This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/41a443-ee2b-4646-ba68-aab6c8ba5bd4/1/KHtQElUXlEJ0oUa7rNZOaRog-gY.mft File: KHtQElUXlEJ0oUa7rNZOaRog-gY.mft (raw, json) Hash identifier: XFFWxS6fb2Qu/LO4cQbnCETlpIcF/+TH28y1V6kcngQ= Subject key identifier: B2:36:59:E1:39:88:47:4E:A9:3E:62:EC:2A:9B:49:5F:96:92:5A:AB Authority key identifier: 28:7B:50:12:55:17:94:42:74:A1:46:BB:AC:D6:4E:69:1A:20:FA:06 Certificate issuer: /CN=287b50125517944274a146bbacd64e691a20fa06 Certificate serial: 019B3C7DD55BE32F49F2B8F08A9C92D29693 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KHtQElUXlEJ0oUa7rNZOaRog-gY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/41a443-ee2b-4646-ba68-aab6c8ba5bd4/1/KHtQElUXlEJ0oUa7rNZOaRog-gY.mft Manifest number: 1032 Signing time: Sat 20 Dec 2025 16:00:38 +0000 Manifest this update: Sat 20 Dec 2025 16:00:38 +0000 Manifest next update: Sun 21 Dec 2025 16:00:38 +0000 Files and hashes: 1: KHtQElUXlEJ0oUa7rNZOaRog-gY.crl (hash: 9kFiay5RRV1v1bSkRNrEK4YDuUJyXngqd2yhuag/a7o=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/60/41a443-ee2b-4646-ba68-aab6c8ba5bd4/1/KHtQElUXlEJ0oUa7rNZOaRog-gY.crl rsync://rpki.ripe.net/repository/DEFAULT/60/41a443-ee2b-4646-ba68-aab6c8ba5bd4/1/KHtQElUXlEJ0oUa7rNZOaRog-gY.mft rsync://rpki.ripe.net/repository/DEFAULT/KHtQElUXlEJ0oUa7rNZOaRog-gY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 10:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3c:7d:d5:5b:e3:2f:49:f2:b8:f0:8a:9c:92:d2:96:93 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=287b50125517944274a146bbacd64e691a20fa06 Validity Not Before: Dec 20 16:00:38 2025 GMT Not After : Dec 21 16:00:38 2025 GMT Subject: CN=b23659e13988474ea93e62ec2a9b495f96925aab Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:c7:14:14:7b:14:6a:94:c8:de:82:7e:c1:02: 11:51:dd:f5:d1:e8:d8:a6:d7:c2:78:be:d9:45:ac: 39:c3:ab:24:79:5b:7e:19:bc:05:2d:7c:6f:f8:e8: 15:a8:19:47:7e:d9:2c:c6:fc:81:91:0f:da:0a:5b: ae:f9:c3:dd:88:0d:4a:40:b5:df:bb:ff:29:00:31: 16:49:6c:29:0b:9d:51:ed:e5:1d:a1:cc:28:6a:ec: 4d:7c:6c:46:06:38:52:11:20:b6:43:cb:9b:29:31: 14:85:70:7b:91:dd:a0:99:b2:f7:75:38:c0:cf:57: 98:9c:e0:bb:d5:b4:16:45:87:0e:7a:c1:c4:54:c4: bc:ef:e6:2a:50:93:74:a9:3a:93:50:27:b8:fe:6b: f1:93:26:a9:02:61:b2:26:f9:af:d9:d9:74:92:f9: ab:18:b9:45:26:d3:18:a0:58:fa:2c:d9:df:ee:53: 4f:2d:3b:15:96:46:9d:bf:08:70:d8:37:fe:69:1f: 08:73:7a:72:19:fb:7d:2e:7a:27:04:01:ee:19:37: 31:76:ee:ae:45:aa:0c:08:bc:50:c5:6e:62:8e:c6: 1f:c3:78:21:19:aa:26:c2:04:79:68:19:66:f2:e1: 31:f7:1a:dd:3b:b5:92:e0:3f:a6:5b:b5:94:96:e7: d2:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B2:36:59:E1:39:88:47:4E:A9:3E:62:EC:2A:9B:49:5F:96:92:5A:AB X509v3 Authority Key Identifier: keyid:28:7B:50:12:55:17:94:42:74:A1:46:BB:AC:D6:4E:69:1A:20:FA:06 