This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/a264a8-a666-4c87-851c-ada24ef310ca/1/rKKhlS5xiUSkBDSg6-__2iv-7V8.mft File: rKKhlS5xiUSkBDSg6-__2iv-7V8.mft (raw, json) Hash identifier: Xos5vm3P/wfAV3hi0VyeZxBoymaSNeUrtMIGvDq/FF8= Subject key identifier: 3A:9B:91:F4:F0:5B:17:D2:01:E1:17:E7:61:B4:8C:2E:AB:AC:FA:23 Authority key identifier: AC:A2:A1:95:2E:71:89:44:A4:04:34:A0:EB:EF:FF:DA:2B:FE:ED:5F Certificate issuer: /CN=aca2a1952e718944a40434a0ebefffda2bfeed5f Certificate serial: 019B5A8872EF562C79BE3648F70211E05B14 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rKKhlS5xiUSkBDSg6-__2iv-7V8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/a264a8-a666-4c87-851c-ada24ef310ca/1/rKKhlS5xiUSkBDSg6-__2iv-7V8.mft Manifest number: 1454 Signing time: Fri 26 Dec 2025 12:00:50 +0000 Manifest this update: Fri 26 Dec 2025 12:00:50 +0000 Manifest next update: Sat 27 Dec 2025 12:00:50 +0000 Files and hashes: 1: mN-Gq3CnQOseJQb6vbylzDVdWSg.roa (hash: fOE9ILnEXk1PyxS5P7XqjGQMPFnkivt3IHprv8lvkaM=) 2: rKKhlS5xiUSkBDSg6-__2iv-7V8.crl (hash: nqKvoq+IDY6oxLn83TVDRFwUapbx9V/AmTDJQsFbTS4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/a264a8-a666-4c87-851c-ada24ef310ca/1/rKKhlS5xiUSkBDSg6-__2iv-7V8.crl rsync://rpki.ripe.net/repository/DEFAULT/68/a264a8-a666-4c87-851c-ada24ef310ca/1/rKKhlS5xiUSkBDSg6-__2iv-7V8.mft rsync://rpki.ripe.net/repository/DEFAULT/rKKhlS5xiUSkBDSg6-__2iv-7V8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:88:72:ef:56:2c:79:be:36:48:f7:02:11:e0:5b:14 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=aca2a1952e718944a40434a0ebefffda2bfeed5f Validity Not Before: Dec 26 12:00:50 2025 GMT Not After : Dec 27 12:00:50 2025 GMT Subject: CN=3a9b91f4f05b17d201e117e761b48c2eabacfa23 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:c1:30:59:ca:36:91:7c:fc:a0:f4:dd:8c:ab: b2:cd:73:08:19:31:30:ca:6f:4e:10:f0:a7:02:ee: b6:51:bd:de:7e:a7:e7:94:66:de:26:56:f3:c2:a8: 86:6c:ca:8e:0b:2b:6a:c1:88:89:92:f1:23:5c:a9: 9e:31:dc:3c:30:52:40:c7:7b:f3:e1:1b:f9:6c:fd: bd:ec:a4:18:7f:96:8a:03:1a:62:d3:28:72:5b:83: a3:dc:9b:15:5b:d4:1a:a4:f9:23:44:8f:05:57:56: d8:e5:23:a1:33:08:78:5e:bc:65:9b:ac:df:c4:7b: d5:2e:c0:18:bd:df:25:7a:0e:e9:87:be:07:ed:e6: 22:d9:4d:71:08:fd:ef:d1:60:17:7d:28:dd:33:a2: 6a:e9:07:a3:f1:b3:58:ea:a2:c6:e6:3a:9f:29:e5: bb:fe:79:f4:cc:86:3b:78:de:1f:a7:96:cc:fd:82: 55:ab:2e:14:e2:11:50:5e:59:01:2d:a8:ba:3d:2d: 6c:da:05:e3:70:8b:42:c0:1d:b0:3c:b7:6d:a4:85: 73:56:62:71:be:3e:3a:c9:de:72:3c:74:ea:ea:50: 7f:d0:a0:7d:87:8d:26:63:c9:14:c5:9d:14:8a:c0: 17:20:d3:17:9d:0d:63:f7:72:87:f7:59:dc:e3:27: dc:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:9B:91:F4:F0:5B:17:D2:01:E1:17:E7:61:B4:8C:2E:AB:AC:FA:23 X509v3 Authority Key Identifier: