This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/e1d6b7-555c-4d9b-afe1-e63ce55370eb/1/kHb3fahBt7lCFbb6wtQaccIVFgE.mft File: kHb3fahBt7lCFbb6wtQaccIVFgE.mft (raw, json) Hash identifier: xUmjsbVsJmh6pxwMBIOBtn9qF5TqPhpM6FC0ifdh89E= Subject key identifier: 00:55:96:4D:02:20:FA:03:5F:37:AA:E1:7D:18:27:27:A0:EF:F6:E6 Authority key identifier: 90:76:F7:7D:A8:41:B7:B9:42:15:B6:FA:C2:D4:1A:71:C2:15:16:01 Certificate issuer: /CN=9076f77da841b7b94215b6fac2d41a71c2151601 Certificate serial: 019B10134CA60525ACD046ABB20C463902C4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kHb3fahBt7lCFbb6wtQaccIVFgE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/e1d6b7-555c-4d9b-afe1-e63ce55370eb/1/kHb3fahBt7lCFbb6wtQaccIVFgE.mft Manifest number: 1101 Signing time: Fri 12 Dec 2025 01:00:58 +0000 Manifest this update: Fri 12 Dec 2025 01:00:58 +0000 Manifest next update: Sat 13 Dec 2025 01:00:58 +0000 Files and hashes: 1: 79LYqjKNTJN0ouKGzdcbqvTlAUQ.roa (hash: ql/wdfFz1qsER0EkZDThbVWptAlBg9mw+jziuKWlZyc=) 2: kHb3fahBt7lCFbb6wtQaccIVFgE.crl (hash: Cs7Ux+OvqXJHNWzLBKuD96RNF06JHeYOQy6Q2r3pp/k=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/e1d6b7-555c-4d9b-afe1-e63ce55370eb/1/kHb3fahBt7lCFbb6wtQaccIVFgE.crl rsync://rpki.ripe.net/repository/DEFAULT/a1/e1d6b7-555c-4d9b-afe1-e63ce55370eb/1/kHb3fahBt7lCFbb6wtQaccIVFgE.mft rsync://rpki.ripe.net/repository/DEFAULT/kHb3fahBt7lCFbb6wtQaccIVFgE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 12 Dec 2025 23:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:10:13:4c:a6:05:25:ac:d0:46:ab:b2:0c:46:39:02:c4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9076f77da841b7b94215b6fac2d41a71c2151601 Validity Not Before: Dec 12 01:00:58 2025 GMT Not After : Dec 13 01:00:58 2025 GMT Subject: CN=0055964d0220fa035f37aae17d182727a0eff6e6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:47:75:c8:79:e5:81:f9:c3:ae:99:33:46:a4: 31:25:69:ca:ea:1d:a7:82:2f:e6:c8:92:99:d2:24: 87:94:cb:e2:d4:f9:28:ed:5e:37:c1:0d:de:e8:0d: 15:97:17:06:35:7f:0b:98:16:c3:f1:3a:ce:78:0d: e0:12:67:b5:36:9a:2b:8c:75:0c:26:af:d1:47:53: d8:27:7c:cf:55:26:d2:47:55:37:4a:c5:e6:c6:08: 55:84:6e:23:cc:86:2c:13:4a:82:84:80:22:a6:3a: 41:2c:69:f3:7c:41:3c:2f:5c:84:17:70:b6:b6:56: 91:89:ca:3e:2c:b4:b1:12:09:80:9b:ae:1f:4c:a8: 67:4f:98:50:d4:39:c4:91:ee:65:a1:be:c7:cd:de: d6:82:39:3a:80:bf:cb:81:24:cf:35:7a:ad:14:07: a4:32:3b:ac:52:10:a7:3d:65:69:ba:a0:c7:ad:2d: fb:ff:ca:88:d3:4f:bf:aa:84:30:ae:df:40:e0:3c: 00:eb:2d:e2:1c:8e:46:8d:70:be:d4:f8:78:00:4b: 2f:59:75:06:05:57:58:1c:b3:16:6d:ff:57:6f:46: 2f:e8:0c:9c:9f:11:bd:0c:e0:32:d8:1e:12:da:b2: f7:30:93:47:26:ae:c8:27:76:1b:a7:a9:5f:6d:b5: 02:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:55:96:4D:02:20:FA:03:5F:37:AA:E1:7D:18:27:27:A0:EF:F6:E6 X509v3 Authority Key Identifier: keyid:90:76:F7:7D:A8:41:B7:B9:42:15:B6:FA:C2:D4:1A:71:C2:15:16:01 