This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.mft File: kfikmw1lM9BnmVaH-u49tzqqCLE.mft (raw, json) Hash identifier: Bufe9OX5IiJx4LNjB/JAsQb2B9yflBEC0Ot6T/R4hc4= Subject key identifier: C0:69:E4:CF:A2:44:16:F5:72:BB:6E:E1:2C:23:30:E0:1E:9F:C0:75 Authority key identifier: 91:F8:A4:9B:0D:65:33:D0:67:99:56:87:FA:EE:3D:B7:3A:AA:08:B1 Certificate issuer: /CN=91f8a49b0d6533d067995687faee3db73aaa08b1 Certificate serial: 019B405B5DAAE25CFD5223980C3EDA2368B4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kfikmw1lM9BnmVaH-u49tzqqCLE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.mft Manifest number: 069C Signing time: Sun 21 Dec 2025 10:01:28 +0000 Manifest this update: Sun 21 Dec 2025 10:01:28 +0000 Manifest next update: Mon 22 Dec 2025 10:01:28 +0000 Files and hashes: 1: kfikmw1lM9BnmVaH-u49tzqqCLE.crl (hash: EAFat1GH2r6J8/ZAHt+YvJjCIppOgIyPad5vOVJoGZo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.crl rsync://rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.mft rsync://rpki.ripe.net/repository/DEFAULT/kfikmw1lM9BnmVaH-u49tzqqCLE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 10:01:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:40:5b:5d:aa:e2:5c:fd:52:23:98:0c:3e:da:23:68:b4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=91f8a49b0d6533d067995687faee3db73aaa08b1 Validity Not Before: Dec 21 10:01:28 2025 GMT Not After : Dec 22 10:01:28 2025 GMT Subject: CN=c069e4cfa24416f572bb6ee12c2330e01e9fc075 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:02:9a:30:81:fe:10:0c:01:11:13:36:6d:38: 8b:a0:a6:8a:30:49:6a:b1:f8:d8:c5:cd:ff:62:85: f8:c1:a4:a0:4f:11:d5:80:12:b0:42:3e:a8:11:16: 14:38:08:60:3c:31:f8:f5:04:5d:22:df:62:23:da: 2d:14:65:70:17:2a:26:6e:8a:9c:94:ed:d3:ec:9f: 2f:9c:f3:55:f8:07:bf:77:74:df:9b:24:a1:36:06: 64:7f:c9:3d:c5:31:a0:f7:92:79:69:6d:11:5f:80: 96:2c:c4:28:57:a4:d8:c7:18:7a:06:15:b0:f3:82: 97:24:b9:93:76:79:81:2e:46:ad:96:48:4e:72:37: 8d:65:d4:79:59:97:52:4e:48:e6:aa:e4:a0:02:ce: 88:72:ad:c7:75:d4:35:f9:b8:a2:79:54:3c:b3:5d: e9:74:25:ef:d2:d0:bd:32:e0:45:a2:22:c5:ba:0b: 88:17:b0:ba:32:a1:ff:6d:0f:e1:6d:b0:6d:0f:26: 9b:be:b3:ad:43:2c:4c:73:2e:c9:48:5f:4e:1f:32: dc:eb:7d:94:f3:c3:f0:8a:30:01:57:be:d5:0b:8d: 62:d7:15:2b:98:b0:fd:b1:d0:08:e7:df:3e:83:29: 02:33:eb:33:29:b1:65:24:48:6e:01:81:7d:64:96: 97:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C0:69:E4:CF:A2:44:16:F5:72:BB:6E:E1:2C:23:30:E0:1E:9F:C0:75 X509v3 Authority Key Identifier: keyid:91:F8:A4:9B:0D:65:33:D0:67:99:56:87:FA:EE:3D:B7:3A:AA:08:B1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kfikmw1lM9BnmVaH-u49tzqqCLE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/389fbf-dfb5-4a0b-b846-4328429bd374/1/kfikmw1lM9BnmVaH-u49tzqqCLE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 