This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/1d72ce-be4c-4498-a823-3aebc9f817ce/1/KXpCKXFPNOKdPZKyX3tZx0jw38Y.mft File: KXpCKXFPNOKdPZKyX3tZx0jw38Y.mft (raw, json) Hash identifier: sF0CB5k5viqh84ZagNchcUmj3n2633CroAe30CbErvk= Subject key identifier: B5:69:A2:A7:EE:20:FE:D0:1C:37:D0:E4:D4:4F:B1:AE:FD:9A:18:44 Authority key identifier: 29:7A:42:29:71:4F:34:E2:9D:3D:92:B2:5F:7B:59:C7:48:F0:DF:C6 Certificate issuer: /CN=297a4229714f34e29d3d92b25f7b59c748f0dfc6 Certificate serial: 019B481484714366CDF3660DE74D12358465 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KXpCKXFPNOKdPZKyX3tZx0jw38Y.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/1d72ce-be4c-4498-a823-3aebc9f817ce/1/KXpCKXFPNOKdPZKyX3tZx0jw38Y.mft Manifest number: 0A1C Signing time: Mon 22 Dec 2025 22:01:02 +0000 Manifest this update: Mon 22 Dec 2025 22:01:02 +0000 Manifest next update: Tue 23 Dec 2025 22:01:02 +0000 Files and hashes: 1: IrS-qV3W0Ik-KE138sR-ycmjsj0.roa (hash: ZrhZqy7V3sNpl24EYUX1sc+YyDytYvN7JDm/U17ihTc=) 2: KXpCKXFPNOKdPZKyX3tZx0jw38Y.crl (hash: oOiK98lU1Bka+n8dsOpHzCuv22xULmFqRR4iMqsRG78=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e4/1d72ce-be4c-4498-a823-3aebc9f817ce/1/KXpCKXFPNOKdPZKyX3tZx0jw38Y.crl rsync://rpki.ripe.net/repository/DEFAULT/e4/1d72ce-be4c-4498-a823-3aebc9f817ce/1/KXpCKXFPNOKdPZKyX3tZx0jw38Y.mft rsync://rpki.ripe.net/repository/DEFAULT/KXpCKXFPNOKdPZKyX3tZx0jw38Y.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 22:01:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:48:14:84:71:43:66:cd:f3:66:0d:e7:4d:12:35:84:65 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=297a4229714f34e29d3d92b25f7b59c748f0dfc6 Validity Not Before: Dec 22 22:01:02 2025 GMT Not After : Dec 23 22:01:02 2025 GMT Subject: CN=b569a2a7ee20fed01c37d0e4d44fb1aefd9a1844 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:dd:3f:bb:96:30:e4:e7:0b:b7:4f:74:0d:cd: de:62:b2:df:12:88:1c:7f:16:bc:9a:bd:70:8b:e4: 9e:e4:06:13:21:15:9c:c3:e2:bf:da:41:37:ba:16: f7:5e:7d:f6:12:c0:53:aa:d4:dc:87:22:e9:af:2a: 78:08:b5:7d:de:cd:64:5d:d7:8a:9f:69:e5:44:61: a8:2a:f9:1a:88:b6:22:f6:2a:f6:68:20:47:80:ed: 14:9a:10:10:3e:79:03:89:d1:25:da:88:26:77:64: c7:52:15:88:09:05:30:91:33:1a:09:92:98:5e:f8: 8b:3e:29:4a:d8:04:66:2c:3c:6a:bf:6c:74:6e:c1: ff:71:6e:7a:fc:fc:e8:6e:86:e6:a4:c4:63:a5:57: c8:13:3f:3a:a7:0a:2f:56:be:11:3c:09:b7:0e:37: d0:61:e5:ee:ab:89:19:de:df:bc:25:8e:5c:ad:87: 9e:ca:e1:ed:13:f6:e6:60:c6:e5:3b:4b:2b:2e:52: 28:2f:d1:d0:5c:49:d8:65:5c:eb:4d:f1:4e:a7:cc: 17:48:97:f5:50:4b:f7:90:fc:7e:44:56:33:8d:fe: ab:8a:7d:eb:3a:62:d6:f2:a7:fc:70:57:47:51:31: 3e:aa:99:97:4f:27:40:70:a3:18:93:eb:cd:e5:95: 82:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B5:69:A2:A7:EE:20:FE:D0:1C:37:D0:E4:D4:4F:B1:AE:FD:9A:18:44 X509v3 Authority Key Identifier: keyid:29:7A:42:29:71:4F:34:E2:9D:3D:92:B2:5F:7B:59:C7:48:F0:DF:C6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KXpCKXFPNOKdPZKyX3tZx0jw38Y.