This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/d3f2f4-3f8e-4a73-8c8c-d7c8f88753d4/1/KuHXizgSIs2I12qOk8RLujyACKI.mft File: KuHXizgSIs2I12qOk8RLujyACKI.mft (raw, json) Hash identifier: 8r5fltKb4u/Gf554+v2uOj1PHAJBa99IhGs+By2twDE= Subject key identifier: 2E:30:D4:10:A7:68:C2:BC:35:F3:2C:5C:62:31:A9:04:43:1F:86:A4 Authority key identifier: 2A:E1:D7:8B:38:12:22:CD:88:D7:6A:8E:93:C4:4B:BA:3C:80:08:A2 Certificate issuer: /CN=2ae1d78b381222cd88d76a8e93c44bba3c8008a2 Certificate serial: 019B5A1AC2B1FF014EE4F07821EBC3E22A44 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KuHXizgSIs2I12qOk8RLujyACKI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/d3f2f4-3f8e-4a73-8c8c-d7c8f88753d4/1/KuHXizgSIs2I12qOk8RLujyACKI.mft Manifest number: 78 Signing time: Fri 26 Dec 2025 10:01:01 +0000 Manifest this update: Fri 26 Dec 2025 10:01:01 +0000 Manifest next update: Sat 27 Dec 2025 10:01:01 +0000 Files and hashes: 1: KuHXizgSIs2I12qOk8RLujyACKI.crl (hash: ED+T18dipUR8cAr9XDRaMLatG+EO9X1BaTdovN3dex8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/d3f2f4-3f8e-4a73-8c8c-d7c8f88753d4/1/KuHXizgSIs2I12qOk8RLujyACKI.crl rsync://rpki.ripe.net/repository/DEFAULT/a9/d3f2f4-3f8e-4a73-8c8c-d7c8f88753d4/1/KuHXizgSIs2I12qOk8RLujyACKI.mft rsync://rpki.ripe.net/repository/DEFAULT/KuHXizgSIs2I12qOk8RLujyACKI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:1a:c2:b1:ff:01:4e:e4:f0:78:21:eb:c3:e2:2a:44 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2ae1d78b381222cd88d76a8e93c44bba3c8008a2 Validity Not Before: Dec 26 10:01:01 2025 GMT Not After : Dec 27 10:01:01 2025 GMT Subject: CN=2e30d410a768c2bc35f32c5c6231a904431f86a4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:c8:1c:77:00:a7:3c:9d:df:11:78:c9:b5:c0: 44:95:cc:ed:d5:40:f9:8c:aa:fc:4d:2b:5d:5b:76: f9:2b:85:59:d4:21:50:d0:33:ef:e0:e1:84:49:2b: 28:eb:48:59:a4:b0:d1:d9:53:9b:cd:32:2c:b8:48: c0:01:aa:c7:9f:30:eb:d6:59:65:2e:85:ed:82:27: 10:93:58:a8:d2:a5:8c:97:3b:85:a3:12:77:5c:ff: 29:7b:7a:c2:99:8f:41:66:85:c8:72:ff:d0:19:9f: 07:02:49:02:c4:64:fe:78:07:78:8b:05:87:19:cd: c8:dc:a8:cd:1a:31:4d:f7:57:86:9d:db:c4:ae:ad: 0e:a6:4d:54:39:6e:63:41:7d:de:96:db:59:33:17: 66:35:bf:20:12:20:bf:2f:b2:5e:33:40:2e:f4:c7: a6:79:3e:0a:ef:0e:d3:8b:31:01:c5:9d:bf:79:ba: 38:c1:6d:f6:54:45:b2:fd:c8:48:1a:21:7e:2b:38: db:e6:8f:38:f6:82:04:fc:ce:b1:04:48:55:4f:ca: 9f:fb:a3:fb:15:0c:a4:87:cd:88:d1:55:ce:57:f6: 6a:82:9b:9a:72:e3:45:ac:00:52:5b:75:b6:0e:d8: eb:08:0b:00:46:8b:e6:9c:03:10:9e:ca:b6:c4:f7: 3c:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2E:30:D4:10:A7:68:C2:BC:35:F3:2C:5C:62:31:A9:04:43:1F:86:A4 X509v3 Authority Key Identifier: keyid:2A:E1:D7:8B:38:12:22:CD:88:D7:6A:8E:93:C4:4B:BA:3C:80:08:A2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KuHXizgSIs2I12qOk8RLujyACKI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/d3f2f4-3f8e-4a73-8c8c-d7c8f88753d4/1/KuHXizgSIs2I12qOk8RLujyACKI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/d3f2f4-3f8e-4a73-8c8c-d7c8f88753d4/1/KuHXizgSIs2I12qOk8RLujyACKI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 85:c0:53:9d:40:d5:1b:84:74:38:ec:8f:36:54:20:3a:8e:4a: 8e:22:14:0f:1c:dc:68:f2:18:68:0a:4a:96:42:5c:dc:bd:7c: 48:bf:74:56:9d:19:87:43:09:5b:d7:ac:ba:c7:8f:03:56:e9: 94:2c:17:58:cf:38:09:9a:69:c6:cb:a2:7d:9d:6d:04:1d:af: e3:49:fe:0a:91:75:77:74:b7:45:fc:3f:27:e2:10:36:18:b9: 9c:b7:c0:f2:c9:00:fc:3b:e3:a3:1c:23:a8:71:07:71:ff:bf: 98:45:f3:f5:e1:89:a3:06:f1:15:e1:00:42:a0:b3:d7:ef:78: c8:3c:9c:f8:79:ff:42:d4:2b:18:a3:57:d6:0d:de:29:cf:41: dd:a0:5f:da:e7:7a:00:4b:79:ba:5f:44:c7:ec:26:e9:cc:38: 66:94:90:86:46:7f:71:00:14:7a:11:23:c9:77:95:e1:4f:44: dc:d3:14:de:b7:87:6a:8e:e5:e8:eb:48:d9:f6:ff:53:37:51: 58:ad:51:b6:22:b0:f8:50:ad:99:36:e8:68:20:17:48:f0:ca: 18:84:77:a5:4e:ca:e5:dc:ce:ac:5a:06:a7:d6:cb:54:d3:83: b8:d2:f7:a2:c2:7f:47:63:63:0b:d1:4d:b6:ab:3d:58:a2:a0: 7d:34:63:44 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtaGsKx/wFO5PB4IevD4ipEMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhZTFkNzhiMzgxMjIyY2Q4OGQ3NmE4ZTkzYzQ0YmJhM2M4 MDA4YTIwHhcNMjUxMjI2MTAwMTAxWhcNMjUxMjI3MTAwMTAxWjAzMTEwLwYDVQQD EygyZTMwZDQxMGE3NjhjMmJjMzVmMzJjNWM2MjMxYTkwNDQzMWY4NmE0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz8gcdwCnPJ3fEXjJtcBElczt1UD5 jKr8TStdW3b5K4VZ1CFQ0DPv4OGESSso60hZpLDR2VObzTIsuEjAAarHnzDr1lll LoXtgicQk1io0qWMlzuFoxJ3XP8pe3rCmY9BZoXIcv/QGZ8HAkkCxGT+eAd4iwWH Gc3I3KjNGjFN91eGndvErq0Opk1UOW5jQX3elttZMxdmNb8gEiC/L7JeM0Au9Mem eT4K7w7TizEBxZ2/ebo4wW32VEWy/chIGiF+Kzjb5o849oIE/M6xBEhVT8qf+6P7 FQykh82I0VXOV/ZqgpuacuNFrABSW3W2DtjrCAsARovmnAMQnsq2xPc8KwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFC4w1BCnaMK8NfMsXGIxqQRDH4akMB8GA1UdIwQY MBaAFCrh14s4EiLNiNdqjpPES7o8gAiiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS3VIWGl6Z1NJczJJMTJxT2s4Ukx1anlBQ0tJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9kM2YyZjQtM2Y4ZS00YTczLThjOGMt ZDdjOGY4ODc1M2Q0LzEvS3VIWGl6Z1NJczJJMTJxT2s4Ukx1anlBQ0tJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hOS9kM2YyZjQtM2Y4ZS00YTczLThjOGMtZDdjOGY4ODc1M2Q0 LzEvS3VIWGl6Z1NJczJJMTJxT2s4Ukx1anlBQ0tJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhcBTnUDV G4R0OOyPNlQgOo5KjiIUDxzcaPIYaApKlkJc3L18SL90Vp0Zh0MJW9esusePA1bp lCwXWM84CZppxsuifZ1tBB2v40n+CpF1d3S3Rfw/J+IQNhi5nLfA8skA/Dvjoxwj qHEHcf+/mEXz9eGJowbxFeEAQqCz1+94yDyc+Hn/QtQrGKNX1g3eKc9B3aBf2ud6 AEt5ul9Ex+wm6cw4ZpSQhkZ/cQAUehEjyXeV4U9E3NMU3reHao7l6OtI2fb/UzdR WK1RtiKw+FCtmTboaCAXSPDKGIR3pU7K5dzOrFoGp9bLVNODuNL3osJ/R2NjC9FN tqs9WKKgfTRjRA== -----END CERTIFICATE-----Generated at Fri Dec 26 15:42:29 2025 by rpki-client