This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/375522-b695-431b-8d49-66b434fdf9ae/1/KAK1sCXPTqEzlfxXtaTWiY5zMs8.mft File: KAK1sCXPTqEzlfxXtaTWiY5zMs8.mft (raw, json) Hash identifier: goG7sJlAcnmFlPu5YYFQpIXyOl8itK1ASqEx7ZN9zaI= Subject key identifier: 2F:04:AB:37:85:F7:34:70:C6:71:82:9D:A8:9C:8D:78:E5:94:53:88 Authority key identifier: 28:02:B5:B0:25:CF:4E:A1:33:95:FC:57:B5:A4:D6:89:8E:73:32:CF Certificate issuer: /CN=2802b5b025cf4ea13395fc57b5a4d6898e7332cf Certificate serial: 019B4AA7C7B65EBDF927B3BCFA0970C039BA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KAK1sCXPTqEzlfxXtaTWiY5zMs8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/375522-b695-431b-8d49-66b434fdf9ae/1/KAK1sCXPTqEzlfxXtaTWiY5zMs8.mft Manifest number: 170C Signing time: Tue 23 Dec 2025 10:01:08 +0000 Manifest this update: Tue 23 Dec 2025 10:01:08 +0000 Manifest next update: Wed 24 Dec 2025 10:01:08 +0000 Files and hashes: 1: CgAYwcYqjGUwI5cuY-inYF9ViL4.roa (hash: DG9lxho2Qdp+1bj1jPdlMwaM6onKyvGHv7zkZeOCV70=) 2: KAK1sCXPTqEzlfxXtaTWiY5zMs8.crl (hash: 3ZI+oOusmzCIK0ad8m+7uYy8+GjdVL78nz6SrrRkK0Q=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/73/375522-b695-431b-8d49-66b434fdf9ae/1/KAK1sCXPTqEzlfxXtaTWiY5zMs8.crl rsync://rpki.ripe.net/repository/DEFAULT/73/375522-b695-431b-8d49-66b434fdf9ae/1/KAK1sCXPTqEzlfxXtaTWiY5zMs8.mft rsync://rpki.ripe.net/repository/DEFAULT/KAK1sCXPTqEzlfxXtaTWiY5zMs8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 24 Dec 2025 09:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4a:a7:c7:b6:5e:bd:f9:27:b3:bc:fa:09:70:c0:39:ba Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2802b5b025cf4ea13395fc57b5a4d6898e7332cf Validity Not Before: Dec 23 10:01:08 2025 GMT Not After : Dec 24 10:01:08 2025 GMT Subject: CN=2f04ab3785f73470c671829da89c8d78e5945388 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:31:54:fe:ee:e9:b7:ab:0f:b4:43:81:68:77: 0d:a3:c2:86:d7:5a:e7:bb:ce:3e:05:5d:b6:5a:94: e8:dc:35:90:90:a4:5a:86:e1:d4:d4:0c:93:3e:78: 5b:37:6a:52:ec:24:69:5f:00:4e:95:e7:ad:3b:bb: 0a:ce:77:71:e8:34:9b:87:75:69:18:85:88:2d:18: 82:ef:41:a2:81:fb:4d:6a:b4:01:c2:9b:18:5d:51: 76:68:18:69:55:d2:bd:5d:6e:7f:59:6b:b5:a0:96: f7:30:32:d1:17:63:93:32:20:f1:c9:ef:6c:57:f3: 3f:54:05:c5:00:e6:f1:46:dd:37:9d:eb:af:09:ad: 33:d3:ea:30:66:34:93:0d:63:e4:db:9a:84:12:69: 67:03:76:0f:6e:9f:a3:30:40:05:3a:eb:fc:5e:72: 96:43:4b:29:a6:4e:63:a1:92:47:08:14:31:d7:0e: 1a:63:cd:a4:50:54:ee:97:3d:fc:87:5a:77:3c:73: c3:a7:cc:e4:41:2c:eb:32:d2:75:86:2f:26:31:3e: 66:20:70:62:a9:11:d5:d4:5e:fa:22:a3:7f:fc:11: 2d:f9:a3:da:5c:51:12:1a:27:11:4e:6f:5c:8b:1b: a2:24:43:81:a6:aa:a8:ad:c7:ac:ad:04:1b:22:b4: 5f:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2F:04:AB:37:85:F7:34:70:C6:71:82:9D:A8:9C:8D:78:E5:94:53:88 X509v3 Authority Key Identifier: keyid:28:02:B5:B0:25:CF:4E:A1:33:95:FC:57:B5:A4:D6:89:8E:73:32:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KAK1sCXPTqEzlfxXtaTWiY5zMs8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/375522-b695-431b-8d49-66b434fdf9ae/1/KAK1sCXPTqEzlfxXtaTWiY5zMs8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/73/375522-b695-431b-8d49-66b434fdf9ae/1/KAK1sCXPTqEzlfxXtaTWiY5zMs8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 84:6e:58:d0:3f:a2:75:44:03:ea:12:bd:2e:92:11:7d:9a:e4: 22:f7:a6:5e:c5:30:66:ff:12:40:12:a6:2c:d2:2d:e9:c2:0f: b9:29:69:7b:06:40:8d:08:02:15:ef:09:0e:62:b5:85:e4:c3: d7:79:be:f4:90:d8:b1:87:94:c0:37:db:79:55:1e:c8:d6:f2: c5:f6:f0:8c:2f:79:b2:a2:59:a7:e0:f0:f4:a4:80:81:f1:66: e8:97:f0:9d:c2:80:f3:29:83:3c:d1:85:b8:ff:46:d0:e3:08: 1e:a9:73:62:58:2b:32:7b:a4:18:2d:30:e8:e4:9e:a4:d6:d5: 91:89:94:b1:2f:ce:3a:d7:71:1e:4c:5b:df:69:f3:04:5f:38: 0d:b3:18:cf:2b:b4:dd:14:4a:50:66:14:87:35:48:e4:47:9b: 80:87:0d:db:ce:41:e2:8a:f1:74:6a:28:ad:68:8f:dd:3d:58: ea:84:cf:27:af:12:e6:85:63:84:a6:f8:6f:01:e4:01:2c:2a: b3:23:ae:c4:f4:d9:73:cd:13:0c:6f:1f:3f:1c:92:6f:33:a5: bf:15:ce:8b:b0:81:ce:be:5b:19:6e:f3:f3:99:b3:64:8b:d5: fe:af:5a:28:88:11:eb:a0:da:8e:7d:00:f6:6c:ac:f1:dd:6b: ef:13:a3:e0 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtKp8e2Xr35J7O8+glwwDm6MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI4MDJiNWIwMjVjZjRlYTEzMzk1ZmM1N2I1YTRkNjg5OGU3 MzMyY2YwHhcNMjUxMjIzMTAwMTA4WhcNMjUxMjI0MTAwMTA4WjAzMTEwLwYDVQQD EygyZjA0YWIzNzg1ZjczNDcwYzY3MTgyOWRhODljOGQ3OGU1OTQ1Mzg4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyzFU/u7pt6sPtEOBaHcNo8KG11rn u84+BV22WpTo3DWQkKRahuHU1AyTPnhbN2pS7CRpXwBOleetO7sKzndx6DSbh3Vp GIWILRiC70GigftNarQBwpsYXVF2aBhpVdK9XW5/WWu1oJb3MDLRF2OTMiDxye9s V/M/VAXFAObxRt03neuvCa0z0+owZjSTDWPk25qEEmlnA3YPbp+jMEAFOuv8XnKW Q0sppk5joZJHCBQx1w4aY82kUFTulz38h1p3PHPDp8zkQSzrMtJ1hi8mMT5mIHBi qRHV1F76IqN//BEt+aPaXFESGicRTm9cixuiJEOBpqqorcesrQQbIrRfiQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFC8EqzeF9zRwxnGCnaicjXjllFOIMB8GA1UdIwQY MBaAFCgCtbAlz06hM5X8V7Wk1omOczLPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS0FLMXNDWFBUcUV6bGZ4WHRhVFdpWTV6TXM4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My8zNzU1MjItYjY5NS00MzFiLThkNDkt NjZiNDM0ZmRmOWFlLzEvS0FLMXNDWFBUcUV6bGZ4WHRhVFdpWTV6TXM4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83My8zNzU1MjItYjY5NS00MzFiLThkNDktNjZiNDM0ZmRmOWFl LzEvS0FLMXNDWFBUcUV6bGZ4WHRhVFdpWTV6TXM4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhG5Y0D+i dUQD6hK9LpIRfZrkIvemXsUwZv8SQBKmLNIt6cIPuSlpewZAjQgCFe8JDmK1heTD 13m+9JDYsYeUwDfbeVUeyNbyxfbwjC95sqJZp+Dw9KSAgfFm6JfwncKA8ymDPNGF uP9G0OMIHqlzYlgrMnukGC0w6OSepNbVkYmUsS/OOtdxHkxb32nzBF84DbMYzyu0 3RRKUGYUhzVI5EebgIcN285B4orxdGoorWiP3T1Y6oTPJ68S5oVjhKb4bwHkASwq syOuxPTZc80TDG8fPxySbzOlvxXOi7CBzr5bGW7z85mzZIvV/q9aKIgR66Dajn0A 9mys8d1r7xOj4A== -----END CERTIFICATE-----Generated at Tue Dec 23 13:08:24 2025 by rpki-client