This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/9afaf5-e696-483e-8365-34efd5b9e9cd/1/KnFIxGH1534Qevc1ZqJ-NDVh3B0.mft File: KnFIxGH1534Qevc1ZqJ-NDVh3B0.mft (raw, json) Hash identifier: yUNs00WsD+VlnGh9umnTUjbxCEikOJF3J2mFF8BXU58= Subject key identifier: 33:5F:61:8D:89:AD:83:3F:E9:F6:59:CC:41:58:DF:F1:2C:EC:13:EC Authority key identifier: 2A:71:48:C4:61:F5:E7:7E:10:7A:F7:35:66:A2:7E:34:35:61:DC:1D Certificate issuer: /CN=2a7148c461f5e77e107af73566a27e343561dc1d Certificate serial: 019B59086A0E2ED7495FF632F18E09FE4D14 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KnFIxGH1534Qevc1ZqJ-NDVh3B0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/9afaf5-e696-483e-8365-34efd5b9e9cd/1/KnFIxGH1534Qevc1ZqJ-NDVh3B0.mft Manifest number: 1794 Signing time: Fri 26 Dec 2025 05:01:22 +0000 Manifest this update: Fri 26 Dec 2025 05:01:22 +0000 Manifest next update: Sat 27 Dec 2025 05:01:22 +0000 Files and hashes: 1: FXGg2Fa0emu9dKW-rLUC0KROeXw.roa (hash: vDpMUJR3utlP1Q4YoLNcOM/ustze8pksaMUztNRPk0o=) 2: KnFIxGH1534Qevc1ZqJ-NDVh3B0.crl (hash: UOw3sKirRIINk2UX9DcwGhZlzUoeyJF0wrsKYP7InIQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/71/9afaf5-e696-483e-8365-34efd5b9e9cd/1/KnFIxGH1534Qevc1ZqJ-NDVh3B0.crl rsync://rpki.ripe.net/repository/DEFAULT/71/9afaf5-e696-483e-8365-34efd5b9e9cd/1/KnFIxGH1534Qevc1ZqJ-NDVh3B0.mft rsync://rpki.ripe.net/repository/DEFAULT/KnFIxGH1534Qevc1ZqJ-NDVh3B0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 05:01:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:59:08:6a:0e:2e:d7:49:5f:f6:32:f1:8e:09:fe:4d:14 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a7148c461f5e77e107af73566a27e343561dc1d Validity Not Before: Dec 26 05:01:22 2025 GMT Not After : Dec 27 05:01:22 2025 GMT Subject: CN=335f618d89ad833fe9f659cc4158dff12cec13ec Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:93:40:fc:9f:35:df:58:07:f5:36:69:55:8b: 0e:1e:a4:a9:89:81:6a:82:5a:5f:a6:b3:f5:b4:c3: 1b:9a:e4:9d:9b:d7:67:1d:b0:a3:0b:0c:ae:ad:49: 4c:2e:d2:e5:7a:cc:a1:3d:fa:f2:0b:e4:90:9e:d0: 08:17:69:25:af:8b:44:e6:4e:a9:92:98:cf:b4:52: fb:3f:62:fb:58:c0:d6:8d:06:d7:20:2a:f9:51:9b: b2:9c:31:1d:81:8d:01:e9:4a:86:f7:0f:0f:b3:4a: 1d:94:e9:14:71:f2:9d:95:a7:13:3d:dd:02:73:69: 93:e8:3f:7a:c5:da:6a:dc:40:cd:53:a2:4e:9f:9f: 41:27:1e:e4:06:d0:8d:2f:b7:fb:40:40:9d:a2:4f: 63:0d:ad:8d:1b:58:83:57:ef:44:59:27:f8:c7:45: 94:d3:b8:6d:50:a5:08:b8:5e:7c:bd:c6:20:25:b3: 1e:e3:b9:37:32:3d:b2:69:50:8d:49:58:95:52:41: be:21:4e:2e:9b:7d:96:54:df:0d:4e:d4:3d:04:56: cf:3c:30:3c:8b:2d:e1:a2:b3:ea:d9:f5:36:4f:9a: 20:6b:c7:20:a4:65:a9:da:e3:9f:79:21:c3:d5:76: 50:ba:20:e6:82:41:25:af:0a:d1:56:5c:13:df:9d: 58:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:5F:61:8D:89:AD:83:3F:E9:F6:59:CC:41:58:DF:F1:2C:EC:13:EC X509v3 Authority Key Identifier: