This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/95535b-e630-457f-8a01-aeae5bbc3920/1/KBZKV1f91XJaYIRPKufvc7EHpMA.mft File: KBZKV1f91XJaYIRPKufvc7EHpMA.mft (raw, json) Hash identifier: 9a233f1XbLKxQI2RM+EF0RCH8X2xNF+A6UJ0KpfTiPM= Subject key identifier: 71:BA:94:EA:C5:11:CE:2D:B3:CE:AF:32:C9:E1:57:3D:3E:0D:03:46 Authority key identifier: 28:16:4A:57:57:FD:D5:72:5A:60:84:4F:2A:E7:EF:73:B1:07:A4:C0 Certificate issuer: /CN=28164a5757fdd5725a60844f2ae7ef73b107a4c0 Certificate serial: 019B2287B2F76885BE28620B5DF38651C92C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KBZKV1f91XJaYIRPKufvc7EHpMA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/95535b-e630-457f-8a01-aeae5bbc3920/1/KBZKV1f91XJaYIRPKufvc7EHpMA.mft Manifest number: 1778 Signing time: Mon 15 Dec 2025 15:01:17 +0000 Manifest this update: Mon 15 Dec 2025 15:01:17 +0000 Manifest next update: Tue 16 Dec 2025 15:01:17 +0000 Files and hashes: 1: KBZKV1f91XJaYIRPKufvc7EHpMA.crl (hash: XcIyMYJ0KuIeIDh9ya6Bcsr6sWREq5hoBr+0DOUzjHs=) 2: MhHg4JFChvahbVNUw3bJFSkkmEg.roa (hash: 4DOu8CWNY1OjDP1XSPeR4I2ZieWWV4v3/yu30qnq/P4=) 3: jPXAyTxRg6IHrumUsMVZCICaKwI.roa (hash: yu/3MPqNqBbwh5Kh6v8tYgtrr60bnzQOIu7M1/9ZqhU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/95535b-e630-457f-8a01-aeae5bbc3920/1/KBZKV1f91XJaYIRPKufvc7EHpMA.crl rsync://rpki.ripe.net/repository/DEFAULT/38/95535b-e630-457f-8a01-aeae5bbc3920/1/KBZKV1f91XJaYIRPKufvc7EHpMA.mft rsync://rpki.ripe.net/repository/DEFAULT/KBZKV1f91XJaYIRPKufvc7EHpMA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 14:30:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:22:87:b2:f7:68:85:be:28:62:0b:5d:f3:86:51:c9:2c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=28164a5757fdd5725a60844f2ae7ef73b107a4c0 Validity Not Before: Dec 15 15:01:17 2025 GMT Not After : Dec 16 15:01:17 2025 GMT Subject: CN=71ba94eac511ce2db3ceaf32c9e1573d3e0d0346 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:bf:a3:8b:db:84:0c:4e:9b:65:f1:67:08:8f: c1:d3:aa:27:73:9d:2c:b7:13:5d:81:4d:a3:b3:37: c1:5c:6e:7b:e2:bd:a4:6c:e1:81:b8:9e:41:58:09: f9:8b:93:68:21:1e:34:78:85:a5:27:f1:3c:97:f4: c9:cf:fc:91:22:b3:c6:78:6d:06:05:de:3e:04:13: 9f:da:be:30:60:c4:94:20:24:e4:27:84:46:ac:81: 85:4d:ed:72:77:29:f1:13:b3:7e:40:f0:a0:9f:06: b1:40:d7:46:7d:45:2d:3f:66:be:4b:11:62:3c:c3: e7:c9:85:ba:6b:3c:74:44:75:66:6c:4c:ea:a8:14: 11:cb:b5:b7:04:01:4b:c0:a9:84:b7:87:0a:ce:0f: bf:cc:1f:52:af:a6:f0:7d:48:75:91:aa:08:73:a4: 6c:86:4e:e7:6f:40:9c:e1:6a:ff:f7:f1:f6:ac:cf: 2b:6f:f7:04:91:41:3a:18:bd:0c:68:94:1e:b2:03: f3:77:4b:d4:5f:6d:b1:cc:d6:8c:a6:4b:a8:8b:5e: 64:b8:4a:e0:dc:44:e4:5c:e9:1e:81:2e:0c:08:99: f6:53:06:20:04:c1:b8:d7:f1:91:07:ce:70:aa:64: db:55:df:50:13:28:f3:21:37:2e:62:c6:07:4b:32: 16:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 71:BA:94:EA:C5:11:CE:2D:B3:CE:AF:32:C9:E1:57:3D:3E:0D:03:46 X509v3 Authority Key Identifier: keyid:28:16:4A:57:57:FD:D5:72:5A:60:84:4F:2A:E7:EF:73:B1:07:A4:C0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KBZKV1f91XJaYIRPKufvc7EHpMA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/95535b-e630-457f-8a01-aeae5bbc3920/1/KBZKV1f91XJaYIRPKufvc7EHpMA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/38/95535b-e630-457f-8a01-aeae5bbc3920/1/KBZKV1f91XJaYIRPKufvc7EHpMA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5e:0c:aa:4b:19:d8:48:c4:53:51:a8:d7:0d:94:a0:71:23:61: 1e:de:0e:f9:1e:08:5d:af:6e:0f:8f:0c:97:2c:08:b6:24:2b: 26:6b:dc:f9:06:ca:21:94:18:15:43:22:0d:bc:19:17:70:64: 72:b0:14:e9:a7:d8:a5:7b:a5:3f:3c:a4:96:10:22:2b:2a:1f: b0:1e:66:98:1f:32:27:71:86:6d:a9:46:b7:a8:f5:d2:55:a5: 7e:d4:59:73:ef:8f:9f:e1:04:b5:32:39:7f:5d:e7:ff:db:9c: a3:5e:14:1d:79:05:9f:34:c9:7e:a7:0b:f4:ca:9d:fa:dc:73: 4c:1e:04:c5:d9:51:30:b4:4e:d0:83:01:10:26:ad:ba:9b:f9: dc:b6:90:d0:b7:2c:46:49:41:f3:8c:ca:c7:9b:65:82:5c:f7: 44:00:07:9a:85:d0:1d:55:30:3e:4a:83:db:7d:95:6d:c3:7e: 27:3e:e7:b7:c6:14:28:7a:b0:77:92:43:86:04:88:48:07:3c: 0a:f0:bd:2a:ea:b2:69:8f:02:af:f8:ac:08:cc:e7:69:b9:e4: fd:f3:19:d5:32:22:69:b9:1f:2c:db:2a:8b:66:4b:5c:a0:92: a7:cd:56:1d:88:16:27:dc:eb:41:59:e9:ea:d9:dd:2c:f9:41: 42:8d:06:2f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsih7L3aIW+KGILXfOGUcksMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI4MTY0YTU3NTdmZGQ1NzI1YTYwODQ0ZjJhZTdlZjczYjEw N2E0YzAwHhcNMjUxMjE1MTUwMTE3WhcNMjUxMjE2MTUwMTE3WjAzMTEwLwYDVQQD Eyg3MWJhOTRlYWM1MTFjZTJkYjNjZWFmMzJjOWUxNTczZDNlMGQwMzQ2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2r+ji9uEDE6bZfFnCI/B06onc50s txNdgU2jszfBXG574r2kbOGBuJ5BWAn5i5NoIR40eIWlJ/E8l/TJz/yRIrPGeG0G Bd4+BBOf2r4wYMSUICTkJ4RGrIGFTe1ydynxE7N+QPCgnwaxQNdGfUUtP2a+SxFi PMPnyYW6azx0RHVmbEzqqBQRy7W3BAFLwKmEt4cKzg+/zB9Sr6bwfUh1kaoIc6Rs hk7nb0Cc4Wr/9/H2rM8rb/cEkUE6GL0MaJQesgPzd0vUX22xzNaMpkuoi15kuErg 3ETkXOkegS4MCJn2UwYgBMG41/GRB85wqmTbVd9QEyjzITcuYsYHSzIWxwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHG6lOrFEc4ts86vMsnhVz0+DQNGMB8GA1UdIwQY MBaAFCgWSldX/dVyWmCETyrn73OxB6TAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS0JaS1YxZjkxWEphWUlSUEt1ZnZjN0VIcE1BLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC85NTUzNWItZTYzMC00NTdmLThhMDEt YWVhZTViYmMzOTIwLzEvS0JaS1YxZjkxWEphWUlSUEt1ZnZjN0VIcE1BLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zOC85NTUzNWItZTYzMC00NTdmLThhMDEtYWVhZTViYmMzOTIw LzEvS0JaS1YxZjkxWEphWUlSUEt1ZnZjN0VIcE1BLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXgyqSxnY SMRTUajXDZSgcSNhHt4O+R4IXa9uD48MlywItiQrJmvc+QbKIZQYFUMiDbwZF3Bk crAU6afYpXulPzyklhAiKyofsB5mmB8yJ3GGbalGt6j10lWlftRZc++Pn+EEtTI5 f13n/9uco14UHXkFnzTJfqcL9Mqd+txzTB4ExdlRMLRO0IMBECatupv53LaQ0Lcs RklB84zKx5tlglz3RAAHmoXQHVUwPkqD232VbcN+Jz7nt8YUKHqwd5JDhgSISAc8 CvC9KuqyaY8Cr/isCMznabnk/fMZ1TIiabkfLNsqi2ZLXKCSp81WHYgWJ9zrQVnp 6tndLPlBQo0GLw== -----END CERTIFICATE-----Generated at Mon Dec 15 16:51:11 2025 by rpki-client