This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/6e40ee-7935-41a9-8ee7-f9a69449d5fa/1/KMvNlssXsh1iT9IXD9DXCBY68j0.mft File: KMvNlssXsh1iT9IXD9DXCBY68j0.mft (raw, json) Hash identifier: cXo/LMJjjAcm/ZjYywHfKIXDa8xSgTh8PygunvSmTfY= Subject key identifier: 67:AA:98:23:0D:F9:30:AB:A8:37:82:A6:A0:AC:9C:47:09:90:0E:09 Authority key identifier: 28:CB:CD:96:CB:17:B2:1D:62:4F:D2:17:0F:D0:D7:08:16:3A:F2:3D Certificate issuer: /CN=28cbcd96cb17b21d624fd2170fd0d708163af23d Certificate serial: 019B21749E90753C808162BC635E095D9ECC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KMvNlssXsh1iT9IXD9DXCBY68j0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/6e40ee-7935-41a9-8ee7-f9a69449d5fa/1/KMvNlssXsh1iT9IXD9DXCBY68j0.mft Manifest number: 10A2 Signing time: Mon 15 Dec 2025 10:00:49 +0000 Manifest this update: Mon 15 Dec 2025 10:00:49 +0000 Manifest next update: Tue 16 Dec 2025 10:00:49 +0000 Files and hashes: 1: KMvNlssXsh1iT9IXD9DXCBY68j0.crl (hash: QyRPGQSzfcp3OcJtMUU+hb3TZKifW0bHNJJ0swK5Dsk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b8/6e40ee-7935-41a9-8ee7-f9a69449d5fa/1/KMvNlssXsh1iT9IXD9DXCBY68j0.crl rsync://rpki.ripe.net/repository/DEFAULT/b8/6e40ee-7935-41a9-8ee7-f9a69449d5fa/1/KMvNlssXsh1iT9IXD9DXCBY68j0.mft rsync://rpki.ripe.net/repository/DEFAULT/KMvNlssXsh1iT9IXD9DXCBY68j0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 08:00:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:21:74:9e:90:75:3c:80:81:62:bc:63:5e:09:5d:9e:cc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=28cbcd96cb17b21d624fd2170fd0d708163af23d Validity Not Before: Dec 15 10:00:49 2025 GMT Not After : Dec 16 10:00:49 2025 GMT Subject: CN=67aa98230df930aba83782a6a0ac9c4709900e09 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:73:55:36:1e:d2:e3:69:a5:72:55:4e:ca:ed: c0:6d:96:6d:a1:80:a7:92:79:49:93:9a:71:f6:9f: 87:40:79:ee:8d:19:2f:5f:41:00:bc:8d:1d:3d:7b: 38:90:38:19:f5:86:2d:88:5f:fb:7c:34:94:d5:07: f4:73:1f:c1:7c:58:e3:08:ea:e4:32:4c:58:b6:93: 4f:06:fc:79:ae:1c:da:3e:c1:98:a3:40:b0:04:85: 12:a3:21:38:ac:8e:50:c1:bf:89:f0:25:f8:dc:f0: 87:08:9f:16:5f:aa:99:60:19:76:2c:56:0f:7b:7c: 69:5f:09:2a:78:78:a1:98:0d:5e:db:ad:25:a2:e9: 47:01:c6:84:12:cf:85:10:64:22:75:57:b5:82:b0: db:fd:37:91:05:c1:40:53:0b:ca:88:34:d1:0f:54: 32:6c:93:d7:ab:31:8a:91:52:fb:81:2a:e8:32:27: b9:0e:16:cf:73:76:6d:ca:75:5e:ee:58:2d:af:58: 6d:0e:90:88:3e:aa:f5:f9:61:84:8b:25:e9:52:d3: e5:5f:7b:54:69:b4:8e:be:f3:27:c1:c5:27:23:d7: cd:23:b7:5b:b4:21:96:90:02:1e:19:16:47:f8:b5: c1:e4:1a:74:0f:a9:af:33:d7:00:00:2f:08:ed:4e: 6d:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:AA:98:23:0D:F9:30:AB:A8:37:82:A6:A0:AC:9C:47:09:90:0E:09 X509v3 Authority Key Identifier: keyid:28:CB:CD:96:CB:17:B2:1D:62:4F:D2:17:0F:D0:D7:08:16:3A:F2:3D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KMvNlssXsh1iT9IXD9DXCBY68j0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6e40ee-7935-41a9-8ee7-f9a69449d5fa/1/KMvNlssXsh1iT9IXD9DXCBY68j0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6e40ee-7935-41a9-8ee7-f9a69449d5fa/1/KMvNlssXsh1iT9IXD9DXCBY68j0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 91:1b:ad:6c:1d:1c:28:13:51:9a:8e:cd:dd:ae:4e:a0:9d:3c: a7:e5:b0:8e:f3:72:99:20:9a:66:64:6c:be:4d:1c:40:16:7c: 64:74:e3:f3:39:f6:ec:fd:aa:90:1f:e5:50:32:92:3b:70:6f: 9a:9b:b7:d0:5e:c0:84:58:62:ba:b9:7e:43:42:4f:b4:2a:61: 2e:bd:d6:c6:5c:09:49:d3:b0:dc:76:c0:2d:c6:88:ad:1a:25: 2a:03:24:ff:d3:ff:d9:a3:e3:53:77:4d:20:06:68:84:8b:ad: dd:98:ca:16:29:63:22:21:4f:72:29:7c:b0:0b:28:4d:d3:a6: 56:4b:b7:ec:3d:a1:37:6a:9d:bd:70:e2:23:02:dc:02:c0:d1: 92:2e:eb:0e:02:70:50:54:45:cc:ed:ef:0e:25:7f:c6:92:cc: c1:b9:b9:42:4c:a6:c7:b5:75:9a:90:38:48:66:70:8e:31:32: b7:15:e2:e1:93:cf:63:79:ea:81:86:63:4f:d3:5e:ce:3e:ce: d9:92:dc:e8:8d:f7:f3:bd:11:89:03:8b:58:5a:3c:f2:ef:a5: 6f:31:c5:37:ad:41:1e:12:73:bc:a4:05:98:1c:b1:14:3c:67: 97:60:57:ad:c2:ca:d3:cf:66:dd:2c:cc:73:8f:fb:2c:b1:ea: 9c:14:66:e3 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZshdJ6QdTyAgWK8Y14JXZ7MMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI4Y2JjZDk2Y2IxN2IyMWQ2MjRmZDIxNzBmZDBkNzA4MTYz YWYyM2QwHhcNMjUxMjE1MTAwMDQ5WhcNMjUxMjE2MTAwMDQ5WjAzMTEwLwYDVQQD Eyg2N2FhOTgyMzBkZjkzMGFiYTgzNzgyYTZhMGFjOWM0NzA5OTAwZTA5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArHNVNh7S42mlclVOyu3AbZZtoYCn knlJk5px9p+HQHnujRkvX0EAvI0dPXs4kDgZ9YYtiF/7fDSU1Qf0cx/BfFjjCOrk MkxYtpNPBvx5rhzaPsGYo0CwBIUSoyE4rI5Qwb+J8CX43PCHCJ8WX6qZYBl2LFYP e3xpXwkqeHihmA1e260loulHAcaEEs+FEGQidVe1grDb/TeRBcFAUwvKiDTRD1Qy bJPXqzGKkVL7gSroMie5DhbPc3ZtynVe7lgtr1htDpCIPqr1+WGEiyXpUtPlX3tU abSOvvMnwcUnI9fNI7dbtCGWkAIeGRZH+LXB5Bp0D6mvM9cAAC8I7U5t+QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGeqmCMN+TCrqDeCpqCsnEcJkA4JMB8GA1UdIwQY MBaAFCjLzZbLF7IdYk/SFw/Q1wgWOvI9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS012Tmxzc1hzaDFpVDlJWEQ5RFhDQlk2OGowLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC82ZTQwZWUtNzkzNS00MWE5LThlZTct ZjlhNjk0NDlkNWZhLzEvS012Tmxzc1hzaDFpVDlJWEQ5RFhDQlk2OGowLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iOC82ZTQwZWUtNzkzNS00MWE5LThlZTctZjlhNjk0NDlkNWZh LzEvS012Tmxzc1hzaDFpVDlJWEQ5RFhDQlk2OGowLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkRutbB0c KBNRmo7N3a5OoJ08p+WwjvNymSCaZmRsvk0cQBZ8ZHTj8zn27P2qkB/lUDKSO3Bv mpu30F7AhFhiurl+Q0JPtCphLr3WxlwJSdOw3HbALcaIrRolKgMk/9P/2aPjU3dN IAZohIut3ZjKFiljIiFPcil8sAsoTdOmVku37D2hN2qdvXDiIwLcAsDRki7rDgJw UFRFzO3vDiV/xpLMwbm5Qkymx7V1mpA4SGZwjjEytxXi4ZPPY3nqgYZjT9Nezj7O 2ZLc6I33870RiQOLWFo88u+lbzHFN61BHhJzvKQFmByxFDxnl2BXrcLK089m3SzM c4/7LLHqnBRm4w== -----END CERTIFICATE-----Generated at Mon Dec 15 13:23:20 2025 by rpki-client