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kHb3fahBt7lCFbb6wtQaccIVFgE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/e1d6b7-555c-4d9b-afe1-e63ce55370eb/1/kHb3fahBt7lCFbb6wtQaccIVFgE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/e1d6b7-555c-4d9b-afe1-e63ce55370eb/1/kHb3fahBt7lCFbb6wtQaccIVFgE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b6:69:a4:7c:d4:38:aa:97:0b:fd:06:b5:70:c2:33:d6:b4:74: b8:f8:5c:a8:2a:25:22:25:ac:1d:fe:91:08:12:54:8c:b5:09: 66:f3:56:ed:4c:f1:fa:e9:8f:c8:6d:05:83:91:a5:e4:8f:d8: e0:09:fe:5a:c5:08:4a:c6:f6:47:8d:21:ed:d1:20:2b:bd:c1: 6a:66:47:f2:51:41:28:33:38:13:b2:35:eb:68:f1:89:f4:b6: 2c:03:2a:59:78:fa:d2:b6:e5:87:a9:75:92:a6:5a:b5:13:aa: ee:53:8a:a3:f7:62:3f:e9:c4:f7:f0:f5:04:db:7f:5d:55:f2: 32:56:bc:fd:fd:b6:b2:51:e1:6f:3b:53:0a:13:33:75:5a:cb: f9:fb:99:85:46:5e:d1:48:56:24:54:80:5d:a6:5a:7c:18:64: e4:0f:f1:1e:47:78:18:b6:2f:61:03:ec:01:39:c2:62:1a:48: d3:b9:59:68:c1:99:bb:c1:66:e2:5e:5a:db:49:67:8e:5c:c8: 20:67:16:2e:db:0e:43:53:84:e2:26:a1:ac:c8:1f:01:b4:67: 24:08:68:a1:b8:42:71:0c:45:b1:69:ad:4c:90:2e:d6:14:03: db:48:af:c6:cb:9c:65:ff:78:8e:06:27:cc:df:73:ca:50:c0: d5:de:9f:be -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsQE0ymBSWs0EarsgxGOQLEMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkwNzZmNzdkYTg0MWI3Yjk0MjE1YjZmYWMyZDQxYTcxYzIx NTE2MDEwHhcNMjUxMjEyMDEwMDU4WhcNMjUxMjEzMDEwMDU4WjAzMTEwLwYDVQQD EygwMDU1OTY0ZDAyMjBmYTAzNWYzN2FhZTE3ZDE4MjcyN2EwZWZmNmU2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwkd1yHnlgfnDrpkzRqQxJWnK6h2n gi/myJKZ0iSHlMvi1Pko7V43wQ3e6A0VlxcGNX8LmBbD8TrOeA3gEme1NporjHUM Jq/RR1PYJ3zPVSbSR1U3SsXmxghVhG4jzIYsE0qChIAipjpBLGnzfEE8L1yEF3C2 tlaRico+LLSxEgmAm64fTKhnT5hQ1DnEke5lob7Hzd7Wgjk6gL/LgSTPNXqtFAek MjusUhCnPWVpuqDHrS37/8qI00+/qoQwrt9A4DwA6y3iHI5GjXC+1Ph4AEsvWXUG BVdYHLMWbf9Xb0Yv6AycnxG9DOAy2B4S2rL3MJNHJq7IJ3Ybp6lfbbUCVwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFABVlk0CIPoDXzeq4X0YJyeg7/bmMB8GA1UdIwQY MBaAFJB2932oQbe5QhW2+sLUGnHCFRYBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva0hiM2ZhaEJ0N2xDRmJiNnd0UWFjY0lWRmdFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9lMWQ2YjctNTU1Yy00ZDliLWFmZTEt ZTYzY2U1NTM3MGViLzEva0hiM2ZhaEJ0N2xDRmJiNnd0UWFjY0lWRmdFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMS9lMWQ2YjctNTU1Yy00ZDliLWFmZTEtZTYzY2U1NTM3MGVi LzEva0hiM2ZhaEJ0N2xDRmJiNnd0UWFjY0lWRmdFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtmmkfNQ4 qpcL/Qa1cMIz1rR0uPhcqColIiWsHf6RCBJUjLUJZvNW7Uzx+umPyG0Fg5Gl5I/Y 4An+WsUISsb2R40h7dEgK73BamZH8lFBKDM4E7I162jxifS2LAMqWXj60rblh6l1 kqZatROq7lOKo/diP+nE9/D1BNt/XVXyMla8/f22slHhbztTChMzdVrL+fuZhUZe 0UhWJFSAXaZafBhk5A/xHkd4GLYvYQPsATnCYhpI07lZaMGZu8Fm4l5a20lnjlzI IGcWLtsOQ1OE4iahrMgfAbRnJAhoobhCcQxFsWmtTJAu1hQD20ivxsucZf94jgYn zN9zylDA1d6fvg== -----END CERTIFICATE-----Generated at Fri Dec 12 07:58:55 2025 by rpki-client