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KHtQElUXlEJ0oUa7rNZOaRog-gY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/41a443-ee2b-4646-ba68-aab6c8ba5bd4/1/KHtQElUXlEJ0oUa7rNZOaRog-gY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/60/41a443-ee2b-4646-ba68-aab6c8ba5bd4/1/KHtQElUXlEJ0oUa7rNZOaRog-gY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a1:35:d4:ff:0b:93:fb:cf:47:24:df:f1:65:27:6a:35:d9:30: 11:2a:aa:d0:e9:06:a1:2d:d2:35:df:d5:27:17:43:c6:38:e3: f7:82:56:53:58:a5:0f:df:6a:04:e6:f0:0b:2d:69:a0:94:65: 6f:de:e9:50:0f:d8:91:7a:ae:e6:b2:35:84:c3:7f:ed:35:e2: 34:81:a2:a0:be:7d:4b:47:d1:75:de:b2:02:f4:70:a0:12:09: 53:94:96:51:a2:3d:88:0b:9d:f6:9f:ce:84:42:b6:5e:c1:9c: c6:6f:2b:7c:05:73:c4:f4:2f:70:8e:31:fe:bb:e3:8a:a7:f7: d6:c1:d2:dc:12:9e:f2:e7:aa:f9:0a:a2:35:b0:71:af:d4:96: 23:6e:6a:4b:35:a1:a6:b5:66:4c:1b:f4:9d:26:6a:c7:39:38: 83:b4:11:d2:ce:bc:1e:42:e1:00:a9:94:70:e3:4c:42:d0:1a: 0f:11:2d:ad:52:2e:3f:82:58:87:86:1c:c2:47:17:d5:10:24: c5:d1:83:31:52:fd:d0:73:4e:5c:db:93:ba:98:f4:76:29:0c: 0b:af:ae:b2:61:c5:82:98:e6:9f:d2:44:63:da:10:6c:4a:ce: fd:2b:4b:17:c3:1c:ef:f5:6e:3e:9e:d0:d5:08:35:a0:a7:7d: f3:49:60:8a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs8fdVb4y9J8rjwipyS0paTMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI4N2I1MDEyNTUxNzk0NDI3NGExNDZiYmFjZDY0ZTY5MWEy MGZhMDYwHhcNMjUxMjIwMTYwMDM4WhcNMjUxMjIxMTYwMDM4WjAzMTEwLwYDVQQD EyhiMjM2NTllMTM5ODg0NzRlYTkzZTYyZWMyYTliNDk1Zjk2OTI1YWFiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxMcUFHsUapTI3oJ+wQIRUd310ejY ptfCeL7ZRaw5w6skeVt+GbwFLXxv+OgVqBlHftksxvyBkQ/aCluu+cPdiA1KQLXf u/8pADEWSWwpC51R7eUdocwoauxNfGxGBjhSESC2Q8ubKTEUhXB7kd2gmbL3dTjA z1eYnOC71bQWRYcOesHEVMS87+YqUJN0qTqTUCe4/mvxkyapAmGyJvmv2dl0kvmr GLlFJtMYoFj6LNnf7lNPLTsVlkadvwhw2Df+aR8Ic3pyGft9LnonBAHuGTcxdu6u RaoMCLxQxW5ijsYfw3ghGaomwgR5aBlm8uEx9xrdO7WS4D+mW7WUlufSjwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLI2WeE5iEdOqT5i7CqbSV+WklqrMB8GA1UdIwQY MBaAFCh7UBJVF5RCdKFGu6zWTmkaIPoGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS0h0UUVsVVhsRUowb1VhN3JOWk9hUm9nLWdZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC80MWE0NDMtZWUyYi00NjQ2LWJhNjgt YWFiNmM4YmE1YmQ0LzEvS0h0UUVsVVhsRUowb1VhN3JOWk9hUm9nLWdZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82MC80MWE0NDMtZWUyYi00NjQ2LWJhNjgtYWFiNmM4YmE1YmQ0 LzEvS0h0UUVsVVhsRUowb1VhN3JOWk9hUm9nLWdZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoTXU/wuT +89HJN/xZSdqNdkwESqq0OkGoS3SNd/VJxdDxjjj94JWU1ilD99qBObwCy1poJRl b97pUA/YkXqu5rI1hMN/7TXiNIGioL59S0fRdd6yAvRwoBIJU5SWUaI9iAud9p/O hEK2XsGcxm8rfAVzxPQvcI4x/rvjiqf31sHS3BKe8ueq+QqiNbBxr9SWI25qSzWh prVmTBv0nSZqxzk4g7QR0s68HkLhAKmUcONMQtAaDxEtrVIuP4JYh4YcwkcX1RAk xdGDMVL90HNOXNuTupj0dikMC6+usmHFgpjmn9JEY9oQbErO/StLF8Mc7/VuPp7Q 1Qg1oKd980lgig== -----END CERTIFICATE-----Generated at Sat Dec 20 20:02:04 2025 by rpki-client