This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/ff2fd0-624d-47f8-be9f-d1f1803b1812/1/kXgw2UHuCQqOMjSPl7gwj9HOCf0.mft File: kXgw2UHuCQqOMjSPl7gwj9HOCf0.mft (raw, json) Hash identifier: 0W6ITnQzFs5j5OMz+oi1VnyjpNnr6WBXAXZvARrdpEg= Subject key identifier: 40:18:81:E4:56:AF:50:04:2C:75:C8:F6:A6:A9:33:D9:AA:3B:46:39 Authority key identifier: 91:78:30:D9:41:EE:09:0A:8E:32:34:8F:97:B8:30:8F:D1:CE:09:FD Certificate issuer: /CN=917830d941ee090a8e32348f97b8308fd1ce09fd Certificate serial: 019B21E2F2378A7E21C64D247BA39E2B7A57 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kXgw2UHuCQqOMjSPl7gwj9HOCf0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/ff2fd0-624d-47f8-be9f-d1f1803b1812/1/kXgw2UHuCQqOMjSPl7gwj9HOCf0.mft Manifest number: 0DF6 Signing time: Mon 15 Dec 2025 12:01:19 +0000 Manifest this update: Mon 15 Dec 2025 12:01:19 +0000 Manifest next update: Tue 16 Dec 2025 12:01:19 +0000 Files and hashes: 1: kXgw2UHuCQqOMjSPl7gwj9HOCf0.crl (hash: Sm3kFaUEwfkoynTu/Te8VvWk+VakOVQ5IdyXMAs1goM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/ff2fd0-624d-47f8-be9f-d1f1803b1812/1/kXgw2UHuCQqOMjSPl7gwj9HOCf0.crl rsync://rpki.ripe.net/repository/DEFAULT/34/ff2fd0-624d-47f8-be9f-d1f1803b1812/1/kXgw2UHuCQqOMjSPl7gwj9HOCf0.mft rsync://rpki.ripe.net/repository/DEFAULT/kXgw2UHuCQqOMjSPl7gwj9HOCf0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 12:01:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:21:e2:f2:37:8a:7e:21:c6:4d:24:7b:a3:9e:2b:7a:57 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=917830d941ee090a8e32348f97b8308fd1ce09fd Validity Not Before: Dec 15 12:01:19 2025 GMT Not After : Dec 16 12:01:19 2025 GMT Subject: CN=401881e456af50042c75c8f6a6a933d9aa3b4639 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:b5:88:bf:0a:4a:f7:a5:96:53:d8:1f:4b:27: e4:b9:3c:75:cc:71:3f:84:a4:e3:b0:f9:42:9f:69: 3d:83:77:84:24:b1:7a:fc:e1:0f:c2:f4:42:28:d0: 55:57:56:0f:68:50:8b:c9:54:32:27:04:89:82:15: 63:1e:6b:29:02:e2:33:ad:74:8b:bb:2a:e2:88:b5: 1d:5f:ac:7a:d8:9b:8d:5a:5d:10:7d:50:be:3c:09: d3:25:79:e3:7f:f1:3a:f7:a3:66:7a:5d:c1:77:93: fa:0f:71:4f:93:5e:90:49:62:1a:00:02:5c:b2:f2: 3e:0c:a9:9a:9d:2a:9f:13:14:f6:f4:36:c8:7d:60: a3:ad:cb:a1:7f:2d:3b:33:77:16:c4:d0:de:b9:5b: fb:0a:75:87:5d:4e:b9:48:aa:c0:b9:a0:d7:25:c4: 40:48:ce:2d:79:3c:50:fa:7f:91:f0:4f:ed:8e:c0: 79:ef:3c:13:c9:e3:a3:ba:46:93:a3:3d:42:9b:aa: 33:84:b3:bc:54:24:a9:f4:19:f7:17:55:28:33:ab: e2:a0:bc:da:4e:de:8b:f9:f2:d7:5b:dd:b5:3c:79: fb:77:b6:0a:2f:aa:fe:8b:19:d8:a7:7f:22:52:54: 4e:7c:b9:ea:6c:46:c3:68:b5:fc:4a:b2:42:ce:38: 04:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:18:81:E4:56:AF:50:04:2C:75:C8:F6:A6:A9:33:D9:AA:3B:46:39 X509v3 Authority Key Identifier: