This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/64fe7d-862d-4e1a-9fd0-06b41ef1398d/1/KVZYS3DOhHwam0AFSLFNsDG-3_I.mft File: KVZYS3DOhHwam0AFSLFNsDG-3_I.mft (raw, json) Hash identifier: GZv2DJwIR1Qel0T6y7Q6uDvHAl+fzNtvSl5rrSawdj8= Subject key identifier: 53:FA:D9:D2:8D:5C:AF:89:DB:30:99:B0:2F:7C:F0:0E:4C:BF:81:AD Authority key identifier: 29:56:58:4B:70:CE:84:7C:1A:9B:40:05:48:B1:4D:B0:31:BE:DF:F2 Certificate issuer: /CN=2956584b70ce847c1a9b400548b14db031bedff2 Certificate serial: 019B1D2A408D529B62F393ED6E59669D6534 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KVZYS3DOhHwam0AFSLFNsDG-3_I.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/64fe7d-862d-4e1a-9fd0-06b41ef1398d/1/KVZYS3DOhHwam0AFSLFNsDG-3_I.mft Manifest number: 0A5C Signing time: Sun 14 Dec 2025 14:01:06 +0000 Manifest this update: Sun 14 Dec 2025 14:01:06 +0000 Manifest next update: Mon 15 Dec 2025 14:01:06 +0000 Files and hashes: 1: Hg9ftZU-9AaUb-uuud6YLmFeeqc.roa (hash: kIMrWnLBKnZqV6WvzFWIcWQTCQyb5mE+suXdE7Wee/M=) 2: KVZYS3DOhHwam0AFSLFNsDG-3_I.crl (hash: /0ZpxwoT2PmtZCsx51nQE9HEYvX3Y0+/dOYyDbWz4qg=) 3: UY5PADzbeIj93cBuCOAZIezRods.roa (hash: 94p+JoB1n19vWg1B3h2izrs5nmNxhhnj9iR596bjT+I=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8f/64fe7d-862d-4e1a-9fd0-06b41ef1398d/1/KVZYS3DOhHwam0AFSLFNsDG-3_I.crl rsync://rpki.ripe.net/repository/DEFAULT/8f/64fe7d-862d-4e1a-9fd0-06b41ef1398d/1/KVZYS3DOhHwam0AFSLFNsDG-3_I.mft rsync://rpki.ripe.net/repository/DEFAULT/KVZYS3DOhHwam0AFSLFNsDG-3_I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 15 Dec 2025 11:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:1d:2a:40:8d:52:9b:62:f3:93:ed:6e:59:66:9d:65:34 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2956584b70ce847c1a9b400548b14db031bedff2 Validity Not Before: Dec 14 14:01:06 2025 GMT Not After : Dec 15 14:01:06 2025 GMT Subject: CN=53fad9d28d5caf89db3099b02f7cf00e4cbf81ad Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:12:1c:4d:86:15:64:eb:1b:05:82:37:9a:5f: 23:21:23:c4:8a:ce:15:8a:fc:e4:0a:52:11:32:03: 94:78:5e:7e:28:2a:26:82:f5:36:c3:13:06:e5:0a: 63:34:da:33:a5:00:14:0e:74:46:54:85:4c:80:92: 1f:08:42:f5:42:52:ff:d7:f8:4f:ab:3a:08:58:f1: a2:f8:b5:5f:2d:b1:04:dc:54:2d:47:97:1a:58:84: 6e:f2:70:21:c9:9c:61:28:02:78:6f:96:9c:b5:6d: 3d:0e:e4:c3:30:42:60:14:1b:6f:af:3b:c9:9b:62: 16:94:10:a6:85:5a:75:6f:a9:bc:e1:7a:d2:5e:da: 61:16:b8:d0:f1:d0:60:b5:fd:e4:78:c7:e1:5e:21: cc:3e:b5:b3:26:d4:d3:11:0a:e9:71:76:32:bb:1e: 88:44:5f:38:b1:d9:43:a0:96:af:4d:48:f3:77:af: eb:c0:34:d6:e0:6f:c1:8c:54:e8:98:9f:aa:e0:c4: 05:30:18:58:65:21:6d:f0:e0:c9:2b:ed:dd:d7:ed: 7a:0d:d6:0b:4d:c7:80:8c:9e:a2:6c:08:d1:2b:cd: 6b:0a:dd:1c:45:cf:5e:ac:58:2b:43:77:17:ca:27: 66:d8:1a:bb:da:ce:13:63:a1:7c:43:d1:bb:40:b0: ef:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 53:FA:D9:D2:8D:5C:AF:89:DB:30:99:B0:2F:7C:F0:0E:4C:BF:81:AD X509v3 Authority Key Identifier: keyid:29:56:58:4B:70:CE:84:7C:1A:9B:40:05:48:B1:4D:B0:31:BE:DF:F2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KVZYS3DOhHwam0AFSLFNsDG-3_I.