This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/077a50-45b6-4a38-9db9-950c7e73245c/1/kwNiKzxU5F9BZvMBeY-G27pHGAw.mft File: kwNiKzxU5F9BZvMBeY-G27pHGAw.mft (raw, json) Hash identifier: mVZ0Tjr+9NvtUS63S0tafFWMR1fuLSi2Wmr0LPUNc34= Subject key identifier: 31:46:5D:F8:47:D2:23:78:F4:4C:A4:76:24:7F:AE:B2:69:A6:C3:14 Authority key identifier: 93:03:62:2B:3C:54:E4:5F:41:66:F3:01:79:8F:86:DB:BA:47:18:0C Certificate issuer: /CN=9303622b3c54e45f4166f301798f86dbba47180c Certificate serial: 019B4738E00DB56AF8414206C675D2389DDD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kwNiKzxU5F9BZvMBeY-G27pHGAw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/077a50-45b6-4a38-9db9-950c7e73245c/1/kwNiKzxU5F9BZvMBeY-G27pHGAw.mft Manifest number: 0927 Signing time: Mon 22 Dec 2025 18:01:08 +0000 Manifest this update: Mon 22 Dec 2025 18:01:08 +0000 Manifest next update: Tue 23 Dec 2025 18:01:08 +0000 Files and hashes: 1: kwNiKzxU5F9BZvMBeY-G27pHGAw.crl (hash: RpOFO8Gfc7rG1PZnKiBdaKgmwO+zQJSL4IupDbu+b1E=) 2: v_98mZARWXkG0c7MrFhUfz1ZnSk.roa (hash: CoGKVro1tI7BKUl2OeE8GJuS6b7gkbb5BZSSNbzRr+I=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/077a50-45b6-4a38-9db9-950c7e73245c/1/kwNiKzxU5F9BZvMBeY-G27pHGAw.crl rsync://rpki.ripe.net/repository/DEFAULT/5d/077a50-45b6-4a38-9db9-950c7e73245c/1/kwNiKzxU5F9BZvMBeY-G27pHGAw.mft rsync://rpki.ripe.net/repository/DEFAULT/kwNiKzxU5F9BZvMBeY-G27pHGAw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 15:30:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:47:38:e0:0d:b5:6a:f8:41:42:06:c6:75:d2:38:9d:dd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9303622b3c54e45f4166f301798f86dbba47180c Validity Not Before: Dec 22 18:01:08 2025 GMT Not After : Dec 23 18:01:08 2025 GMT Subject: CN=31465df847d22378f44ca476247faeb269a6c314 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8d:f2:48:fe:a2:44:86:c5:2f:77:6e:27:23:6c: b3:cc:f2:2e:9e:30:57:9d:92:c8:bb:60:b8:e8:bd: bf:45:96:9b:21:0e:7d:ee:c5:b6:54:65:3c:40:3c: 72:74:47:2b:cd:07:3b:79:29:49:8b:e6:10:19:46: b3:3c:62:fb:b0:47:ac:fe:1f:f9:fd:06:53:6a:51: 2d:e8:e0:fa:c8:af:d1:a5:d3:20:a1:e4:ce:b9:37: 16:47:3a:19:ee:7c:c6:a9:f6:89:0c:f3:6e:b0:52: d2:99:3c:71:f4:6a:df:bd:5c:45:b2:f7:78:b8:2b: e0:b5:1d:a8:3e:b3:06:9b:67:84:d0:96:10:35:26: ef:65:87:74:49:fd:d0:de:f2:9d:1d:94:8b:a3:a3: c5:1e:1d:1d:08:3a:79:ed:28:81:42:fd:3f:17:19: b4:a2:ba:19:c9:26:91:fc:54:60:a5:74:b7:47:d6: 79:9b:68:c0:18:94:65:e9:60:7a:10:9f:7f:0a:c1: d0:84:97:76:46:8f:34:5f:43:a1:2d:10:3d:f1:34: b2:20:04:72:35:8c:9a:ce:12:0f:35:02:be:65:f8: 31:15:44:f0:03:bc:cf:44:56:8c:ed:85:9a:d0:8f: 27:d8:3e:b8:4f:49:18:b8:59:3a:18:82:d1:42:d1: 81:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 31:46:5D:F8:47:D2:23:78:F4:4C:A4:76:24:7F:AE:B2:69:A6:C3:14 X509v3 Authority Key Identifier: keyid:93:03:62:2B:3C:54:E4:5F:41:66:F3:01:79:8F:86:DB:BA:47:18:0C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kwNiKzxU5F9BZvMBeY-G27pHGAw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/077a50-45b6-4a38-9db9-950c7e73245c/1/kwNiKzxU5F9BZvMBeY-G27pHGAw.