This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.mft File: kpbYTmTVXsgSR2-4BvD-daCL-ys.mft (raw, json) Hash identifier: Rgu+iLHIw9rXziTiYlZsXBYi7xc412pJOKuEpG2xCdw= Subject key identifier: 73:64:10:A4:11:6E:6B:65:21:4F:D3:DE:6F:E6:29:A1:28:42:C8:2B Authority key identifier: 92:96:D8:4E:64:D5:5E:C8:12:47:6F:B8:06:F0:FE:75:A0:8B:FB:2B Certificate issuer: /CN=9296d84e64d55ec812476fb806f0fe75a08bfb2b Certificate serial: 019AE3A7F07D55D0AD269459E0A614B3E291 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kpbYTmTVXsgSR2-4BvD-daCL-ys.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.mft Manifest number: 175B Signing time: Wed 03 Dec 2025 10:00:25 +0000 Manifest this update: Wed 03 Dec 2025 10:00:25 +0000 Manifest next update: Thu 04 Dec 2025 10:00:25 +0000 Files and hashes: 1: kpbYTmTVXsgSR2-4BvD-daCL-ys.crl (hash: Lgxn5yPh5JabQKzaafYbxfQUqC7eiZSncLn8xLw9Wi4=) 2: r4bjJ2cCOInhIlG1f9hIdTm3g6M.roa (hash: aZToxg96BEY8Qvj4uVJxCXKyOgQmRt2zg6OKjNY/eQ0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.crl rsync://rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.mft rsync://rpki.ripe.net/repository/DEFAULT/kpbYTmTVXsgSR2-4BvD-daCL-ys.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 04 Dec 2025 09:57:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:e3:a7:f0:7d:55:d0:ad:26:94:59:e0:a6:14:b3:e2:91 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9296d84e64d55ec812476fb806f0fe75a08bfb2b Validity Not Before: Dec 3 10:00:25 2025 GMT Not After : Dec 4 10:00:25 2025 GMT Subject: CN=736410a4116e6b65214fd3de6fe629a12842c82b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:30:24:86:ae:74:ec:51:03:d8:86:b0:36:d1: f6:26:33:7a:48:15:af:f1:e1:9b:b8:bc:6f:08:0c: 53:ea:4e:50:55:8e:a1:9b:36:e0:3d:9f:9e:fe:96: 0f:ff:f1:5e:69:12:b1:d8:e1:60:56:c6:d5:10:ea: c1:9d:28:14:6c:9c:f0:54:c8:3a:8e:5f:12:dd:66: 1f:50:bf:9a:fa:84:85:e7:89:40:d5:2a:0d:b0:75: 78:56:74:21:b2:90:b2:d8:d5:95:f0:0a:72:b5:6c: 8e:59:e2:ee:1c:75:dc:f9:36:73:ce:78:c6:5f:a9: 4f:8b:e9:2e:11:54:79:d0:d2:ae:40:80:5d:0c:3e: 48:26:50:80:9b:8f:64:80:bb:ad:6b:a7:b6:2f:d6: af:0a:f8:f2:55:ff:bc:8f:92:f4:fd:af:92:a8:66: e3:86:5b:07:7f:31:95:d3:06:af:ba:cd:eb:9b:fd: 44:42:f3:a6:68:49:f0:40:34:db:40:b9:e6:cc:0f: 45:07:ed:36:1b:ca:d7:69:aa:70:25:aa:89:86:d5: 7c:7e:a5:2d:ee:17:61:85:16:87:7a:96:fa:bd:d3: 80:9d:b3:b6:4c:8c:7c:03:06:7d:ce:4d:50:12:c2: e4:86:61:89:ea:86:a8:df:1a:92:e2:8e:d3:5c:70: 72:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 73:64:10:A4:11:6E:6B:65:21:4F:D3:DE:6F:E6:29:A1:28:42:C8:2B X509v3 Authority Key Identifier: keyid:92:96:D8:4E:64:D5:5E:C8:12:47:6F:B8:06:F0:FE:75:A0:8B:FB:2B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kpbYTmTVXsgSR2-4BvD-daCL-ys.