This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/308f53-8bff-4990-8d7b-e7185cdeccd3/1/k9t6NCzZOS76XNM4lHQcqKW09Cs.mft File: k9t6NCzZOS76XNM4lHQcqKW09Cs.mft (raw, json) Hash identifier: 5PhaEtt+j4F7/ySb/z3DxZFLAyNdvnWSXRbW3JBg6Ps= Subject key identifier: CD:44:D1:ED:04:49:1A:52:CC:0D:D9:0A:A2:1F:CD:90:F8:F3:8D:11 Authority key identifier: 93:DB:7A:34:2C:D9:39:2E:FA:5C:D3:38:94:74:1C:A8:A5:B4:F4:2B Certificate issuer: /CN=93db7a342cd9392efa5cd33894741ca8a5b4f42b Certificate serial: 019B35A03C1C99A7FF55815A7C9B7BD67C64 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k9t6NCzZOS76XNM4lHQcqKW09Cs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/308f53-8bff-4990-8d7b-e7185cdeccd3/1/k9t6NCzZOS76XNM4lHQcqKW09Cs.mft Manifest number: 1489 Signing time: Fri 19 Dec 2025 08:00:52 +0000 Manifest this update: Fri 19 Dec 2025 08:00:52 +0000 Manifest next update: Sat 20 Dec 2025 08:00:52 +0000 Files and hashes: 1: C0l1kbYeZRM84TKToVwBlk7pBo4.roa (hash: ICfWfDWeurFnZl2wkXnfN6jvCsTCoCZA5TA91nRjfW4=) 2: k9t6NCzZOS76XNM4lHQcqKW09Cs.crl (hash: L4RtR0yJTMDSXdTOlSld5ipY+m1J+v8wOTM/N5VRlk8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/308f53-8bff-4990-8d7b-e7185cdeccd3/1/k9t6NCzZOS76XNM4lHQcqKW09Cs.crl rsync://rpki.ripe.net/repository/DEFAULT/8e/308f53-8bff-4990-8d7b-e7185cdeccd3/1/k9t6NCzZOS76XNM4lHQcqKW09Cs.mft rsync://rpki.ripe.net/repository/DEFAULT/k9t6NCzZOS76XNM4lHQcqKW09Cs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 07:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:35:a0:3c:1c:99:a7:ff:55:81:5a:7c:9b:7b:d6:7c:64 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=93db7a342cd9392efa5cd33894741ca8a5b4f42b Validity Not Before: Dec 19 08:00:52 2025 GMT Not After : Dec 20 08:00:52 2025 GMT Subject: CN=cd44d1ed04491a52cc0dd90aa21fcd90f8f38d11 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:63:81:9e:ed:40:3e:e0:4d:9c:c0:ce:30:dd: ad:9e:77:64:d1:89:db:ba:5c:f1:c4:80:c8:17:fd: 21:91:93:9f:e1:f2:9d:70:68:68:9d:fb:a6:e8:ba: c9:d2:b6:51:2e:d3:4a:9c:84:ff:6b:ee:f9:b2:44: 29:a7:73:f2:91:3a:0a:a2:b9:7e:a5:eb:f6:cf:78: e0:1e:92:be:ec:a6:0c:fc:ae:9c:bb:db:17:b6:0c: ea:b0:21:a9:17:67:c3:91:6d:1d:89:1b:0c:1d:2e: ec:6e:6c:27:f8:de:79:46:59:1e:5e:1d:dd:ab:88: 3f:c7:fb:89:29:d8:f1:ab:86:38:8b:70:92:61:0b: 30:3d:0b:ca:1e:07:5e:f3:aa:45:fa:fa:e8:5e:95: 77:c0:51:78:19:45:02:75:aa:98:16:67:fa:de:39: bc:c6:cf:c8:1f:a3:4f:27:3f:e6:1b:44:5c:47:05: d4:95:1a:e4:5e:f8:60:4d:63:13:04:11:52:eb:e5: 5b:1a:83:b4:42:87:bb:a4:71:36:0d:31:1b:97:b7: 24:24:19:3d:ce:ee:26:e6:f8:67:be:42:ab:ad:69: 2a:44:14:93:48:c9:bd:3f:c4:b4:2b:94:77:d7:33: 0d:3b:11:83:17:2b:93:0f:a4:c4:4a:e9:fe:23:f1: 37:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:44:D1:ED:04:49:1A:52:CC:0D:D9:0A:A2:1F:CD:90:F8:F3:8D:11 X509v3 Authority Key Identifier: keyid:93:DB:7A:34:2C:D9:39:2E:FA:5C:D3:38:94:74:1C:A8:A5:B4:F4:2B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k9t6NCzZOS76XNM4lHQcqKW09Cs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/308f53-8bff-4990-8d7b-e7185cdeccd3/1/k9t6NCzZOS76XNM4lHQcqKW09Cs.