This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/8a31f3-7acf-47b4-b97b-fa31e2dc6abb/1/KtL-ZGbQcJSkJW2izIRwg8UAaxo.mft File: KtL-ZGbQcJSkJW2izIRwg8UAaxo.mft (raw, json) Hash identifier: RXic4Yq9p9MYbav5BucQsi7FtPjRsBEySIP5+OhpAqQ= Subject key identifier: 83:71:F3:82:E0:BA:91:E6:D9:E9:94:A6:AF:C6:D7:54:25:B6:83:25 Authority key identifier: 2A:D2:FE:64:66:D0:70:94:A4:25:6D:A2:CC:84:70:83:C5:00:6B:1A Certificate issuer: /CN=2ad2fe6466d07094a4256da2cc847083c5006b1a Certificate serial: 019B115CD3CF912D71719486C6A416E06E19 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KtL-ZGbQcJSkJW2izIRwg8UAaxo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/8a31f3-7acf-47b4-b97b-fa31e2dc6abb/1/KtL-ZGbQcJSkJW2izIRwg8UAaxo.mft Manifest number: 147B Signing time: Fri 12 Dec 2025 07:00:54 +0000 Manifest this update: Fri 12 Dec 2025 07:00:54 +0000 Manifest next update: Sat 13 Dec 2025 07:00:54 +0000 Files and hashes: 1: KtL-ZGbQcJSkJW2izIRwg8UAaxo.crl (hash: axLiIg4lZ7XIC2rNc0P/+qYsRRsrKunNrasoP11odnc=) 2: uSrOots_DMPy38Ek0_9yV10Tzw8.roa (hash: Ypv5LfASDsUldkz8kd27ybD8JIawSksjG/puUQcmBe4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/8a31f3-7acf-47b4-b97b-fa31e2dc6abb/1/KtL-ZGbQcJSkJW2izIRwg8UAaxo.crl rsync://rpki.ripe.net/repository/DEFAULT/58/8a31f3-7acf-47b4-b97b-fa31e2dc6abb/1/KtL-ZGbQcJSkJW2izIRwg8UAaxo.mft rsync://rpki.ripe.net/repository/DEFAULT/KtL-ZGbQcJSkJW2izIRwg8UAaxo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 13 Dec 2025 07:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:11:5c:d3:cf:91:2d:71:71:94:86:c6:a4:16:e0:6e:19 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2ad2fe6466d07094a4256da2cc847083c5006b1a Validity Not Before: Dec 12 07:00:54 2025 GMT Not After : Dec 13 07:00:54 2025 GMT Subject: CN=8371f382e0ba91e6d9e994a6afc6d75425b68325 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8e:12:32:75:c0:98:0b:e9:4c:43:ca:d0:7a:aa: 1f:5d:e1:fa:6b:82:8c:ec:75:f0:4b:a3:ef:89:55: 6f:22:6e:4f:78:16:63:3b:84:41:41:60:e8:64:c0: 80:56:4d:bc:f9:98:be:2b:5f:ad:21:0d:6e:05:f4: bb:70:cd:7a:46:33:f1:52:92:66:38:68:23:8c:fe: ef:d7:3b:5e:09:43:60:4e:de:5b:e0:7e:fe:11:5b: 58:4b:12:7d:44:de:e3:04:32:5f:83:11:5f:3c:2c: a4:2a:e5:a8:e6:f7:7f:5d:47:b7:36:cb:6e:49:c0: 7e:4b:af:dc:b3:ef:ea:54:0a:a8:08:b4:6f:df:fa: 95:40:7b:ae:86:70:54:00:a6:7f:b9:d4:60:0e:db: e4:91:54:84:b4:09:dc:8b:1f:ca:92:af:f6:5b:97: 2d:c3:05:ab:a3:0b:9d:ad:10:7b:27:2d:0d:ae:50: 8c:a2:c5:c8:70:d6:d2:61:81:77:c0:0f:93:09:94: f4:f3:c9:8b:eb:9e:d6:ba:85:fc:3a:be:5b:6d:2b: 15:f1:5e:57:6b:35:4c:ac:08:68:e0:41:bd:eb:c4: 57:b3:92:17:21:15:ec:34:e5:7b:aa:08:95:9f:6e: ec:d9:ba:53:83:26:d7:04:ee:60:ea:f4:24:c0:53: 0b:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 83:71:F3:82:E0:BA:91:E6:D9:E9:94:A6:AF:C6:D7:54:25:B6:83:25 X509v3 Authority Key Identifier: