This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/375522-b695-431b-8d49-66b434fdf9ae/1/KAK1sCXPTqEzlfxXtaTWiY5zMs8.mft File: KAK1sCXPTqEzlfxXtaTWiY5zMs8.mft (raw, json) Hash identifier: XY1Yw2BIrLwKzGXBPT2THDtIIoJbcHkWFuCvN5MmGNg= Subject key identifier: D4:49:48:96:92:C0:13:7B:9D:0B:8F:D5:77:96:CF:D3:88:EB:5A:37 Authority key identifier: 28:02:B5:B0:25:CF:4E:A1:33:95:FC:57:B5:A4:D6:89:8E:73:32:CF Certificate issuer: /CN=2802b5b025cf4ea13395fc57b5a4d6898e7332cf Certificate serial: 019B1C4EBCD9832976B8E70877645D137540 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KAK1sCXPTqEzlfxXtaTWiY5zMs8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/375522-b695-431b-8d49-66b434fdf9ae/1/KAK1sCXPTqEzlfxXtaTWiY5zMs8.mft Manifest number: 16F4 Signing time: Sun 14 Dec 2025 10:01:20 +0000 Manifest this update: Sun 14 Dec 2025 10:01:20 +0000 Manifest next update: Mon 15 Dec 2025 10:01:20 +0000 Files and hashes: 1: CgAYwcYqjGUwI5cuY-inYF9ViL4.roa (hash: DG9lxho2Qdp+1bj1jPdlMwaM6onKyvGHv7zkZeOCV70=) 2: KAK1sCXPTqEzlfxXtaTWiY5zMs8.crl (hash: xcUEigraY5ZaV1vp+5efwv+DVeB9C2Eb5huebeqckPw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/73/375522-b695-431b-8d49-66b434fdf9ae/1/KAK1sCXPTqEzlfxXtaTWiY5zMs8.crl rsync://rpki.ripe.net/repository/DEFAULT/73/375522-b695-431b-8d49-66b434fdf9ae/1/KAK1sCXPTqEzlfxXtaTWiY5zMs8.mft rsync://rpki.ripe.net/repository/DEFAULT/KAK1sCXPTqEzlfxXtaTWiY5zMs8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 15 Dec 2025 10:01:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:1c:4e:bc:d9:83:29:76:b8:e7:08:77:64:5d:13:75:40 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2802b5b025cf4ea13395fc57b5a4d6898e7332cf Validity Not Before: Dec 14 10:01:20 2025 GMT Not After : Dec 15 10:01:20 2025 GMT Subject: CN=d449489692c0137b9d0b8fd57796cfd388eb5a37 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:f9:84:c4:d3:92:78:87:9b:5e:a9:5a:f2:f7: 48:6e:44:4f:e2:9c:80:2d:7b:43:51:e5:b0:c1:fc: 7a:c6:a3:2b:63:dc:ea:62:f6:d0:17:25:40:ee:5c: 53:1c:17:7b:34:78:fc:0c:3c:13:d6:cd:76:8d:3e: c0:7b:b1:9d:6b:c9:62:0a:a9:a4:7d:10:85:5a:ff: b9:d4:10:ef:22:3b:3e:8f:9d:10:cb:6c:ea:0d:fd: 5f:58:ed:c6:01:16:9e:1f:2a:6c:7a:23:66:9b:06: e7:dc:4d:f6:b0:b3:0d:42:50:65:c0:cb:45:90:57: 76:5f:ab:5f:df:eb:18:21:ba:c1:28:6c:03:8e:ae: ff:35:24:fe:15:fc:bd:e8:32:ae:72:71:96:62:ca: f6:aa:4b:0b:83:8d:3a:de:df:68:85:c2:e0:d0:f3: 1f:7d:97:c5:ef:75:98:89:42:f3:f6:3f:76:b1:cb: a1:bd:ad:f0:c2:03:7a:65:a5:0a:f8:07:21:9b:b8: 62:7b:06:80:2e:e1:3e:9f:e5:dc:a4:53:74:02:c3: 7e:20:98:b8:b4:a5:31:80:d6:fc:6c:81:ff:6c:10: 8a:83:fc:66:3f:11:ae:59:77:9a:a1:89:d0:df:71: 13:89:4c:80:fd:e2:a5:7f:af:68:16:59:a5:cb:96: da:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:49:48:96:92:C0:13:7B:9D:0B:8F:D5:77:96:CF:D3:88:EB:5A:37 X509v3 Authority Key Identifier: