This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/ba6df7-f325-4184-a54a-0c481f0ad20e/1/KL8ecjI3QqxNgTarbI6F33ujfus.mft File: KL8ecjI3QqxNgTarbI6F33ujfus.mft (raw, json) Hash identifier: Rf+Ky5OfX6nJilWEKuVTRsnHi3ElX8IWPcs5mwGS9vA= Subject key identifier: 8E:CE:C1:8C:A4:AF:DA:5C:87:A8:22:4D:1B:40:DD:53:0D:CE:F4:E9 Authority key identifier: 28:BF:1E:72:32:37:42:AC:4D:81:36:AB:6C:8E:85:DF:7B:A3:7E:EB Certificate issuer: /CN=28bf1e72323742ac4d8136ab6c8e85df7ba37eeb Certificate serial: 019AF35219D0E6B4B24C4CCB6238CFA7312D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KL8ecjI3QqxNgTarbI6F33ujfus.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/ba6df7-f325-4184-a54a-0c481f0ad20e/1/KL8ecjI3QqxNgTarbI6F33ujfus.mft Manifest number: 1763 Signing time: Sat 06 Dec 2025 11:00:35 +0000 Manifest this update: Sat 06 Dec 2025 11:00:35 +0000 Manifest next update: Sun 07 Dec 2025 11:00:35 +0000 Files and hashes: 1: KL8ecjI3QqxNgTarbI6F33ujfus.crl (hash: MdwO418i1a3f3SPJ0GMsFh9sZhhFlQIdT0eh8pwFRF4=) 2: tkt4SudQfK9uwQrgGKvvYflAjl8.roa (hash: dFUnqKo0rasEdebFDefgA9DnqivcqZmMoexL2NOUY5M=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/ba6df7-f325-4184-a54a-0c481f0ad20e/1/KL8ecjI3QqxNgTarbI6F33ujfus.crl rsync://rpki.ripe.net/repository/DEFAULT/25/ba6df7-f325-4184-a54a-0c481f0ad20e/1/KL8ecjI3QqxNgTarbI6F33ujfus.mft rsync://rpki.ripe.net/repository/DEFAULT/KL8ecjI3QqxNgTarbI6F33ujfus.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 11:00:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:52:19:d0:e6:b4:b2:4c:4c:cb:62:38:cf:a7:31:2d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=28bf1e72323742ac4d8136ab6c8e85df7ba37eeb Validity Not Before: Dec 6 11:00:35 2025 GMT Not After : Dec 7 11:00:35 2025 GMT Subject: CN=8ecec18ca4afda5c87a8224d1b40dd530dcef4e9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:79:01:e9:dc:b6:d2:6e:73:67:67:fc:28:1d: ff:87:49:a0:db:70:6d:a2:0a:30:28:ce:d6:7c:8f: 4a:7f:eb:c8:b8:98:6c:79:4a:71:42:d4:41:57:e6: ae:06:be:0e:f5:e6:15:9e:8d:e3:b6:38:1d:0d:ea: da:be:6b:ee:f9:63:23:b1:a5:df:73:0f:47:ca:3f: 11:c5:b1:d8:30:36:a9:0d:81:5e:f7:ce:7a:87:b4: d7:bd:39:67:ec:c7:68:bd:36:21:e7:f1:53:f3:78: 9e:56:46:14:37:3d:37:f5:d9:11:d2:34:f9:63:5d: 0c:c1:c9:db:d7:f1:07:a8:2a:8c:c4:2c:c3:ff:ae: 97:2d:f1:1b:4c:c1:12:ee:bd:cf:f2:a0:66:b0:49: a0:45:bb:ad:67:88:92:fa:10:26:e8:20:8c:e7:ac: a2:e1:f8:b1:43:96:b6:1d:41:ce:2b:8e:25:71:1e: 26:b4:48:1b:66:c9:b7:d8:9e:91:1e:82:01:4e:00: 1f:f4:6c:76:60:cd:56:7c:b8:96:f8:ff:4a:1b:7f: 7b:12:d4:2b:8e:df:c9:fa:8c:93:71:65:97:b7:3a: 56:43:aa:82:d6:ea:c0:51:07:8e:64:8c:92:af:3a: c7:c1:1b:ac:04:63:c7:cd:d3:2a:f6:5b:99:92:b8: 78:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8E:CE:C1:8C:A4:AF:DA:5C:87:A8:22:4D:1B:40:DD:53:0D:CE:F4:E9 X509v3 Authority Key Identifier: keyid:28:BF:1E:72:32:37:42:AC:4D:81:36:AB:6C:8E:85:DF:7B:A3:7E:EB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KL8ecjI3QqxNgTarbI6F33ujfus.