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 61:c3:65:58:a3:24:d7:5d:8d:3b:3d:d1:17:43:0f:05:bf:eb: 9f:04:4d:21:a8:ce:2f:b4:78:75:c6:b1:0a:08:8f:e9:e3:ee: 03:0b:2c:4a:31:ee:0d:4c:75:00:58:f2:13:4b:37:de:2f:20: c4:6d:ed:03:01:2c:98:ee:5f:1c:e9:9e:65:13:95:43:be:5e: 01:1b:06:2f:0f:92:78:bb:39:46:29:d2:b8:e6:9f:24:56:53: 4b:5c:a5:23:a1:f0:5d:4d:4e:1e:4f:45:57:8d:a1:e2:12:63: fd:c6:c4:2b:e2:d0:96:07:37:f6:42:b1:cb:21:14:5d:45:ce: 5a:0c:ca:ea:41:af:a1:d9:f0:2c:90:3e:71:65:77:1c:49:d4: c0:3c:31:61:f9:3c:59:1b:69:c5:b4:85:0b:cf:1e:8c:28:f2: 32:0e:9b:ab:44:4a:e9:d7:22:a1:07:33:ce:1a:4e:c6:ef:0c: a8:e0:ab:7f:f4:21:22:12:64:0b:18:b2:25:4c:cd:aa:96:d9: da:41:c7:e6:a8:7f:d2:d9:50:26:e1:7d:e4:90:f0:97:1f:ea: c6:58:d0:39:22:64:21:80:81:5a:12:dc:bc:64:42:3a:8b:01: 6d:7a:ad:0a:07:09:3f:17:eb:4b:97:6d:40:2d:75:cd:d2:9a: bc:60:c7:3b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrjp/B9VdCtJpRZ4KYUs+KRMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkyOTZkODRlNjRkNTVlYzgxMjQ3NmZiODA2ZjBmZTc1YTA4 YmZiMmIwHhcNMjUxMjAzMTAwMDI1WhcNMjUxMjA0MTAwMDI1WjAzMTEwLwYDVQQD Eyg3MzY0MTBhNDExNmU2YjY1MjE0ZmQzZGU2ZmU2MjlhMTI4NDJjODJiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAszAkhq507FED2IawNtH2JjN6SBWv 8eGbuLxvCAxT6k5QVY6hmzbgPZ+e/pYP//FeaRKx2OFgVsbVEOrBnSgUbJzwVMg6 jl8S3WYfUL+a+oSF54lA1SoNsHV4VnQhspCy2NWV8ApytWyOWeLuHHXc+TZzznjG X6lPi+kuEVR50NKuQIBdDD5IJlCAm49kgLuta6e2L9avCvjyVf+8j5L0/a+SqGbj hlsHfzGV0wavus3rm/1EQvOmaEnwQDTbQLnmzA9FB+02G8rXaapwJaqJhtV8fqUt 7hdhhRaHepb6vdOAnbO2TIx8AwZ9zk1QEsLkhmGJ6oao3xqS4o7TXHBy2QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHNkEKQRbmtlIU/T3m/mKaEoQsgrMB8GA1UdIwQY MBaAFJKW2E5k1V7IEkdvuAbw/nWgi/srMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva3BiWVRtVFZYc2dTUjItNEJ2RC1kYUNMLXlzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9hNTRlYjEtMzNkZS00MDFmLTkzNWEt ZjM0OTI4NDUwOWI3LzEva3BiWVRtVFZYc2dTUjItNEJ2RC1kYUNMLXlzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81My9hNTRlYjEtMzNkZS00MDFmLTkzNWEtZjM0OTI4NDUwOWI3 LzEva3BiWVRtVFZYc2dTUjItNEJ2RC1kYUNMLXlzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYcNlWKMk 112NOz3RF0MPBb/rnwRNIajOL7R4dcaxCgiP6ePuAwssSjHuDUx1AFjyE0s33i8g xG3tAwEsmO5fHOmeZROVQ75eARsGLw+SeLs5RinSuOafJFZTS1ylI6HwXU1OHk9F V42h4hJj/cbEK+LQlgc39kKxyyEUXUXOWgzK6kGvodnwLJA+cWV3HEnUwDwxYfk8 WRtpxbSFC88ejCjyMg6bq0RK6dcioQczzhpOxu8MqOCrf/QhIhJkCxiyJUzNqpbZ 2kHH5qh/0tlQJuF95JDwlx/qxljQOSJkIYCBWhLcvGRCOosBbXqtCgcJPxfrS5dt QC11zdKavGDHOw== -----END CERTIFICATE-----Generated at Wed Dec 3 14:14:23 2025 by rpki-client