keyid:91:78:30:D9:41:EE:09:0A:8E:32:34:8F:97:B8:30:8F:D1:CE:09:FD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kXgw2UHuCQqOMjSPl7gwj9HOCf0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/ff2fd0-624d-47f8-be9f-d1f1803b1812/1/kXgw2UHuCQqOMjSPl7gwj9HOCf0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/34/ff2fd0-624d-47f8-be9f-d1f1803b1812/1/kXgw2UHuCQqOMjSPl7gwj9HOCf0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 49:4b:ab:e8:a8:38:fa:31:7d:04:e9:e2:49:39:36:ec:be:b6: e1:4c:39:c0:d3:ec:5b:e7:94:ff:13:8d:84:ca:0b:4d:cb:11: ff:3f:3b:af:7d:9c:08:73:a7:8a:1a:4c:0e:f1:5d:fc:4b:c9: 63:d4:bf:c8:0d:4e:e1:7f:e5:65:07:d9:08:a0:80:e9:9d:38: 83:c8:dc:3f:f2:89:ac:30:d7:64:83:83:10:a6:ca:67:7c:38: b8:f6:84:d4:c8:ce:d7:71:0e:c0:bd:da:13:3e:38:11:7f:d9: ff:56:61:98:df:6d:79:d5:81:cf:65:e3:73:4f:fc:7e:b2:cd: d7:e4:68:ff:d0:34:e4:56:78:15:c2:75:4a:55:6f:30:fa:34: 29:be:52:8a:da:2e:f5:da:09:66:aa:22:7d:f1:e5:57:be:45: 84:34:4f:eb:ad:6c:38:d6:3e:5a:f1:15:ac:fc:5d:86:f7:07: 6a:34:01:bc:97:6c:95:b4:a8:b2:b6:ac:67:a8:52:56:94:48: a8:c1:d7:09:ae:2d:a1:52:da:a5:58:00:53:fe:99:2e:f4:35: af:28:3d:f6:66:33:dd:81:cb:3e:8a:bf:0a:bb:18:60:38:61: 21:7a:5a:81:ae:24:f1:85:7d:49:94:15:ad:64:17:59:8d:77: 9c:1b:14:f5 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsh4vI3in4hxk0ke6OeK3pXMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkxNzgzMGQ5NDFlZTA5MGE4ZTMyMzQ4Zjk3YjgzMDhmZDFj ZTA5ZmQwHhcNMjUxMjE1MTIwMTE5WhcNMjUxMjE2MTIwMTE5WjAzMTEwLwYDVQQD Eyg0MDE4ODFlNDU2YWY1MDA0MmM3NWM4ZjZhNmE5MzNkOWFhM2I0NjM5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyrWIvwpK96WWU9gfSyfkuTx1zHE/ hKTjsPlCn2k9g3eEJLF6/OEPwvRCKNBVV1YPaFCLyVQyJwSJghVjHmspAuIzrXSL uyriiLUdX6x62JuNWl0QfVC+PAnTJXnjf/E696Nmel3Bd5P6D3FPk16QSWIaAAJc svI+DKmanSqfExT29DbIfWCjrcuhfy07M3cWxNDeuVv7CnWHXU65SKrAuaDXJcRA SM4teTxQ+n+R8E/tjsB57zwTyeOjukaToz1Cm6ozhLO8VCSp9Bn3F1UoM6vioLza Tt6L+fLXW921PHn7d7YKL6r+ixnYp38iUlROfLnqbEbDaLX8SrJCzjgElwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEAYgeRWr1AELHXI9qapM9mqO0Y5MB8GA1UdIwQY MBaAFJF4MNlB7gkKjjI0j5e4MI/Rzgn9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva1hndzJVSHVDUXFPTWpTUGw3Z3dqOUhPQ2YwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9mZjJmZDAtNjI0ZC00N2Y4LWJlOWYt ZDFmMTgwM2IxODEyLzEva1hndzJVSHVDUXFPTWpTUGw3Z3dqOUhPQ2YwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNC9mZjJmZDAtNjI0ZC00N2Y4LWJlOWYtZDFmMTgwM2IxODEy LzEva1hndzJVSHVDUXFPTWpTUGw3Z3dqOUhPQ2YwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASUur6Kg4 +jF9BOniSTk27L624Uw5wNPsW+eU/xONhMoLTcsR/z87r32cCHOnihpMDvFd/EvJ Y9S/yA1O4X/lZQfZCKCA6Z04g8jcP/KJrDDXZIODEKbKZ3w4uPaE1MjO13EOwL3a Ez44EX/Z/1ZhmN9tedWBz2Xjc0/8frLN1+Ro/9A05FZ4FcJ1SlVvMPo0Kb5Sitou 9doJZqoiffHlV75FhDRP661sONY+WvEVrPxdhvcHajQBvJdslbSosrasZ6hSVpRI qMHXCa4toVLapVgAU/6ZLvQ1ryg99mYz3YHLPoq/CrsYYDhhIXpaga4k8YV9SZQV rWQXWY13nBsU9Q== -----END CERTIFICATE-----Generated at Mon Dec 15 16:46:57 2025 by rpki-client