keyid:2A:D2:FE:64:66:D0:70:94:A4:25:6D:A2:CC:84:70:83:C5:00:6B:1A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KtL-ZGbQcJSkJW2izIRwg8UAaxo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/8a31f3-7acf-47b4-b97b-fa31e2dc6abb/1/KtL-ZGbQcJSkJW2izIRwg8UAaxo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/58/8a31f3-7acf-47b4-b97b-fa31e2dc6abb/1/KtL-ZGbQcJSkJW2izIRwg8UAaxo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption af:eb:86:6d:56:83:2a:42:09:52:e8:fa:79:1f:26:c3:fd:6b: 59:d0:87:8a:4c:5d:ad:d6:c8:99:27:e0:28:da:52:08:5a:b8: 52:21:8a:64:8f:f0:55:b4:33:2d:59:42:45:c9:cb:f2:50:03: 13:2d:ce:76:9a:07:59:c6:a7:88:46:6c:35:6f:4d:7f:d0:e9: e5:95:6b:7b:f5:40:05:d2:cb:79:7e:be:32:98:c7:d7:6f:dd: 49:e6:3a:7c:b0:a1:2c:17:7f:1d:4a:cb:08:17:45:fe:cd:5e: 97:29:82:b0:c2:52:29:1e:ab:7f:3b:fb:c0:5e:46:5e:d7:71: 06:a4:84:35:c8:81:53:fd:2d:57:a4:6b:82:0e:6a:09:25:d0: 67:90:bb:fd:c9:cf:a6:5c:ed:df:fc:70:72:20:9c:54:ce:4b: 78:4b:5f:d7:1d:9a:6b:a8:2e:92:21:6d:a7:f5:ed:cc:30:da: c0:1d:e8:95:42:3f:6b:f7:a4:d1:0e:42:21:d3:61:25:c3:9d: c7:f5:de:a1:c6:f8:94:2c:55:7a:9e:86:4d:7d:3b:76:1c:de: 1d:75:97:29:ef:33:4a:1a:45:94:cd:a4:7c:d9:d5:14:48:5a: 17:47:31:1d:a2:90:d5:6a:67:5c:9d:e1:f5:22:95:1a:03:d4: 7a:ac:f9:af -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsRXNPPkS1xcZSGxqQW4G4ZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhZDJmZTY0NjZkMDcwOTRhNDI1NmRhMmNjODQ3MDgzYzUw MDZiMWEwHhcNMjUxMjEyMDcwMDU0WhcNMjUxMjEzMDcwMDU0WjAzMTEwLwYDVQQD Eyg4MzcxZjM4MmUwYmE5MWU2ZDllOTk0YTZhZmM2ZDc1NDI1YjY4MzI1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjhIydcCYC+lMQ8rQeqofXeH6a4KM 7HXwS6PviVVvIm5PeBZjO4RBQWDoZMCAVk28+Zi+K1+tIQ1uBfS7cM16RjPxUpJm OGgjjP7v1zteCUNgTt5b4H7+EVtYSxJ9RN7jBDJfgxFfPCykKuWo5vd/XUe3Nstu ScB+S6/cs+/qVAqoCLRv3/qVQHuuhnBUAKZ/udRgDtvkkVSEtAncix/Kkq/2W5ct wwWrowudrRB7Jy0NrlCMosXIcNbSYYF3wA+TCZT088mL657WuoX8Or5bbSsV8V5X azVMrAho4EG968RXs5IXIRXsNOV7qgiVn27s2bpTgybXBO5g6vQkwFMLhwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFINx84LgupHm2emUpq/G11QltoMlMB8GA1UdIwQY MBaAFCrS/mRm0HCUpCVtosyEcIPFAGsaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS3RMLVpHYlFjSlNrSlcyaXpJUndnOFVBYXhvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC84YTMxZjMtN2FjZi00N2I0LWI5N2It ZmEzMWUyZGM2YWJiLzEvS3RMLVpHYlFjSlNrSlcyaXpJUndnOFVBYXhvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81OC84YTMxZjMtN2FjZi00N2I0LWI5N2ItZmEzMWUyZGM2YWJi LzEvS3RMLVpHYlFjSlNrSlcyaXpJUndnOFVBYXhvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAr+uGbVaD KkIJUuj6eR8mw/1rWdCHikxdrdbImSfgKNpSCFq4UiGKZI/wVbQzLVlCRcnL8lAD Ey3OdpoHWcaniEZsNW9Nf9Dp5ZVre/VABdLLeX6+MpjH12/dSeY6fLChLBd/HUrL CBdF/s1elymCsMJSKR6rfzv7wF5GXtdxBqSENciBU/0tV6Rrgg5qCSXQZ5C7/cnP plzt3/xwciCcVM5LeEtf1x2aa6gukiFtp/XtzDDawB3olUI/a/ek0Q5CIdNhJcOd x/Xeocb4lCxVep6GTX07dhzeHXWXKe8zShpFlM2kfNnVFEhaF0cxHaKQ1WpnXJ3h 9SKVGgPUeqz5rw== -----END CERTIFICATE-----Generated at Fri Dec 12 09:09:51 2025 by rpki-client