This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/1d1b72-8bcf-4500-9125-321c14dd4639/1/KGDxXSeDeUg6qgYTy_WS5yzIHkg.mft File: KGDxXSeDeUg6qgYTy_WS5yzIHkg.mft (raw, json) Hash identifier: vE+FbDAiEGAZ3u91kVy/Y+Hhii2CkZBMYwbWkfZ6TSw= Subject key identifier: 96:30:EB:F8:07:EA:DD:40:67:1A:35:66:82:4C:B7:29:AA:19:CF:23 Authority key identifier: 28:60:F1:5D:27:83:79:48:3A:AA:06:13:CB:F5:92:E7:2C:C8:1E:48 Certificate issuer: /CN=2860f15d278379483aaa0613cbf592e72cc81e48 Certificate serial: 019B46CB1AA377975222ED513E28710C870F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KGDxXSeDeUg6qgYTy_WS5yzIHkg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/1d1b72-8bcf-4500-9125-321c14dd4639/1/KGDxXSeDeUg6qgYTy_WS5yzIHkg.mft Manifest number: 0AAA Signing time: Mon 22 Dec 2025 16:01:14 +0000 Manifest this update: Mon 22 Dec 2025 16:01:14 +0000 Manifest next update: Tue 23 Dec 2025 16:01:14 +0000 Files and hashes: 1: KGDxXSeDeUg6qgYTy_WS5yzIHkg.crl (hash: y4bojybIhF53XU50yNjuT+ekTmQc5u7Bx9EM+69Ll/4=) 2: vDGDX2wIiExO6AcsphzPX7w0rD8.roa (hash: 6H+fcKSw03UJYZabhwRmpHlYumXXGe9flqc+/pdyWXc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/74/1d1b72-8bcf-4500-9125-321c14dd4639/1/KGDxXSeDeUg6qgYTy_WS5yzIHkg.crl rsync://rpki.ripe.net/repository/DEFAULT/74/1d1b72-8bcf-4500-9125-321c14dd4639/1/KGDxXSeDeUg6qgYTy_WS5yzIHkg.mft rsync://rpki.ripe.net/repository/DEFAULT/KGDxXSeDeUg6qgYTy_WS5yzIHkg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 15:30:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:46:cb:1a:a3:77:97:52:22:ed:51:3e:28:71:0c:87:0f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2860f15d278379483aaa0613cbf592e72cc81e48 Validity Not Before: Dec 22 16:01:14 2025 GMT Not After : Dec 23 16:01:14 2025 GMT Subject: CN=9630ebf807eadd40671a3566824cb729aa19cf23 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:82:cb:02:71:1d:7d:8a:ca:e5:6c:7a:10:f1: f2:f5:76:95:6f:05:7d:65:be:5d:66:ba:82:91:48: e8:cb:f4:44:b1:b7:38:b8:08:9b:5f:e1:74:5a:58: 89:2c:35:bc:99:69:9c:86:ce:e2:6a:7b:19:e2:f8: 82:c0:fb:79:cb:ff:f4:7f:b6:76:74:00:d2:60:2a: 77:5e:41:18:a0:95:7c:ef:38:c9:04:19:c4:bf:15: 6c:ca:d7:48:a0:66:17:d7:26:60:47:52:55:1c:ce: e9:db:02:e2:0e:ca:36:bd:e0:26:a7:13:35:3b:ec: ad:a1:84:a7:b0:ea:5d:c3:ab:0c:2a:90:e2:c5:b8: 6b:76:65:17:f1:ac:f9:58:88:46:7e:25:94:07:e6: ca:33:69:e7:e3:7b:52:a0:fb:5e:3c:30:32:4d:64: 62:e6:2e:43:6c:3a:f7:9e:39:18:0f:ba:10:72:a3: a5:1b:3b:cf:88:76:19:93:73:61:32:57:6b:45:1c: 12:d1:ef:0c:bf:dc:7e:14:bf:b9:33:f2:aa:84:bb: bf:97:82:f3:bd:c1:53:73:4e:68:81:34:3c:9b:b9: 15:d1:77:c3:a5:b9:20:5b:b5:74:6a:85:10:b5:c0: d5:8e:bd:30:5f:f7:93:64:3d:e6:1d:c7:56:d4:af: 1f:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 96:30:EB:F8:07:EA:DD:40:67:1A:35:66:82:4C:B7:29:AA:19:CF:23 X509v3 Authority Key Identifier: keyid:28:60:F1:5D:27:83:79:48:3A:AA:06:13:CB:F5:92:E7:2C:C8:1E:48 