This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/d2388f-f8a9-4485-937f-840fd5352dc0/1/KmU0qslEKjlNE5oagwPcBJWcHaA.mft File: KmU0qslEKjlNE5oagwPcBJWcHaA.mft (raw, json) Hash identifier: vr/w/BN50+h4R8w6RGMwxVf6z1M9/YcJiktseY0PII8= Subject key identifier: EC:0F:93:C5:B9:E4:E2:45:73:7A:B7:F0:19:39:76:56:08:7E:85:7F Authority key identifier: 2A:65:34:AA:C9:44:2A:39:4D:13:9A:1A:83:03:DC:04:95:9C:1D:A0 Certificate issuer: /CN=2a6534aac9442a394d139a1a8303dc04959c1da0 Certificate serial: 019AF31C6789EB4B984C036683EEE45F631D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KmU0qslEKjlNE5oagwPcBJWcHaA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/d2388f-f8a9-4485-937f-840fd5352dc0/1/KmU0qslEKjlNE5oagwPcBJWcHaA.mft Manifest number: 1076 Signing time: Sat 06 Dec 2025 10:01:56 +0000 Manifest this update: Sat 06 Dec 2025 10:01:56 +0000 Manifest next update: Sun 07 Dec 2025 10:01:56 +0000 Files and hashes: 1: KmU0qslEKjlNE5oagwPcBJWcHaA.crl (hash: 0Kqx3rLSKhjNNeK6MD/bw5otMicHo+RMxwQtkBb2Ays=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/d2388f-f8a9-4485-937f-840fd5352dc0/1/KmU0qslEKjlNE5oagwPcBJWcHaA.crl rsync://rpki.ripe.net/repository/DEFAULT/0c/d2388f-f8a9-4485-937f-840fd5352dc0/1/KmU0qslEKjlNE5oagwPcBJWcHaA.mft rsync://rpki.ripe.net/repository/DEFAULT/KmU0qslEKjlNE5oagwPcBJWcHaA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 10:01:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1c:67:89:eb:4b:98:4c:03:66:83:ee:e4:5f:63:1d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a6534aac9442a394d139a1a8303dc04959c1da0 Validity Not Before: Dec 6 10:01:56 2025 GMT Not After : Dec 7 10:01:56 2025 GMT Subject: CN=ec0f93c5b9e4e245737ab7f019397656087e857f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:5d:34:80:b9:e9:79:7f:d9:ab:e1:a9:7b:69: 50:b7:5d:24:d9:5a:a3:95:c8:08:1f:ef:38:e9:d3: 39:32:0b:f5:09:da:3a:4f:c7:67:7e:5d:63:b4:a6: c5:e3:9e:f6:99:b7:6d:93:b4:ae:da:ae:bd:06:ee: 2f:57:3a:3f:c1:43:b0:1c:38:35:2c:ef:49:22:21: d5:8f:f4:e0:df:48:c7:04:82:ba:8c:a1:ef:a8:d1: 8f:5d:fd:2c:92:66:66:84:77:f2:aa:fd:a4:fd:cd: 39:ae:44:56:35:ff:ca:2e:80:21:f3:08:65:05:ae: 22:97:52:e9:4f:ea:24:cb:03:e8:fe:8d:e5:f6:5c: 7d:3f:b2:6a:21:09:6a:2f:e4:7f:c4:e4:51:93:26: 55:18:65:14:48:fa:c1:e9:da:8c:00:8c:9e:c9:5f: 68:00:77:42:b5:69:ef:c5:19:49:9f:ce:92:25:7b: 99:3c:ae:3b:03:77:c6:60:6d:85:08:c9:d1:03:1f: 6a:bf:50:9a:b6:b4:be:bd:e1:10:97:41:b1:bf:d3: 08:a1:09:3b:89:7f:43:46:70:c7:3f:e4:ab:e9:ad: c1:8a:eb:94:ad:14:79:b6:6b:fc:9b:0c:d0:d3:cb: f8:f1:17:56:4e:cc:34:4d:fa:8e:6f:35:b4:6e:e7: e1:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EC:0F:93:C5:B9:E4:E2:45:73:7A:B7:F0:19:39:76:56:08:7E:85:7F X509v3 Authority Key Identifier: keyid:2A:65:34:AA:C9:44:2A:39:4D:13:9A:1A:83:03:DC:04:95:9C:1D:A0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KmU0qslEKjlNE5oagwPcBJWcHaA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/d2388f-f8a9-4485-937f-840fd5352dc0/1/KmU0qslEKjlNE5oagwPcBJWcHaA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/d2388f-f8a9-4485-937f-840fd5352dc0/1/KmU0qslEKjlNE5oagwPcBJWcHaA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 94:cc:d5:a9:a1:4b:c8:4a:39:7c:bf:af:6e:27:46:e6:05:63: 23:6b:04:4d:d3:1e:41:84:3b:f0:d4:b1:20:4c:8b:73:e4:df: 93:b4:2f:27:a4:cd:bd:13:04:77:68:68:9d:8a:06:94:c2:da: 15:30:fb:d6:2e:25:e5:58:b5:76:4a:54:d8:5e:55:03:dd:3c: 19:40:dd:2c:60:fe:82:fd:58:31:bf:a5:6e:9a:a2:6c:0c:cc: a4:a9:55:17:21:e2:c8:09:a8:91:80:96:36:a6:4d:25:df:f5: 10:f0:b8:a2:f1:e0:56:f9:c7:5b:65:1e:61:27:06:73:f3:61: 38:83:ae:9b:f1:6b:5d:7a:f1:ce:1a:4c:9b:2a:9d:ab:aa:8a: e4:70:0f:e3:0d:c4:98:4c:0a:57:17:11:ab:d2:16:3c:15:0f: 75:56:8c:99:be:0b:d8:04:15:bd:89:6c:ea:2a:24:fc:ad:89: 99:60:c7:88:76:e8:ef:f0:56:30:d9:c1:2c:1d:cb:7e:0f:cc: aa:45:64:79:ac:d0:3e:1a:e9:0b:d6:21:f9:fd:9a:19:fc:67: cf:dd:cb:37:48:f0:92:2f:3a:a0:56:26:69:ae:27:c9:15:6a: 59:88:78:9d:7d:91:7a:47:69:39:08:62:5f:54:99:97:78:33: 6d:19:4e:68 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzHGeJ60uYTANmg+7kX2MdMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhNjUzNGFhYzk0NDJhMzk0ZDEzOWExYTgzMDNkYzA0OTU5 YzFkYTAwHhcNMjUxMjA2MTAwMTU2WhcNMjUxMjA3MTAwMTU2WjAzMTEwLwYDVQQD EyhlYzBmOTNjNWI5ZTRlMjQ1NzM3YWI3ZjAxOTM5NzY1NjA4N2U4NTdmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsF00gLnpeX/Zq+Gpe2lQt10k2Vqj lcgIH+846dM5Mgv1Cdo6T8dnfl1jtKbF4572mbdtk7Su2q69Bu4vVzo/wUOwHDg1 LO9JIiHVj/Tg30jHBIK6jKHvqNGPXf0skmZmhHfyqv2k/c05rkRWNf/KLoAh8whl Ba4il1LpT+okywPo/o3l9lx9P7JqIQlqL+R/xORRkyZVGGUUSPrB6dqMAIyeyV9o AHdCtWnvxRlJn86SJXuZPK47A3fGYG2FCMnRAx9qv1CatrS+veEQl0Gxv9MIoQk7 iX9DRnDHP+Sr6a3BiuuUrRR5tmv8mwzQ08v48RdWTsw0TfqObzW0bufhBwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOwPk8W55OJFc3q38Bk5dlYIfoV/MB8GA1UdIwQY MBaAFCplNKrJRCo5TROaGoMD3ASVnB2gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS21VMHFzbEVLamxORTVvYWd3UGNCSldjSGFBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9kMjM4OGYtZjhhOS00NDg1LTkzN2Yt ODQwZmQ1MzUyZGMwLzEvS21VMHFzbEVLamxORTVvYWd3UGNCSldjSGFBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wYy9kMjM4OGYtZjhhOS00NDg1LTkzN2YtODQwZmQ1MzUyZGMw LzEvS21VMHFzbEVLamxORTVvYWd3UGNCSldjSGFBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlMzVqaFL yEo5fL+vbidG5gVjI2sETdMeQYQ78NSxIEyLc+Tfk7QvJ6TNvRMEd2honYoGlMLa FTD71i4l5Vi1dkpU2F5VA908GUDdLGD+gv1YMb+lbpqibAzMpKlVFyHiyAmokYCW NqZNJd/1EPC4ovHgVvnHW2UeYScGc/NhOIOum/FrXXrxzhpMmyqdq6qK5HAP4w3E mEwKVxcRq9IWPBUPdVaMmb4L2AQVvYls6iok/K2JmWDHiHbo7/BWMNnBLB3Lfg/M qkVkeazQPhrpC9Yh+f2aGfxnz93LN0jwki86oFYmaa4nyRVqWYh4nX2RekdpOQhi X1SZl3gzbRlOaA== -----END CERTIFICATE-----Generated at Sat Dec 6 20:41:10 2025 by rpki-client