This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/43a672-d151-4c4e-9809-149f6365ffda/1/KgGcraFj42jMM2J2PyBrPerE0yA.mft File: KgGcraFj42jMM2J2PyBrPerE0yA.mft (raw, json) Hash identifier: R1fixwJNA/+btJ33OV9YStBPS+rv+QYn9yyhsi/zfTc= Subject key identifier: BD:54:DE:67:1E:BE:E6:81:36:93:0A:C1:8B:EC:4F:B3:FE:91:F9:AE Authority key identifier: 2A:01:9C:AD:A1:63:E3:68:CC:33:62:76:3F:20:6B:3D:EA:C4:D3:20 Certificate issuer: /CN=2a019cada163e368cc3362763f206b3deac4d320 Certificate serial: 019B33E8DBB4AE2335D753DA36C3A248E216 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KgGcraFj42jMM2J2PyBrPerE0yA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/43a672-d151-4c4e-9809-149f6365ffda/1/KgGcraFj42jMM2J2PyBrPerE0yA.mft Manifest number: 0CF2 Signing time: Fri 19 Dec 2025 00:00:57 +0000 Manifest this update: Fri 19 Dec 2025 00:00:57 +0000 Manifest next update: Sat 20 Dec 2025 00:00:57 +0000 Files and hashes: 1: KgGcraFj42jMM2J2PyBrPerE0yA.crl (hash: 9tMtSFLfckXlS0TItYIf1DeGX20lpMOYNVm/qFZLsHw=) 2: aZtA3Tb82BUczOl9SsTYverE7lI.roa (hash: LK8Z2BqrNCcDSNuABGRySwkLhGqKgLJf/sHl1VyEOIw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/43a672-d151-4c4e-9809-149f6365ffda/1/KgGcraFj42jMM2J2PyBrPerE0yA.crl rsync://rpki.ripe.net/repository/DEFAULT/f2/43a672-d151-4c4e-9809-149f6365ffda/1/KgGcraFj42jMM2J2PyBrPerE0yA.mft rsync://rpki.ripe.net/repository/DEFAULT/KgGcraFj42jMM2J2PyBrPerE0yA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:33:e8:db:b4:ae:23:35:d7:53:da:36:c3:a2:48:e2:16 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a019cada163e368cc3362763f206b3deac4d320 Validity Not Before: Dec 19 00:00:57 2025 GMT Not After : Dec 20 00:00:57 2025 GMT Subject: CN=bd54de671ebee68136930ac18bec4fb3fe91f9ae Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:c9:10:2d:07:92:fa:67:ab:af:10:f3:77:1c: c5:63:fd:5a:ca:2f:2a:b8:cb:2e:ab:e7:24:42:da: cf:2f:1c:32:60:ce:85:11:f5:70:5f:b6:bd:ba:a7: 53:d5:6a:ab:2f:55:0f:23:81:9c:01:ae:02:ac:23: 76:a3:16:7c:b0:4b:ba:4c:c4:01:c7:03:56:cc:c3: cf:b6:80:e7:1c:e1:dc:b5:e0:36:6e:76:74:fa:29: c7:15:75:ef:d3:7e:cc:52:60:48:8f:96:19:c6:8e: 5f:2b:2e:f7:b9:62:05:2a:cf:38:f0:e0:ad:fd:d6: 95:4f:67:b1:9f:8b:57:0a:a3:6f:53:55:bd:d7:b6: 26:45:34:fc:47:1b:95:d1:e7:c7:65:7a:35:73:0b: 61:bb:99:4f:a4:9c:df:1a:69:41:0b:d4:61:a9:4b: c1:06:5c:0f:21:24:96:f2:05:39:4a:a1:7d:d8:74: 89:56:4b:3a:2c:63:ba:6d:0e:0d:e1:79:05:0b:fe: 90:66:83:e5:99:e0:91:9f:20:a2:76:2a:d3:d4:47: 01:68:46:b9:64:1f:36:3c:d0:af:5a:40:92:e3:72: c8:0f:fc:9b:d0:6c:05:d3:6a:1d:f4:39:bb:6b:84: 39:2d:23:ba:1e:65:ce:99:75:1d:e2:13:36:2a:02: 52:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BD:54:DE:67:1E:BE:E6:81:36:93:0A:C1:8B:EC:4F:B3:FE:91:F9:AE X509v3 Authority Key Identifier: keyid:2A:01:9C:AD:A1:63:E3:68:CC:33:62:76:3F:20:6B:3D:EA:C4:D3:20 