:51:31: 16:e0:3d:5a:95:be:44:6a:a5:b2:19:92:aa:33:aa:e8:cd:0a: 23:7e:a8:63:f3:01:03:8f:f0:3f:bc:1d:91:38:a0:ee:27:e5: bb:6b:4a:d7:ba:7e:9b:fb:d8:21:e3:9e:57:72:4d:28:75:3c: 6a:b4:87:3a:af:f8:39:5f:e3:bd:94:5b:d2:b1:c6:7e:45:a6: e7:d6:d0:13:1d:ba:d6:74:ad:8a:f1:d3:dc:1c:20:75:d7:05: bc:04:ed:92:7c:c8:e5:a8:47:33:36:56:be:94:53:c4:6a:eb: 2a:22:1c:8b:e0:f2:1c:dd:02:92:05:3d:ee:ec:a4:d6:77:0d: bb:9e:2e:4c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsfhwgcJjzRpbYMas34nh1nMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJiNDllODg0YTQ0MWYwNGI3ZjVlMmVkNDc0YjU4NDdlODMy MTJiY2IwHhcNMjUxMjE1MDEwMTQxWhcNMjUxMjE2MDEwMTQxWjAzMTEwLwYDVQQD Eyg5NTI2NmIwYTdhZGY1OWFhMjIwMDBiNzU4M2QzODBhZTI1NTJlZDMwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApV6dL+ngJwDTuYxt2e9wJPDwq9I1 +4WPoGdQsHaDm1cVSb7E8X/LJI+OglVnb6AQsY7ynqzELV4Pn7RMamdp9sOcVCOo 4BWRJvN0D8PnQUFFIcAye/SpBl5ZATek1DgRoQJbpFxvB+h92TJ1JOt0V+MiZQJ6 3X0nbEwcVZGDvKCwgPGs7HjGE3w/Co995YkPFDYdX7MtqgbjvX96yNJ25BPFXdH2 Lr+9CIRoCwK81T7e5BI59JhXSzuobD3AWjGcCxDiepqV5TrqmK84OzJ3aRhvI8+w ZBCSuLU73NJvdENfk9eqUBXhxe+dcrXoeAhgT1d6+i9E4ERURgi7ku4XYwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJUmawp631mqIgALdYPTgK4lUu0wMB8GA1UdIwQY MBaAFCtJ6ISkQfBLf14u1HS1hH6DISvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSzBub2hLUkI4RXRfWGk3VWRMV0Vmb01oSzhzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9hZjUyOGMtZmY0MS00ZWVmLThhOTMt NDJkZDk4NWNkN2IwLzEvSzBub2hLUkI4RXRfWGk3VWRMV0Vmb01oSzhzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYy9hZjUyOGMtZmY0MS00ZWVmLThhOTMtNDJkZDk4NWNkN2Iw LzEvSzBub2hLUkI4RXRfWGk3VWRMV0Vmb01oSzhzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApCi79QNA 85t6OYCWPrT0dvC9H+H2BqPh9GLkpUozJRh+YpKafE/6kgkTtavlFqzfYRFphT2I +OASLo4iIhIZZlp711OiXz2Pp30s7ssrCakH96HUUfiBjI1dGtzTOeWZq3QMIF7l dTEASGQcg/ujhGpLG+6kh56SVhn+d1ExFuA9WpW+RGqlshmSqjOq6M0KI36oY/MB A4/wP7wdkTig7iflu2tK17p+m/vYIeOeV3JNKHU8arSHOq/4OV/jvZRb0rHGfkWm 59bQEx261nStivHT3BwgddcFvATtknzI5ahHMzZWvpRTxGrrKiIci+DyHN0CkgU9 7uyk1ncNu54uTA== -----END CERTIFICATE-----Generated at Mon Dec 15 04:59:27 2025 by rpki-client