This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/b08e6e-0822-4224-954b-a6b1ad34e08c/1/kdfs8XFCs7CTX443uPfZwlPw7hk.mft File: kdfs8XFCs7CTX443uPfZwlPw7hk.mft (raw, json) Hash identifier: i5frurBJ5voKEkGWT7fPwDFfANaPFhtfK5sBuMyqNjM= Subject key identifier: 81:BF:17:A2:C0:9B:35:96:3C:1C:97:01:AB:85:21:71:CB:21:53:12 Authority key identifier: 91:D7:EC:F1:71:42:B3:B0:93:5F:8E:37:B8:F7:D9:C2:53:F0:EE:19 Certificate issuer: /CN=91d7ecf17142b3b0935f8e37b8f7d9c253f0ee19 Certificate serial: 019B12A69AB3E56EDE3FF1D152DE914EAEDA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kdfs8XFCs7CTX443uPfZwlPw7hk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/b08e6e-0822-4224-954b-a6b1ad34e08c/1/kdfs8XFCs7CTX443uPfZwlPw7hk.mft Manifest number: 1777 Signing time: Fri 12 Dec 2025 13:01:06 +0000 Manifest this update: Fri 12 Dec 2025 13:01:06 +0000 Manifest next update: Sat 13 Dec 2025 13:01:06 +0000 Files and hashes: 1: kdfs8XFCs7CTX443uPfZwlPw7hk.crl (hash: mIsmqdViScP+LFbVzwRozyPkYw2+q6dV1NfQmrTRgSI=) 2: yaNI0_QU-og_a5wIKL7nblpP3wo.roa (hash: mocSKnatPWu2K5HO5VSBkHGD9dsGk50fbeHRajNzTSQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/b08e6e-0822-4224-954b-a6b1ad34e08c/1/kdfs8XFCs7CTX443uPfZwlPw7hk.crl rsync://rpki.ripe.net/repository/DEFAULT/b6/b08e6e-0822-4224-954b-a6b1ad34e08c/1/kdfs8XFCs7CTX443uPfZwlPw7hk.mft rsync://rpki.ripe.net/repository/DEFAULT/kdfs8XFCs7CTX443uPfZwlPw7hk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 13 Dec 2025 13:01:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:12:a6:9a:b3:e5:6e:de:3f:f1:d1:52:de:91:4e:ae:da Signature Algorithm: sha256WithRSAEncryption Issuer: CN=91d7ecf17142b3b0935f8e37b8f7d9c253f0ee19 Validity Not Before: Dec 12 13:01:06 2025 GMT Not After : Dec 13 13:01:06 2025 GMT Subject: CN=81bf17a2c09b35963c1c9701ab852171cb215312 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:92:15:69:1c:4b:fd:e2:69:10:a7:31:3a:5a: 51:78:df:d8:14:07:82:9d:a0:1e:62:a1:37:ad:da: a7:55:a1:5c:58:d0:81:c5:89:3c:c0:9b:6f:b0:48: ab:c8:51:96:77:96:c8:85:ef:9e:f2:10:fc:29:1c: 96:78:ec:c8:65:6d:ae:85:71:29:04:74:db:11:bf: 7a:8f:07:75:6e:7c:cf:d9:2d:06:c7:47:b5:83:1d: 65:67:9e:f6:37:f0:92:3a:65:50:3b:ed:67:92:35: 21:5a:77:02:38:67:dd:8c:c7:6c:b6:72:0f:82:0a: 89:8e:f7:25:6f:34:61:b3:f9:cd:8b:a0:fc:a6:49: fa:06:fd:88:d2:55:28:46:9c:23:9f:e2:ac:ac:59: 61:64:3b:0c:72:0b:fe:91:28:53:e1:d0:e6:fc:28: fc:c6:78:52:d9:35:53:9c:d9:cc:90:78:84:b0:87: c1:ef:7a:e9:3a:08:08:73:e0:78:ab:f6:2f:09:e7: 3c:4f:05:c1:f7:8d:c7:32:c0:33:89:61:71:01:70: 18:c0:3d:98:95:59:46:97:12:44:27:a2:b3:a0:7f: ee:4d:5f:f5:48:b1:e7:c0:b9:91:f1:c2:1c:59:6a: 7d:60:a5:7a:f3:a6:19:8c:85:3b:45:df:02:59:2f: 97:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 81:BF:17:A2:C0:9B:35:96:3C:1C:97:01:AB:85:21:71:CB:21:53:12 X509v3 Authority Key Identifier: keyid:91:D7:EC:F1:71:42:B3:B0:93:5F:8E:37:B8:F7:D9:C2:53:F0:EE:19 