This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/KiGxq-eH4lRkOR-tYdAOPzdrmM8.mft File: KiGxq-eH4lRkOR-tYdAOPzdrmM8.mft (raw, json) Hash identifier: BuPIkaUaukcuWX4ePrMbRzrhDa9bVLW/mrpeUm+A7vE= Subject key identifier: CA:AF:E2:19:CB:44:15:5A:EC:3F:61:93:41:F7:CC:1C:71:27:50:22 Authority key identifier: 2A:21:B1:AB:E7:87:E2:54:64:39:1F:AD:61:D0:0E:3F:37:6B:98:CF Certificate issuer: /CN=2a21b1abe787e25464391fad61d00e3f376b98cf Certificate serial: 019B2174A8113BF9103E3993A647C200CCBF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KiGxq-eH4lRkOR-tYdAOPzdrmM8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/KiGxq-eH4lRkOR-tYdAOPzdrmM8.mft Manifest number: 0C95 Signing time: Mon 15 Dec 2025 10:00:51 +0000 Manifest this update: Mon 15 Dec 2025 10:00:51 +0000 Manifest next update: Tue 16 Dec 2025 10:00:51 +0000 Files and hashes: 1: HDOhzz0jBa_Gp9AJUMy27D9Cjlg.roa (hash: lm71x5ibbc8ZUL32IG9cJWwnD/vjqa8xr80jq2AaleE=) 2: KiGxq-eH4lRkOR-tYdAOPzdrmM8.crl (hash: m+uUtOfIQD3SJQ58NsV/iYxQtOjMv8WmNlx9i000bNg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/KiGxq-eH4lRkOR-tYdAOPzdrmM8.crl rsync://rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/KiGxq-eH4lRkOR-tYdAOPzdrmM8.mft rsync://rpki.ripe.net/repository/DEFAULT/KiGxq-eH4lRkOR-tYdAOPzdrmM8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 10:00:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:21:74:a8:11:3b:f9:10:3e:39:93:a6:47:c2:00:cc:bf Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a21b1abe787e25464391fad61d00e3f376b98cf Validity Not Before: Dec 15 10:00:51 2025 GMT Not After : Dec 16 10:00:51 2025 GMT Subject: CN=caafe219cb44155aec3f619341f7cc1c71275022 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f0:4e:67:ac:7d:77:b2:38:32:a8:6b:7e:07:e5: 58:43:83:4b:e0:5f:92:34:6d:7b:01:16:ab:07:32: b2:d0:e5:fa:09:b8:4f:01:a1:3a:6c:ca:0c:8e:9b: f0:b4:0b:27:66:64:7d:31:6b:5c:92:a1:84:0a:ef: c3:b2:b4:3b:84:1c:cf:ab:83:b5:a0:f4:b6:54:74: d5:92:65:61:58:13:36:05:e1:94:0d:3c:5a:7a:36: 2f:22:cf:87:82:cc:f1:63:9c:f6:f7:b9:e7:0a:69: 18:55:e6:87:4b:7f:d6:98:18:02:58:9d:1f:70:19: e8:58:72:f9:23:c9:25:61:5c:4f:b5:f2:52:68:15: 4a:2a:69:31:91:9e:c2:b7:d1:1a:5e:e9:ed:8c:8c: 44:80:73:90:ee:58:35:3a:6e:5a:f4:dc:34:98:08: 9e:60:66:bd:b8:bd:4c:35:a2:92:1f:50:0d:07:67: 09:a3:5f:3e:cd:f7:41:1b:eb:21:e4:ae:04:fb:95: 60:ee:07:e2:59:fe:27:c3:b9:55:f4:c7:1a:53:84: 3e:a1:f4:6c:6a:02:eb:f0:81:7b:f9:18:71:55:59: f7:77:f4:08:05:a8:26:6d:fe:e9:f5:65:5d:6b:e7: ac:ac:41:28:81:be:e7:8a:d5:0c:16:ab:84:2e:ba: cb:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:AF:E2:19:CB:44:15:5A:EC:3F:61:93:41:F7:CC:1C:71:27:50:22 X509v3 Authority Key Identifier: keyid:2A:21:B1:AB:E7:87:E2:54:64:39:1F:AD:61:D0:0E:3F:37:6B:98:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KiGxq-eH4lRkOR-tYdAOPzdrmM8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/KiGxq-eH4lRkOR-tYdAOPzdrmM8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/KiGxq-eH4lRkOR-tYdAOPzdrmM8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 64:b3:84:4c:b8:35:07:ff:a0:25:33:85:04:11:bc:5e:3b:be: 9d:75:f6:6b:61:ee:3a:f1:b5:7f:c1:00:48:73:27:24:14:22: e3:30:b7:9d:d5:fb:25:a2:49:b2:4d:02:26:fb:97:e6:5c:82: 60:d0:7d:cd:75:08:da:c7:d0:ef:18:e4:50:4b:3b:02:53:59: 86:62:9d:df:1b:f0:c5:b4:4d:5c:a9:a5:4f:01:00:13:aa:6d: d5:7c:dc:51:ba:4a:49:2b:6f:f1:d3:9f:26:31:4b:58:c4:44: 0e:d0:2c:61:a8:57:3f:2c:8d:00:8a:5a:68:47:72:c6:a2:4d: 1c:44:31:be:8b:31:32:c4:fd:45:c2:7d:03:c4:a5:12:fa:b8: 57:bb:4b:3e:a9:6b:a1:39:24:fa:87:aa:01:c9:19:2b:b2:41: 6d:04:58:dd:e8:67:d4:8b:85:25:24:5e:d9:54:e8:99:5e:a8: b1:a8:37:2d:c5:e4:fa:28:bb:d0:74:7e:83:4d:ad:73:b2:45: e3:e1:13:d2:ec:5b:2e:1e:a2:1c:c1:9a:5d:bf:8e:98:3c:4b: ac:d2:d8:fa:a6:ba:f1:c1:c1:a7:38:0c:03:46:0e:ea:34:fb: ee:c5:6d:b9:60:44:48:fc:d1:d7:da:5c:86:26:52:f0:5b:77: 8d:48:9a:fe -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZshdKgRO/kQPjmTpkfCAMy/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhMjFiMWFiZTc4N2UyNTQ2NDM5MWZhZDYxZDAwZTNmMzc2 Yjk4Y2YwHhcNMjUxMjE1MTAwMDUxWhcNMjUxMjE2MTAwMDUxWjAzMTEwLwYDVQQD EyhjYWFmZTIxOWNiNDQxNTVhZWMzZjYxOTM0MWY3Y2MxYzcxMjc1MDIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8E5nrH13sjgyqGt+B+VYQ4NL4F+S NG17ARarBzKy0OX6CbhPAaE6bMoMjpvwtAsnZmR9MWtckqGECu/DsrQ7hBzPq4O1 oPS2VHTVkmVhWBM2BeGUDTxaejYvIs+HgszxY5z297nnCmkYVeaHS3/WmBgCWJ0f cBnoWHL5I8klYVxPtfJSaBVKKmkxkZ7Ct9EaXuntjIxEgHOQ7lg1Om5a9Nw0mAie YGa9uL1MNaKSH1ANB2cJo18+zfdBG+sh5K4E+5Vg7gfiWf4nw7lV9McaU4Q+ofRs agLr8IF7+RhxVVn3d/QIBagmbf7p9WVda+esrEEogb7nitUMFquELrrLDQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMqv4hnLRBVa7D9hk0H3zBxxJ1AiMB8GA1UdIwQY MBaAFCohsavnh+JUZDkfrWHQDj83a5jPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS2lHeHEtZUg0bFJrT1ItdFlkQU9QemRybU04LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9lZDA2NTQtNzI0Yy00ZTkwLTgxZmYt OTlmNWNiN2EzY2E1LzEvS2lHeHEtZUg0bFJrT1ItdFlkQU9QemRybU04Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xMi9lZDA2NTQtNzI0Yy00ZTkwLTgxZmYtOTlmNWNiN2EzY2E1 LzEvS2lHeHEtZUg0bFJrT1ItdFlkQU9QemRybU04LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZLOETLg1 B/+gJTOFBBG8Xju+nXX2a2HuOvG1f8EASHMnJBQi4zC3ndX7JaJJsk0CJvuX5lyC YNB9zXUI2sfQ7xjkUEs7AlNZhmKd3xvwxbRNXKmlTwEAE6pt1XzcUbpKSStv8dOf JjFLWMREDtAsYahXPyyNAIpaaEdyxqJNHEQxvosxMsT9RcJ9A8SlEvq4V7tLPqlr oTkk+oeqAckZK7JBbQRY3ehn1IuFJSRe2VTomV6osag3LcXk+ii70HR+g02tc7JF 4+ET0uxbLh6iHMGaXb+OmDxLrNLY+qa68cHBpzgMA0YO6jT77sVtuWBESPzR19pc hiZS8Ft3jUia/g== -----END CERTIFICATE-----Generated at Mon Dec 15 17:07:16 2025 by rpki-client