This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.mft File: KbOnF2ZaETfpncj60i4-f5jbiXM.mft (raw, json) Hash identifier: 1/51N7Lr+W87VvybvEm7ck2576ZpAJ5CtuV+UHhe5Kw= Subject key identifier: F3:A4:01:25:67:1C:E4:57:BF:6A:7D:E5:9B:E4:B3:E5:B8:12:CF:BF Authority key identifier: 29:B3:A7:17:66:5A:11:37:E9:9D:C8:FA:D2:2E:3E:7F:98:DB:89:73 Certificate issuer: /CN=29b3a717665a1137e99dc8fad22e3e7f98db8973 Certificate serial: 019B35D737ABB364DAC3F97C5CD3A4312E51 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KbOnF2ZaETfpncj60i4-f5jbiXM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.mft Manifest number: 178A Signing time: Fri 19 Dec 2025 09:00:55 +0000 Manifest this update: Fri 19 Dec 2025 09:00:55 +0000 Manifest next update: Sat 20 Dec 2025 09:00:55 +0000 Files and hashes: 1: 0l-uuc0ta--zZGivAH1vRPmB_34.roa (hash: N3+ixN59bx1CAdzBVH5dBhTA7XSG6tSZGbX7+qQ9kkU=) 2: KbOnF2ZaETfpncj60i4-f5jbiXM.crl (hash: wpz6YWJSzwFFaOS2ptoiUAjHioXIyBVrypiJvztSurs=) 3: ZjCHU3LEGq34M383f_KumGN_eB4.roa (hash: YxlGAgs8g3hAPxhoH9iP3cLnbEfE9zXQU/84spENz30=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.crl rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.mft rsync://rpki.ripe.net/repository/DEFAULT/KbOnF2ZaETfpncj60i4-f5jbiXM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 07:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:35:d7:37:ab:b3:64:da:c3:f9:7c:5c:d3:a4:31:2e:51 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=29b3a717665a1137e99dc8fad22e3e7f98db8973 Validity Not Before: Dec 19 09:00:55 2025 GMT Not After : Dec 20 09:00:55 2025 GMT Subject: CN=f3a40125671ce457bf6a7de59be4b3e5b812cfbf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:c4:7e:84:cc:08:b5:31:96:40:15:84:87:2c: 2f:91:b1:a0:46:3a:ef:84:8b:e8:66:54:30:72:e7: db:d7:ba:da:e1:e7:4b:37:fe:19:cb:12:30:78:49: f8:e4:c6:d1:f3:51:25:df:39:25:f6:9e:83:51:6d: b4:ae:bf:f0:23:e9:37:e2:ab:ab:3a:be:36:0c:1b: 94:a1:dc:5a:d3:8b:2c:ff:2a:c9:8b:f4:3f:04:a1: b0:b3:82:23:c9:87:e9:a8:4a:d3:dc:af:8d:ac:b5: a3:68:9e:46:f0:25:b0:b7:96:ed:85:9e:9d:ed:44: 7d:c1:40:46:e7:94:20:3f:97:ac:e8:50:b9:e9:31: 56:94:0a:bb:bd:38:98:a6:c4:84:2a:43:ca:6d:35: ac:6b:6f:9c:46:f9:0d:58:9a:e7:0f:3a:2d:25:1d: 26:2c:0c:bd:ba:f6:46:5b:b3:07:a0:4c:f7:6e:ce: d0:58:1e:87:03:2b:af:be:10:2a:c8:02:29:fa:d2: 49:8f:23:fb:89:0c:77:97:9f:be:48:ac:1e:32:3d: da:e0:7f:aa:90:a8:6d:28:63:af:9e:21:ff:05:77: bf:0f:2e:b6:a4:ce:64:5c:0b:ff:e0:c1:18:d0:08: 07:fb:8e:a6:a7:33:e7:91:5e:49:f3:4c:4b:1c:a7: 5f:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F3:A4:01:25:67:1C:E4:57:BF:6A:7D:E5:9B:E4:B3:E5:B8:12:CF:BF X509v3 Authority Key Identifier: