This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/cc9099-7101-472e-aefc-5eb66bce318d/1/kNdTolR-A6Sw0vkccOnOTkRoBBg.mft File: kNdTolR-A6Sw0vkccOnOTkRoBBg.mft (raw, json) Hash identifier: wm95gpNT4VcoyV0D/ljFBaTIhacGolyDYk1XWyShXqs= Subject key identifier: F1:D4:A2:5F:7D:83:3D:FD:23:46:53:7E:8F:87:24:44:23:7C:27:53 Authority key identifier: 90:D7:53:A2:54:7E:03:A4:B0:D2:F9:1C:70:E9:CE:4E:44:68:04:18 Certificate issuer: /CN=90d753a2547e03a4b0d2f91c70e9ce4e44680418 Certificate serial: 019B5C40591ED7E85C3A337BC3BDF4342EA6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kNdTolR-A6Sw0vkccOnOTkRoBBg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/cc9099-7101-472e-aefc-5eb66bce318d/1/kNdTolR-A6Sw0vkccOnOTkRoBBg.mft Manifest number: 0C3C Signing time: Fri 26 Dec 2025 20:01:19 +0000 Manifest this update: Fri 26 Dec 2025 20:01:19 +0000 Manifest next update: Sat 27 Dec 2025 20:01:19 +0000 Files and hashes: 1: g5z8NV4dmlaKd11s7v3mxc0KYqU.roa (hash: bnZ9DFLSZGC/zi7MlcnpGi6LDIICQO79p3wjfCQfT+E=) 2: kNdTolR-A6Sw0vkccOnOTkRoBBg.crl (hash: 6dXsUc4sA0u1sP/fRSgwIWcjSMYHAHPdMK6+LqfLnEY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/cc9099-7101-472e-aefc-5eb66bce318d/1/kNdTolR-A6Sw0vkccOnOTkRoBBg.crl rsync://rpki.ripe.net/repository/DEFAULT/36/cc9099-7101-472e-aefc-5eb66bce318d/1/kNdTolR-A6Sw0vkccOnOTkRoBBg.mft rsync://rpki.ripe.net/repository/DEFAULT/kNdTolR-A6Sw0vkccOnOTkRoBBg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 20:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5c:40:59:1e:d7:e8:5c:3a:33:7b:c3:bd:f4:34:2e:a6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=90d753a2547e03a4b0d2f91c70e9ce4e44680418 Validity Not Before: Dec 26 20:01:19 2025 GMT Not After : Dec 27 20:01:19 2025 GMT Subject: CN=f1d4a25f7d833dfd2346537e8f872444237c2753 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:51:de:34:cb:d2:87:4f:c1:de:f3:99:3b:76: 2a:ec:eb:4d:5c:99:3a:c5:cc:c9:87:26:76:fe:86: 9f:43:32:dc:fd:9e:d5:66:80:79:95:e1:83:a0:5c: d4:9c:a9:63:89:76:8c:32:22:e4:f0:91:fe:22:9a: e4:ea:cb:c4:48:d6:7f:15:e4:77:8f:db:4e:14:55: c5:fb:7a:56:10:84:e7:26:71:79:78:e1:d2:3f:8c: b4:66:01:25:0c:2c:52:82:d3:70:04:30:4c:92:d4: 05:22:be:5f:89:e8:69:8e:98:be:fc:eb:7b:0c:e1: 78:03:16:6f:27:37:de:bc:79:e8:e2:7f:26:3b:6b: 71:2d:be:dd:fb:9e:24:8a:45:17:4c:29:a8:58:ee: ba:0e:99:25:3b:79:fc:02:f3:f5:c2:87:ba:34:50: 99:c7:4e:a7:d0:e9:cc:5b:48:ed:7c:f3:80:16:ce: 68:b5:41:ba:bd:11:c2:94:65:f0:ef:bf:bd:44:4c: c4:33:a9:dc:da:62:a2:c7:cc:16:0b:99:eb:38:66: 33:dc:9e:5c:1c:3d:03:1a:7e:f2:4b:ca:c7:f9:b6: 1d:0a:44:3e:1d:20:a9:73:93:45:6c:7d:1e:6a:ce: ac:9f:da:84:ed:e8:fd:a3:c1:f0:8c:8d:d3:40:be: 26:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F1:D4:A2:5F:7D:83:3D:FD:23:46:53:7E:8F:87:24:44:23:7C:27:53 X509v3 Authority Key Identifier: keyid:90:D7:53:A2:54:7E:03:A4:B0:D2:F9:1C:70:E9:CE:4E:44:68:04:18 