This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/fe39ca-9a22-4c09-906e-afdd304ccea5/1/KgE0Z2uONx1E752Fh_3NKzuYfKE.mft File: KgE0Z2uONx1E752Fh_3NKzuYfKE.mft (raw, json) Hash identifier: hit7rJeGpxQlEqXCmldYxAvKC13bfOotbDwc8lijOv4= Subject key identifier: 22:0A:15:AA:C4:03:50:08:D7:A0:6B:18:05:D2:15:25:90:7B:46:A3 Authority key identifier: 2A:01:34:67:6B:8E:37:1D:44:EF:9D:85:87:FD:CD:2B:3B:98:7C:A1 Certificate issuer: /CN=2a0134676b8e371d44ef9d8587fdcd2b3b987ca1 Certificate serial: 019AF208DD766DC5B3D144A5CF7D3B7D2A95 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KgE0Z2uONx1E752Fh_3NKzuYfKE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/fe39ca-9a22-4c09-906e-afdd304ccea5/1/KgE0Z2uONx1E752Fh_3NKzuYfKE.mft Manifest number: 49 Signing time: Sat 06 Dec 2025 05:00:58 +0000 Manifest this update: Sat 06 Dec 2025 05:00:58 +0000 Manifest next update: Sun 07 Dec 2025 05:00:58 +0000 Files and hashes: 1: KgE0Z2uONx1E752Fh_3NKzuYfKE.crl (hash: 3cU5Heei9bkqFS0KZ/udDFc383Cn1r8yQP5lNaFTyoE=) 2: athLVj_bLnS6ONrg1SqgZ_w3vOg.roa (hash: 5hHR50C5RmGJHgqxv1QJUzWt08kiAaahrFcOmc9vXe8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/fe39ca-9a22-4c09-906e-afdd304ccea5/1/KgE0Z2uONx1E752Fh_3NKzuYfKE.crl rsync://rpki.ripe.net/repository/DEFAULT/1c/fe39ca-9a22-4c09-906e-afdd304ccea5/1/KgE0Z2uONx1E752Fh_3NKzuYfKE.mft rsync://rpki.ripe.net/repository/DEFAULT/KgE0Z2uONx1E752Fh_3NKzuYfKE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:08:dd:76:6d:c5:b3:d1:44:a5:cf:7d:3b:7d:2a:95 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a0134676b8e371d44ef9d8587fdcd2b3b987ca1 Validity Not Before: Dec 6 05:00:58 2025 GMT Not After : Dec 7 05:00:58 2025 GMT Subject: CN=220a15aac4035008d7a06b1805d21525907b46a3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:ff:5b:f7:1c:83:4f:32:9a:5a:15:16:be:7a: 3e:be:53:65:eb:1d:c6:13:38:65:eb:66:88:08:9f: c1:f3:4f:65:06:47:cd:40:d7:2c:ac:74:ac:54:8a: 60:c0:24:d8:34:1f:6d:3c:b0:c8:47:cc:33:20:38: 59:84:01:be:41:05:8f:5e:fa:a2:9e:bd:1e:9f:66: ea:d8:a7:8c:84:e1:51:90:ca:66:47:4d:5b:8c:71: 94:98:f6:88:d6:69:9f:26:9c:78:d9:cd:6b:9b:f9: 8c:4d:27:6c:28:88:fe:e3:43:c2:82:1b:29:23:4b: 22:b7:3e:d3:bf:7e:0f:66:41:34:93:29:a8:71:65: 69:6d:a9:11:26:5e:64:f0:ad:ae:80:b6:f2:6c:e7: 1f:41:44:33:be:3d:d3:8e:d4:fa:e7:ed:e8:02:c2: d2:e6:28:5f:84:d2:68:37:d8:0e:97:07:a6:fb:de: 22:64:24:8f:f5:1a:3b:83:2b:1b:2c:13:0b:ec:a4: 4f:2b:c3:8f:d8:d0:34:c6:4a:bf:81:3e:53:d0:bc: 15:e8:48:24:03:8a:6f:16:29:0e:9f:1c:c5:66:60: 6e:2e:9e:b9:9c:5f:15:34:15:44:dc:9d:72:4a:1e: 28:c2:e1:09:07:3d:66:68:8b:38:ec:3d:57:97:fa: 0a:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 22:0A:15:AA:C4:03:50:08:D7:A0:6B:18:05:D2:15:25:90:7B:46:A3 X509v3 Authority Key Identifier: