This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/aca44e-8449-471f-8ebd-52ccf65bd67b/1/KBp_B75cMTjLQ8LBiymqVGhUS6Y.mft File: KBp_B75cMTjLQ8LBiymqVGhUS6Y.mft (raw, json) Hash identifier: 882AxvQEZ6JU9XWK6kJPx/YhMTpfnGxdvloJV4H5iS0= Subject key identifier: 73:E3:C8:21:10:38:9B:98:D3:6F:D0:62:27:36:8F:3F:11:D9:A9:C0 Authority key identifier: 28:1A:7F:07:BE:5C:31:38:CB:43:C2:C1:8B:29:AA:54:68:54:4B:A6 Certificate issuer: /CN=281a7f07be5c3138cb43c2c18b29aa5468544ba6 Certificate serial: 019AF0BF18F4DCDFEFAFB3D65BA6A9A619EB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KBp_B75cMTjLQ8LBiymqVGhUS6Y.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/aca44e-8449-471f-8ebd-52ccf65bd67b/1/KBp_B75cMTjLQ8LBiymqVGhUS6Y.mft Manifest number: 0AF3 Signing time: Fri 05 Dec 2025 23:00:46 +0000 Manifest this update: Fri 05 Dec 2025 23:00:46 +0000 Manifest next update: Sat 06 Dec 2025 23:00:46 +0000 Files and hashes: 1: KBp_B75cMTjLQ8LBiymqVGhUS6Y.crl (hash: ykKWZxfzwUW8W5goifURFgMQle8QqmwS7omfMZb1j1A=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/aca44e-8449-471f-8ebd-52ccf65bd67b/1/KBp_B75cMTjLQ8LBiymqVGhUS6Y.crl rsync://rpki.ripe.net/repository/DEFAULT/23/aca44e-8449-471f-8ebd-52ccf65bd67b/1/KBp_B75cMTjLQ8LBiymqVGhUS6Y.mft rsync://rpki.ripe.net/repository/DEFAULT/KBp_B75cMTjLQ8LBiymqVGhUS6Y.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 23:00:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f0:bf:18:f4:dc:df:ef:af:b3:d6:5b:a6:a9:a6:19:eb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=281a7f07be5c3138cb43c2c18b29aa5468544ba6 Validity Not Before: Dec 5 23:00:46 2025 GMT Not After : Dec 6 23:00:46 2025 GMT Subject: CN=73e3c82110389b98d36fd06227368f3f11d9a9c0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:e6:ac:f2:3c:74:5f:92:16:a1:ec:9f:0c:89: e3:58:f3:c3:42:14:f3:15:3f:a2:5b:64:60:09:a1: b0:1b:ef:9c:65:99:59:3e:2f:7f:2f:f8:7f:a6:b9: e8:05:fa:a0:00:91:3e:cd:56:6d:9a:fb:8b:e3:51: 02:ee:93:57:f0:1c:6d:4a:53:8b:63:e5:f0:8c:f4: 81:c1:50:3d:ee:57:83:fb:ca:c4:b4:a7:68:3e:7f: dd:cc:20:80:cc:c3:66:b0:6d:87:9b:e3:da:5c:75: 7d:4c:b6:58:39:d9:36:9c:8c:af:3e:35:15:ed:b9: d8:6e:70:47:ac:41:7f:b1:8e:1d:1b:c5:27:c3:54: 12:17:76:50:1c:d9:86:ad:12:6a:7e:df:ba:5a:2e: 8e:82:51:cd:68:04:6b:d5:75:35:6b:1f:98:b1:0b: 89:23:84:60:b2:40:ca:c3:4b:11:c0:84:1f:72:03: 61:39:af:97:b1:98:04:fa:21:c2:b8:f9:ff:0d:17: 30:eb:fc:09:36:d1:fc:14:b3:35:58:30:4a:bb:11: 5b:f8:7d:93:79:9f:91:7c:d8:80:70:75:12:ef:24: 5f:3a:72:5b:8d:5d:93:c2:49:1d:45:76:77:63:70: 8b:2c:b4:bb:5b:15:ca:1f:a9:b7:91:09:db:e5:c1: 62:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 73:E3:C8:21:10:38:9B:98:D3:6F:D0:62:27:36:8F:3F:11:D9:A9:C0 X509v3 Authority Key Identifier: keyid:28:1A:7F:07:BE:5C:31:38:CB:43:C2:C1:8B:29:AA:54:68:54:4B:A6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KBp_B75cMTjLQ8LBiymqVGhUS6Y.