This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/693cc3-ab75-44c6-a740-7461a56ce95e/1/KIBHSpYWHd4pQs-58YVsL_yICQQ.mft File: KIBHSpYWHd4pQs-58YVsL_yICQQ.mft (raw, json) Hash identifier: DvhcM1qWRiNFa+u/1n8qKFXx5uGw1dprcLZAbnhHGyE= Subject key identifier: 72:9B:7C:46:03:7A:AE:FA:2A:26:80:73:61:F3:0A:D0:AF:0B:9A:D7 Authority key identifier: 28:80:47:4A:96:16:1D:DE:29:42:CF:B9:F1:85:6C:2F:FC:88:09:04 Certificate issuer: /CN=2880474a96161dde2942cfb9f1856c2ffc880904 Certificate serial: 019B5A1A6CB8364AA7BCAAF085A2317E296B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KIBHSpYWHd4pQs-58YVsL_yICQQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/693cc3-ab75-44c6-a740-7461a56ce95e/1/KIBHSpYWHd4pQs-58YVsL_yICQQ.mft Manifest number: 0355 Signing time: Fri 26 Dec 2025 10:00:39 +0000 Manifest this update: Fri 26 Dec 2025 10:00:39 +0000 Manifest next update: Sat 27 Dec 2025 10:00:39 +0000 Files and hashes: 1: KIBHSpYWHd4pQs-58YVsL_yICQQ.crl (hash: WNp9cVnBs/c7m/0p+tNyFFFHrM6ZSaTzNr/P+bjO8WA=) 2: q2_sbJziOr7rwxyhvKWnkNjMans.roa (hash: 0BH7DATsPfSUKJPP/TZdwOG931UfHO+OV4ftBhPZrwY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/693cc3-ab75-44c6-a740-7461a56ce95e/1/KIBHSpYWHd4pQs-58YVsL_yICQQ.crl rsync://rpki.ripe.net/repository/DEFAULT/ba/693cc3-ab75-44c6-a740-7461a56ce95e/1/KIBHSpYWHd4pQs-58YVsL_yICQQ.mft rsync://rpki.ripe.net/repository/DEFAULT/KIBHSpYWHd4pQs-58YVsL_yICQQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:1a:6c:b8:36:4a:a7:bc:aa:f0:85:a2:31:7e:29:6b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2880474a96161dde2942cfb9f1856c2ffc880904 Validity Not Before: Dec 26 10:00:39 2025 GMT Not After : Dec 27 10:00:39 2025 GMT Subject: CN=729b7c46037aaefa2a26807361f30ad0af0b9ad7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f2:b9:f3:7b:23:00:b6:71:7b:51:c0:c5:f6:7e: 68:b9:28:a7:5e:6a:f8:3b:6c:5c:25:d4:de:8f:33: 3e:7f:d1:aa:17:2d:28:f0:b2:64:d4:7f:22:69:ae: fe:3d:79:e1:25:6e:f2:ce:ed:d8:c6:2b:51:71:e8: 75:2b:db:d5:1d:b1:27:03:43:ca:67:9f:e7:19:ab: 50:bd:41:ce:ab:68:d0:a9:f8:ea:85:ac:e2:31:aa: 84:b4:f7:24:da:f3:27:2e:ca:cc:be:4a:f1:50:06: f4:89:7c:c8:f9:7f:4e:ce:b4:6d:db:3e:89:4d:9a: 93:08:5a:48:ce:7f:9c:30:90:28:11:bf:58:80:34: 84:11:cf:03:39:99:ef:08:33:a2:f9:22:8f:da:a9: dc:5d:b3:50:98:38:bb:3b:9b:98:19:8a:89:d0:38: d7:8e:79:cf:d2:5d:e9:89:b6:47:41:46:6a:4b:e4: d5:70:00:e7:87:9b:08:a8:59:3d:b5:c0:9e:8d:39: 67:b4:27:f3:64:2e:88:d2:14:c7:e7:af:7f:c4:ef: f1:98:6c:38:79:a6:be:ce:fc:06:78:c0:a7:c6:be: 28:62:0e:da:de:bd:21:1c:c4:b5:fa:9a:5d:dd:36: 8c:3e:ef:7a:1f:9d:03:7c:76:4c:9d:47:72:5d:b5: 39:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:9B:7C:46:03:7A:AE:FA:2A:26:80:73:61:F3:0A:D0:AF:0B:9A:D7 X509v3 Authority Key Identifier: keyid:28:80:47:4A:96:16:1D:DE:29:42:CF:B9:F1:85:6C:2F:FC:88:09:04 