This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/987b3c-f345-4112-9240-a4c0aba9bbeb/1/KqPjBJdiCGjhestHhoLOegvRNTQ.mft File: KqPjBJdiCGjhestHhoLOegvRNTQ.mft (raw, json) Hash identifier: WxMVyBnwO5yJL9KUAc2aJ643CKiwVpU6aDn0vD2RWgk= Subject key identifier: 8E:0C:15:40:C2:FD:44:22:A5:6F:91:CA:E2:70:45:E1:90:09:6F:A1 Authority key identifier: 2A:A3:E3:04:97:62:08:68:E1:7A:CB:47:86:82:CE:7A:0B:D1:35:34 Certificate issuer: /CN=2aa3e30497620868e17acb478682ce7a0bd13534 Certificate serial: 019AF57755A25FB67FDA45B6A708E09AFFDC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KqPjBJdiCGjhestHhoLOegvRNTQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/987b3c-f345-4112-9240-a4c0aba9bbeb/1/KqPjBJdiCGjhestHhoLOegvRNTQ.mft Manifest number: 1762 Signing time: Sat 06 Dec 2025 21:00:29 +0000 Manifest this update: Sat 06 Dec 2025 21:00:29 +0000 Manifest next update: Sun 07 Dec 2025 21:00:29 +0000 Files and hashes: 1: KqPjBJdiCGjhestHhoLOegvRNTQ.crl (hash: vTI8dzJ4MO4Og4A1QwHxORJaMe0zD/eeXJpHViqBozI=) 2: _F5YjzIp4N7IiS5lXnJMJsPMLEU.roa (hash: HX+68oJeKBQGUaK3TL3s9cs53fsCINCeh8CnxLw+JsM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/987b3c-f345-4112-9240-a4c0aba9bbeb/1/KqPjBJdiCGjhestHhoLOegvRNTQ.crl rsync://rpki.ripe.net/repository/DEFAULT/21/987b3c-f345-4112-9240-a4c0aba9bbeb/1/KqPjBJdiCGjhestHhoLOegvRNTQ.mft rsync://rpki.ripe.net/repository/DEFAULT/KqPjBJdiCGjhestHhoLOegvRNTQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 21:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:77:55:a2:5f:b6:7f:da:45:b6:a7:08:e0:9a:ff:dc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2aa3e30497620868e17acb478682ce7a0bd13534 Validity Not Before: Dec 6 21:00:29 2025 GMT Not After : Dec 7 21:00:29 2025 GMT Subject: CN=8e0c1540c2fd4422a56f91cae27045e190096fa1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:fb:01:2b:0b:60:82:df:6c:d7:48:fb:81:82: 86:45:c1:39:a9:a0:58:57:22:35:89:0e:48:2f:aa: 0b:1f:29:21:da:67:26:0d:65:a1:5b:26:51:39:67: 41:be:19:ed:83:d0:cb:ff:01:1b:35:90:84:76:a0: d1:82:1e:51:53:be:be:b9:62:1b:30:d3:7b:29:92: 7c:8a:57:89:1d:e7:a1:d5:8b:4b:73:e3:8a:3f:e6: de:00:7c:10:60:6d:1c:e4:ca:89:95:bc:8b:18:ae: b8:95:9e:36:d3:2c:75:e4:1b:1e:3a:c3:2d:45:c5: 60:5d:cc:70:02:9b:57:d9:16:fc:cd:e1:30:19:25: 39:0e:0b:0e:f8:a7:8a:4d:0d:e0:01:26:4c:61:9a: 8c:e2:65:5c:cb:df:3c:ec:84:a3:c1:28:a1:02:fb: fe:8c:78:b0:e6:4f:a4:bd:63:cb:70:a7:87:3a:04: eb:a5:3c:f4:f8:a0:f1:8b:cd:5e:ec:16:15:9a:33: 84:1e:5d:86:e5:84:a4:92:91:1f:59:29:a5:f0:55: f1:88:88:e1:d4:5d:85:92:cc:3f:08:ab:16:ba:3f: f1:5b:b9:87:7b:b8:f6:b3:76:b4:b3:39:46:23:01: d0:d5:b2:c2:41:6d:1f:e6:ac:a6:8b:d0:05:63:f7: a9:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8E:0C:15:40:C2:FD:44:22:A5:6F:91:CA:E2:70:45:E1:90:09:6F:A1 X509v3 Authority Key Identifier: keyid:2A:A3:E3:04:97:62:08:68:E1:7A:CB:47:86:82:CE:7A:0B:D1:35:34 