keyid:AC:A2:A1:95:2E:71:89:44:A4:04:34:A0:EB:EF:FF:DA:2B:FE:ED:5F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rKKhlS5xiUSkBDSg6-__2iv-7V8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/a264a8-a666-4c87-851c-ada24ef310ca/1/rKKhlS5xiUSkBDSg6-__2iv-7V8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/68/a264a8-a666-4c87-851c-ada24ef310ca/1/rKKhlS5xiUSkBDSg6-__2iv-7V8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0f:40:11:95:36:f5:9c:6a:94:14:5b:5f:cb:69:12:fc:dc:96: da:93:6d:96:5c:31:15:77:33:10:f5:10:ea:e6:37:cb:4a:ea: 98:5b:78:26:7b:e0:e3:e6:cc:a2:52:47:18:b8:ab:07:c5:a3: 31:6f:08:d3:df:c7:4b:c3:03:02:a5:34:cb:d7:29:dd:39:9e: 01:bc:bf:97:a4:e9:29:01:00:56:bd:51:7f:05:b0:1c:95:00: 69:9f:b8:da:dc:72:1f:de:fe:54:b6:38:76:73:5b:76:d5:97: b4:e4:0e:f9:bf:12:7d:da:bf:47:47:b2:2c:47:91:65:35:3f: 8f:4c:23:1b:d3:3f:17:bf:47:c8:3a:31:9f:a1:26:7d:37:48: e1:2a:5e:ca:6a:87:77:78:e5:e6:69:48:e6:ac:71:19:45:6b: 53:71:25:3c:ba:a4:c2:9c:a9:ff:07:24:ca:9d:48:88:fb:65: 25:18:f5:e4:78:aa:6d:1b:79:8e:5f:fd:28:c8:66:8e:0a:5e: 6e:d7:d8:8c:58:37:41:03:43:17:06:2d:bf:e3:1d:ea:5d:f2: 94:94:8d:02:ab:63:c0:9d:89:6c:98:97:59:13:37:c8:79:53: 4c:84:58:56:64:f1:8a:1f:4e:3f:f5:1e:08:3c:f4:02:d9:a4: 53:d4:3d:b5 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtaiHLvVix5vjZI9wIR4FsUMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFjYTJhMTk1MmU3MTg5NDRhNDA0MzRhMGViZWZmZmRhMmJm ZWVkNWYwHhcNMjUxMjI2MTIwMDUwWhcNMjUxMjI3MTIwMDUwWjAzMTEwLwYDVQQD EygzYTliOTFmNGYwNWIxN2QyMDFlMTE3ZTc2MWI0OGMyZWFiYWNmYTIzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA18EwWco2kXz8oPTdjKuyzXMIGTEw ym9OEPCnAu62Ub3efqfnlGbeJlbzwqiGbMqOCytqwYiJkvEjXKmeMdw8MFJAx3vz 4Rv5bP297KQYf5aKAxpi0yhyW4Oj3JsVW9QapPkjRI8FV1bY5SOhMwh4Xrxlm6zf xHvVLsAYvd8leg7ph74H7eYi2U1xCP3v0WAXfSjdM6Jq6Qej8bNY6qLG5jqfKeW7 /nn0zIY7eN4fp5bM/YJVqy4U4hFQXlkBLai6PS1s2gXjcItCwB2wPLdtpIVzVmJx vj46yd5yPHTq6lB/0KB9h40mY8kUxZ0UisAXINMXnQ1j93KH91nc4yfcxQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDqbkfTwWxfSAeEX52G0jC6rrPojMB8GA1UdIwQY MBaAFKyioZUucYlEpAQ0oOvv/9or/u1fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcktLaGxTNXhpVVNrQkRTZzYtX18yaXYtN1Y4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC9hMjY0YTgtYTY2Ni00Yzg3LTg1MWMt YWRhMjRlZjMxMGNhLzEvcktLaGxTNXhpVVNrQkRTZzYtX18yaXYtN1Y4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82OC9hMjY0YTgtYTY2Ni00Yzg3LTg1MWMtYWRhMjRlZjMxMGNh LzEvcktLaGxTNXhpVVNrQkRTZzYtX18yaXYtN1Y4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAD0ARlTb1 nGqUFFtfy2kS/NyW2pNtllwxFXczEPUQ6uY3y0rqmFt4Jnvg4+bMolJHGLirB8Wj MW8I09/HS8MDAqU0y9cp3TmeAby/l6TpKQEAVr1RfwWwHJUAaZ+42txyH97+VLY4 dnNbdtWXtOQO+b8Sfdq/R0eyLEeRZTU/j0wjG9M/F79HyDoxn6EmfTdI4SpeymqH d3jl5mlI5qxxGUVrU3ElPLqkwpyp/wckyp1IiPtlJRj15HiqbRt5jl/9KMhmjgpe btfYjFg3QQNDFwYtv+Md6l3ylJSNAqtjwJ2JbJiXWRM3yHlTTIRYVmTxih9OP/Ue CDz0AtmkU9Q9tQ== -----END CERTIFICATE-----Generated at Fri Dec 26 15:45:20 2025 by rpki-client