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KIBHSpYWHd4pQs-58YVsL_yICQQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/693cc3-ab75-44c6-a740-7461a56ce95e/1/KIBHSpYWHd4pQs-58YVsL_yICQQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/693cc3-ab75-44c6-a740-7461a56ce95e/1/KIBHSpYWHd4pQs-58YVsL_yICQQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8d:3f:1e:83:fd:a6:dd:1d:ba:f8:69:18:43:a0:ca:85:82:65: 89:53:38:06:35:c5:cc:f9:d1:9e:83:e7:89:7b:03:13:0a:21: d6:23:67:f4:dc:45:76:9b:2a:42:aa:da:42:6b:fa:11:c1:6d: 60:77:ba:9e:1d:27:79:94:da:d9:d9:cb:3f:5e:00:5f:15:fa: 36:d0:ca:29:6f:86:94:58:88:63:68:41:ca:80:e5:57:b6:2d: 68:0c:d5:c0:83:c1:84:1f:2e:f1:ad:db:72:c9:cd:0c:a3:b3: 6c:1e:4c:1e:e0:1d:5f:e5:4e:3e:f7:f9:d1:66:8a:1c:44:9c: 1a:13:68:62:92:f6:e9:70:7f:ad:70:72:3c:df:8d:26:43:bc: fb:ef:6e:db:7b:6e:ce:b2:08:3d:05:dc:65:35:6c:8e:43:fa: fa:ce:17:1e:d7:35:ad:a5:94:1c:2a:f2:86:19:54:87:6a:a2: 87:15:08:59:53:79:33:67:f8:2a:91:86:f1:3c:25:0f:d6:8c: 03:d3:90:56:8f:42:1a:72:8d:4d:9a:c5:06:d7:4d:05:02:8a: ad:08:f7:1b:a1:b3:a5:de:f9:0f:6e:a0:be:4e:07:a0:77:34: 60:5e:15:9a:10:11:c1:85:46:a6:9f:ef:23:72:d1:4d:53:7b: 9c:04:75:ae -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtaGmy4NkqnvKrwhaIxfilrMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI4ODA0NzRhOTYxNjFkZGUyOTQyY2ZiOWYxODU2YzJmZmM4 ODA5MDQwHhcNMjUxMjI2MTAwMDM5WhcNMjUxMjI3MTAwMDM5WjAzMTEwLwYDVQQD Eyg3MjliN2M0NjAzN2FhZWZhMmEyNjgwNzM2MWYzMGFkMGFmMGI5YWQ3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8rnzeyMAtnF7UcDF9n5ouSinXmr4 O2xcJdTejzM+f9GqFy0o8LJk1H8iaa7+PXnhJW7yzu3YxitRceh1K9vVHbEnA0PK Z5/nGatQvUHOq2jQqfjqhaziMaqEtPck2vMnLsrMvkrxUAb0iXzI+X9OzrRt2z6J TZqTCFpIzn+cMJAoEb9YgDSEEc8DOZnvCDOi+SKP2qncXbNQmDi7O5uYGYqJ0DjX jnnP0l3pibZHQUZqS+TVcADnh5sIqFk9tcCejTlntCfzZC6I0hTH569/xO/xmGw4 eaa+zvwGeMCnxr4oYg7a3r0hHMS1+ppd3TaMPu96H50DfHZMnUdyXbU5fwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHKbfEYDeq76KiaAc2HzCtCvC5rXMB8GA1UdIwQY MBaAFCiAR0qWFh3eKULPufGFbC/8iAkEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS0lCSFNwWVdIZDRwUXMtNThZVnNMX3lJQ1FRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS82OTNjYzMtYWI3NS00NGM2LWE3NDAt NzQ2MWE1NmNlOTVlLzEvS0lCSFNwWVdIZDRwUXMtNThZVnNMX3lJQ1FRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYS82OTNjYzMtYWI3NS00NGM2LWE3NDAtNzQ2MWE1NmNlOTVl LzEvS0lCSFNwWVdIZDRwUXMtNThZVnNMX3lJQ1FRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAjT8eg/2m 3R26+GkYQ6DKhYJliVM4BjXFzPnRnoPniXsDEwoh1iNn9NxFdpsqQqraQmv6EcFt YHe6nh0neZTa2dnLP14AXxX6NtDKKW+GlFiIY2hByoDlV7YtaAzVwIPBhB8u8a3b csnNDKOzbB5MHuAdX+VOPvf50WaKHEScGhNoYpL26XB/rXByPN+NJkO8++9u23tu zrIIPQXcZTVsjkP6+s4XHtc1raWUHCryhhlUh2qihxUIWVN5M2f4KpGG8TwlD9aM A9OQVo9CGnKNTZrFBtdNBQKKrQj3G6Gzpd75D26gvk4HoHc0YF4VmhARwYVGpp/v I3LRTVN7nAR1rg== -----END CERTIFICATE-----Generated at Fri Dec 26 16:00:55 2025 by rpki-client