This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/0347d3-e54c-44c0-8f7a-4514374e6ffa/1/kcHIW_XFNHGpl--fqZnQwWvoVEQ.mft File: kcHIW_XFNHGpl--fqZnQwWvoVEQ.mft (raw, json) Hash identifier: pD+QAZYx7aPh1bFWdeDmdHtCqTrTstz+CgzmcAcNCzc= Subject key identifier: 3B:EA:FD:A7:69:06:DC:EF:2E:BA:40:AD:E7:4F:E7:30:D6:E9:35:F2 Authority key identifier: 91:C1:C8:5B:F5:C5:34:71:A9:97:EF:9F:A9:99:D0:C1:6B:E8:54:44 Certificate issuer: /CN=91c1c85bf5c53471a997ef9fa999d0c16be85444 Certificate serial: 019B3A91018F6C8DCA152BB3D4D2C3506AD8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kcHIW_XFNHGpl--fqZnQwWvoVEQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/0347d3-e54c-44c0-8f7a-4514374e6ffa/1/kcHIW_XFNHGpl--fqZnQwWvoVEQ.mft Manifest number: 1792 Signing time: Sat 20 Dec 2025 07:02:20 +0000 Manifest this update: Sat 20 Dec 2025 07:02:20 +0000 Manifest next update: Sun 21 Dec 2025 07:02:20 +0000 Files and hashes: 1: 1-w_Sx8LRPBvLvkJLZOQlFfGluOo.roa (hash: jW6TH6eaQc46mg+HMpMqf3iTbPrehVKAIBq6ffyUgyg=) 2: kcHIW_XFNHGpl--fqZnQwWvoVEQ.crl (hash: 8/tgJFo+AQAJ9dMN18Zoxq1wqnK5HGgj9dO+qCwIfDQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/0347d3-e54c-44c0-8f7a-4514374e6ffa/1/kcHIW_XFNHGpl--fqZnQwWvoVEQ.crl rsync://rpki.ripe.net/repository/DEFAULT/40/0347d3-e54c-44c0-8f7a-4514374e6ffa/1/kcHIW_XFNHGpl--fqZnQwWvoVEQ.mft rsync://rpki.ripe.net/repository/DEFAULT/kcHIW_XFNHGpl--fqZnQwWvoVEQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 01:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3a:91:01:8f:6c:8d:ca:15:2b:b3:d4:d2:c3:50:6a:d8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=91c1c85bf5c53471a997ef9fa999d0c16be85444 Validity Not Before: Dec 20 07:02:20 2025 GMT Not After : Dec 21 07:02:20 2025 GMT Subject: CN=3beafda76906dcef2eba40ade74fe730d6e935f2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:de:a8:56:d6:30:53:24:a4:bb:aa:c2:12:23: c9:09:12:1d:ec:bc:f6:4f:3c:2b:6e:25:43:1f:65: 7c:f7:ed:55:0d:b6:10:ed:90:f5:16:1e:d7:52:7c: 37:08:ca:13:e1:26:a1:72:a1:56:84:aa:cb:b4:ef: 7e:b7:66:7e:54:a7:a8:5a:26:7f:90:f6:f7:e6:6b: 07:0c:4b:39:13:5b:91:08:d0:cd:3b:8b:67:f4:3b: 41:5a:14:2a:8e:e7:e1:a3:3c:55:f6:fe:b0:44:97: b3:9d:22:6b:52:92:cf:38:08:dc:b6:6a:35:ad:1d: 35:51:89:b9:8b:e2:c1:d7:d8:76:e3:0b:ea:a0:8e: 9e:2f:72:1e:55:15:06:e5:78:9e:29:6a:4b:ac:89: cb:64:21:2b:37:fc:bc:40:b2:3a:0e:cb:8d:90:6b: 90:b3:d3:f3:45:00:6d:05:9f:82:44:0e:e2:e5:2e: 5d:94:26:73:6d:d4:c7:35:d1:17:1b:a5:03:b2:6d: 15:71:d2:18:8b:6c:cc:63:3a:95:6b:c6:2c:8e:30: 58:d6:63:8f:c4:47:a4:eb:2b:e1:60:4e:87:e5:0e: 52:b7:97:f9:83:59:6e:31:e0:d6:af:4c:e4:7a:4d: 19:41:55:fd:b7:2d:66:52:05:b5:2d:8f:7f:d9:e9: ed:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3B:EA:FD:A7:69:06:DC:EF:2E:BA:40:AD:E7:4F:E7:30:D6:E9:35:F2 X509v3 Authority Key Identifier: keyid:91:C1:C8:5B:F5:C5:34:71:A9:97:EF:9F:A9:99:D0:C1:6B:E8:54:44 