This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft File: khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft (raw, json) Hash identifier: Sb2OVsBKf+l6rKfHGn4gtSYTYOyvkWT6paeKm9k/8Lc= Subject key identifier: 22:D2:3D:C9:80:EC:FF:5F:E7:7C:CF:FF:35:B5:76:67:44:F9:86:8F Authority key identifier: 92:1B:4C:85:CA:A8:D8:B1:66:19:BF:94:5A:2F:D6:AF:1C:77:FC:78 Certificate issuer: /CN=921b4c85caa8d8b16619bf945a2fd6af1c77fc78 Certificate serial: 019AA2360311A13D0EF5AC5D829192EEEE20 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft Manifest number: 1738 Signing time: Thu 20 Nov 2025 17:00:39 +0000 Manifest this update: Thu 20 Nov 2025 17:00:39 +0000 Manifest next update: Fri 21 Nov 2025 17:00:39 +0000 Files and hashes: 1: khtMhcqo2LFmGb-UWi_Wrxx3_Hg.crl (hash: R2cMWbHff6TuZ2xmkAmFKkPlnhnKLaj6Kx252Qc3o04=) 2: yGFlSDdiFlFUJBTzkBDJlODQZoY.roa (hash: 5kgFGMiEYqgnd4sbR3CvLQA6/mpT37R4CFK6/AUcK/Y=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.crl rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft rsync://rpki.ripe.net/repository/DEFAULT/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 21 Nov 2025 15:23:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:a2:36:03:11:a1:3d:0e:f5:ac:5d:82:91:92:ee:ee:20 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=921b4c85caa8d8b16619bf945a2fd6af1c77fc78 Validity Not Before: Nov 20 17:00:39 2025 GMT Not After : Nov 21 17:00:39 2025 GMT Subject: CN=22d23dc980ecff5fe77ccfff35b5766744f9868f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:2f:b5:43:93:d2:a2:30:a6:3d:8c:eb:9c:9d: 0b:33:e9:80:73:69:39:2f:15:7a:f9:1b:0c:68:d6: f4:6f:8e:95:cd:3f:c1:0a:b3:25:03:1e:ed:0b:cc: 39:d8:2e:cd:e1:df:fb:1f:07:ad:80:5a:ce:d9:88: 4c:01:0a:61:63:26:0b:f8:45:37:6b:e0:65:e2:6e: da:07:fd:aa:d2:db:b7:8d:d6:9d:cb:f3:e0:57:14: 39:d9:b2:5a:5c:52:e2:00:99:dd:a4:7a:6f:a1:08: bd:a1:ec:29:de:cd:c2:bd:b2:1c:51:48:fc:dd:59: de:ed:c6:01:60:f0:8b:43:21:2c:00:c0:2c:95:08: 36:06:53:e2:9b:35:51:05:c9:f1:97:9e:ac:3f:13: 0f:e6:6b:f2:8a:d6:89:81:3b:a7:47:9b:0b:34:9b: 9b:34:04:14:05:b5:97:53:30:79:ec:c4:e8:6e:5b: 31:d5:6b:37:b6:41:17:a5:36:70:51:88:07:c3:6b: a3:97:2e:2e:10:e7:91:f0:74:54:bd:28:af:06:b0: 24:90:15:1e:ab:a3:c2:c4:7b:23:ff:76:7c:37:6e: cb:8a:9f:bd:ed:b1:74:cb:05:36:4e:11:5a:d1:ad: 40:d2:4f:12:79:0a:bd:0d:8d:c1:df:38:7b:0f:ef: 0c:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 22:D2:3D:C9:80:EC:FF:5F:E7:7C:CF:FF:35:B5:76:67:44:F9:86:8F X509v3 Authority Key Identifier: keyid:92:1B:4C:85:CA:A8:D8:B1:66:19:BF:94:5A:2F:D6:AF:1C:77:FC:78 