keyid:28:02:B5:B0:25:CF:4E:A1:33:95:FC:57:B5:A4:D6:89:8E:73:32:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KAK1sCXPTqEzlfxXtaTWiY5zMs8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/375522-b695-431b-8d49-66b434fdf9ae/1/KAK1sCXPTqEzlfxXtaTWiY5zMs8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/73/375522-b695-431b-8d49-66b434fdf9ae/1/KAK1sCXPTqEzlfxXtaTWiY5zMs8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption ad:3a:1c:b5:f2:5a:27:81:5a:9a:23:b4:cb:43:57:f9:8b:88: 3d:ae:89:24:c0:93:d9:ac:c9:36:93:8e:e2:5b:d4:93:a0:91: 64:03:f8:65:57:b9:51:bb:11:f1:58:29:16:40:c0:be:0c:59: 8b:89:9b:90:c1:20:71:3f:85:f7:24:82:5a:9e:d2:5e:66:db: d3:63:5f:00:79:5f:f0:a7:45:2f:9e:ed:74:30:31:e5:df:c7: f5:47:c4:e7:96:52:16:9f:11:31:4c:23:13:09:dc:80:25:e9: 15:bb:b2:53:26:97:98:fc:f1:0d:1b:54:37:04:3b:d2:83:3d: 46:70:31:ed:7b:2d:ba:49:f2:ed:b2:0e:b7:4c:c0:71:e0:cb: 87:b5:4b:8a:7e:dd:dc:cf:99:05:85:0d:c8:f2:14:82:79:75: e6:40:18:8c:56:7a:07:f3:a3:6f:80:4f:bf:42:d6:7e:05:17: 36:6b:0e:bf:17:3b:5a:ce:1f:5f:19:36:e5:30:32:2e:eb:ab: 12:b6:30:58:13:18:0c:ef:06:4d:bd:15:6b:ee:2c:d3:95:68: 20:4d:3b:d8:17:90:5d:14:df:63:9e:f5:3e:cd:8f:93:5a:fa: f6:32:91:83:4d:30:d3:3e:be:c1:bb:29:85:f5:ab:df:76:ac: 30:1d:c7:ae -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZscTrzZgyl2uOcId2RdE3VAMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI4MDJiNWIwMjVjZjRlYTEzMzk1ZmM1N2I1YTRkNjg5OGU3 MzMyY2YwHhcNMjUxMjE0MTAwMTIwWhcNMjUxMjE1MTAwMTIwWjAzMTEwLwYDVQQD EyhkNDQ5NDg5NjkyYzAxMzdiOWQwYjhmZDU3Nzk2Y2ZkMzg4ZWI1YTM3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl/mExNOSeIebXqla8vdIbkRP4pyA LXtDUeWwwfx6xqMrY9zqYvbQFyVA7lxTHBd7NHj8DDwT1s12jT7Ae7Gda8liCqmk fRCFWv+51BDvIjs+j50Qy2zqDf1fWO3GARaeHypseiNmmwbn3E32sLMNQlBlwMtF kFd2X6tf3+sYIbrBKGwDjq7/NST+Ffy96DKucnGWYsr2qksLg4063t9ohcLg0PMf fZfF73WYiULz9j92scuhva3wwgN6ZaUK+Achm7hiewaALuE+n+XcpFN0AsN+IJi4 tKUxgNb8bIH/bBCKg/xmPxGuWXeaoYnQ33ETiUyA/eKlf69oFlmly5baYQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNRJSJaSwBN7nQuP1XeWz9OI61o3MB8GA1UdIwQY MBaAFCgCtbAlz06hM5X8V7Wk1omOczLPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS0FLMXNDWFBUcUV6bGZ4WHRhVFdpWTV6TXM4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My8zNzU1MjItYjY5NS00MzFiLThkNDkt NjZiNDM0ZmRmOWFlLzEvS0FLMXNDWFBUcUV6bGZ4WHRhVFdpWTV6TXM4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83My8zNzU1MjItYjY5NS00MzFiLThkNDktNjZiNDM0ZmRmOWFl LzEvS0FLMXNDWFBUcUV6bGZ4WHRhVFdpWTV6TXM4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEArToctfJa J4FamiO0y0NX+YuIPa6JJMCT2azJNpOO4lvUk6CRZAP4ZVe5UbsR8VgpFkDAvgxZ i4mbkMEgcT+F9ySCWp7SXmbb02NfAHlf8KdFL57tdDAx5d/H9UfE55ZSFp8RMUwj EwncgCXpFbuyUyaXmPzxDRtUNwQ70oM9RnAx7Xstukny7bIOt0zAceDLh7VLin7d 3M+ZBYUNyPIUgnl15kAYjFZ6B/Ojb4BPv0LWfgUXNmsOvxc7Ws4fXxk25TAyLuur ErYwWBMYDO8GTb0Va+4s05VoIE072BeQXRTfY571Ps2Pk1r69jKRg00w0z6+wbsp hfWr33asMB3Hrg== -----END CERTIFICATE-----Generated at Sun Dec 14 19:16:51 2025 by rpki-client