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/308f53-8bff-4990-8d7b-e7185cdeccd3/1/k9t6NCzZOS76XNM4lHQcqKW09Cs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 56:4e:a3:d2:aa:e5:55:18:7b:06:8a:be:26:4b:9d:56:a2:58: b2:10:cb:98:8d:b7:6e:4f:79:21:38:0c:57:c7:9a:bd:a3:c0: 2d:4f:ae:b6:33:15:c4:b2:e1:d3:c0:9c:76:64:66:0d:c9:7e: 9b:24:11:96:91:74:44:31:27:31:9e:ec:4a:73:d5:1f:a1:29: 2b:5d:20:09:79:5c:58:f8:df:4a:09:8e:d9:f7:4d:96:b4:1f: cc:fe:78:5c:ce:bc:a8:07:59:71:d7:d3:e5:5c:c2:cd:09:5a: e4:a4:ff:7c:c6:16:9d:2c:31:2b:db:60:0d:b4:87:c3:08:e4: 57:41:7b:1f:6e:54:67:f7:d9:7e:29:cb:c7:e2:28:ed:36:85: f5:25:9b:2e:0c:d2:1f:e2:ba:a9:e4:8b:39:b8:f5:39:4b:b4: 0d:a6:05:e5:36:b3:97:7b:1c:3b:1a:ee:d5:65:af:5a:34:71: ab:76:c5:cb:7f:51:74:76:84:9f:9c:80:06:97:3e:96:45:9c: 93:9d:6c:d3:40:0c:1f:d6:87:eb:33:d6:3f:b0:d2:a4:f5:44: 6c:ff:21:6c:0e:88:23:b7:75:e6:7c:99:ee:14:1b:7d:72:bb: 90:d8:fb:86:99:8e:14:98:4a:3a:df:30:88:c5:77:de:84:13: 01:07:84:ea -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs1oDwcmaf/VYFafJt71nxkMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkzZGI3YTM0MmNkOTM5MmVmYTVjZDMzODk0NzQxY2E4YTVi NGY0MmIwHhcNMjUxMjE5MDgwMDUyWhcNMjUxMjIwMDgwMDUyWjAzMTEwLwYDVQQD EyhjZDQ0ZDFlZDA0NDkxYTUyY2MwZGQ5MGFhMjFmY2Q5MGY4ZjM4ZDExMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3WOBnu1APuBNnMDOMN2tnndk0Ynb ulzxxIDIF/0hkZOf4fKdcGhonfum6LrJ0rZRLtNKnIT/a+75skQpp3PykToKorl+ pev2z3jgHpK+7KYM/K6cu9sXtgzqsCGpF2fDkW0diRsMHS7sbmwn+N55RlkeXh3d q4g/x/uJKdjxq4Y4i3CSYQswPQvKHgde86pF+vroXpV3wFF4GUUCdaqYFmf63jm8 xs/IH6NPJz/mG0RcRwXUlRrkXvhgTWMTBBFS6+VbGoO0Qoe7pHE2DTEbl7ckJBk9 zu4m5vhnvkKrrWkqRBSTSMm9P8S0K5R31zMNOxGDFyuTD6TESun+I/E3DwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFM1E0e0ESRpSzA3ZCqIfzZD4840RMB8GA1UdIwQY MBaAFJPbejQs2Tku+lzTOJR0HKiltPQrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvazl0Nk5DelpPUzc2WE5NNGxIUWNxS1cwOUNzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8zMDhmNTMtOGJmZi00OTkwLThkN2It ZTcxODVjZGVjY2QzLzEvazl0Nk5DelpPUzc2WE5NNGxIUWNxS1cwOUNzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84ZS8zMDhmNTMtOGJmZi00OTkwLThkN2ItZTcxODVjZGVjY2Qz LzEvazl0Nk5DelpPUzc2WE5NNGxIUWNxS1cwOUNzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAVk6j0qrl VRh7Boq+JkudVqJYshDLmI23bk95ITgMV8eavaPALU+utjMVxLLh08CcdmRmDcl+ myQRlpF0RDEnMZ7sSnPVH6EpK10gCXlcWPjfSgmO2fdNlrQfzP54XM68qAdZcdfT 5VzCzQla5KT/fMYWnSwxK9tgDbSHwwjkV0F7H25UZ/fZfinLx+Io7TaF9SWbLgzS H+K6qeSLObj1OUu0DaYF5Tazl3scOxru1WWvWjRxq3bFy39RdHaEn5yABpc+lkWc k51s00AMH9aH6zPWP7DSpPVEbP8hbA6II7d15nyZ7hQbfXK7kNj7hpmOFJhKOt8w iMV33oQTAQeE6g== -----END CERTIFICATE-----Generated at Fri Dec 19 16:21:42 2025 by rpki-client