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/54/42b179-4790-4520-b174-50505382fd72/1/khtMhcqo2LFmGb-UWi_Wrxx3_Hg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7d:15:6c:d1:4c:f8:fc:0c:64:dd:8a:ab:5f:a7:fb:5e:2f:99: e7:eb:bf:a1:08:c1:2a:79:49:09:00:6b:99:9b:92:24:5b:5c: 32:05:ac:1d:f2:e9:d8:35:94:43:15:da:e0:bf:ee:b6:8a:42: f9:d9:ae:c8:95:34:3c:21:8c:8c:fd:67:2f:70:1c:6d:10:17: f2:37:59:f5:fa:75:12:0d:19:50:3b:80:eb:27:09:5a:af:73: 88:eb:63:ff:2d:ca:67:df:fe:dd:5b:46:22:56:c0:47:ca:23: b5:ec:52:a2:af:d5:9a:5e:c8:46:db:07:c7:3a:8e:f7:24:97: cd:6e:17:76:a8:92:44:ec:bf:90:84:dc:f9:08:1e:b0:81:2b: 5e:32:bd:b6:b6:91:92:49:75:d1:cb:1f:bc:57:fb:90:a4:d3: b6:7e:39:86:cf:c5:82:aa:3e:2d:55:8f:bc:ef:47:05:15:a9: 5b:64:c8:e1:21:0c:bc:43:31:6c:a4:4f:c1:25:74:36:70:31: 91:bc:b0:2e:fc:40:3d:22:45:0c:d1:ab:d0:43:11:c5:ea:84: ec:f5:39:c2:fe:60:de:ef:45:9a:0c:14:5c:74:21:89:54:44: a2:94:05:9f:1f:00:5f:1a:3e:ca:5c:e8:b7:a4:e0:06:f6:d2: d6:fe:a8:d1 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZqiNgMRoT0O9axdgpGS7u4gMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkyMWI0Yzg1Y2FhOGQ4YjE2NjE5YmY5NDVhMmZkNmFmMWM3 N2ZjNzgwHhcNMjUxMTIwMTcwMDM5WhcNMjUxMTIxMTcwMDM5WjAzMTEwLwYDVQQD EygyMmQyM2RjOTgwZWNmZjVmZTc3Y2NmZmYzNWI1NzY2NzQ0Zjk4NjhmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvi+1Q5PSojCmPYzrnJ0LM+mAc2k5 LxV6+RsMaNb0b46VzT/BCrMlAx7tC8w52C7N4d/7HwetgFrO2YhMAQphYyYL+EU3 a+Bl4m7aB/2q0tu3jdady/PgVxQ52bJaXFLiAJndpHpvoQi9oewp3s3CvbIcUUj8 3Vne7cYBYPCLQyEsAMAslQg2BlPimzVRBcnxl56sPxMP5mvyitaJgTunR5sLNJub NAQUBbWXUzB57MToblsx1Ws3tkEXpTZwUYgHw2ujly4uEOeR8HRUvSivBrAkkBUe q6PCxHsj/3Z8N27Lip+97bF0ywU2ThFa0a1A0k8SeQq9DY3B3zh7D+8MXwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCLSPcmA7P9f53zP/zW1dmdE+YaPMB8GA1UdIwQY MBaAFJIbTIXKqNixZhm/lFov1q8cd/x4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva2h0TWhjcW8yTEZtR2ItVVdpX1dyeHgzX0hnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC80MmIxNzktNDc5MC00NTIwLWIxNzQt NTA1MDUzODJmZDcyLzEva2h0TWhjcW8yTEZtR2ItVVdpX1dyeHgzX0hnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81NC80MmIxNzktNDc5MC00NTIwLWIxNzQtNTA1MDUzODJmZDcy LzEva2h0TWhjcW8yTEZtR2ItVVdpX1dyeHgzX0hnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfRVs0Uz4 /Axk3YqrX6f7Xi+Z5+u/oQjBKnlJCQBrmZuSJFtcMgWsHfLp2DWUQxXa4L/utopC +dmuyJU0PCGMjP1nL3AcbRAX8jdZ9fp1Eg0ZUDuA6ycJWq9ziOtj/y3KZ9/+3VtG IlbAR8ojtexSoq/Vml7IRtsHxzqO9ySXzW4XdqiSROy/kITc+QgesIErXjK9traR kkl10csfvFf7kKTTtn45hs/Fgqo+LVWPvO9HBRWpW2TI4SEMvEMxbKRPwSV0NnAx kbywLvxAPSJFDNGr0EMRxeqE7PU5wv5g3u9FmgwUXHQhiVREopQFnx8AXxo+ylzo t6TgBvbS1v6o0Q== -----END CERTIFICATE-----Generated at Thu Nov 20 20:35:51 2025 by rpki-client