This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/6541b4-7424-4758-bd32-5e4041d93008/1/KxlTcbTPcLiOdz4bgHyyORYyOFs.mft File: KxlTcbTPcLiOdz4bgHyyORYyOFs.mft (raw, json) Hash identifier: GrvDfWhVS7lN4V+EIgAZfAIA/ejN1vZLaeMXwZkdgr8= Subject key identifier: 0F:97:67:65:8F:28:F1:2A:7E:35:26:8D:BC:F3:AF:AA:26:5D:4D:A8 Authority key identifier: 2B:19:53:71:B4:CF:70:B8:8E:77:3E:1B:80:7C:B2:39:16:32:38:5B Certificate issuer: /CN=2b195371b4cf70b88e773e1b807cb2391632385b Certificate serial: 019AFEB3F3234E8CF08168B93E1C55F833A3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KxlTcbTPcLiOdz4bgHyyORYyOFs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/6541b4-7424-4758-bd32-5e4041d93008/1/KxlTcbTPcLiOdz4bgHyyORYyOFs.mft Manifest number: 49 Signing time: Mon 08 Dec 2025 16:03:17 +0000 Manifest this update: Mon 08 Dec 2025 16:03:17 +0000 Manifest next update: Tue 09 Dec 2025 16:03:17 +0000 Files and hashes: 1: KxlTcbTPcLiOdz4bgHyyORYyOFs.crl (hash: sSwDnlOqSZ81dR75ZhoNHMXDZSLfbZOFUJWGd1178DQ=) 2: RcBxveXi_aoz_FeIeMxnhBQusXA.roa (hash: JDMtMYQL2yTP3JmageJpAIJjq7tYWuu1s/9pPUz+mME=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/6541b4-7424-4758-bd32-5e4041d93008/1/KxlTcbTPcLiOdz4bgHyyORYyOFs.crl rsync://rpki.ripe.net/repository/DEFAULT/fa/6541b4-7424-4758-bd32-5e4041d93008/1/KxlTcbTPcLiOdz4bgHyyORYyOFs.mft rsync://rpki.ripe.net/repository/DEFAULT/KxlTcbTPcLiOdz4bgHyyORYyOFs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 09 Dec 2025 15:46:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:fe:b3:f3:23:4e:8c:f0:81:68:b9:3e:1c:55:f8:33:a3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2b195371b4cf70b88e773e1b807cb2391632385b Validity Not Before: Dec 8 16:03:17 2025 GMT Not After : Dec 9 16:03:17 2025 GMT Subject: CN=0f9767658f28f12a7e35268dbcf3afaa265d4da8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:e6:da:a9:98:5d:85:5c:52:80:f1:b7:d9:51: 5a:c9:20:6b:95:f5:36:91:ee:f9:66:50:bc:fd:75: 25:9c:b6:a8:2c:6a:b7:66:c7:4a:3c:ad:00:19:21: 96:0d:23:a0:ea:ab:a9:81:ce:ec:1e:37:71:4c:60: 98:d9:a4:ce:d0:68:f2:11:c9:e4:bd:29:dd:ce:f3: 61:42:24:a7:43:dd:e3:b8:f3:53:ba:1f:b4:9e:6d: ae:72:00:7c:43:38:6d:08:d8:16:ba:19:15:44:f7: e5:09:a3:c6:6f:3d:1e:0e:b3:df:6c:8f:b3:4b:93: b2:55:e4:d8:99:ca:96:74:7c:db:47:84:5e:a5:1e: 96:62:87:88:36:c2:fe:f2:80:3d:93:90:62:5f:01: eb:f5:6b:01:39:04:77:22:b8:7a:cd:88:1e:89:39: fe:f4:96:d4:43:d4:66:6b:58:fb:d3:ea:6d:34:b6: e4:98:6b:d9:3c:64:ae:15:77:6f:6a:ca:fe:7a:5a: a8:51:84:33:d7:c0:1d:62:14:fc:1f:19:da:eb:d9: 00:01:15:b8:c0:a0:09:14:fa:32:36:f2:b0:e0:1f: d0:1b:60:13:0f:c8:b4:7c:bb:dd:bf:9b:45:cb:49: a0:34:ad:01:69:47:a3:4e:e8:ab:32:39:de:7f:2c: 0e:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0F:97:67:65:8F:28:F1:2A:7E:35:26:8D:BC:F3:AF:AA:26:5D:4D:A8 X509v3 Authority Key Identifier: keyid:2B:19:53:71:B4:CF:70:B8:8E:77:3E:1B:80:7C:B2:39:16:32:38:5B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KxlTcbTPcLiOdz4bgHyyORYyOFs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/6541b4-7424-4758-bd32-5e4041d93008/1/KxlTcbTPcLiOdz4bgHyyORYyOFs.