This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/6e40ee-7935-41a9-8ee7-f9a69449d5fa/1/KMvNlssXsh1iT9IXD9DXCBY68j0.mft File: KMvNlssXsh1iT9IXD9DXCBY68j0.mft (raw, json) Hash identifier: JNPmdIlw0LxYBoaY5t35L2ryjQpSmDw+kDurwYXKL8M= Subject key identifier: ED:3D:62:1E:8D:7D:D1:C0:17:BB:45:BD:8C:7D:7B:79:C9:EB:F2:0A Authority key identifier: 28:CB:CD:96:CB:17:B2:1D:62:4F:D2:17:0F:D0:D7:08:16:3A:F2:3D Certificate issuer: /CN=28cbcd96cb17b21d624fd2170fd0d708163af23d Certificate serial: 019B2D0AC9FA6DCF66CDBFF35986F01253C7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KMvNlssXsh1iT9IXD9DXCBY68j0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/6e40ee-7935-41a9-8ee7-f9a69449d5fa/1/KMvNlssXsh1iT9IXD9DXCBY68j0.mft Manifest number: 10A8 Signing time: Wed 17 Dec 2025 16:00:40 +0000 Manifest this update: Wed 17 Dec 2025 16:00:40 +0000 Manifest next update: Thu 18 Dec 2025 16:00:40 +0000 Files and hashes: 1: KMvNlssXsh1iT9IXD9DXCBY68j0.crl (hash: SJlXD9p6NV6CN51FTOp8ENS986Z1HhLCs7Ek8x+vOWM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b8/6e40ee-7935-41a9-8ee7-f9a69449d5fa/1/KMvNlssXsh1iT9IXD9DXCBY68j0.crl rsync://rpki.ripe.net/repository/DEFAULT/b8/6e40ee-7935-41a9-8ee7-f9a69449d5fa/1/KMvNlssXsh1iT9IXD9DXCBY68j0.mft rsync://rpki.ripe.net/repository/DEFAULT/KMvNlssXsh1iT9IXD9DXCBY68j0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 18 Dec 2025 10:00:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2d:0a:c9:fa:6d:cf:66:cd:bf:f3:59:86:f0:12:53:c7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=28cbcd96cb17b21d624fd2170fd0d708163af23d Validity Not Before: Dec 17 16:00:40 2025 GMT Not After : Dec 18 16:00:40 2025 GMT Subject: CN=ed3d621e8d7dd1c017bb45bd8c7d7b79c9ebf20a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:13:bc:b8:31:e1:08:fe:df:31:e9:5e:f7:9b: b1:ca:f4:fe:fd:57:06:1f:4e:59:c9:f5:89:5a:00: 4f:a0:14:24:71:93:b9:ff:41:a0:d7:5e:82:85:58: 9a:3f:fa:cc:ba:9f:03:fa:28:a0:72:ef:10:76:56: ab:26:8d:80:f1:3c:a7:62:47:69:97:73:af:ef:60: c4:54:63:73:57:bc:cf:33:72:92:3b:a2:7e:8f:3e: dc:4b:01:63:7c:d2:4c:73:fa:eb:cd:33:49:dc:c5: b6:64:06:fa:40:24:00:8c:e2:99:2d:db:50:43:dc: 6b:ea:2f:21:03:0d:d2:01:19:9f:be:fc:27:0a:95: 0b:03:a8:0b:8b:83:40:d7:bb:99:28:de:6d:ef:85: 50:ce:66:f0:6f:bf:52:6d:fe:bd:0d:3d:75:06:0b: 35:a1:ad:4e:3e:36:a8:26:7f:01:06:b4:58:30:69: dc:37:c0:e5:74:df:6c:b7:50:52:4a:66:be:95:7c: e4:e3:99:ed:05:cd:c4:cf:f7:dc:f4:fc:43:da:d8: 67:09:a3:40:cd:1b:03:11:b8:a8:e8:41:30:74:45: 43:01:a7:c3:72:85:65:9d:dc:e3:9f:db:b7:36:aa: 12:8a:e7:ac:bc:c1:b1:52:98:f9:7e:5f:43:e3:ba: da:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: ED:3D:62:1E:8D:7D:D1:C0:17:BB:45:BD:8C:7D:7B:79:C9:EB:F2:0A X509v3 Authority Key Identifier: keyid:28:CB:CD:96:CB:17:B2:1D:62:4F:D2:17:0F:D0:D7:08:16:3A:F2:3D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KMvNlssXsh1iT9IXD9DXCBY68j0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6e40ee-7935-41a9-8ee7-f9a69449d5fa/1/KMvNlssXsh1iT9IXD9DXCBY68j0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6e40ee-7935-41a9-8ee7-f9a69449d5fa/1/KMvNlssXsh1iT9IXD9DXCBY68j0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a1:8b:1f:7b:30:3b:25:7e:b3:88:0c:38:45:61:ac:66:36:74: da:10:2d:cb:ce:c3:0a:20:b5:f7:ea:f4:17:2a:08:cd:91:88: 01:6f:48:6b:f5:70:c9:5a:bb:7d:81:7e:46:1e:8b:c3:c8:52: 8f:e5:c2:02:3b:f3:38:49:73:66:8c:9d:3d:d7:8e:de:22:85: 19:5e:3e:69:f7:05:c5:bd:f3:1f:d1:41:35:01:51:eb:b5:de: 58:6b:1a:29:d4:6c:37:3f:67:af:16:9a:49:c5:1d:7e:71:f4: 40:42:cf:b1:69:fb:00:33:1e:f5:4c:ce:b4:d1:bb:0f:8a:c3: a7:7d:5e:d2:b9:06:be:d9:06:3d:d5:f8:03:d8:ac:db:59:93: f7:4d:8a:ac:70:ad:c2:35:e5:d1:80:7c:cb:85:81:c1:cd:ff: 76:a7:4a:cb:6f:51:c6:eb:15:06:18:11:ce:e7:06:11:5e:fc: 66:28:96:00:47:f7:57:94:3c:bc:01:d6:20:13:4e:c9:e1:bf: 86:60:f3:ba:f3:86:d8:27:bd:98:ac:bb:7c:a2:57:1c:8c:73: 1a:7d:f6:99:44:3e:ce:23:4d:4a:a2:ae:49:4f:b3:6c:eb:6b: 36:60:1a:80:dd:60:87:0e:c8:1f:8f:c4:cb:c7:b2:25:a0:9f: c3:4b:0c:bf -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZstCsn6bc9mzb/zWYbwElPHMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI4Y2JjZDk2Y2IxN2IyMWQ2MjRmZDIxNzBmZDBkNzA4MTYz YWYyM2QwHhcNMjUxMjE3MTYwMDQwWhcNMjUxMjE4MTYwMDQwWjAzMTEwLwYDVQQD EyhlZDNkNjIxZThkN2RkMWMwMTdiYjQ1YmQ4YzdkN2I3OWM5ZWJmMjBhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArRO8uDHhCP7fMele95uxyvT+/VcG H05ZyfWJWgBPoBQkcZO5/0Gg116ChViaP/rMup8D+iigcu8QdlarJo2A8TynYkdp l3Ov72DEVGNzV7zPM3KSO6J+jz7cSwFjfNJMc/rrzTNJ3MW2ZAb6QCQAjOKZLdtQ Q9xr6i8hAw3SARmfvvwnCpULA6gLi4NA17uZKN5t74VQzmbwb79Sbf69DT11Bgs1 oa1OPjaoJn8BBrRYMGncN8DldN9st1BSSma+lXzk45ntBc3Ez/fc9PxD2thnCaNA zRsDEbio6EEwdEVDAafDcoVlndzjn9u3NqoSiuesvMGxUpj5fl9D47raeQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFO09Yh6NfdHAF7tFvYx9e3nJ6/IKMB8GA1UdIwQY MBaAFCjLzZbLF7IdYk/SFw/Q1wgWOvI9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS012Tmxzc1hzaDFpVDlJWEQ5RFhDQlk2OGowLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC82ZTQwZWUtNzkzNS00MWE5LThlZTct ZjlhNjk0NDlkNWZhLzEvS012Tmxzc1hzaDFpVDlJWEQ5RFhDQlk2OGowLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iOC82ZTQwZWUtNzkzNS00MWE5LThlZTctZjlhNjk0NDlkNWZh LzEvS012Tmxzc1hzaDFpVDlJWEQ5RFhDQlk2OGowLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoYsfezA7 JX6ziAw4RWGsZjZ02hAty87DCiC19+r0FyoIzZGIAW9Ia/VwyVq7fYF+Rh6Lw8hS j+XCAjvzOElzZoydPdeO3iKFGV4+afcFxb3zH9FBNQFR67XeWGsaKdRsNz9nrxaa ScUdfnH0QELPsWn7ADMe9UzOtNG7D4rDp31e0rkGvtkGPdX4A9is21mT902KrHCt wjXl0YB8y4WBwc3/dqdKy29RxusVBhgRzucGEV78ZiiWAEf3V5Q8vAHWIBNOyeG/ hmDzuvOG2Ce9mKy7fKJXHIxzGn32mUQ+ziNNSqKuSU+zbOtrNmAagN1ghw7IH4/E y8eyJaCfw0sMvw== -----END CERTIFICATE-----Generated at Wed Dec 17 19:03:54 2025 by rpki-client