This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/54e498-e629-41e8-8abc-df5f20dd76ad/1/KhmTnyGLthMV6bOzez24WWCXXRQ.mft File: KhmTnyGLthMV6bOzez24WWCXXRQ.mft (raw, json) Hash identifier: OAMvYgPLnYafyDdVaVI/GCRF1j9EckWdrtd8j7kDXLY= Subject key identifier: 6D:E7:F7:72:46:8A:11:7C:87:A3:67:B5:7E:EC:29:4B:34:19:DB:E9 Authority key identifier: 2A:19:93:9F:21:8B:B6:13:15:E9:B3:B3:7B:3D:B8:59:60:97:5D:14 Certificate issuer: /CN=2a19939f218bb61315e9b3b37b3db85960975d14 Certificate serial: 019B5A884D6B1397A1D1C44DA3E9B97E1D40 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KhmTnyGLthMV6bOzez24WWCXXRQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/54e498-e629-41e8-8abc-df5f20dd76ad/1/KhmTnyGLthMV6bOzez24WWCXXRQ.mft Manifest number: 1192 Signing time: Fri 26 Dec 2025 12:00:40 +0000 Manifest this update: Fri 26 Dec 2025 12:00:40 +0000 Manifest next update: Sat 27 Dec 2025 12:00:40 +0000 Files and hashes: 1: ICnu7sUwpSSY15uEDFVsgADJKAc.roa (hash: OMIgQNcZqzMDzM+I0pk5KXUbjDdmpf89SBEO3vtX8ZE=) 2: KhmTnyGLthMV6bOzez24WWCXXRQ.crl (hash: sM5XsWQE8vWf2jstG9x/6odTi+1ln2RS3ZpNWCXfhwY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/54e498-e629-41e8-8abc-df5f20dd76ad/1/KhmTnyGLthMV6bOzez24WWCXXRQ.crl rsync://rpki.ripe.net/repository/DEFAULT/c1/54e498-e629-41e8-8abc-df5f20dd76ad/1/KhmTnyGLthMV6bOzez24WWCXXRQ.mft rsync://rpki.ripe.net/repository/DEFAULT/KhmTnyGLthMV6bOzez24WWCXXRQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:5a:88:4d:6b:13:97:a1:d1:c4:4d:a3:e9:b9:7e:1d:40 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a19939f218bb61315e9b3b37b3db85960975d14 Validity Not Before: Dec 26 12:00:40 2025 GMT Not After : Dec 27 12:00:40 2025 GMT Subject: CN=6de7f772468a117c87a367b57eec294b3419dbe9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:28:01:19:69:e0:59:f9:43:7a:76:98:cf:62: 0d:7f:79:f8:dc:69:f0:a3:67:12:95:a3:49:b3:e2: 85:c4:d5:60:74:57:1b:18:c4:8f:c5:39:50:34:56: 1d:bd:a8:07:77:ab:2b:6b:15:8d:d3:c2:41:4f:bd: cb:0a:47:8f:c0:f0:05:91:97:e1:f7:03:7d:e0:53: a9:f9:ec:d1:97:3f:e0:68:95:05:4b:30:d0:e2:7b: b6:5b:1b:3c:e9:4f:75:df:d6:66:73:23:b7:4a:c4: b4:57:0a:ba:5b:07:ae:0b:e6:30:18:30:da:ac:43: fb:9a:ae:c2:14:da:b2:72:54:e0:52:18:62:aa:1a: 82:f7:c2:53:7a:be:9d:f1:56:66:5d:c4:95:5f:8c: 14:15:f7:0b:c8:3f:d9:4c:81:49:ed:07:c5:0b:1c: 29:9b:15:7a:5f:03:50:ca:10:53:a3:8f:1c:20:c6: 38:63:48:0f:6a:e0:0e:61:b5:16:9f:22:85:4a:c0: 74:16:b9:f6:8b:fd:d2:4e:5f:3c:5f:b2:a8:1b:b0: f6:8c:0f:6a:85:44:39:28:e9:a1:df:be:19:9f:bf: 8f:af:c7:c2:be:ea:6e:b9:96:17:ab:4b:e4:ab:68: 1c:1f:e1:1f:a8:62:da:5f:a2:70:97:22:5b:50:bb: 30:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6D:E7:F7:72:46:8A:11:7C:87:A3:67:B5:7E:EC:29:4B:34:19:DB:E9 X509v3 Authority Key Identifier: keyid:2A:19:93:9F:21:8B:B6:13:15:E9:B3:B3:7B:3D:B8:59:60:97:5D:14 