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/6541b4-7424-4758-bd32-5e4041d93008/1/KxlTcbTPcLiOdz4bgHyyORYyOFs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 64:ef:ea:2d:78:60:9f:a3:5a:98:16:46:1c:67:e0:be:ce:2b: 0b:d3:cb:d5:0f:fa:57:b3:dc:6b:b8:8e:53:d2:b7:0a:21:42: 88:a6:78:0e:14:49:49:b5:98:b8:7c:e4:b3:9e:ac:a2:6b:f4: c7:bd:f3:41:69:10:45:0f:89:c8:6b:a4:95:bf:08:38:2c:27: 18:ac:dc:2b:74:0c:e6:a5:06:c8:84:49:ca:d7:4b:74:fa:ad: bf:64:a1:35:24:62:d1:ef:68:67:59:e3:5b:d4:a8:b5:ee:1a: e4:f3:75:26:2c:d8:81:d8:18:7d:9d:53:bf:d2:ea:6a:57:82: 15:fd:4b:42:df:48:f9:ff:37:7c:01:37:d9:05:3d:2f:b8:7d: 8c:6d:6f:81:86:2a:3b:41:a0:68:15:71:63:69:b7:76:70:10: 59:b3:3d:71:e7:ee:0a:4f:e8:11:2a:f5:a7:d9:f2:a0:2a:59: 81:1c:8e:b1:d6:df:4a:cd:1b:94:37:d2:91:44:79:6a:6e:e6: 8e:8b:4a:bc:89:6f:39:78:54:80:02:4d:17:bf:03:8d:05:f3: 7e:ef:07:7d:23:09:5e:c1:c4:19:c6:72:80:96:2d:c7:11:3c: 7e:cf:6f:51:eb:f0:f5:03:25:83:67:ce:28:fe:31:53:ec:d5: ab:72:c0:be -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr+s/MjTozwgWi5PhxV+DOjMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJiMTk1MzcxYjRjZjcwYjg4ZTc3M2UxYjgwN2NiMjM5MTYz MjM4NWIwHhcNMjUxMjA4MTYwMzE3WhcNMjUxMjA5MTYwMzE3WjAzMTEwLwYDVQQD EygwZjk3Njc2NThmMjhmMTJhN2UzNTI2OGRiY2YzYWZhYTI2NWQ0ZGE4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2ebaqZhdhVxSgPG32VFaySBrlfU2 ke75ZlC8/XUlnLaoLGq3ZsdKPK0AGSGWDSOg6qupgc7sHjdxTGCY2aTO0GjyEcnk vSndzvNhQiSnQ93juPNTuh+0nm2ucgB8QzhtCNgWuhkVRPflCaPGbz0eDrPfbI+z S5OyVeTYmcqWdHzbR4RepR6WYoeINsL+8oA9k5BiXwHr9WsBOQR3Irh6zYgeiTn+ 9JbUQ9Rma1j70+ptNLbkmGvZPGSuFXdvasr+elqoUYQz18AdYhT8Hxna69kAARW4 wKAJFPoyNvKw4B/QG2ATD8i0fLvdv5tFy0mgNK0BaUejTuirMjnefywONwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFA+XZ2WPKPEqfjUmjbzzr6omXU2oMB8GA1UdIwQY MBaAFCsZU3G0z3C4jnc+G4B8sjkWMjhbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS3hsVGNiVFBjTGlPZHo0YmdIeXlPUll5T0ZzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS82NTQxYjQtNzQyNC00NzU4LWJkMzIt NWU0MDQxZDkzMDA4LzEvS3hsVGNiVFBjTGlPZHo0YmdIeXlPUll5T0ZzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mYS82NTQxYjQtNzQyNC00NzU4LWJkMzItNWU0MDQxZDkzMDA4 LzEvS3hsVGNiVFBjTGlPZHo0YmdIeXlPUll5T0ZzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZO/qLXhg n6NamBZGHGfgvs4rC9PL1Q/6V7Pca7iOU9K3CiFCiKZ4DhRJSbWYuHzks56somv0 x73zQWkQRQ+JyGuklb8IOCwnGKzcK3QM5qUGyIRJytdLdPqtv2ShNSRi0e9oZ1nj W9Sote4a5PN1JizYgdgYfZ1Tv9LqaleCFf1LQt9I+f83fAE32QU9L7h9jG1vgYYq O0GgaBVxY2m3dnAQWbM9cefuCk/oESr1p9nyoCpZgRyOsdbfSs0blDfSkUR5am7m jotKvIlvOXhUgAJNF78DjQXzfu8HfSMJXsHEGcZygJYtxxE8fs9vUevw9QMlg2fO KP4xU+zVq3LAvg== -----END CERTIFICATE-----Generated at Mon Dec 8 20:20:26 2025 by rpki-client