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/077a50-45b6-4a38-9db9-950c7e73245c/1/kwNiKzxU5F9BZvMBeY-G27pHGAw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 40:e7:15:85:22:a5:1b:38:fb:29:0b:25:f5:f1:2f:83:33:52: c0:07:71:47:51:1e:46:e6:43:9f:bb:ca:8d:a0:ea:c2:da:c7: 62:5a:7e:2a:ea:01:b2:dc:0f:cc:84:c8:73:66:f2:5b:05:d4: 4d:4e:6a:6e:08:b3:a2:a8:6f:1a:cf:5b:68:ac:e1:df:9b:06: 21:13:82:68:89:ea:12:ee:1d:38:51:33:b9:fd:22:be:68:18: cd:2a:59:24:85:5e:44:00:cb:29:c7:a2:db:60:72:b2:26:56: 38:8a:d1:85:63:84:8b:ed:81:cf:38:26:47:99:43:31:a9:31: 41:3e:93:0e:65:f9:cf:8e:7b:d7:43:9b:e4:43:6a:45:8b:21: 15:c9:89:bb:77:56:c9:52:6c:62:a0:27:dd:77:80:82:41:3e: 3d:93:e1:93:40:fe:59:bb:8b:fa:7d:e1:12:d4:9e:42:87:dc: 0c:1a:0e:70:6b:b9:d5:8d:f8:2b:5d:4a:db:53:44:f4:2f:af: e3:9f:bd:29:61:fa:cc:99:b3:d6:c0:b4:fc:8e:05:50:b2:ee: 6c:a8:cc:97:9b:7e:0f:8f:54:eb:21:4f:2e:88:2e:fd:42:64: cc:cd:9e:26:c9:3a:cc:7f:1a:ae:23:e4:62:ef:73:19:01:74: d3:d5:ae:91 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtHOOANtWr4QUIGxnXSOJ3dMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkzMDM2MjJiM2M1NGU0NWY0MTY2ZjMwMTc5OGY4NmRiYmE0 NzE4MGMwHhcNMjUxMjIyMTgwMTA4WhcNMjUxMjIzMTgwMTA4WjAzMTEwLwYDVQQD EygzMTQ2NWRmODQ3ZDIyMzc4ZjQ0Y2E0NzYyNDdmYWViMjY5YTZjMzE0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjfJI/qJEhsUvd24nI2yzzPIunjBX nZLIu2C46L2/RZabIQ597sW2VGU8QDxydEcrzQc7eSlJi+YQGUazPGL7sEes/h/5 /QZTalEt6OD6yK/RpdMgoeTOuTcWRzoZ7nzGqfaJDPNusFLSmTxx9GrfvVxFsvd4 uCvgtR2oPrMGm2eE0JYQNSbvZYd0Sf3Q3vKdHZSLo6PFHh0dCDp57SiBQv0/Fxm0 oroZySaR/FRgpXS3R9Z5m2jAGJRl6WB6EJ9/CsHQhJd2Ro80X0OhLRA98TSyIARy NYyazhIPNQK+ZfgxFUTwA7zPRFaM7YWa0I8n2D64T0kYuFk6GILRQtGBEwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDFGXfhH0iN49EykdiR/rrJppsMUMB8GA1UdIwQY MBaAFJMDYis8VORfQWbzAXmPhtu6RxgMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva3dOaUt6eFU1RjlCWnZNQmVZLUcyN3BIR0F3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC8wNzdhNTAtNDViNi00YTM4LTlkYjkt OTUwYzdlNzMyNDVjLzEva3dOaUt6eFU1RjlCWnZNQmVZLUcyN3BIR0F3Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81ZC8wNzdhNTAtNDViNi00YTM4LTlkYjktOTUwYzdlNzMyNDVj LzEva3dOaUt6eFU1RjlCWnZNQmVZLUcyN3BIR0F3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQOcVhSKl Gzj7KQsl9fEvgzNSwAdxR1EeRuZDn7vKjaDqwtrHYlp+KuoBstwPzITIc2byWwXU TU5qbgizoqhvGs9baKzh35sGIROCaInqEu4dOFEzuf0ivmgYzSpZJIVeRADLKcei 22BysiZWOIrRhWOEi+2BzzgmR5lDMakxQT6TDmX5z45710Ob5ENqRYshFcmJu3dW yVJsYqAn3XeAgkE+PZPhk0D+WbuL+n3hEtSeQofcDBoOcGu51Y34K11K21NE9C+v 45+9KWH6zJmz1sC0/I4FULLubKjMl5t+D49U6yFPLogu/UJkzM2eJsk6zH8ariPk Yu9zGQF009WukQ== -----END CERTIFICATE-----Generated at Mon Dec 22 20:27:08 2025 by rpki-client