keyid:2A:71:48:C4:61:F5:E7:7E:10:7A:F7:35:66:A2:7E:34:35:61:DC:1D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KnFIxGH1534Qevc1ZqJ-NDVh3B0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/9afaf5-e696-483e-8365-34efd5b9e9cd/1/KnFIxGH1534Qevc1ZqJ-NDVh3B0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/71/9afaf5-e696-483e-8365-34efd5b9e9cd/1/KnFIxGH1534Qevc1ZqJ-NDVh3B0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 40:16:6c:8f:a6:e7:95:29:fe:22:90:c2:dc:b2:96:a5:4c:4f: 69:ad:f8:c2:eb:92:03:e7:6f:58:5e:c2:71:f4:69:b1:3c:09: e8:0f:28:94:c3:75:97:4e:53:2c:ee:9e:9c:ff:96:31:24:27: f8:c4:2a:37:58:d2:ab:02:03:0c:13:6e:8c:ad:04:a5:68:70: 23:e5:3e:78:aa:00:23:fe:07:a8:6b:c4:eb:c9:ad:82:d7:7f: ef:2a:1d:18:09:b4:3e:8b:7c:8c:77:3a:ef:21:2d:09:18:de: 2e:63:ce:e5:1c:e4:79:64:e5:d8:cd:14:b9:cc:8c:ff:cf:b2: 4e:ff:fb:f6:11:75:c0:85:21:af:e5:7d:31:61:2e:75:47:e3: fa:f4:0e:86:a3:82:f4:22:3e:a7:d5:8b:01:69:3a:11:35:41: b7:7c:17:37:4e:03:c8:41:6a:f2:34:02:4b:e6:df:11:34:ba: 37:11:5b:53:26:dc:e0:a8:1a:dd:bc:b1:01:fb:b4:f9:cd:f4: 20:14:d8:f8:3b:1d:3a:a5:49:7f:12:e7:b3:98:10:71:0e:aa: f4:5d:e5:af:c5:6b:7e:9b:0f:a6:75:12:1b:d4:5f:45:0f:88: a8:28:f5:78:44:38:d6:53:40:ca:97:60:c9:93:ce:ab:25:d5: 0a:d0:ab:98 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtZCGoOLtdJX/Yy8Y4J/k0UMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhNzE0OGM0NjFmNWU3N2UxMDdhZjczNTY2YTI3ZTM0MzU2 MWRjMWQwHhcNMjUxMjI2MDUwMTIyWhcNMjUxMjI3MDUwMTIyWjAzMTEwLwYDVQQD EygzMzVmNjE4ZDg5YWQ4MzNmZTlmNjU5Y2M0MTU4ZGZmMTJjZWMxM2VjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ZNA/J8131gH9TZpVYsOHqSpiYFq glpfprP1tMMbmuSdm9dnHbCjCwyurUlMLtLlesyhPfryC+SQntAIF2klr4tE5k6p kpjPtFL7P2L7WMDWjQbXICr5UZuynDEdgY0B6UqG9w8Ps0odlOkUcfKdlacTPd0C c2mT6D96xdpq3EDNU6JOn59BJx7kBtCNL7f7QECdok9jDa2NG1iDV+9EWSf4x0WU 07htUKUIuF58vcYgJbMe47k3Mj2yaVCNSViVUkG+IU4um32WVN8NTtQ9BFbPPDA8 iy3horPq2fU2T5oga8cgpGWp2uOfeSHD1XZQuiDmgkElrwrRVlwT351YQQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDNfYY2JrYM/6fZZzEFY3/Es7BPsMB8GA1UdIwQY MBaAFCpxSMRh9ed+EHr3NWaifjQ1YdwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS25GSXhHSDE1MzRRZXZjMVpxSi1ORFZoM0IwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS85YWZhZjUtZTY5Ni00ODNlLTgzNjUt MzRlZmQ1YjllOWNkLzEvS25GSXhHSDE1MzRRZXZjMVpxSi1ORFZoM0IwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83MS85YWZhZjUtZTY5Ni00ODNlLTgzNjUtMzRlZmQ1YjllOWNk LzEvS25GSXhHSDE1MzRRZXZjMVpxSi1ORFZoM0IwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQBZsj6bn lSn+IpDC3LKWpUxPaa34wuuSA+dvWF7CcfRpsTwJ6A8olMN1l05TLO6enP+WMSQn +MQqN1jSqwIDDBNujK0EpWhwI+U+eKoAI/4HqGvE68mtgtd/7yodGAm0Pot8jHc6 7yEtCRjeLmPO5RzkeWTl2M0UucyM/8+yTv/79hF1wIUhr+V9MWEudUfj+vQOhqOC 9CI+p9WLAWk6ETVBt3wXN04DyEFq8jQCS+bfETS6NxFbUybc4Kga3byxAfu0+c30 IBTY+DsdOqVJfxLns5gQcQ6q9F3lr8VrfpsPpnUSG9RfRQ+IqCj1eEQ41lNAypdg yZPOqyXVCtCrmA== -----END CERTIFICATE-----Generated at Fri Dec 26 14:17:28 2025 by rpki-client