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KgGcraFj42jMM2J2PyBrPerE0yA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/43a672-d151-4c4e-9809-149f6365ffda/1/KgGcraFj42jMM2J2PyBrPerE0yA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/43a672-d151-4c4e-9809-149f6365ffda/1/KgGcraFj42jMM2J2PyBrPerE0yA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2c:bc:c3:fe:b9:e9:ed:cf:41:62:9a:9f:54:7a:84:9f:3f:ce: 86:96:fa:c8:58:ec:db:5f:3a:d0:a7:f9:69:02:61:0b:7f:cc: 22:06:15:16:70:01:a7:ce:74:e1:57:63:fb:0b:de:f9:51:7e: c3:d1:fa:61:44:58:c4:b8:1c:5d:08:93:ce:e1:22:bb:37:73: 06:d3:af:16:c3:6d:8e:93:07:a4:53:31:02:93:d7:35:f0:7b: 08:44:dc:32:8c:3b:24:04:9c:96:79:65:cc:d6:40:43:9c:95: d8:50:73:6e:77:37:f6:18:6b:7e:9c:bf:db:42:ca:a7:3e:f3: b2:ed:7b:2d:72:4b:66:b0:00:a5:62:f7:57:81:61:c2:41:14: f3:cb:25:ed:1e:0f:34:08:53:8e:55:e6:64:66:fa:c1:1e:35: 98:15:99:13:a8:2e:f6:6e:ef:04:8c:b1:59:f8:c2:60:6d:b2: 33:a9:90:7d:f7:c5:9c:20:ef:28:0b:3c:ee:0d:45:49:ae:3b: 68:24:79:96:55:8d:52:23:60:f1:26:0e:79:33:29:9c:79:2d: 0e:4c:4a:da:64:53:fe:7e:6a:70:7c:7d:24:d6:9c:f6:7e:0e: c2:44:2e:4e:92:1b:a1:3d:bf:e3:b1:b4:b9:e7:37:0d:2f:78: 93:d0:74:5a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsz6Nu0riM111PaNsOiSOIWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhMDE5Y2FkYTE2M2UzNjhjYzMzNjI3NjNmMjA2YjNkZWFj NGQzMjAwHhcNMjUxMjE5MDAwMDU3WhcNMjUxMjIwMDAwMDU3WjAzMTEwLwYDVQQD EyhiZDU0ZGU2NzFlYmVlNjgxMzY5MzBhYzE4YmVjNGZiM2ZlOTFmOWFlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqckQLQeS+merrxDzdxzFY/1ayi8q uMsuq+ckQtrPLxwyYM6FEfVwX7a9uqdT1WqrL1UPI4GcAa4CrCN2oxZ8sEu6TMQB xwNWzMPPtoDnHOHcteA2bnZ0+inHFXXv037MUmBIj5YZxo5fKy73uWIFKs848OCt /daVT2exn4tXCqNvU1W917YmRTT8RxuV0efHZXo1cwthu5lPpJzfGmlBC9RhqUvB BlwPISSW8gU5SqF92HSJVks6LGO6bQ4N4XkFC/6QZoPlmeCRnyCidirT1EcBaEa5 ZB82PNCvWkCS43LID/yb0GwF02od9Dm7a4Q5LSO6HmXOmXUd4hM2KgJSPQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFL1U3mcevuaBNpMKwYvsT7P+kfmuMB8GA1UdIwQY MBaAFCoBnK2hY+NozDNidj8gaz3qxNMgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS2dHY3JhRmo0MmpNTTJKMlB5QnJQZXJFMHlBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi80M2E2NzItZDE1MS00YzRlLTk4MDkt MTQ5ZjYzNjVmZmRhLzEvS2dHY3JhRmo0MmpNTTJKMlB5QnJQZXJFMHlBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mMi80M2E2NzItZDE1MS00YzRlLTk4MDktMTQ5ZjYzNjVmZmRh LzEvS2dHY3JhRmo0MmpNTTJKMlB5QnJQZXJFMHlBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALLzD/rnp 7c9BYpqfVHqEnz/Ohpb6yFjs21860Kf5aQJhC3/MIgYVFnABp8504Vdj+wve+VF+ w9H6YURYxLgcXQiTzuEiuzdzBtOvFsNtjpMHpFMxApPXNfB7CETcMow7JASclnll zNZAQ5yV2FBzbnc39hhrfpy/20LKpz7zsu17LXJLZrAApWL3V4FhwkEU88sl7R4P NAhTjlXmZGb6wR41mBWZE6gu9m7vBIyxWfjCYG2yM6mQfffFnCDvKAs87g1FSa47 aCR5llWNUiNg8SYOeTMpnHktDkxK2mRT/n5qcHx9JNac9n4OwkQuTpIboT2/47G0 uec3DS94k9B0Wg== -----END CERTIFICATE-----Generated at Fri Dec 19 04:49:04 2025 by rpki-client