This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/d81bd9-7d58-4380-9707-45b8b8573419/1/Kn-4HcfsycpmKnTuO347rS6k3nE.mft File: Kn-4HcfsycpmKnTuO347rS6k3nE.mft (raw, json) Hash identifier: hYnsJvVdabZvxLjYeWFEXxn+rF5hHswA5T7G7WKHHAc= Subject key identifier: C9:76:8F:EA:B5:02:16:F0:BB:16:A9:44:AC:8C:60:52:F9:1C:C6:27 Authority key identifier: 2A:7F:B8:1D:C7:EC:C9:CA:66:2A:74:EE:3B:7E:3B:AD:2E:A4:DE:71 Certificate issuer: /CN=2a7fb81dc7ecc9ca662a74ee3b7e3bad2ea4de71 Certificate serial: 019AF49BF318ACA651A43732C6C947B92429 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Kn-4HcfsycpmKnTuO347rS6k3nE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/d81bd9-7d58-4380-9707-45b8b8573419/1/Kn-4HcfsycpmKnTuO347rS6k3nE.mft Manifest number: 0151 Signing time: Sat 06 Dec 2025 17:00:52 +0000 Manifest this update: Sat 06 Dec 2025 17:00:52 +0000 Manifest next update: Sun 07 Dec 2025 17:00:52 +0000 Files and hashes: 1: Kn-4HcfsycpmKnTuO347rS6k3nE.crl (hash: 7gNjl6Nr/ipt6gYHmOC8uKJ5u79PV+YDQGW4aY6fuPY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/d81bd9-7d58-4380-9707-45b8b8573419/1/Kn-4HcfsycpmKnTuO347rS6k3nE.crl rsync://rpki.ripe.net/repository/DEFAULT/10/d81bd9-7d58-4380-9707-45b8b8573419/1/Kn-4HcfsycpmKnTuO347rS6k3nE.mft rsync://rpki.ripe.net/repository/DEFAULT/Kn-4HcfsycpmKnTuO347rS6k3nE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f4:9b:f3:18:ac:a6:51:a4:37:32:c6:c9:47:b9:24:29 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a7fb81dc7ecc9ca662a74ee3b7e3bad2ea4de71 Validity Not Before: Dec 6 17:00:52 2025 GMT Not After : Dec 7 17:00:52 2025 GMT Subject: CN=c9768feab50216f0bb16a944ac8c6052f91cc627 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8a:91:eb:1f:2e:4d:5f:fe:8b:83:0c:21:55:f5: 79:40:02:d6:3b:23:67:d5:a8:e9:ad:e8:56:a5:f7: c6:c2:56:af:fb:dd:83:0b:28:69:53:67:c3:cc:14: 97:7e:3a:26:f4:74:a5:68:aa:9d:0c:ed:e3:02:24: e1:54:98:d6:d8:5f:1e:02:72:5f:69:ef:ff:66:84: 1e:1e:09:15:f1:f8:55:12:26:02:01:2e:2b:a7:f2: c9:36:41:55:bf:db:f5:6e:8d:9b:ad:e8:7c:05:8f: dc:9b:1f:83:19:4e:92:12:76:3b:69:82:09:05:fe: 1f:89:6f:5f:8e:06:85:08:6f:2a:e6:b1:a9:7a:c9: 7b:61:97:2b:f3:e3:89:57:5a:9b:e0:e8:97:a6:94: 7f:2e:6a:a9:47:2b:1f:ed:d8:44:94:0c:a1:18:df: 66:54:2a:7a:94:0a:3e:03:c3:f6:3d:1c:c1:55:10: 87:52:d8:33:de:4c:a1:ec:5c:0b:8d:35:a7:ad:b6: d6:f0:ef:8f:eb:7c:02:17:33:b6:1b:9b:91:4a:bf: b2:c9:13:44:07:01:15:b8:af:ec:e1:af:2b:7f:76: 97:40:b6:e2:d0:d9:7b:72:b2:d5:0b:d9:b6:1e:ec: a3:45:26:2a:d7:cd:8d:49:2c:86:43:2a:a1:38:52: c2:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C9:76:8F:EA:B5:02:16:F0:BB:16:A9:44:AC:8C:60:52:F9:1C:C6:27 X509v3 Authority Key Identifier: keyid:2A:7F:B8:1D:C7:EC:C9:CA:66:2A:74:EE:3B:7E:3B:AD:2E:A4:DE:71 