This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/d2ff5b-0008-4572-9380-976c04bdf18f/1/KeoL3n9pK8X9wLFoumFKAnLy5k0.mft File: KeoL3n9pK8X9wLFoumFKAnLy5k0.mft (raw, json) Hash identifier: +hymn56db1IPZqbXVNzexC5BuLHk/9qlxYjQvPGUbKo= Subject key identifier: 2B:58:A4:1D:EE:85:5F:74:7E:90:84:B3:AF:0C:FE:45:3A:94:3D:33 Authority key identifier: 29:EA:0B:DE:7F:69:2B:C5:FD:C0:B1:68:BA:61:4A:02:72:F2:E6:4D Certificate issuer: /CN=29ea0bde7f692bc5fdc0b168ba614a0272f2e64d Certificate serial: 019B0E255E03919BDAB787AE650D46D16D90 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KeoL3n9pK8X9wLFoumFKAnLy5k0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/d2ff5b-0008-4572-9380-976c04bdf18f/1/KeoL3n9pK8X9wLFoumFKAnLy5k0.mft Manifest number: 0DDB Signing time: Thu 11 Dec 2025 16:01:28 +0000 Manifest this update: Thu 11 Dec 2025 16:01:28 +0000 Manifest next update: Fri 12 Dec 2025 16:01:28 +0000 Files and hashes: 1: 9cEvXYVcBJeRVXoK10hhOCyNhJY.roa (hash: ihTe2JjgXGvlLA7K+HxYQQd7iWcLoXsDNyag9kYHBGk=) 2: KeoL3n9pK8X9wLFoumFKAnLy5k0.crl (hash: qBSBRB6bPC4cZfnirEQNb/ZsU4WbE5GC9QA3IeV1vMc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/d2ff5b-0008-4572-9380-976c04bdf18f/1/KeoL3n9pK8X9wLFoumFKAnLy5k0.crl rsync://rpki.ripe.net/repository/DEFAULT/d0/d2ff5b-0008-4572-9380-976c04bdf18f/1/KeoL3n9pK8X9wLFoumFKAnLy5k0.mft rsync://rpki.ripe.net/repository/DEFAULT/KeoL3n9pK8X9wLFoumFKAnLy5k0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 12 Dec 2025 14:45:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:0e:25:5e:03:91:9b:da:b7:87:ae:65:0d:46:d1:6d:90 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=29ea0bde7f692bc5fdc0b168ba614a0272f2e64d Validity Not Before: Dec 11 16:01:28 2025 GMT Not After : Dec 12 16:01:28 2025 GMT Subject: CN=2b58a41dee855f747e9084b3af0cfe453a943d33 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:24:7c:59:f4:3a:25:15:f3:2d:8d:66:67:43: 75:20:ef:30:ff:95:29:21:56:a6:26:78:be:72:05: 56:89:bd:e0:35:50:44:c8:40:3e:b5:54:04:13:18: e9:27:0e:05:4f:90:5c:21:23:a6:fc:a8:48:e9:0b: 00:76:18:a8:53:b0:3c:6b:03:0f:16:15:a7:2a:dc: 1b:94:03:4d:86:e0:ed:28:9a:e3:db:bf:55:b2:30: b4:42:d1:57:cd:bb:8b:91:60:98:94:9c:52:d8:e4: ee:5d:23:d9:c6:ff:08:ae:f7:ea:a9:93:a3:8e:42: 25:6d:b2:24:94:24:13:c2:a3:54:b9:e2:42:ce:67: 93:be:67:52:fd:5c:ac:83:f6:46:f2:ad:7f:7d:07: 21:6e:18:37:8f:ff:9a:ac:87:3f:41:7b:88:6b:2f: 20:a1:99:ac:21:c2:04:2c:22:64:c8:1d:7f:53:27: 15:2f:e3:ce:1e:7b:af:c0:b9:84:56:1e:5e:27:42: 6f:03:42:eb:74:52:a1:f1:3e:06:c2:97:25:c4:cf: ee:3f:b5:42:58:bf:ca:27:5a:cf:72:85:99:37:7e: 87:77:65:f4:69:a7:b6:56:e7:07:8a:c5:90:0b:60: 75:85:f5:b9:63:13:5d:e2:ce:22:e4:5d:db:d3:e3: 92:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:58:A4:1D:EE:85:5F:74:7E:90:84:B3:AF:0C:FE:45:3A:94:3D:33 X509v3 Authority Key Identifier: keyid:29:EA:0B:DE:7F:69:2B:C5:FD:C0:B1:68:BA:61:4A:02:72:F2:E6:4D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KeoL3n9pK8X9wLFoumFKAnLy5k0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/d2ff5b-0008-4572-9380-976c04bdf18f/1/KeoL3n9pK8X9wLFoumFKAnLy5k0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/d2ff5b-0008-4572-9380-976c04bdf18f/1/KeoL3n9pK8X9wLFoumFKAnLy5k0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7f:50:29:b0:6b:fa:f6:f2:58:e0:55:7e:e3:d8:11:50:a7:dd: 3c:55:ae:79:81:73:f8:7d:38:d6:4e:ec:59:bd:95:9b:e9:90: 19:a8:fe:7f:30:b9:49:7b:e9:66:1e:3e:ed:82:53:4e:4c:69: c2:c9:c1:f4:2e:25:ce:45:b0:c2:07:6f:ef:89:07:63:23:ef: a7:70:15:95:d5:89:21:e5:a9:5b:c6:a9:24:af:ce:4e:af:42: 7b:fe:8d:49:bb:e6:92:6c:46:7b:4a:98:26:a6:f5:6f:58:25: 71:db:e2:56:1c:1c:b4:db:c1:de:41:0d:3b:9b:19:dc:50:f9: aa:70:c8:97:63:d9:e6:6e:24:ed:25:c4:37:f2:da:ef:9d:1c: e3:82:42:cf:38:ca:f4:01:89:91:92:2c:ce:3c:e1:0f:e4:f8: dc:26:a3:dc:d6:71:e5:41:af:98:14:a8:f6:11:db:40:a3:18: 5b:a8:be:40:01:1e:1c:3a:a4:d1:9b:ff:81:bb:76:72:b7:d2: 43:1c:c4:ec:7d:ad:b7:a7:ec:68:55:9d:74:94:f2:49:09:b7: 00:d4:6d:8f:8f:af:4d:5b:41:30:94:f9:d5:a2:ca:c8:a0:c7: 29:9e:f1:73:ae:68:71:64:55:99:a5:08:7e:59:68:40:b7:20: 5a:af:b2:62 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsOJV4DkZvat4euZQ1G0W2QMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI5ZWEwYmRlN2Y2OTJiYzVmZGMwYjE2OGJhNjE0YTAyNzJm MmU2NGQwHhcNMjUxMjExMTYwMTI4WhcNMjUxMjEyMTYwMTI4WjAzMTEwLwYDVQQD EygyYjU4YTQxZGVlODU1Zjc0N2U5MDg0YjNhZjBjZmU0NTNhOTQzZDMzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAriR8WfQ6JRXzLY1mZ0N1IO8w/5Up IVamJni+cgVWib3gNVBEyEA+tVQEExjpJw4FT5BcISOm/KhI6QsAdhioU7A8awMP FhWnKtwblANNhuDtKJrj279VsjC0QtFXzbuLkWCYlJxS2OTuXSPZxv8IrvfqqZOj jkIlbbIklCQTwqNUueJCzmeTvmdS/Vysg/ZG8q1/fQchbhg3j/+arIc/QXuIay8g oZmsIcIELCJkyB1/UycVL+POHnuvwLmEVh5eJ0JvA0LrdFKh8T4GwpclxM/uP7VC WL/KJ1rPcoWZN36Hd2X0aae2VucHisWQC2B1hfW5YxNd4s4i5F3b0+OSBQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCtYpB3uhV90fpCEs68M/kU6lD0zMB8GA1UdIwQY MBaAFCnqC95/aSvF/cCxaLphSgJy8uZNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS2VvTDNuOXBLOFg5d0xGb3VtRktBbkx5NWswLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9kMmZmNWItMDAwOC00NTcyLTkzODAt OTc2YzA0YmRmMThmLzEvS2VvTDNuOXBLOFg5d0xGb3VtRktBbkx5NWswLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMC9kMmZmNWItMDAwOC00NTcyLTkzODAtOTc2YzA0YmRmMThm LzEvS2VvTDNuOXBLOFg5d0xGb3VtRktBbkx5NWswLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAf1ApsGv6 9vJY4FV+49gRUKfdPFWueYFz+H041k7sWb2Vm+mQGaj+fzC5SXvpZh4+7YJTTkxp wsnB9C4lzkWwwgdv74kHYyPvp3AVldWJIeWpW8apJK/OTq9Ce/6NSbvmkmxGe0qY Jqb1b1glcdviVhwctNvB3kENO5sZ3FD5qnDIl2PZ5m4k7SXEN/La750c44JCzzjK 9AGJkZIszjzhD+T43Caj3NZx5UGvmBSo9hHbQKMYW6i+QAEeHDqk0Zv/gbt2crfS QxzE7H2tt6fsaFWddJTySQm3ANRtj4+vTVtBMJT51aLKyKDHKZ7xc65ocWRVmaUI flloQLcgWq+yYg== -----END CERTIFICATE-----Generated at Thu Dec 11 22:35:58 2025 by rpki-client