This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/771e77-c649-47f3-99a8-dbfac00fb0ef/1/kniPTrt0HAw2mg_TBZTNAQHcdHY.mft File: kniPTrt0HAw2mg_TBZTNAQHcdHY.mft (raw, json) Hash identifier: J7gYhfVu12OvWd+M9rqdSkkR//F7Xt+vnVW+l3KnCI0= Subject key identifier: 9B:C6:A7:32:E9:F7:CE:CA:59:81:1D:6D:03:9C:C8:E5:8A:13:59:8E Authority key identifier: 92:78:8F:4E:BB:74:1C:0C:36:9A:0F:D3:05:94:CD:01:01:DC:74:76 Certificate issuer: /CN=92788f4ebb741c0c369a0fd30594cd0101dc7476 Certificate serial: 019AF31C13769937A52AA718A8B579710D56 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kniPTrt0HAw2mg_TBZTNAQHcdHY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/771e77-c649-47f3-99a8-dbfac00fb0ef/1/kniPTrt0HAw2mg_TBZTNAQHcdHY.mft Manifest number: 1762 Signing time: Sat 06 Dec 2025 10:01:34 +0000 Manifest this update: Sat 06 Dec 2025 10:01:34 +0000 Manifest next update: Sun 07 Dec 2025 10:01:34 +0000 Files and hashes: 1: K-YJm4wOeLJG8aJ7KI41BLWAM-4.roa (hash: +ltmXAJQfzovJoKfgWj4x9gqmeiriedONmDgSBwWFc4=) 2: kniPTrt0HAw2mg_TBZTNAQHcdHY.crl (hash: 44jZk4L0hlZ5w4JQVjs/d+6/Of8eDlybXxOhiPaG7AU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/771e77-c649-47f3-99a8-dbfac00fb0ef/1/kniPTrt0HAw2mg_TBZTNAQHcdHY.crl rsync://rpki.ripe.net/repository/DEFAULT/15/771e77-c649-47f3-99a8-dbfac00fb0ef/1/kniPTrt0HAw2mg_TBZTNAQHcdHY.mft rsync://rpki.ripe.net/repository/DEFAULT/kniPTrt0HAw2mg_TBZTNAQHcdHY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 10:01:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1c:13:76:99:37:a5:2a:a7:18:a8:b5:79:71:0d:56 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=92788f4ebb741c0c369a0fd30594cd0101dc7476 Validity Not Before: Dec 6 10:01:34 2025 GMT Not After : Dec 7 10:01:34 2025 GMT Subject: CN=9bc6a732e9f7ceca59811d6d039cc8e58a13598e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:a4:94:1b:94:2d:ac:39:68:18:f9:f5:98:62: 1a:49:5b:96:c1:08:4c:8e:d5:05:4d:3d:ba:84:7b: 11:50:4c:54:e3:89:df:bc:50:e5:c4:ec:e7:75:29: 38:c0:ec:55:38:a4:f8:1d:79:cc:58:30:1a:d1:56: 12:51:ef:b9:75:34:6d:8f:3b:a9:c7:a4:ba:92:91: ab:53:93:e8:df:0c:d2:d0:6f:6e:80:ce:e8:fa:a3: 90:39:8e:79:e5:62:b0:20:e4:8c:d1:c8:2a:69:da: be:9e:cf:9c:7a:51:27:6e:46:26:5c:1f:3d:9e:72: 9c:e5:15:c1:14:55:c7:a6:c9:ea:e6:70:70:32:4a: 55:d2:6e:b4:a5:13:33:41:d5:ba:29:4c:65:79:a4: 28:c8:ed:c1:9b:3b:16:95:ce:36:a1:f7:fe:11:b5: 98:e2:26:e4:ed:d4:05:3c:6e:f3:9d:a7:1e:08:3e: 6c:fa:f2:d6:e1:8d:70:2b:ba:76:2b:ec:71:c1:48: 72:87:ae:94:95:cc:92:98:4e:f4:0f:db:b8:0a:36: 2e:5f:3b:7d:76:cf:6e:45:d1:1d:23:21:50:81:e8: 04:70:a5:cd:f4:2f:66:7d:fe:70:62:ff:ec:84:11: 92:5e:16:b3:3a:7a:af:be:62:3c:65:67:47:bb:79: 01:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9B:C6:A7:32:E9:F7:CE:CA:59:81:1D:6D:03:9C:C8:E5:8A:13:59:8E X509v3 Authority Key Identifier: keyid:92:78:8F:4E:BB:74:1C:0C:36:9A:0F:D3:05:94:CD:01:01:DC:74:76 