keyid:2A:01:34:67:6B:8E:37:1D:44:EF:9D:85:87:FD:CD:2B:3B:98:7C:A1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KgE0Z2uONx1E752Fh_3NKzuYfKE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/fe39ca-9a22-4c09-906e-afdd304ccea5/1/KgE0Z2uONx1E752Fh_3NKzuYfKE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/fe39ca-9a22-4c09-906e-afdd304ccea5/1/KgE0Z2uONx1E752Fh_3NKzuYfKE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 81:aa:01:7b:b0:0b:ab:2a:48:d7:1d:e4:75:d8:b4:ee:3f:da: b8:23:b0:b8:26:9a:d5:1b:2b:b7:a3:bd:66:b3:16:80:42:b5: 7b:b2:b3:ac:fa:27:7e:d8:0e:1c:d3:eb:18:32:c7:6c:c9:f7: 02:df:e5:27:16:1c:1c:7c:5b:11:32:d8:8a:61:f0:35:7f:06: f3:28:95:3a:23:c0:a6:d8:6c:b2:44:18:03:8e:09:61:6d:ef: fd:d8:c0:c4:ab:0d:de:b2:57:08:2b:91:44:15:c2:fb:fb:a5: 53:db:74:71:59:ae:ed:a2:e7:80:2c:df:88:cc:cf:23:99:a0: 7a:7b:08:98:9e:68:ff:4c:33:1b:00:90:33:b5:84:ed:ee:ed: 95:b3:69:d6:04:99:7f:c5:40:e5:bd:0d:66:a8:ed:1c:9d:2b: c4:9b:64:57:7e:85:87:06:e8:46:24:8a:8f:35:15:3b:2d:d6: 7b:d5:56:b0:9a:fa:05:85:ba:8d:59:95:ba:8a:49:68:b3:1d: 41:78:fc:ef:b9:07:52:6b:3a:f2:ad:60:c5:6e:c7:23:77:ee: 3f:4e:25:54:ad:e4:a7:22:56:65:5f:be:03:0d:7b:7a:77:c5: ff:03:8c:7e:a7:d7:d8:54:a5:98:0b:76:37:48:35:3c:56:b3: 00:f2:7c:7c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryCN12bcWz0USlz307fSqVMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhMDEzNDY3NmI4ZTM3MWQ0NGVmOWQ4NTg3ZmRjZDJiM2I5 ODdjYTEwHhcNMjUxMjA2MDUwMDU4WhcNMjUxMjA3MDUwMDU4WjAzMTEwLwYDVQQD EygyMjBhMTVhYWM0MDM1MDA4ZDdhMDZiMTgwNWQyMTUyNTkwN2I0NmEzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwf9b9xyDTzKaWhUWvno+vlNl6x3G Ezhl62aICJ/B809lBkfNQNcsrHSsVIpgwCTYNB9tPLDIR8wzIDhZhAG+QQWPXvqi nr0en2bq2KeMhOFRkMpmR01bjHGUmPaI1mmfJpx42c1rm/mMTSdsKIj+40PCghsp I0sitz7Tv34PZkE0kymocWVpbakRJl5k8K2ugLbybOcfQUQzvj3TjtT65+3oAsLS 5ihfhNJoN9gOlwem+94iZCSP9Ro7gysbLBML7KRPK8OP2NA0xkq/gT5T0LwV6Egk A4pvFikOnxzFZmBuLp65nF8VNBVE3J1ySh4owuEJBz1maIs47D1Xl/oKPQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCIKFarEA1AI16BrGAXSFSWQe0ajMB8GA1UdIwQY MBaAFCoBNGdrjjcdRO+dhYf9zSs7mHyhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS2dFMFoydU9OeDFFNzUyRmhfM05LenVZZktFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9mZTM5Y2EtOWEyMi00YzA5LTkwNmUt YWZkZDMwNGNjZWE1LzEvS2dFMFoydU9OeDFFNzUyRmhfM05LenVZZktFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xYy9mZTM5Y2EtOWEyMi00YzA5LTkwNmUtYWZkZDMwNGNjZWE1 LzEvS2dFMFoydU9OeDFFNzUyRmhfM05LenVZZktFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgaoBe7AL qypI1x3kddi07j/auCOwuCaa1Rsrt6O9ZrMWgEK1e7KzrPonftgOHNPrGDLHbMn3 At/lJxYcHHxbETLYimHwNX8G8yiVOiPApthsskQYA44JYW3v/djAxKsN3rJXCCuR RBXC+/ulU9t0cVmu7aLngCzfiMzPI5mgensImJ5o/0wzGwCQM7WE7e7tlbNp1gSZ f8VA5b0NZqjtHJ0rxJtkV36FhwboRiSKjzUVOy3We9VWsJr6BYW6jVmVuopJaLMd QXj877kHUms68q1gxW7HI3fuP04lVK3kpyJWZV++Aw17enfF/wOMfqfX2FSlmAt2 N0g1PFazAPJ8fA== -----END CERTIFICATE-----Generated at Sat Dec 6 08:50:34 2025 by rpki-client