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/ba6df7-f325-4184-a54a-0c481f0ad20e/1/KL8ecjI3QqxNgTarbI6F33ujfus.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/25/ba6df7-f325-4184-a54a-0c481f0ad20e/1/KL8ecjI3QqxNgTarbI6F33ujfus.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption bf:ce:e1:2e:3e:cf:5f:09:22:ac:01:b9:7a:41:13:69:4d:7a: 60:ef:50:af:ab:05:b9:3b:03:91:a4:4d:3d:40:79:0d:1f:8b: 2b:c8:07:6f:06:f7:aa:7d:d2:f2:c8:cb:76:3d:c4:4b:47:8a: 69:46:88:ee:b5:1c:c2:80:9a:37:97:52:99:24:79:e7:79:aa: be:12:b4:66:ea:56:c5:02:67:15:c2:4b:9a:a9:1c:27:47:35: 01:89:fa:74:0c:04:a6:b2:d4:34:50:38:09:50:03:7e:1b:23: 6d:b2:84:09:c0:3c:a1:6d:44:b7:72:6e:ce:0c:68:6a:d3:ba: 96:1c:cd:20:fb:c0:00:8c:91:4e:a6:fe:4e:26:de:bf:33:13: 02:1e:5c:e1:7c:12:27:01:87:a8:b7:ae:22:10:12:29:ea:6b: c2:7f:23:bc:13:e5:f6:cd:ac:de:d7:83:9f:c9:15:d1:60:39: 18:6a:32:61:30:76:a6:a4:18:3c:90:0e:09:31:17:7a:73:31: d9:35:1f:45:85:6a:1c:a8:2a:44:2a:26:e2:e6:26:f3:dd:25: d5:b6:ac:1f:70:33:b6:8b:3d:9c:7c:7b:7f:7a:b6:0e:4c:b8: 09:1d:56:3a:da:57:ab:9e:1c:86:46:f8:5c:05:ec:d9:a6:a9: ff:ff:f2:1f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzUhnQ5rSyTEzLYjjPpzEtMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI4YmYxZTcyMzIzNzQyYWM0ZDgxMzZhYjZjOGU4NWRmN2Jh MzdlZWIwHhcNMjUxMjA2MTEwMDM1WhcNMjUxMjA3MTEwMDM1WjAzMTEwLwYDVQQD Eyg4ZWNlYzE4Y2E0YWZkYTVjODdhODIyNGQxYjQwZGQ1MzBkY2VmNGU5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs3kB6dy20m5zZ2f8KB3/h0mg23Bt ogowKM7WfI9Kf+vIuJhseUpxQtRBV+auBr4O9eYVno3jtjgdDeravmvu+WMjsaXf cw9Hyj8RxbHYMDapDYFe9856h7TXvTln7MdovTYh5/FT83ieVkYUNz039dkR0jT5 Y10Mwcnb1/EHqCqMxCzD/66XLfEbTMES7r3P8qBmsEmgRbutZ4iS+hAm6CCM56yi 4fixQ5a2HUHOK44lcR4mtEgbZsm32J6RHoIBTgAf9Gx2YM1WfLiW+P9KG397EtQr jt/J+oyTcWWXtzpWQ6qC1urAUQeOZIySrzrHwRusBGPHzdMq9luZkrh4JwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFI7OwYykr9pch6giTRtA3VMNzvTpMB8GA1UdIwQY MBaAFCi/HnIyN0KsTYE2q2yOhd97o37rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS0w4ZWNqSTNRcXhOZ1RhcmJJNkYzM3VqZnVzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9iYTZkZjctZjMyNS00MTg0LWE1NGEt MGM0ODFmMGFkMjBlLzEvS0w4ZWNqSTNRcXhOZ1RhcmJJNkYzM3VqZnVzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNS9iYTZkZjctZjMyNS00MTg0LWE1NGEtMGM0ODFmMGFkMjBl LzEvS0w4ZWNqSTNRcXhOZ1RhcmJJNkYzM3VqZnVzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAv87hLj7P XwkirAG5ekETaU16YO9Qr6sFuTsDkaRNPUB5DR+LK8gHbwb3qn3S8sjLdj3ES0eK aUaI7rUcwoCaN5dSmSR553mqvhK0ZupWxQJnFcJLmqkcJ0c1AYn6dAwEprLUNFA4 CVADfhsjbbKECcA8oW1Et3JuzgxoatO6lhzNIPvAAIyRTqb+TibevzMTAh5c4XwS JwGHqLeuIhASKeprwn8jvBPl9s2s3teDn8kV0WA5GGoyYTB2pqQYPJAOCTEXenMx 2TUfRYVqHKgqRCom4uYm890l1basH3Aztos9nHx7f3q2Dky4CR1WOtpXq54chkb4 XAXs2aap///yHw== -----END CERTIFICATE-----Generated at Sat Dec 6 19:25:06 2025 by rpki-client