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kNdTolR-A6Sw0vkccOnOTkRoBBg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/cc9099-7101-472e-aefc-5eb66bce318d/1/kNdTolR-A6Sw0vkccOnOTkRoBBg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/36/cc9099-7101-472e-aefc-5eb66bce318d/1/kNdTolR-A6Sw0vkccOnOTkRoBBg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8b:db:4b:a7:a2:b7:31:8a:6d:5d:8e:87:ea:ae:26:a3:80:a6: 9d:3d:a5:0d:40:20:4b:e0:c4:65:72:ca:67:b0:34:be:63:bf: e1:72:eb:5d:de:cd:12:05:62:0b:a1:28:78:7e:b2:3a:4a:72: b7:ec:bd:63:b9:0c:5b:8b:24:09:c8:26:5b:3c:b3:00:f7:8c: b6:69:aa:d5:80:0d:3e:af:59:47:46:1e:6d:99:de:fe:ce:c8: 33:9a:b1:ea:60:f1:67:f5:7c:75:98:19:59:21:17:c4:8e:98: e0:86:e5:6e:79:83:b4:a9:8b:88:88:26:47:ca:ff:cb:df:78: 91:90:b7:8d:fd:cc:b3:6a:a0:14:44:4d:7a:e8:bc:ca:ec:26: 85:1f:f0:1b:ee:46:56:4d:67:6f:89:a4:ce:7f:e3:19:22:e5: 8f:d9:da:4e:ae:27:44:8a:24:b5:a5:ce:83:b8:03:f4:97:52: d6:0b:32:d4:94:fc:28:80:62:12:13:0a:a5:08:1d:97:2a:37: f9:7d:0e:28:c4:0f:6a:ec:7b:b0:bb:1a:a4:1c:9b:8c:ce:aa: d7:7b:90:bf:2b:6a:ae:2f:bc:9d:e6:e2:55:7e:62:e4:0b:fc: da:e2:c4:75:c2:38:cd:d3:07:a4:5d:62:a4:ee:e5:2d:27:71: 35:30:c7:4c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtcQFke1+hcOjN7w730NC6mMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkwZDc1M2EyNTQ3ZTAzYTRiMGQyZjkxYzcwZTljZTRlNDQ2 ODA0MTgwHhcNMjUxMjI2MjAwMTE5WhcNMjUxMjI3MjAwMTE5WjAzMTEwLwYDVQQD EyhmMWQ0YTI1ZjdkODMzZGZkMjM0NjUzN2U4Zjg3MjQ0NDIzN2MyNzUzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoFHeNMvSh0/B3vOZO3Yq7OtNXJk6 xczJhyZ2/oafQzLc/Z7VZoB5leGDoFzUnKljiXaMMiLk8JH+Iprk6svESNZ/FeR3 j9tOFFXF+3pWEITnJnF5eOHSP4y0ZgElDCxSgtNwBDBMktQFIr5fiehpjpi+/Ot7 DOF4AxZvJzfevHno4n8mO2txLb7d+54kikUXTCmoWO66DpklO3n8AvP1woe6NFCZ x06n0OnMW0jtfPOAFs5otUG6vRHClGXw77+9REzEM6nc2mKix8wWC5nrOGYz3J5c HD0DGn7yS8rH+bYdCkQ+HSCpc5NFbH0eas6sn9qE7ej9o8HwjI3TQL4mAwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPHUol99gz39I0ZTfo+HJEQjfCdTMB8GA1UdIwQY MBaAFJDXU6JUfgOksNL5HHDpzk5EaAQYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva05kVG9sUi1BNlN3MHZrY2NPbk9Ua1JvQkJnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9jYzkwOTktNzEwMS00NzJlLWFlZmMt NWViNjZiY2UzMThkLzEva05kVG9sUi1BNlN3MHZrY2NPbk9Ua1JvQkJnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNi9jYzkwOTktNzEwMS00NzJlLWFlZmMtNWViNjZiY2UzMThk LzEva05kVG9sUi1BNlN3MHZrY2NPbk9Ua1JvQkJnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAi9tLp6K3 MYptXY6H6q4mo4CmnT2lDUAgS+DEZXLKZ7A0vmO/4XLrXd7NEgViC6EoeH6yOkpy t+y9Y7kMW4skCcgmWzyzAPeMtmmq1YANPq9ZR0YebZne/s7IM5qx6mDxZ/V8dZgZ WSEXxI6Y4IblbnmDtKmLiIgmR8r/y994kZC3jf3Ms2qgFERNeui8yuwmhR/wG+5G Vk1nb4mkzn/jGSLlj9naTq4nRIoktaXOg7gD9JdS1gsy1JT8KIBiEhMKpQgdlyo3 +X0OKMQPaux7sLsapBybjM6q13uQvytqri+8nebiVX5i5Av82uLEdcI4zdMHpF1i pO7lLSdxNTDHTA== -----END CERTIFICATE-----Generated at Sat Dec 27 04:10:54 2025 by rpki-client