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KGDxXSeDeUg6qgYTy_WS5yzIHkg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/1d1b72-8bcf-4500-9125-321c14dd4639/1/KGDxXSeDeUg6qgYTy_WS5yzIHkg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/74/1d1b72-8bcf-4500-9125-321c14dd4639/1/KGDxXSeDeUg6qgYTy_WS5yzIHkg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2d:c3:b7:0c:93:7d:13:1d:bf:f6:47:e7:cc:d4:04:0c:3d:57: dc:15:e2:7f:8e:b4:98:bc:a7:b3:fd:d8:c1:6f:12:74:c1:21: b2:8a:d1:b1:71:11:03:47:25:14:25:0b:65:67:de:47:84:43: 17:4f:16:a9:d6:11:9d:65:a4:91:48:d7:2c:22:dd:f3:c0:fe: 31:67:b6:14:90:fb:70:88:0d:a7:e0:01:b8:49:a7:2b:4d:a8: 5d:29:ad:f3:71:ee:1c:63:77:bd:9a:da:c9:1f:b5:9a:28:ab: 65:3f:04:b9:c6:bc:aa:dc:c8:3a:ed:cc:84:9a:44:85:37:f0: 20:7a:91:bc:ef:c0:4d:a5:f0:d2:6b:a3:c4:1b:59:00:19:a4: 82:b6:9d:2d:37:df:07:c8:89:ca:f2:12:59:7a:e9:a6:da:45: a1:1d:84:71:01:72:2a:5b:3e:75:40:18:72:51:1c:e1:7f:f9: 0a:f0:9b:12:9d:a3:ee:0d:a9:a6:70:7e:9f:16:22:55:c5:23: bf:96:14:91:c4:16:13:af:3e:f5:ff:b3:fe:b4:51:02:8d:20: 0c:d4:cb:75:76:41:6b:61:62:32:fe:f3:1b:55:dd:d5:f6:58: 61:00:ce:6a:3b:b1:df:fd:1c:5e:39:e4:4b:78:cc:5b:6e:71: 32:78:ab:82 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtGyxqjd5dSIu1RPihxDIcPMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI4NjBmMTVkMjc4Mzc5NDgzYWFhMDYxM2NiZjU5MmU3MmNj ODFlNDgwHhcNMjUxMjIyMTYwMTE0WhcNMjUxMjIzMTYwMTE0WjAzMTEwLwYDVQQD Eyg5NjMwZWJmODA3ZWFkZDQwNjcxYTM1NjY4MjRjYjcyOWFhMTljZjIzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApoLLAnEdfYrK5Wx6EPHy9XaVbwV9 Zb5dZrqCkUjoy/REsbc4uAibX+F0WliJLDW8mWmchs7iansZ4viCwPt5y//0f7Z2 dADSYCp3XkEYoJV87zjJBBnEvxVsytdIoGYX1yZgR1JVHM7p2wLiDso2veAmpxM1 O+ytoYSnsOpdw6sMKpDixbhrdmUX8az5WIhGfiWUB+bKM2nn43tSoPtePDAyTWRi 5i5DbDr3njkYD7oQcqOlGzvPiHYZk3NhMldrRRwS0e8Mv9x+FL+5M/KqhLu/l4Lz vcFTc05ogTQ8m7kV0XfDpbkgW7V0aoUQtcDVjr0wX/eTZD3mHcdW1K8fiwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJYw6/gH6t1AZxo1ZoJMtymqGc8jMB8GA1UdIwQY MBaAFChg8V0ng3lIOqoGE8v1kucsyB5IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS0dEeFhTZURlVWc2cWdZVHlfV1M1eXpJSGtnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC8xZDFiNzItOGJjZi00NTAwLTkxMjUt MzIxYzE0ZGQ0NjM5LzEvS0dEeFhTZURlVWc2cWdZVHlfV1M1eXpJSGtnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83NC8xZDFiNzItOGJjZi00NTAwLTkxMjUtMzIxYzE0ZGQ0NjM5 LzEvS0dEeFhTZURlVWc2cWdZVHlfV1M1eXpJSGtnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALcO3DJN9 Ex2/9kfnzNQEDD1X3BXif460mLyns/3YwW8SdMEhsorRsXERA0clFCULZWfeR4RD F08WqdYRnWWkkUjXLCLd88D+MWe2FJD7cIgNp+ABuEmnK02oXSmt83HuHGN3vZra yR+1miirZT8Euca8qtzIOu3MhJpEhTfwIHqRvO/ATaXw0mujxBtZABmkgradLTff B8iJyvISWXrpptpFoR2EcQFyKls+dUAYclEc4X/5CvCbEp2j7g2ppnB+nxYiVcUj v5YUkcQWE68+9f+z/rRRAo0gDNTLdXZBa2FiMv7zG1Xd1fZYYQDOajux3/0cXjnk S3jMW25xMnirgg== -----END CERTIFICATE-----Generated at Mon Dec 22 22:35:51 2025 by rpki-client