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kcHIW_XFNHGpl--fqZnQwWvoVEQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/0347d3-e54c-44c0-8f7a-4514374e6ffa/1/kcHIW_XFNHGpl--fqZnQwWvoVEQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/40/0347d3-e54c-44c0-8f7a-4514374e6ffa/1/kcHIW_XFNHGpl--fqZnQwWvoVEQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 73:c6:3c:e8:5f:5c:40:b4:0b:7e:c5:de:3e:81:6f:6c:05:1d: fc:75:b4:19:54:31:24:93:fd:92:fa:38:85:04:e0:10:1e:14: 33:4a:b7:60:7d:5f:a4:a3:71:14:1c:ec:6e:ad:2d:b3:3d:23: b7:3d:29:c1:ff:29:7e:64:67:b3:b3:c4:10:f9:bc:b3:3d:e8: 1d:38:5c:38:ca:09:c1:e9:d1:67:fb:61:eb:7d:dc:65:7e:04: 13:00:e6:63:5c:08:ff:f5:0d:00:e5:d7:05:ad:74:da:08:db: 47:70:1c:f5:3f:23:55:6a:70:cf:37:c4:0d:a9:a2:d4:21:d6: 85:17:b6:53:2e:c6:fa:82:4e:b0:72:63:0d:f9:64:e1:cd:bc: cb:c8:dd:01:7e:82:8e:ce:5f:71:90:b4:c6:8f:b2:b1:eb:7f: 8f:0e:3c:66:45:71:87:15:10:6a:2b:e0:7b:3e:24:fc:8b:6f: 11:77:13:8c:a6:5f:cb:b0:96:38:28:cf:14:27:eb:68:34:ee: 83:16:11:f5:49:21:8c:18:98:a6:7d:6b:19:3f:92:33:37:e3: f6:bd:4c:95:50:f4:e3:ee:2a:d5:4a:e5:47:1c:03:12:d2:70: c1:89:9a:7f:78:ac:62:97:fc:51:8e:ee:34:bb:a2:ed:d5:2c: b2:f6:93:ee -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs6kQGPbI3KFSuz1NLDUGrYMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkxYzFjODViZjVjNTM0NzFhOTk3ZWY5ZmE5OTlkMGMxNmJl ODU0NDQwHhcNMjUxMjIwMDcwMjIwWhcNMjUxMjIxMDcwMjIwWjAzMTEwLwYDVQQD EygzYmVhZmRhNzY5MDZkY2VmMmViYTQwYWRlNzRmZTczMGQ2ZTkzNWYyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA296oVtYwUySku6rCEiPJCRId7Lz2 TzwrbiVDH2V89+1VDbYQ7ZD1Fh7XUnw3CMoT4SahcqFWhKrLtO9+t2Z+VKeoWiZ/ kPb35msHDEs5E1uRCNDNO4tn9DtBWhQqjufhozxV9v6wRJeznSJrUpLPOAjctmo1 rR01UYm5i+LB19h24wvqoI6eL3IeVRUG5XieKWpLrInLZCErN/y8QLI6DsuNkGuQ s9PzRQBtBZ+CRA7i5S5dlCZzbdTHNdEXG6UDsm0VcdIYi2zMYzqVa8YsjjBY1mOP xEek6yvhYE6H5Q5St5f5g1luMeDWr0zkek0ZQVX9ty1mUgW1LY9/2entZQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDvq/adpBtzvLrpAredP5zDW6TXyMB8GA1UdIwQY MBaAFJHByFv1xTRxqZfvn6mZ0MFr6FREMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva2NISVdfWEZOSEdwbC0tZnFablF3V3ZvVkVRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8wMzQ3ZDMtZTU0Yy00NGMwLThmN2Et NDUxNDM3NGU2ZmZhLzEva2NISVdfWEZOSEdwbC0tZnFablF3V3ZvVkVRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80MC8wMzQ3ZDMtZTU0Yy00NGMwLThmN2EtNDUxNDM3NGU2ZmZh LzEva2NISVdfWEZOSEdwbC0tZnFablF3V3ZvVkVRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAc8Y86F9c QLQLfsXePoFvbAUd/HW0GVQxJJP9kvo4hQTgEB4UM0q3YH1fpKNxFBzsbq0tsz0j tz0pwf8pfmRns7PEEPm8sz3oHThcOMoJwenRZ/th633cZX4EEwDmY1wI//UNAOXX Ba102gjbR3Ac9T8jVWpwzzfEDami1CHWhRe2Uy7G+oJOsHJjDflk4c28y8jdAX6C js5fcZC0xo+yset/jw48ZkVxhxUQaivgez4k/ItvEXcTjKZfy7CWOCjPFCfraDTu gxYR9UkhjBiYpn1rGT+SMzfj9r1MlVD04+4q1UrlRxwDEtJwwYmaf3isYpf8UY7u NLui7dUssvaT7g== -----END CERTIFICATE-----Generated at Sat Dec 20 09:13:45 2025 by rpki-client