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KhmTnyGLthMV6bOzez24WWCXXRQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/54e498-e629-41e8-8abc-df5f20dd76ad/1/KhmTnyGLthMV6bOzez24WWCXXRQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/54e498-e629-41e8-8abc-df5f20dd76ad/1/KhmTnyGLthMV6bOzez24WWCXXRQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 40:0e:f1:6c:d5:ad:bb:c7:5a:25:55:be:c8:05:b9:49:ef:2d: 53:4f:0e:86:e0:fe:d6:4b:81:cf:ff:d6:c6:40:41:9e:36:3c: 3e:d9:5e:9d:54:33:f6:5a:1a:86:73:07:85:3a:9c:fa:49:6f: 96:9c:96:3e:bb:86:5f:5f:65:2f:23:c7:f9:96:e8:fe:17:f9: 6b:34:80:1f:37:5e:bd:b8:54:04:1d:43:2b:96:4e:10:57:9d: 40:10:9a:e5:ae:fe:db:dd:9f:9f:d3:da:a7:7a:35:91:10:19: 08:da:00:eb:8f:de:7e:90:7f:9d:da:7d:5d:7f:7a:4f:7d:f0: 77:f5:0d:5a:91:90:1d:67:66:95:ea:c7:5d:81:c9:34:f4:c9: f4:0e:94:72:25:89:c2:14:c1:2f:ca:14:31:56:15:c5:56:a7: e7:38:02:b8:a7:98:70:1a:73:31:a9:ab:77:1a:9f:1e:48:a7: ad:f6:c5:9d:55:05:94:ee:8c:17:03:be:3b:33:7c:b4:d2:cb: 94:fd:87:75:1b:7c:13:7c:b3:12:e9:77:9e:79:2d:a9:04:16: e7:ba:2a:92:cd:be:57:a5:c3:3f:3b:6f:4b:5f:dc:05:d9:97: 18:a0:93:a5:2b:cd:a5:29:bb:fd:43:4f:5c:30:b7:29:5d:2d: 8d:63:bf:ce -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtaiE1rE5eh0cRNo+m5fh1AMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhMTk5MzlmMjE4YmI2MTMxNWU5YjNiMzdiM2RiODU5NjA5 NzVkMTQwHhcNMjUxMjI2MTIwMDQwWhcNMjUxMjI3MTIwMDQwWjAzMTEwLwYDVQQD Eyg2ZGU3Zjc3MjQ2OGExMTdjODdhMzY3YjU3ZWVjMjk0YjM0MTlkYmU5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxigBGWngWflDenaYz2INf3n43Gnw o2cSlaNJs+KFxNVgdFcbGMSPxTlQNFYdvagHd6sraxWN08JBT73LCkePwPAFkZfh 9wN94FOp+ezRlz/gaJUFSzDQ4nu2Wxs86U9139ZmcyO3SsS0Vwq6WweuC+YwGDDa rEP7mq7CFNqyclTgUhhiqhqC98JTer6d8VZmXcSVX4wUFfcLyD/ZTIFJ7QfFCxwp mxV6XwNQyhBTo48cIMY4Y0gPauAOYbUWnyKFSsB0Frn2i/3STl88X7KoG7D2jA9q hUQ5KOmh374Zn7+Pr8fCvupuuZYXq0vkq2gcH+EfqGLaX6JwlyJbULswkQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFG3n93JGihF8h6NntX7sKUs0GdvpMB8GA1UdIwQY MBaAFCoZk58hi7YTFemzs3s9uFlgl10UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS2htVG55R0x0aE1WNmJPemV6MjRXV0NYWFJRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS81NGU0OTgtZTYyOS00MWU4LThhYmMt ZGY1ZjIwZGQ3NmFkLzEvS2htVG55R0x0aE1WNmJPemV6MjRXV0NYWFJRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jMS81NGU0OTgtZTYyOS00MWU4LThhYmMtZGY1ZjIwZGQ3NmFk LzEvS2htVG55R0x0aE1WNmJPemV6MjRXV0NYWFJRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQA7xbNWt u8daJVW+yAW5Se8tU08OhuD+1kuBz//WxkBBnjY8PtlenVQz9loahnMHhTqc+klv lpyWPruGX19lLyPH+Zbo/hf5azSAHzdevbhUBB1DK5ZOEFedQBCa5a7+292fn9Pa p3o1kRAZCNoA64/efpB/ndp9XX96T33wd/UNWpGQHWdmlerHXYHJNPTJ9A6UciWJ whTBL8oUMVYVxVan5zgCuKeYcBpzMamrdxqfHkinrfbFnVUFlO6MFwO+OzN8tNLL lP2HdRt8E3yzEul3nnktqQQW57oqks2+V6XDPztvS1/cBdmXGKCTpSvNpSm7/UNP XDC3KV0tjWO/zg== -----END CERTIFICATE-----Generated at Fri Dec 26 14:19:43 2025 by rpki-client