This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/60c724-a005-46d7-8452-16ce339016a0/1/KDYkAH9E3K9WjDcOf3H5UMsZQO8.mft File: KDYkAH9E3K9WjDcOf3H5UMsZQO8.mft (raw, json) Hash identifier: WApfNlumJDQSMz2jzgak2iihKLmUIABZT2j1ygnfDjY= Subject key identifier: 7B:04:E2:2A:26:15:F5:A6:C2:26:06:8C:F2:99:AA:D6:EA:5F:FB:D6 Authority key identifier: 28:36:24:00:7F:44:DC:AF:56:8C:37:0E:7F:71:F9:50:CB:19:40:EF Certificate issuer: /CN=283624007f44dcaf568c370e7f71f950cb1940ef Certificate serial: 019AF5783E8116FC697D74213BF5C629EC3B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KDYkAH9E3K9WjDcOf3H5UMsZQO8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/60c724-a005-46d7-8452-16ce339016a0/1/KDYkAH9E3K9WjDcOf3H5UMsZQO8.mft Manifest number: 08DE Signing time: Sat 06 Dec 2025 21:01:29 +0000 Manifest this update: Sat 06 Dec 2025 21:01:29 +0000 Manifest next update: Sun 07 Dec 2025 21:01:29 +0000 Files and hashes: 1: 8nNgOGtBQWNTilGRrMmNlFZZwGM.roa (hash: mOJcQQ3vA0VCC5mkB6hJglG7LUq/Vu6wljMQaBgi+dM=) 2: KDYkAH9E3K9WjDcOf3H5UMsZQO8.crl (hash: TV41EnTANzmyLdJD3+Q3R6osyzx3rI29HtpswneFp68=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/60c724-a005-46d7-8452-16ce339016a0/1/KDYkAH9E3K9WjDcOf3H5UMsZQO8.crl rsync://rpki.ripe.net/repository/DEFAULT/21/60c724-a005-46d7-8452-16ce339016a0/1/KDYkAH9E3K9WjDcOf3H5UMsZQO8.mft rsync://rpki.ripe.net/repository/DEFAULT/KDYkAH9E3K9WjDcOf3H5UMsZQO8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 21:01:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:78:3e:81:16:fc:69:7d:74:21:3b:f5:c6:29:ec:3b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=283624007f44dcaf568c370e7f71f950cb1940ef Validity Not Before: Dec 6 21:01:29 2025 GMT Not After : Dec 7 21:01:29 2025 GMT Subject: CN=7b04e22a2615f5a6c226068cf299aad6ea5ffbd6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:3f:a0:e4:7f:d9:1a:10:ca:a4:fc:4d:ed:6e: 2e:06:48:a6:02:fb:49:6f:d5:48:4c:5d:bb:09:1c: 55:ac:ec:5b:90:ce:3a:f1:40:51:80:30:81:7c:f9: 4c:ba:82:b4:b0:a3:8b:7b:a0:82:6f:6c:a4:69:55: 4a:ce:fa:f8:e6:4c:db:b2:23:ce:30:61:fc:8f:11: fa:d6:7f:77:49:96:55:88:fc:5a:9e:3b:0e:70:86: 8e:df:4f:3e:e9:f9:2a:dc:28:de:0c:7d:18:b7:0a: a3:47:3f:77:6d:ab:26:3e:0e:7d:30:c5:dd:2d:c9: 49:62:af:4a:57:3d:bc:df:3b:ae:a4:4b:22:5f:b2: ae:59:29:d8:1b:c9:c8:9c:12:d3:57:32:5b:4c:bf: 6c:fd:98:df:70:d3:fd:25:07:0d:0d:60:77:32:54: 88:f1:6a:ea:0d:cf:ff:45:e2:f8:dd:b2:58:c4:55: a9:8b:d3:3c:63:75:64:ba:e7:fc:36:c0:f4:70:05: 56:50:4e:1b:5d:06:2e:9a:9d:df:68:81:87:21:1f: 4c:0c:23:9a:84:f8:28:9c:86:8a:9e:5a:4b:fc:b4: ae:70:c5:4c:f0:54:02:29:13:5d:ad:cd:ea:b2:ed: af:4d:ba:89:f8:05:66:39:f0:5e:43:5f:83:10:61: 6f:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7B:04:E2:2A:26:15:F5:A6:C2:26:06:8C:F2:99:AA:D6:EA:5F:FB:D6 X509v3 Authority Key Identifier: keyid:28:36:24:00:7F:44:DC:AF:56:8C:37:0E:7F:71:F9:50:CB:19:40:EF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KDYkAH9E3K9WjDcOf3H5UMsZQO8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/60c724-a005-46d7-8452-16ce339016a0/1/KDYkAH9E3K9WjDcOf3H5UMsZQO8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/21/60c724-a005-46d7-8452-16ce339016a0/1/KDYkAH9E3K9WjDcOf3H5UMsZQO8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 92:f9:e4:9c:08:92:44:40:81:41:3c:b0:6b:a6:a1:d4:b6:48: 67:87:9f:fd:8d:e7:8a:a3:8f:f3:bf:43:73:17:ee:4b:c8:c7: 90:4d:d3:43:27:a3:3e:c2:e5:63:31:f1:49:a2:f0:80:23:35: 88:c5:b5:ee:2e:63:46:78:ee:1d:34:6c:70:3e:f2:6c:d6:05: d4:50:93:48:27:b9:a8:4b:1a:cd:79:72:e3:e7:b4:13:58:9e: 3d:46:2f:03:9d:b0:cc:41:1a:cb:46:93:d8:5e:c1:40:fa:fd: a0:d1:14:4f:69:fb:2d:c6:b9:d4:d0:af:1d:55:42:af:c7:1d: 84:a9:12:bb:18:07:0e:d6:d8:46:77:5b:b7:d7:d9:11:4d:f2: d5:ac:06:b0:f9:d1:0e:16:64:2f:bb:1d:a1:6f:6d:a9:d1:e3: 15:e4:ba:92:60:1f:8c:b3:09:cd:16:a7:29:4e:14:3b:c4:3a: 4a:2b:65:65:5f:59:2c:87:86:63:15:51:51:31:eb:e5:77:4b: aa:52:5f:ac:d9:6b:97:4a:de:ec:02:51:96:42:88:98:ce:0f: a5:d3:bc:50:dc:9c:df:a5:fc:4b:de:2a:a4:a7:44:1a:7b:7d: d7:09:dd:db:8d:ca:b1:83:24:29:c2:6f:75:9f:5b:3f:b6:37: c7:20:77:c0 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr1eD6BFvxpfXQhO/XGKew7MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI4MzYyNDAwN2Y0NGRjYWY1NjhjMzcwZTdmNzFmOTUwY2Ix OTQwZWYwHhcNMjUxMjA2MjEwMTI5WhcNMjUxMjA3MjEwMTI5WjAzMTEwLwYDVQQD Eyg3YjA0ZTIyYTI2MTVmNWE2YzIyNjA2OGNmMjk5YWFkNmVhNWZmYmQ2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqD+g5H/ZGhDKpPxN7W4uBkimAvtJ b9VITF27CRxVrOxbkM468UBRgDCBfPlMuoK0sKOLe6CCb2ykaVVKzvr45kzbsiPO MGH8jxH61n93SZZViPxanjsOcIaO308+6fkq3CjeDH0YtwqjRz93basmPg59MMXd LclJYq9KVz283zuupEsiX7KuWSnYG8nInBLTVzJbTL9s/ZjfcNP9JQcNDWB3MlSI 8WrqDc//ReL43bJYxFWpi9M8Y3Vkuuf8NsD0cAVWUE4bXQYump3faIGHIR9MDCOa hPgonIaKnlpL/LSucMVM8FQCKRNdrc3qsu2vTbqJ+AVmOfBeQ1+DEGFvKQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHsE4iomFfWmwiYGjPKZqtbqX/vWMB8GA1UdIwQY MBaAFCg2JAB/RNyvVow3Dn9x+VDLGUDvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS0RZa0FIOUUzSzlXakRjT2YzSDVVTXNaUU84LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS82MGM3MjQtYTAwNS00NmQ3LTg0NTIt MTZjZTMzOTAxNmEwLzEvS0RZa0FIOUUzSzlXakRjT2YzSDVVTXNaUU84Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMS82MGM3MjQtYTAwNS00NmQ3LTg0NTItMTZjZTMzOTAxNmEw LzEvS0RZa0FIOUUzSzlXakRjT2YzSDVVTXNaUU84LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkvnknAiS RECBQTywa6ah1LZIZ4ef/Y3niqOP879DcxfuS8jHkE3TQyejPsLlYzHxSaLwgCM1 iMW17i5jRnjuHTRscD7ybNYF1FCTSCe5qEsazXly4+e0E1iePUYvA52wzEEay0aT 2F7BQPr9oNEUT2n7Lca51NCvHVVCr8cdhKkSuxgHDtbYRndbt9fZEU3y1awGsPnR DhZkL7sdoW9tqdHjFeS6kmAfjLMJzRanKU4UO8Q6SitlZV9ZLIeGYxVRUTHr5XdL qlJfrNlrl0re7AJRlkKImM4PpdO8UNyc36X8S94qpKdEGnt91wnd243KsYMkKcJv dZ9bP7Y3xyB3wA== -----END CERTIFICATE-----Generated at Sun Dec 7 04:31:49 2025 by rpki-client