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KqPjBJdiCGjhestHhoLOegvRNTQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/987b3c-f345-4112-9240-a4c0aba9bbeb/1/KqPjBJdiCGjhestHhoLOegvRNTQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/21/987b3c-f345-4112-9240-a4c0aba9bbeb/1/KqPjBJdiCGjhestHhoLOegvRNTQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption aa:88:75:db:10:2f:35:90:e7:fd:bb:81:1f:bf:33:7e:91:bc: 3c:e3:0b:a4:74:a6:65:83:62:b6:e8:91:cc:37:db:25:ad:5a: 33:38:6f:61:35:1e:cc:af:ac:e1:43:96:fd:9b:be:4c:97:20: 6e:8e:7f:a2:11:5b:6b:72:e7:40:dc:e2:38:c8:7a:13:51:4b: 48:07:35:3f:92:73:6b:9c:36:95:34:60:6f:03:cf:73:ea:85: 4b:28:1b:ff:ae:b3:a7:b8:ec:24:12:ba:e0:c9:08:c2:fe:6b: f6:b6:26:31:51:90:ee:34:be:56:08:3d:5c:bb:33:a6:8a:73: d5:1a:12:86:2a:7a:2a:3a:72:17:f5:d8:c1:a8:33:f9:ed:dd: ad:36:08:dc:c2:8e:ac:47:82:0f:3f:70:ab:2d:3f:e7:31:f8: 16:c1:5c:4a:ce:ae:86:d4:7b:2c:4d:66:cd:6e:0d:20:fc:a0: 9b:82:18:79:81:65:98:2d:4c:bb:98:bd:9b:13:43:45:c5:89: 10:d8:6a:e7:fe:43:53:d7:7c:db:d0:d9:16:a4:7d:7f:da:d7: db:f3:e3:69:96:6a:ce:ad:ef:39:6b:74:bb:44:58:7d:a2:d8: dc:b2:be:cf:19:ee:2f:3a:49:43:0f:05:d2:bf:bf:7a:f8:9f: 3c:f2:e1:17 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr1d1WiX7Z/2kW2pwjgmv/cMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhYTNlMzA0OTc2MjA4NjhlMTdhY2I0Nzg2ODJjZTdhMGJk MTM1MzQwHhcNMjUxMjA2MjEwMDI5WhcNMjUxMjA3MjEwMDI5WjAzMTEwLwYDVQQD Eyg4ZTBjMTU0MGMyZmQ0NDIyYTU2ZjkxY2FlMjcwNDVlMTkwMDk2ZmExMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArfsBKwtggt9s10j7gYKGRcE5qaBY VyI1iQ5IL6oLHykh2mcmDWWhWyZROWdBvhntg9DL/wEbNZCEdqDRgh5RU76+uWIb MNN7KZJ8ileJHeeh1YtLc+OKP+beAHwQYG0c5MqJlbyLGK64lZ420yx15BseOsMt RcVgXcxwAptX2Rb8zeEwGSU5DgsO+KeKTQ3gASZMYZqM4mVcy9887ISjwSihAvv+ jHiw5k+kvWPLcKeHOgTrpTz0+KDxi81e7BYVmjOEHl2G5YSkkpEfWSml8FXxiIjh 1F2Fksw/CKsWuj/xW7mHe7j2s3a0szlGIwHQ1bLCQW0f5qymi9AFY/epoQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFI4MFUDC/UQipW+RyuJwReGQCW+hMB8GA1UdIwQY MBaAFCqj4wSXYgho4XrLR4aCznoL0TU0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS3FQakJKZGlDR2poZXN0SGhvTE9lZ3ZSTlRRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS85ODdiM2MtZjM0NS00MTEyLTkyNDAt YTRjMGFiYTliYmViLzEvS3FQakJKZGlDR2poZXN0SGhvTE9lZ3ZSTlRRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMS85ODdiM2MtZjM0NS00MTEyLTkyNDAtYTRjMGFiYTliYmVi LzEvS3FQakJKZGlDR2poZXN0SGhvTE9lZ3ZSTlRRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAqoh12xAv NZDn/buBH78zfpG8POMLpHSmZYNituiRzDfbJa1aMzhvYTUezK+s4UOW/Zu+TJcg bo5/ohFba3LnQNziOMh6E1FLSAc1P5Jza5w2lTRgbwPPc+qFSygb/66zp7jsJBK6 4MkIwv5r9rYmMVGQ7jS+Vgg9XLszpopz1RoShip6KjpyF/XYwagz+e3drTYI3MKO rEeCDz9wqy0/5zH4FsFcSs6uhtR7LE1mzW4NIPygm4IYeYFlmC1Mu5i9mxNDRcWJ ENhq5/5DU9d829DZFqR9f9rX2/PjaZZqzq3vOWt0u0RYfaLY3LK+zxnuLzpJQw8F 0r+/evifPPLhFw== -----END CERTIFICATE-----Generated at Sun Dec 7 01:30:43 2025 by rpki-client