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/aca44e-8449-471f-8ebd-52ccf65bd67b/1/KBp_B75cMTjLQ8LBiymqVGhUS6Y.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/23/aca44e-8449-471f-8ebd-52ccf65bd67b/1/KBp_B75cMTjLQ8LBiymqVGhUS6Y.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5a:b7:7d:96:5d:ac:ab:97:91:79:06:76:5a:a4:8a:70:07:56: bf:07:15:09:c0:44:be:34:e0:96:49:df:7b:b9:d1:f8:65:f3: 2d:8f:d4:6a:dd:14:b0:48:6b:fe:fb:17:17:1e:56:14:66:67: 92:30:54:7c:96:b9:6b:e6:d5:f9:9d:24:fb:1e:10:30:65:33: 03:45:73:e6:e6:8c:54:55:86:1f:e0:b1:f3:f8:ed:46:18:a2: 41:63:a7:bf:97:b7:8f:a1:44:f7:fa:ee:67:a6:63:ac:2a:a8: 44:89:66:58:dd:8c:0e:22:ae:25:ad:fb:f7:3a:71:23:2a:0f: c4:c7:cc:a3:7d:dd:c9:2b:b0:e2:07:85:c7:15:7c:22:bc:42: 19:fd:a1:9d:19:a1:33:28:60:0e:84:78:b3:80:df:32:3f:a6: b2:ad:0f:d3:0d:bc:49:37:bc:9a:a4:eb:56:89:1d:cc:a9:62: cb:14:2d:e8:d4:4c:d5:98:22:44:a0:a8:49:3b:0f:61:ac:98: 17:d9:4c:eb:76:9e:57:dd:b3:7f:d1:6c:4c:91:21:90:fd:b5: 7b:29:93:a2:c5:1e:8f:7a:e8:ec:b9:15:c1:77:b1:5b:66:89: 66:2b:ff:fa:cb:14:0a:4a:35:f2:86:7f:ec:41:1e:c2:98:57: cc:31:e6:6c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrwvxj03N/vr7PWW6apphnrMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI4MWE3ZjA3YmU1YzMxMzhjYjQzYzJjMThiMjlhYTU0Njg1 NDRiYTYwHhcNMjUxMjA1MjMwMDQ2WhcNMjUxMjA2MjMwMDQ2WjAzMTEwLwYDVQQD Eyg3M2UzYzgyMTEwMzg5Yjk4ZDM2ZmQwNjIyNzM2OGYzZjExZDlhOWMwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2eas8jx0X5IWoeyfDInjWPPDQhTz FT+iW2RgCaGwG++cZZlZPi9/L/h/prnoBfqgAJE+zVZtmvuL41EC7pNX8BxtSlOL Y+XwjPSBwVA97leD+8rEtKdoPn/dzCCAzMNmsG2Hm+PaXHV9TLZYOdk2nIyvPjUV 7bnYbnBHrEF/sY4dG8Unw1QSF3ZQHNmGrRJqft+6Wi6OglHNaARr1XU1ax+YsQuJ I4RgskDKw0sRwIQfcgNhOa+XsZgE+iHCuPn/DRcw6/wJNtH8FLM1WDBKuxFb+H2T eZ+RfNiAcHUS7yRfOnJbjV2TwkkdRXZ3Y3CLLLS7WxXKH6m3kQnb5cFi4QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHPjyCEQOJuY02/QYic2jz8R2anAMB8GA1UdIwQY MBaAFCgafwe+XDE4y0PCwYspqlRoVEumMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS0JwX0I3NWNNVGpMUThMQml5bXFWR2hVUzZZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9hY2E0NGUtODQ0OS00NzFmLThlYmQt NTJjY2Y2NWJkNjdiLzEvS0JwX0I3NWNNVGpMUThMQml5bXFWR2hVUzZZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMy9hY2E0NGUtODQ0OS00NzFmLThlYmQtNTJjY2Y2NWJkNjdi LzEvS0JwX0I3NWNNVGpMUThMQml5bXFWR2hVUzZZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWrd9ll2s q5eReQZ2WqSKcAdWvwcVCcBEvjTglknfe7nR+GXzLY/Uat0UsEhr/vsXFx5WFGZn kjBUfJa5a+bV+Z0k+x4QMGUzA0Vz5uaMVFWGH+Cx8/jtRhiiQWOnv5e3j6FE9/ru Z6ZjrCqoRIlmWN2MDiKuJa379zpxIyoPxMfMo33dySuw4geFxxV8IrxCGf2hnRmh MyhgDoR4s4DfMj+msq0P0w28STe8mqTrVokdzKliyxQt6NRM1ZgiRKCoSTsPYayY F9lM63aeV92zf9FsTJEhkP21eymTosUej3ro7LkVwXexW2aJZiv/+ssUCko18oZ/ 7EEewphXzDHmbA== -----END CERTIFICATE-----Generated at Sat Dec 6 09:09:47 2025 by rpki-client