keyid:29:B3:A7:17:66:5A:11:37:E9:9D:C8:FA:D2:2E:3E:7F:98:DB:89:73 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KbOnF2ZaETfpncj60i4-f5jbiXM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 82:21:7a:e7:89:f7:f9:ef:f1:4b:3e:15:22:ab:be:6c:58:66: 7a:98:0e:17:df:ce:f8:8c:4a:dc:48:3a:ad:60:4e:54:66:01: fe:16:e6:c7:57:bf:f4:16:8b:90:3e:e5:0f:56:7e:cc:ee:df: a1:d2:7b:64:96:d7:f1:7b:8e:d5:b7:d8:ec:76:39:4e:b2:2a: 64:43:33:cd:62:4f:2b:1a:94:a5:e4:07:24:76:98:c6:12:a8: b7:35:c0:c3:20:7d:cb:55:70:05:c0:8d:b2:1d:65:35:a3:11: a8:40:93:42:d8:96:5f:35:a4:d9:f1:df:ea:65:f0:6e:72:82: 26:fb:98:e2:4a:a9:92:03:56:1c:26:a2:8b:8c:ff:56:83:67: 67:fc:4b:f5:94:c6:16:88:53:c2:38:ec:28:56:24:56:68:90: 08:bc:17:c2:b3:27:9c:f8:c1:70:6c:6e:c4:f9:9f:31:9e:d4: 56:02:cb:20:0b:ee:dd:35:0e:67:b9:7f:42:ed:9f:ab:4b:00: c4:c5:7e:31:dd:5b:66:95:da:9f:ee:55:52:41:03:85:a8:e2: 03:ca:ef:0a:5e:dd:40:a1:17:b7:09:be:bc:eb:63:74:e4:69: 4a:4f:b2:f9:0b:84:93:a3:d4:30:52:3c:53:27:ba:e0:2f:f6: a8:fe:f8:c2 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs11zers2Taw/l8XNOkMS5RMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI5YjNhNzE3NjY1YTExMzdlOTlkYzhmYWQyMmUzZTdmOThk Yjg5NzMwHhcNMjUxMjE5MDkwMDU1WhcNMjUxMjIwMDkwMDU1WjAzMTEwLwYDVQQD EyhmM2E0MDEyNTY3MWNlNDU3YmY2YTdkZTU5YmU0YjNlNWI4MTJjZmJmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1MR+hMwItTGWQBWEhywvkbGgRjrv hIvoZlQwcufb17ra4edLN/4ZyxIweEn45MbR81El3zkl9p6DUW20rr/wI+k34qur Or42DBuUodxa04ss/yrJi/Q/BKGws4IjyYfpqErT3K+NrLWjaJ5G8CWwt5bthZ6d 7UR9wUBG55QgP5es6FC56TFWlAq7vTiYpsSEKkPKbTWsa2+cRvkNWJrnDzotJR0m LAy9uvZGW7MHoEz3bs7QWB6HAyuvvhAqyAIp+tJJjyP7iQx3l5++SKweMj3a4H+q kKhtKGOvniH/BXe/Dy62pM5kXAv/4MEY0AgH+46mpzPnkV5J80xLHKdfqQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPOkASVnHORXv2p95Zvks+W4Es+/MB8GA1UdIwQY MBaAFCmzpxdmWhE36Z3I+tIuPn+Y24lzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS2JPbkYyWmFFVGZwbmNqNjBpNC1mNWpiaVhNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hY2QyOGUtNTJhZS00YWM5LWIwMjgt NjY5ZjdhNzYxNjMxLzEvS2JPbkYyWmFFVGZwbmNqNjBpNC1mNWpiaVhNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNi9hY2QyOGUtNTJhZS00YWM5LWIwMjgtNjY5ZjdhNzYxNjMx LzEvS2JPbkYyWmFFVGZwbmNqNjBpNC1mNWpiaVhNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgiF654n3 +e/xSz4VIqu+bFhmepgOF9/O+IxK3Eg6rWBOVGYB/hbmx1e/9BaLkD7lD1Z+zO7f odJ7ZJbX8XuO1bfY7HY5TrIqZEMzzWJPKxqUpeQHJHaYxhKotzXAwyB9y1VwBcCN sh1lNaMRqECTQtiWXzWk2fHf6mXwbnKCJvuY4kqpkgNWHCaii4z/VoNnZ/xL9ZTG FohTwjjsKFYkVmiQCLwXwrMnnPjBcGxuxPmfMZ7UVgLLIAvu3TUOZ7l/Qu2fq0sA xMV+Md1bZpXan+5VUkEDhajiA8rvCl7dQKEXtwm+vOtjdORpSk+y+QuEk6PUMFI8 Uye64C/2qP74wg== -----END CERTIFICATE-----Generated at Fri Dec 19 13:10:54 2025 by rpki-client