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/1d72ce-be4c-4498-a823-3aebc9f817ce/1/KXpCKXFPNOKdPZKyX3tZx0jw38Y.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/1d72ce-be4c-4498-a823-3aebc9f817ce/1/KXpCKXFPNOKdPZKyX3tZx0jw38Y.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b7:33:a8:99:62:2e:a8:b3:1f:9c:7f:d8:e6:2d:3e:8b:79:cb: ee:3e:d6:62:8c:7e:78:53:0b:6c:55:32:bb:c9:ba:9f:c0:7c: 2d:cf:72:15:f5:bd:53:76:33:05:9a:a2:b8:a3:b3:f8:6b:90: d7:fa:0a:85:92:d2:a8:9b:58:fc:db:9b:ff:f7:ee:ff:7e:80: 9c:c8:4c:df:7f:ff:bd:a5:21:ea:71:0b:4b:be:9b:2d:9a:66: 61:8b:78:c5:a5:f3:c2:c8:52:ff:e8:45:b2:14:fb:a1:59:bf: ff:ec:51:2b:94:a3:54:91:7d:a7:4f:ff:55:47:9d:9d:07:72: 5f:e1:af:c6:2e:33:62:50:58:41:c0:82:d7:62:e3:a5:22:42: 4c:e7:a6:8f:2b:b8:62:de:5a:0e:75:6d:c5:ca:5b:7c:5c:42: 7f:57:a3:4b:39:4a:a9:f1:98:25:d8:d0:19:de:05:fe:dd:9d: 67:b7:79:9a:6a:b6:0d:1f:13:d0:3b:22:83:1e:40:60:e6:45: 58:6b:cf:8b:ac:a4:81:26:69:f5:c3:89:5d:48:17:64:a6:a8: dd:46:49:aa:bc:a6:09:d1:a4:b0:ab:e9:05:62:9d:91:1a:46: a9:24:86:99:a7:65:8a:e7:79:e7:64:70:d5:46:6d:27:0d:2a: ff:4e:8d:9f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtIFIRxQ2bN82YN500SNYRlMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI5N2E0MjI5NzE0ZjM0ZTI5ZDNkOTJiMjVmN2I1OWM3NDhm MGRmYzYwHhcNMjUxMjIyMjIwMTAyWhcNMjUxMjIzMjIwMTAyWjAzMTEwLwYDVQQD EyhiNTY5YTJhN2VlMjBmZWQwMWMzN2QwZTRkNDRmYjFhZWZkOWExODQ0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnd0/u5Yw5OcLt090Dc3eYrLfEogc fxa8mr1wi+Se5AYTIRWcw+K/2kE3uhb3Xn32EsBTqtTchyLpryp4CLV93s1kXdeK n2nlRGGoKvkaiLYi9ir2aCBHgO0UmhAQPnkDidEl2ogmd2THUhWICQUwkTMaCZKY XviLPilK2ARmLDxqv2x0bsH/cW56/PzobobmpMRjpVfIEz86pwovVr4RPAm3DjfQ YeXuq4kZ3t+8JY5crYeeyuHtE/bmYMblO0srLlIoL9HQXEnYZVzrTfFOp8wXSJf1 UEv3kPx+RFYzjf6rin3rOmLW8qf8cFdHUTE+qpmXTydAcKMYk+vN5ZWCeQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLVpoqfuIP7QHDfQ5NRPsa79mhhEMB8GA1UdIwQY MBaAFCl6QilxTzTinT2Ssl97WcdI8N/GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS1hwQ0tYRlBOT0tkUFpLeVgzdFp4MGp3MzhZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC8xZDcyY2UtYmU0Yy00NDk4LWE4MjMt M2FlYmM5ZjgxN2NlLzEvS1hwQ0tYRlBOT0tkUFpLeVgzdFp4MGp3MzhZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lNC8xZDcyY2UtYmU0Yy00NDk4LWE4MjMtM2FlYmM5ZjgxN2Nl LzEvS1hwQ0tYRlBOT0tkUFpLeVgzdFp4MGp3MzhZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtzOomWIu qLMfnH/Y5i0+i3nL7j7WYox+eFMLbFUyu8m6n8B8Lc9yFfW9U3YzBZqiuKOz+GuQ 1/oKhZLSqJtY/Nub//fu/36AnMhM33//vaUh6nELS76bLZpmYYt4xaXzwshS/+hF shT7oVm//+xRK5SjVJF9p0//VUednQdyX+Gvxi4zYlBYQcCC12LjpSJCTOemjyu4 Yt5aDnVtxcpbfFxCf1ejSzlKqfGYJdjQGd4F/t2dZ7d5mmq2DR8T0Dsigx5AYOZF WGvPi6ykgSZp9cOJXUgXZKao3UZJqrymCdGksKvpBWKdkRpGqSSGmadliud552Rw 1UZtJw0q/06Nnw== -----END CERTIFICATE-----Generated at Tue Dec 23 03:16:25 2025 by rpki-client