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/64fe7d-862d-4e1a-9fd0-06b41ef1398d/1/KVZYS3DOhHwam0AFSLFNsDG-3_I.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/64fe7d-862d-4e1a-9fd0-06b41ef1398d/1/KVZYS3DOhHwam0AFSLFNsDG-3_I.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5b:44:c6:44:b4:13:c8:24:da:ec:6c:a8:fc:d3:a4:ac:41:2d: b3:e5:01:d4:3a:0b:07:fa:66:71:a6:29:9a:69:64:bb:20:76: 55:ad:67:b5:a7:c4:73:78:d3:d7:cb:34:9c:ad:c8:02:f3:21: d7:93:49:0e:f5:19:74:82:86:92:0e:a0:fb:df:a3:40:07:c5: 1b:14:08:41:55:da:5f:fd:a0:cc:a0:87:cf:d5:6a:3f:3f:7f: 1a:5a:02:93:cb:db:54:28:2e:48:37:6b:81:cf:e0:f5:d5:88: 73:6f:a9:1a:49:df:d5:a6:8b:3b:41:8f:8b:b5:ed:e4:93:c3: 93:24:7c:4f:c5:e3:50:c4:78:01:28:7d:09:3f:0e:c3:4f:d6: 28:94:15:b7:bf:33:d3:1e:35:af:c1:61:54:45:f6:50:1b:4b: 8d:13:d5:da:3c:64:5a:30:64:8f:3a:8a:4a:76:4e:48:bf:4d: a2:6d:66:87:66:a9:ea:6b:ea:7a:05:b4:4e:c9:df:c3:cc:6b: 2a:0e:71:ca:c4:9c:da:ab:a9:4a:1b:38:c1:31:a1:27:3f:62: d1:98:b4:8f:fb:e4:fe:84:15:3f:cb:58:1d:14:77:df:75:2b: b0:56:fb:ed:9a:cc:1e:a4:cd:b0:c8:c2:02:02:45:35:53:07: 64:fd:65:c3 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsdKkCNUpti85PtbllmnWU0MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI5NTY1ODRiNzBjZTg0N2MxYTliNDAwNTQ4YjE0ZGIwMzFi ZWRmZjIwHhcNMjUxMjE0MTQwMTA2WhcNMjUxMjE1MTQwMTA2WjAzMTEwLwYDVQQD Eyg1M2ZhZDlkMjhkNWNhZjg5ZGIzMDk5YjAyZjdjZjAwZTRjYmY4MWFkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArRIcTYYVZOsbBYI3ml8jISPEis4V ivzkClIRMgOUeF5+KComgvU2wxMG5QpjNNozpQAUDnRGVIVMgJIfCEL1QlL/1/hP qzoIWPGi+LVfLbEE3FQtR5caWIRu8nAhyZxhKAJ4b5actW09DuTDMEJgFBtvrzvJ m2IWlBCmhVp1b6m84XrSXtphFrjQ8dBgtf3keMfhXiHMPrWzJtTTEQrpcXYyux6I RF84sdlDoJavTUjzd6/rwDTW4G/BjFTomJ+q4MQFMBhYZSFt8ODJK+3d1+16DdYL TceAjJ6ibAjRK81rCt0cRc9erFgrQ3cXyidm2Bq72s4TY6F8Q9G7QLDvRQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFP62dKNXK+J2zCZsC988A5Mv4GtMB8GA1UdIwQY MBaAFClWWEtwzoR8GptABUixTbAxvt/yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS1ZaWVMzRE9oSHdhbTBBRlNMRk5zREctM19JLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi82NGZlN2QtODYyZC00ZTFhLTlmZDAt MDZiNDFlZjEzOThkLzEvS1ZaWVMzRE9oSHdhbTBBRlNMRk5zREctM19JLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Zi82NGZlN2QtODYyZC00ZTFhLTlmZDAtMDZiNDFlZjEzOThk LzEvS1ZaWVMzRE9oSHdhbTBBRlNMRk5zREctM19JLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW0TGRLQT yCTa7Gyo/NOkrEEts+UB1DoLB/pmcaYpmmlkuyB2Va1ntafEc3jT18s0nK3IAvMh 15NJDvUZdIKGkg6g+9+jQAfFGxQIQVXaX/2gzKCHz9VqPz9/GloCk8vbVCguSDdr gc/g9dWIc2+pGknf1aaLO0GPi7Xt5JPDkyR8T8XjUMR4ASh9CT8Ow0/WKJQVt78z 0x41r8FhVEX2UBtLjRPV2jxkWjBkjzqKSnZOSL9Nom1mh2ap6mvqegW0Tsnfw8xr Kg5xysSc2qupShs4wTGhJz9i0Zi0j/vk/oQVP8tYHRR333UrsFb77ZrMHqTNsMjC AgJFNVMHZP1lww== -----END CERTIFICATE-----Generated at Sun Dec 14 15:39:12 2025 by rpki-client