This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/7a1b60-3aec-44dd-9662-365985409bfa/1/KLwbPQy41cqsOntK0XlF--9QWKU.mft File: KLwbPQy41cqsOntK0XlF--9QWKU.mft (raw, json) Hash identifier: ewcesIqHzaSG1TCqM58Tw8u0mv5mj9xxZJ1L1k+YcjU= Subject key identifier: FA:35:1D:95:F8:B6:E0:49:8D:05:7B:5A:17:B6:E8:2D:93:BA:4B:7F Authority key identifier: 28:BC:1B:3D:0C:B8:D5:CA:AC:3A:7B:4A:D1:79:45:FB:EF:50:58:A5 Certificate issuer: /CN=28bc1b3d0cb8d5caac3a7b4ad17945fbef5058a5 Certificate serial: 019B488308F0D56906FA5D335BD85BFB82D0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KLwbPQy41cqsOntK0XlF--9QWKU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/7a1b60-3aec-44dd-9662-365985409bfa/1/KLwbPQy41cqsOntK0XlF--9QWKU.mft Manifest number: 039D Signing time: Tue 23 Dec 2025 00:01:45 +0000 Manifest this update: Tue 23 Dec 2025 00:01:45 +0000 Manifest next update: Wed 24 Dec 2025 00:01:45 +0000 Files and hashes: 1: KLwbPQy41cqsOntK0XlF--9QWKU.crl (hash: 69P9vP5N1C2jnmDneEzocgEkjRxDhr+DVRxtJAX2B7A=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/49/7a1b60-3aec-44dd-9662-365985409bfa/1/KLwbPQy41cqsOntK0XlF--9QWKU.crl rsync://rpki.ripe.net/repository/DEFAULT/49/7a1b60-3aec-44dd-9662-365985409bfa/1/KLwbPQy41cqsOntK0XlF--9QWKU.mft rsync://rpki.ripe.net/repository/DEFAULT/KLwbPQy41cqsOntK0XlF--9QWKU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 23:03:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:48:83:08:f0:d5:69:06:fa:5d:33:5b:d8:5b:fb:82:d0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=28bc1b3d0cb8d5caac3a7b4ad17945fbef5058a5 Validity Not Before: Dec 23 00:01:45 2025 GMT Not After : Dec 24 00:01:45 2025 GMT Subject: CN=fa351d95f8b6e0498d057b5a17b6e82d93ba4b7f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:a7:23:0f:a6:8f:e6:44:48:c4:6f:91:d3:fa: 01:bb:df:80:b9:a9:d6:82:98:10:65:8a:b7:06:2d: bf:7f:e5:1e:84:22:00:01:49:a3:72:55:36:f0:09: a7:70:cd:e7:23:c7:64:1d:1a:3d:43:ad:e9:5c:65: 12:ea:ea:bd:fd:9a:6f:e0:ad:81:22:cd:3f:e0:3a: 35:2c:7d:a6:60:f5:f4:db:22:e7:ec:f2:8b:ef:7c: e7:fc:2e:6a:4c:5f:d7:ee:1c:63:e1:4a:3a:b5:79: 2b:8a:b7:31:6a:d2:59:5f:5e:f6:28:98:13:5e:bf: b0:1e:3b:4b:46:54:9a:12:3d:5f:49:ec:2d:25:5d: c4:1f:c7:e2:91:d7:d6:01:cf:32:12:90:ba:87:8c: a1:8b:ff:9f:30:aa:de:7a:e8:77:8c:4c:74:a2:09: 7a:ec:85:46:8f:26:c1:a7:f0:c0:70:13:ff:b9:41: 8b:85:67:60:cf:a0:1e:2d:b6:3d:24:c3:45:5f:cf: 1f:6d:22:6f:3c:49:5a:46:a2:86:f6:ef:bf:46:65: 38:fa:d6:36:fd:4e:de:b1:0a:25:c0:3b:c3:95:1a: 1d:03:f9:7f:ac:65:05:6a:da:27:8d:50:de:8d:d5: db:1e:6f:5f:3b:4c:84:48:0e:a0:be:c5:b8:6b:43: 19:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FA:35:1D:95:F8:B6:E0:49:8D:05:7B:5A:17:B6:E8:2D:93:BA:4B:7F X509v3 Authority Key Identifier: keyid:28:BC:1B:3D:0C:B8:D5:CA:AC:3A:7B:4A:D1:79:45:FB:EF:50:58:A5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KLwbPQy41cqsOntK0XlF--9QWKU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/7a1b60-3aec-44dd-9662-365985409bfa/1/KLwbPQy41cqsOntK0XlF--9QWKU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/49/7a1b60-3aec-44dd-9662-365985409bfa/1/KLwbPQy41cqsOntK0XlF--9QWKU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 34:3a:c8:2f:7b:e0:e4:b9:8e:2d:68:1a:14:ce:89:05:33:62: 54:c7:b5:cb:31:fc:d8:98:83:d8:47:08:2e:b3:52:31:d5:b8: ee:e5:a7:f3:f2:b3:db:32:7a:f9:4f:b8:dd:eb:9c:e6:2e:82: 13:32:bf:1d:b1:06:94:60:bd:a3:3f:b8:5a:7e:2a:9b:1d:3b: 91:ef:03:b7:98:41:28:01:f6:68:e7:8a:05:76:4a:dc:6a:d5: d0:d5:c5:2e:84:97:ac:e6:d7:c0:ce:3e:3a:e5:e1:9d:3b:03: 74:02:90:b3:7a:95:9e:92:75:87:93:98:6f:79:33:5f:d0:9a: 30:35:9b:99:95:2d:62:ce:77:b6:df:a3:38:b1:b1:b6:db:b8: 3d:8a:47:71:c5:54:fe:b3:f4:49:41:77:f5:57:28:d6:8d:d1: 01:11:32:a7:57:bd:a2:4e:32:97:fc:9e:35:66:a9:bf:ae:88: 25:de:cf:64:06:34:5d:00:cf:56:0a:00:39:89:17:ba:52:a6: 8c:3f:51:8c:8c:67:d0:c4:cf:a2:0e:7f:44:87:eb:fb:5a:a6: c8:c9:f0:22:5f:8e:14:53:df:10:3c:25:f6:36:c8:38:c4:a0: 96:f2:a1:ca:9d:46:f1:ae:f1:1d:aa:30:74:a6:09:9b:5a:69: 8d:81:4b:53 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtIgwjw1WkG+l0zW9hb+4LQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI4YmMxYjNkMGNiOGQ1Y2FhYzNhN2I0YWQxNzk0NWZiZWY1 MDU4YTUwHhcNMjUxMjIzMDAwMTQ1WhcNMjUxMjI0MDAwMTQ1WjAzMTEwLwYDVQQD EyhmYTM1MWQ5NWY4YjZlMDQ5OGQwNTdiNWExN2I2ZTgyZDkzYmE0YjdmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp6cjD6aP5kRIxG+R0/oBu9+AuanW gpgQZYq3Bi2/f+UehCIAAUmjclU28AmncM3nI8dkHRo9Q63pXGUS6uq9/Zpv4K2B Is0/4Do1LH2mYPX02yLn7PKL73zn/C5qTF/X7hxj4Uo6tXkrircxatJZX172KJgT Xr+wHjtLRlSaEj1fSewtJV3EH8fikdfWAc8yEpC6h4yhi/+fMKreeuh3jEx0ogl6 7IVGjybBp/DAcBP/uUGLhWdgz6AeLbY9JMNFX88fbSJvPElaRqKG9u+/RmU4+tY2 /U7esQolwDvDlRodA/l/rGUFatonjVDejdXbHm9fO0yESA6gvsW4a0MZfwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPo1HZX4tuBJjQV7Whe26C2Tukt/MB8GA1UdIwQY MBaAFCi8Gz0MuNXKrDp7StF5RfvvUFilMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS0x3YlBReTQxY3FzT250SzBYbEYtLTlRV0tVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS83YTFiNjAtM2FlYy00NGRkLTk2NjIt MzY1OTg1NDA5YmZhLzEvS0x3YlBReTQxY3FzT250SzBYbEYtLTlRV0tVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80OS83YTFiNjAtM2FlYy00NGRkLTk2NjItMzY1OTg1NDA5YmZh LzEvS0x3YlBReTQxY3FzT250SzBYbEYtLTlRV0tVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANDrIL3vg 5LmOLWgaFM6JBTNiVMe1yzH82JiD2EcILrNSMdW47uWn8/Kz2zJ6+U+43euc5i6C EzK/HbEGlGC9oz+4Wn4qmx07ke8Dt5hBKAH2aOeKBXZK3GrV0NXFLoSXrObXwM4+ OuXhnTsDdAKQs3qVnpJ1h5OYb3kzX9CaMDWbmZUtYs53tt+jOLGxttu4PYpHccVU /rP0SUF39Vco1o3RAREyp1e9ok4yl/yeNWapv66IJd7PZAY0XQDPVgoAOYkXulKm jD9RjIxn0MTPog5/RIfr+1qmyMnwIl+OFFPfEDwl9jbIOMSglvKhyp1G8a7xHaow dKYJm1ppjYFLUw== -----END CERTIFICATE-----Generated at Tue Dec 23 07:56:30 2025 by rpki-client