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kniPTrt0HAw2mg_TBZTNAQHcdHY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/771e77-c649-47f3-99a8-dbfac00fb0ef/1/kniPTrt0HAw2mg_TBZTNAQHcdHY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/15/771e77-c649-47f3-99a8-dbfac00fb0ef/1/kniPTrt0HAw2mg_TBZTNAQHcdHY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 22:2c:db:57:7d:e0:63:a9:d8:eb:a9:3c:88:70:a9:f3:f0:c2: d0:2d:f2:63:a9:d3:fe:28:3d:29:1f:0a:6a:9d:93:a2:ff:71: 31:6b:83:b2:63:a6:e5:32:60:cf:8b:e8:f7:ff:c8:2f:98:1a: 7c:7e:cd:c9:cf:bd:06:2c:c9:2b:2a:a0:45:c6:98:4a:9b:ad: e4:44:22:b2:b1:82:6d:b2:0f:06:50:b0:0d:22:6d:f6:a1:73: b7:4f:ae:cb:6a:cf:0f:58:7b:ad:64:ad:f6:3b:e5:55:7f:fa: aa:b1:03:48:d2:00:9a:c6:21:28:db:3b:02:3b:94:6e:23:4e: 65:3d:0e:78:80:4c:16:63:70:63:63:2c:1e:41:4a:2a:89:5a: ef:05:07:c3:55:f2:8e:a3:64:5b:06:b7:e4:32:95:af:49:51: 7a:e5:4f:c7:fa:3e:77:69:6d:09:8e:7c:3e:7a:de:86:ef:60: e1:0f:ad:82:d8:a0:c3:a0:97:aa:bb:b5:76:79:a0:d4:0f:f4: ef:41:db:04:c4:f4:7c:b2:3b:69:3e:1c:a9:d9:e5:22:96:d7: 5a:b7:d1:35:cb:74:cb:8a:52:49:02:8d:da:be:74:53:66:65: 57:03:e8:15:13:41:37:67:e0:44:25:de:a4:cc:4f:fd:6b:c5: d0:94:33:e0 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzHBN2mTelKqcYqLV5cQ1WMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkyNzg4ZjRlYmI3NDFjMGMzNjlhMGZkMzA1OTRjZDAxMDFk Yzc0NzYwHhcNMjUxMjA2MTAwMTM0WhcNMjUxMjA3MTAwMTM0WjAzMTEwLwYDVQQD Eyg5YmM2YTczMmU5ZjdjZWNhNTk4MTFkNmQwMzljYzhlNThhMTM1OThlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtaSUG5QtrDloGPn1mGIaSVuWwQhM jtUFTT26hHsRUExU44nfvFDlxOzndSk4wOxVOKT4HXnMWDAa0VYSUe+5dTRtjzup x6S6kpGrU5Po3wzS0G9ugM7o+qOQOY555WKwIOSM0cgqadq+ns+celEnbkYmXB89 nnKc5RXBFFXHpsnq5nBwMkpV0m60pRMzQdW6KUxleaQoyO3BmzsWlc42off+EbWY 4ibk7dQFPG7znaceCD5s+vLW4Y1wK7p2K+xxwUhyh66UlcySmE70D9u4CjYuXzt9 ds9uRdEdIyFQgegEcKXN9C9mff5wYv/shBGSXhazOnqvvmI8ZWdHu3kBaQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJvGpzLp987KWYEdbQOcyOWKE1mOMB8GA1UdIwQY MBaAFJJ4j067dBwMNpoP0wWUzQEB3HR2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva25pUFRydDBIQXcybWdfVEJaVE5BUUhjZEhZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83NzFlNzctYzY0OS00N2YzLTk5YTgt ZGJmYWMwMGZiMGVmLzEva25pUFRydDBIQXcybWdfVEJaVE5BUUhjZEhZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNS83NzFlNzctYzY0OS00N2YzLTk5YTgtZGJmYWMwMGZiMGVm LzEva25pUFRydDBIQXcybWdfVEJaVE5BUUhjZEhZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIizbV33g Y6nY66k8iHCp8/DC0C3yY6nT/ig9KR8Kap2Tov9xMWuDsmOm5TJgz4vo9//IL5ga fH7Nyc+9BizJKyqgRcaYSput5EQisrGCbbIPBlCwDSJt9qFzt0+uy2rPD1h7rWSt 9jvlVX/6qrEDSNIAmsYhKNs7AjuUbiNOZT0OeIBMFmNwY2MsHkFKKola7wUHw1Xy jqNkWwa35DKVr0lReuVPx/o+d2ltCY58Pnrehu9g4Q+tgtigw6CXqru1dnmg1A/0 70HbBMT0fLI7aT4cqdnlIpbXWrfRNct0y4pSSQKN2r50U2ZlVwPoFRNBN2fgRCXe pMxP/WvF0JQz4A== -----END CERTIFICATE-----Generated at Sat Dec 6 15:43:03 2025 by rpki-client