24:37:b8:b9:1f:af:b2:45:3d:41:13:61:09:7f:f8:75:9f:40: a1:8e:df:e3:b6:14:66:98:62:10:b7:0f:e5:44:98:95:29:4f: 18:b3:8e:46:d8:e6:0d:33:3e:8e:33:16:cf:44:0d:42:76:8a: 8e:d1:34:c9:58:ef:49:2a:96:e3:48:3a:ae:62:7a:a4:6f:04: 22:d5:89:32:f1:e4:ad:c8:41:47:bc:c2:f0:37:fb:79:a0:c9: d6:0d:36:cf:d9:5e:4b:b4:9e:05:8c:eb:3b:4d:ae:64:fa:c9: 2a:08:c6:80:e7:b4:e3:05:f3:99:40:b2:f5:9a:d9:07:dc:3a: 25:12:8c:43:7b:3d:81:87:f5:30:b4:44:68:d8:f1:14:d3:8b: 82:1a:1f:87:d9:60:ea:21:4d:00:70:e8:5a:ea:20:82:9e:44: bc:65:d2:e7:3a:11:ef:9d:4d:68:8c:8c:dc:a9:ce:84:c8:7a: 2a:b7:ae:b1:a8:b8:d5:ae:ed:77:5d:79:35:24:ed:bb:cf:ca: 10:f4:80:34:91:0b:ab:2b:95:42:de:50:62:d8:2e:c3:82:07: 8d:5a:e8:14:d3:22:03:5c:c8:87:e1:b7:eb:f2:a6:ac:f8:06: e2:e7:b3:e2:9e:c4:63:b1:fd:b6:fe:9e:1f:b4:c8:d1:6b:7e: a9:c1:b2:ed -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtAW12q4lz9UiOYDD7aI2i0MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkxZjhhNDliMGQ2NTMzZDA2Nzk5NTY4N2ZhZWUzZGI3M2Fh YTA4YjEwHhcNMjUxMjIxMTAwMTI4WhcNMjUxMjIyMTAwMTI4WjAzMTEwLwYDVQQD EyhjMDY5ZTRjZmEyNDQxNmY1NzJiYjZlZTEyYzIzMzBlMDFlOWZjMDc1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApgKaMIH+EAwBERM2bTiLoKaKMElq sfjYxc3/YoX4waSgTxHVgBKwQj6oERYUOAhgPDH49QRdIt9iI9otFGVwFyomboqc lO3T7J8vnPNV+Ae/d3TfmyShNgZkf8k9xTGg95J5aW0RX4CWLMQoV6TYxxh6BhWw 84KXJLmTdnmBLkatlkhOcjeNZdR5WZdSTkjmquSgAs6Icq3HddQ1+biieVQ8s13p dCXv0tC9MuBFoiLFuguIF7C6MqH/bQ/hbbBtDyabvrOtQyxMcy7JSF9OHzLc632U 88PwijABV77VC41i1xUrmLD9sdAI598+gykCM+szKbFlJEhuAYF9ZJaXqQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMBp5M+iRBb1crtu4SwjMOAen8B1MB8GA1UdIwQY MBaAFJH4pJsNZTPQZ5lWh/ruPbc6qgixMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva2Zpa213MWxNOUJubVZhSC11NDl0enFxQ0xFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi8zODlmYmYtZGZiNS00YTBiLWI4NDYt NDMyODQyOWJkMzc0LzEva2Zpa213MWxNOUJubVZhSC11NDl0enFxQ0xFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYi8zODlmYmYtZGZiNS00YTBiLWI4NDYtNDMyODQyOWJkMzc0 LzEva2Zpa213MWxNOUJubVZhSC11NDl0enFxQ0xFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJDe4uR+v skU9QRNhCX/4dZ9AoY7f47YUZphiELcP5USYlSlPGLOORtjmDTM+jjMWz0QNQnaK jtE0yVjvSSqW40g6rmJ6pG8EItWJMvHkrchBR7zC8Df7eaDJ1g02z9leS7SeBYzr O02uZPrJKgjGgOe04wXzmUCy9ZrZB9w6JRKMQ3s9gYf1MLREaNjxFNOLghofh9lg 6iFNAHDoWuoggp5EvGXS5zoR751NaIyM3KnOhMh6Kreusai41a7td115NSTtu8/K EPSANJELqyuVQt5QYtguw4IHjVroFNMiA1zIh+G36/KmrPgG4uez4p7EY7H9tv6e H7TI0Wt+qcGy7Q== -----END CERTIFICATE-----Generated at Sun Dec 21 17:31:23 2025 by rpki-client