This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/KiGxq-eH4lRkOR-tYdAOPzdrmM8.mft File: KiGxq-eH4lRkOR-tYdAOPzdrmM8.mft (raw, json) Hash identifier: Eo30TmT46Ubs/6kXm/JVrJZ0M5EWmiSzUjdErkaoqEc= Subject key identifier: AA:39:03:CD:A4:F6:8D:FC:1B:47:6D:BA:28:35:94:7E:4A:F0:EC:2A Authority key identifier: 2A:21:B1:AB:E7:87:E2:54:64:39:1F:AD:61:D0:0E:3F:37:6B:98:CF Certificate issuer: /CN=2a21b1abe787e25464391fad61d00e3f376b98cf Certificate serial: 019AF31B3C09EEC66ABD4CA45FBAFA1ABFA5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KiGxq-eH4lRkOR-tYdAOPzdrmM8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/KiGxq-eH4lRkOR-tYdAOPzdrmM8.mft Manifest number: 0C7D Signing time: Sat 06 Dec 2025 10:00:39 +0000 Manifest this update: Sat 06 Dec 2025 10:00:39 +0000 Manifest next update: Sun 07 Dec 2025 10:00:39 +0000 Files and hashes: 1: HDOhzz0jBa_Gp9AJUMy27D9Cjlg.roa (hash: lm71x5ibbc8ZUL32IG9cJWwnD/vjqa8xr80jq2AaleE=) 2: KiGxq-eH4lRkOR-tYdAOPzdrmM8.crl (hash: FPke1WMo8rS2wR8QCT6zC5U/zZ+dL8cpkoyhhF5ZZTs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/KiGxq-eH4lRkOR-tYdAOPzdrmM8.crl rsync://rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/KiGxq-eH4lRkOR-tYdAOPzdrmM8.mft rsync://rpki.ripe.net/repository/DEFAULT/KiGxq-eH4lRkOR-tYdAOPzdrmM8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 10:00:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1b:3c:09:ee:c6:6a:bd:4c:a4:5f:ba:fa:1a:bf:a5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a21b1abe787e25464391fad61d00e3f376b98cf Validity Not Before: Dec 6 10:00:39 2025 GMT Not After : Dec 7 10:00:39 2025 GMT Subject: CN=aa3903cda4f68dfc1b476dba2835947e4af0ec2a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:ac:92:1e:e2:69:80:bd:3a:16:1d:45:24:7f: fa:29:86:7e:6f:be:1b:64:6f:ca:b3:8c:a4:66:79: b4:b2:6d:39:00:db:87:13:de:41:38:60:e2:d6:f4: b3:2c:05:2a:a0:68:02:d1:6e:d2:8b:2a:3f:69:e6: 51:6d:08:95:7e:08:1f:b3:2f:2a:f3:c3:95:6a:ea: bc:8a:a7:f1:26:63:29:5b:d2:74:8c:ac:fa:f5:75: c8:e0:1f:ba:5b:d4:7a:e2:fa:94:96:96:c1:1c:fc: 06:65:d4:14:4c:16:4b:57:bf:65:80:d1:dd:81:6b: 6e:0b:a5:66:66:76:ec:e0:a3:9f:c5:29:e7:8c:c1: 68:ce:ff:1d:8e:46:eb:e5:a4:45:e4:41:33:aa:54: 1a:b6:12:3a:4f:25:c3:4c:83:40:d9:eb:a0:b9:ce: 92:7e:f7:9e:2b:fc:87:82:03:84:ef:10:46:04:2f: 22:db:ed:8d:02:f0:8a:19:f1:2c:95:10:0f:15:bc: ec:47:d1:7b:5f:da:6b:4a:37:fb:01:c5:9f:f2:c0: 67:c2:ec:3c:a4:ed:de:8f:ff:ed:c4:18:7f:4e:81: 99:d3:cf:ce:c2:40:e6:e7:57:be:5b:50:df:b5:74: 85:19:50:06:c5:28:9d:35:ee:fc:ca:4b:3f:51:4b: 9b:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AA:39:03:CD:A4:F6:8D:FC:1B:47:6D:BA:28:35:94:7E:4A:F0:EC:2A X509v3 Authority Key Identifier: keyid:2A:21:B1:AB:E7:87:E2:54:64:39:1F:AD:61:D0:0E:3F:37:6B:98:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KiGxq-eH4lRkOR-tYdAOPzdrmM8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/KiGxq-eH4lRkOR-tYdAOPzdrmM8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/KiGxq-eH4lRkOR-tYdAOPzdrmM8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 80:b2:87:6b:59:8c:ad:d6:6d:e6:b2:7a:0f:64:58:20:7b:df: 93:57:7e:72:63:e7:c7:77:71:c0:7b:65:a9:ad:83:cf:ed:f2: 14:05:8c:17:45:64:5a:c7:63:68:6f:fa:c3:88:e7:a5:63:f9: a9:0b:a1:cd:09:09:c8:57:a3:bd:c7:d3:68:f5:a1:37:40:a3: 32:67:0d:26:aa:ac:1b:37:ca:9b:03:2e:ea:3f:8d:f6:ca:1c: 85:ef:6b:e8:b6:94:20:ce:0f:8d:78:8f:ad:a7:fd:56:16:c9: f0:1a:b0:4a:f3:05:22:1c:ee:d1:4c:3c:02:17:92:e1:ff:f5: 10:0a:40:44:8c:bf:4a:12:f1:ba:60:d9:a8:d8:04:17:1e:de: 64:5d:00:e5:46:68:b2:06:64:80:34:55:e7:b2:cd:cf:0d:75: fe:c8:10:2d:8c:09:d1:02:f9:14:2e:c4:87:32:52:40:a7:63: ea:72:9d:8d:0a:c4:6b:b3:3d:fb:7d:09:23:26:33:f8:30:36: c7:5e:7c:30:93:01:82:08:52:0e:10:61:c2:e6:50:32:96:74: 17:c5:1e:90:00:4e:36:10:d1:89:0c:5e:75:0b:8c:72:f9:ca: bf:cd:e6:0c:9b:cb:48:02:8a:13:17:a6:b8:50:0c:2b:c5:97: b4:72:8a:79 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzGzwJ7sZqvUykX7r6Gr+lMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhMjFiMWFiZTc4N2UyNTQ2NDM5MWZhZDYxZDAwZTNmMzc2 Yjk4Y2YwHhcNMjUxMjA2MTAwMDM5WhcNMjUxMjA3MTAwMDM5WjAzMTEwLwYDVQQD EyhhYTM5MDNjZGE0ZjY4ZGZjMWI0NzZkYmEyODM1OTQ3ZTRhZjBlYzJhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyaySHuJpgL06Fh1FJH/6KYZ+b74b ZG/Ks4ykZnm0sm05ANuHE95BOGDi1vSzLAUqoGgC0W7Siyo/aeZRbQiVfggfsy8q 88OVauq8iqfxJmMpW9J0jKz69XXI4B+6W9R64vqUlpbBHPwGZdQUTBZLV79lgNHd gWtuC6VmZnbs4KOfxSnnjMFozv8djkbr5aRF5EEzqlQathI6TyXDTINA2euguc6S fveeK/yHggOE7xBGBC8i2+2NAvCKGfEslRAPFbzsR9F7X9prSjf7AcWf8sBnwuw8 pO3ej//txBh/ToGZ08/OwkDm51e+W1DftXSFGVAGxSidNe78yks/UUubdQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKo5A82k9o38G0dtuig1lH5K8OwqMB8GA1UdIwQY MBaAFCohsavnh+JUZDkfrWHQDj83a5jPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS2lHeHEtZUg0bFJrT1ItdFlkQU9QemRybU04LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9lZDA2NTQtNzI0Yy00ZTkwLTgxZmYt OTlmNWNiN2EzY2E1LzEvS2lHeHEtZUg0bFJrT1ItdFlkQU9QemRybU04Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xMi9lZDA2NTQtNzI0Yy00ZTkwLTgxZmYtOTlmNWNiN2EzY2E1 LzEvS2lHeHEtZUg0bFJrT1ItdFlkQU9QemRybU04LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgLKHa1mM rdZt5rJ6D2RYIHvfk1d+cmPnx3dxwHtlqa2Dz+3yFAWMF0VkWsdjaG/6w4jnpWP5 qQuhzQkJyFejvcfTaPWhN0CjMmcNJqqsGzfKmwMu6j+N9soche9r6LaUIM4PjXiP raf9VhbJ8BqwSvMFIhzu0Uw8AheS4f/1EApARIy/ShLxumDZqNgEFx7eZF0A5UZo sgZkgDRV57LNzw11/sgQLYwJ0QL5FC7EhzJSQKdj6nKdjQrEa7M9+30JIyYz+DA2 x158MJMBgghSDhBhwuZQMpZ0F8UekABONhDRiQxedQuMcvnKv83mDJvLSAKKExem uFAMK8WXtHKKeQ== -----END CERTIFICATE-----Generated at Sat Dec 6 17:32:15 2025 by rpki-client