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kn-4HcfsycpmKnTuO347rS6k3nE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/d81bd9-7d58-4380-9707-45b8b8573419/1/Kn-4HcfsycpmKnTuO347rS6k3nE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/10/d81bd9-7d58-4380-9707-45b8b8573419/1/Kn-4HcfsycpmKnTuO347rS6k3nE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6a:c2:32:99:33:95:70:ca:2f:2c:44:63:6c:81:00:e8:21:f0: 8e:a9:8e:72:72:20:bf:aa:36:e3:3f:8d:47:7a:18:23:16:68: 81:35:c8:13:ed:47:3a:7f:8b:86:89:ae:67:6f:1c:b4:24:d3: 09:31:82:ac:b1:dc:f6:15:71:05:75:8d:79:bc:c1:44:f5:6a: 61:24:b9:25:e6:6f:a6:b4:78:6b:3d:ba:d9:07:94:8b:4d:9d: a9:1e:87:e6:61:5a:93:80:9c:43:fe:37:b3:c6:ef:fb:26:ca: 91:77:79:82:bf:4f:65:1c:28:d2:be:d7:5e:32:f7:cb:b9:94: 32:55:56:a8:01:88:44:d6:5c:29:aa:7a:e1:b6:38:7b:3b:80: f4:55:e3:08:ca:4a:5b:20:a7:3a:7c:10:a8:dc:af:f5:7c:db: a5:f0:eb:6b:97:7c:83:70:67:64:12:8d:5a:ba:15:23:8e:ba: aa:1f:58:17:ad:f3:87:78:1f:00:b7:c5:2f:4e:df:b7:13:96: f3:27:6c:a6:81:09:c9:fa:38:c3:f2:32:76:23:d8:87:a0:07: 87:0d:45:a2:4d:fe:a3:76:2b:db:aa:71:4d:5b:3a:1d:a7:84: 3a:e5:fe:b4:96:9e:54:c6:eb:51:6e:38:aa:e8:12:dc:a7:40: 70:cc:20:01 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr0m/MYrKZRpDcyxslHuSQpMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhN2ZiODFkYzdlY2M5Y2E2NjJhNzRlZTNiN2UzYmFkMmVh NGRlNzEwHhcNMjUxMjA2MTcwMDUyWhcNMjUxMjA3MTcwMDUyWjAzMTEwLwYDVQQD EyhjOTc2OGZlYWI1MDIxNmYwYmIxNmE5NDRhYzhjNjA1MmY5MWNjNjI3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAipHrHy5NX/6LgwwhVfV5QALWOyNn 1ajprehWpffGwlav+92DCyhpU2fDzBSXfjom9HSlaKqdDO3jAiThVJjW2F8eAnJf ae//ZoQeHgkV8fhVEiYCAS4rp/LJNkFVv9v1bo2breh8BY/cmx+DGU6SEnY7aYIJ Bf4fiW9fjgaFCG8q5rGpesl7YZcr8+OJV1qb4OiXppR/LmqpRysf7dhElAyhGN9m VCp6lAo+A8P2PRzBVRCHUtgz3kyh7FwLjTWnrbbW8O+P63wCFzO2G5uRSr+yyRNE BwEVuK/s4a8rf3aXQLbi0Nl7crLVC9m2HuyjRSYq182NSSyGQyqhOFLCSQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMl2j+q1AhbwuxapRKyMYFL5HMYnMB8GA1UdIwQY MBaAFCp/uB3H7MnKZip07jt+O60upN5xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS24tNEhjZnN5Y3BtS25UdU8zNDdyUzZrM25FLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC9kODFiZDktN2Q1OC00MzgwLTk3MDct NDViOGI4NTczNDE5LzEvS24tNEhjZnN5Y3BtS25UdU8zNDdyUzZrM25FLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xMC9kODFiZDktN2Q1OC00MzgwLTk3MDctNDViOGI4NTczNDE5 LzEvS24tNEhjZnN5Y3BtS25UdU8zNDdyUzZrM25FLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAasIymTOV cMovLERjbIEA6CHwjqmOcnIgv6o24z+NR3oYIxZogTXIE+1HOn+LhomuZ28ctCTT CTGCrLHc9hVxBXWNebzBRPVqYSS5JeZvprR4az262QeUi02dqR6H5mFak4CcQ/43 s8bv+ybKkXd5gr9PZRwo0r7XXjL3y7mUMlVWqAGIRNZcKap64bY4ezuA9FXjCMpK WyCnOnwQqNyv9XzbpfDra5d8g3BnZBKNWroVI466qh9YF63zh3gfALfFL07ftxOW 8ydspoEJyfo4w/IydiPYh6AHhw1Fok3+o3Yr26pxTVs6HaeEOuX+tJaeVMbrUW44 qugS3KdAcMwgAQ== -----END CERTIFICATE-----Generated at Sat Dec 6 19:30:22 2025 by rpki-client