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kdfs8XFCs7CTX443uPfZwlPw7hk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/b08e6e-0822-4224-954b-a6b1ad34e08c/1/kdfs8XFCs7CTX443uPfZwlPw7hk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/b08e6e-0822-4224-954b-a6b1ad34e08c/1/kdfs8XFCs7CTX443uPfZwlPw7hk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 10:b1:3d:f1:7e:f7:88:94:35:1a:39:e7:ae:66:3f:a9:58:6b: 69:a0:58:40:e8:ac:91:c7:d6:75:32:c8:0c:80:d9:62:ab:38: 80:91:6c:a7:75:93:dc:be:9a:b6:c0:a7:dd:ff:da:a3:ed:c7: d1:29:73:4b:30:2a:55:ac:4e:a7:ac:43:e5:c4:28:ba:3f:e6: af:49:90:b0:ac:54:63:c9:90:17:a9:cd:01:bc:81:c5:b9:77: b3:67:37:42:de:db:67:ec:8c:5f:80:b5:78:04:88:af:34:1b: 1f:99:f8:34:63:fe:22:3f:ee:4c:b4:af:4d:8e:cb:a1:f8:e1: ed:0b:03:de:55:e7:d1:ec:a5:a5:37:f3:aa:37:94:b9:1a:30: 6b:1e:a7:9a:f4:03:3d:49:41:57:bd:24:69:9b:e5:44:e8:32: 39:51:8f:78:a1:06:33:28:44:44:25:71:22:48:4e:b7:28:9e: 95:e8:4e:c6:3f:a5:d4:b0:6d:2e:4f:ca:bf:3f:ca:d7:fe:53: 02:48:91:c3:e6:9c:84:bc:02:b1:c2:8d:2f:a1:1a:e9:60:82: 23:f9:9a:2d:54:72:9b:09:8b:55:68:9f:3a:45:5e:62:10:1f: 44:1b:60:0d:8f:82:9f:7b:9c:de:ee:23:b5:2b:c5:c1:e4:47: 96:25:47:4e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsSppqz5W7eP/HRUt6RTq7aMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkxZDdlY2YxNzE0MmIzYjA5MzVmOGUzN2I4ZjdkOWMyNTNm MGVlMTkwHhcNMjUxMjEyMTMwMTA2WhcNMjUxMjEzMTMwMTA2WjAzMTEwLwYDVQQD Eyg4MWJmMTdhMmMwOWIzNTk2M2MxYzk3MDFhYjg1MjE3MWNiMjE1MzEyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzJIVaRxL/eJpEKcxOlpReN/YFAeC naAeYqE3rdqnVaFcWNCBxYk8wJtvsEiryFGWd5bIhe+e8hD8KRyWeOzIZW2uhXEp BHTbEb96jwd1bnzP2S0Gx0e1gx1lZ572N/CSOmVQO+1nkjUhWncCOGfdjMdstnIP ggqJjvclbzRhs/nNi6D8pkn6Bv2I0lUoRpwjn+KsrFlhZDsMcgv+kShT4dDm/Cj8 xnhS2TVTnNnMkHiEsIfB73rpOggIc+B4q/YvCec8TwXB943HMsAziWFxAXAYwD2Y lVlGlxJEJ6KzoH/uTV/1SLHnwLmR8cIcWWp9YKV686YZjIU7Rd8CWS+XfwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIG/F6LAmzWWPByXAauFIXHLIVMSMB8GA1UdIwQY MBaAFJHX7PFxQrOwk1+ON7j32cJT8O4ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva2RmczhYRkNzN0NUWDQ0M3VQZlp3bFB3N2hrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9iMDhlNmUtMDgyMi00MjI0LTk1NGIt YTZiMWFkMzRlMDhjLzEva2RmczhYRkNzN0NUWDQ0M3VQZlp3bFB3N2hrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNi9iMDhlNmUtMDgyMi00MjI0LTk1NGItYTZiMWFkMzRlMDhj LzEva2RmczhYRkNzN0NUWDQ0M3VQZlp3bFB3N2hrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAELE98X73 iJQ1GjnnrmY/qVhraaBYQOiskcfWdTLIDIDZYqs4gJFsp3WT3L6atsCn3f/ao+3H 0SlzSzAqVaxOp6xD5cQouj/mr0mQsKxUY8mQF6nNAbyBxbl3s2c3Qt7bZ+yMX4C1 eASIrzQbH5n4NGP+Ij/uTLSvTY7Lofjh7QsD3lXn0eylpTfzqjeUuRowax6nmvQD PUlBV70kaZvlROgyOVGPeKEGMyhERCVxIkhOtyielehOxj+l1LBtLk/Kvz/K1/5T AkiRw+achLwCscKNL6Ea6WCCI/maLVRymwmLVWifOkVeYhAfRBtgDY+Cn3uc3u4j tSvFweRHliVHTg== -----END CERTIFICATE-----Generated at Fri Dec 12 19:28:31 2025 by rpki-client