This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/34e53f-6759-4cf5-9801-5d630e203fd5/1/kaEXOnDkH0WTVHZpraIvDX9o81Q.mft File: kaEXOnDkH0WTVHZpraIvDX9o81Q.mft (raw, json) Hash identifier: bPl0NStk5b71oWbP1j7PA3Vxp8/xD1Qlryt7OCCrOps= Subject key identifier: 81:36:F2:83:7E:38:47:22:07:F9:09:C8:85:D6:BE:92:6E:41:DD:03 Authority key identifier: 91:A1:17:3A:70:E4:1F:45:93:54:76:69:AD:A2:2F:0D:7F:68:F3:54 Certificate issuer: /CN=91a1173a70e41f4593547669ada22f0d7f68f354 Certificate serial: 019AF20921512AC0F009B3E1152079855945 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kaEXOnDkH0WTVHZpraIvDX9o81Q.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/34e53f-6759-4cf5-9801-5d630e203fd5/1/kaEXOnDkH0WTVHZpraIvDX9o81Q.mft Manifest number: 1763 Signing time: Sat 06 Dec 2025 05:01:15 +0000 Manifest this update: Sat 06 Dec 2025 05:01:15 +0000 Manifest next update: Sun 07 Dec 2025 05:01:15 +0000 Files and hashes: 1: kaEXOnDkH0WTVHZpraIvDX9o81Q.crl (hash: RZRzL3TRPeuGkGVRhbOo29scX/rpCQenUosVQmdXbJI=) 2: xREpLh3GVdj1ODzVkMBccz2oKXk.roa (hash: xbsUY7nQRM1AibU2b9y10o7TiQNt9Xvh0b0IzmFT71c=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/34e53f-6759-4cf5-9801-5d630e203fd5/1/kaEXOnDkH0WTVHZpraIvDX9o81Q.crl rsync://rpki.ripe.net/repository/DEFAULT/2b/34e53f-6759-4cf5-9801-5d630e203fd5/1/kaEXOnDkH0WTVHZpraIvDX9o81Q.mft rsync://rpki.ripe.net/repository/DEFAULT/kaEXOnDkH0WTVHZpraIvDX9o81Q.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:09:21:51:2a:c0:f0:09:b3:e1:15:20:79:85:59:45 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=91a1173a70e41f4593547669ada22f0d7f68f354 Validity Not Before: Dec 6 05:01:15 2025 GMT Not After : Dec 7 05:01:15 2025 GMT Subject: CN=8136f2837e38472207f909c885d6be926e41dd03 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:8c:0f:49:37:c4:3a:9c:3f:f1:6e:e6:37:d7: 07:35:b2:ab:d1:f4:4c:a2:d4:ee:a9:3c:1e:ff:f5: 42:56:29:84:f3:9e:30:3c:7e:97:33:11:1c:75:a6: 0b:5d:b4:57:56:04:f1:9e:3e:28:f4:a5:a0:3a:d8: f7:88:cd:d1:6c:50:71:89:36:e6:11:dc:71:dc:42: 0d:14:30:ea:43:1a:7c:a5:8c:41:44:0d:1a:30:01: 5f:51:27:8f:46:0c:66:81:0d:c0:e6:46:f0:11:0b: 64:2a:87:36:c0:18:b4:0d:c6:42:50:fb:fd:c1:9c: 1d:e1:c9:77:b7:28:82:3d:af:0b:1d:a3:86:83:fb: 49:9f:63:72:0c:84:b2:34:16:20:c8:2f:f9:0d:b8: 29:81:3e:fc:9e:42:d7:83:39:e3:8a:14:17:c4:3a: 66:29:b2:07:43:07:4c:ee:34:f4:94:87:3b:40:7c: 95:b5:a1:47:fb:02:9b:48:83:90:2f:86:4d:b6:62: bd:7d:1d:4f:a9:66:a9:be:ca:94:7a:bc:56:70:6a: 4d:d6:41:f1:e0:8b:dd:cc:50:42:39:73:50:be:1d: 99:e7:d2:f8:68:eb:70:e2:e0:af:73:b9:41:d4:bf: 14:7b:84:0d:fa:a1:89:9a:f5:8d:41:f3:19:4c:8c: 9f:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 81:36:F2:83:7E:38:47:22:07:F9:09:C8:85:D6:BE:92:6E:41:DD:03 X509v3 Authority Key Identifier: keyid:91:A1:17:3A:70:E4:1F:45:93:54:76:69:AD:A2:2F:0D:7F:68:F3:54 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kaEXOnDkH0WTVHZpraIvDX9o81Q.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/34e53f-6759-4cf5-9801-5d630e203fd5/1/kaEXOnDkH0WTVHZpraIvDX9o81Q.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/34e53f-6759-4cf5-9801-5d630e203fd5/1/kaEXOnDkH0WTVHZpraIvDX9o81Q.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 73:2a:36:3f:44:32:53:af:b8:43:47:8e:45:c5:ff:32:76:07: 4b:44:b5:b7:09:c5:f2:33:1e:62:bc:fb:2b:d4:7e:f8:be:a4: e4:2f:65:78:15:20:e3:aa:7a:92:5e:50:75:7c:fc:24:71:e3: 19:60:67:49:24:a5:4f:d2:7c:f4:78:0f:24:3d:99:9e:a7:64: c0:1e:e1:8d:87:60:cc:9b:42:e9:0f:3d:9b:99:dc:87:3c:9e: 9d:c1:b7:c7:b2:00:14:62:ac:0c:9e:6d:70:9f:7a:95:8d:41: 5c:b8:40:d8:60:c1:f2:fc:1a:ff:f4:5c:b0:f5:f1:e3:f1:80: 5e:11:f6:6a:bc:71:97:ce:4e:9d:b9:24:e1:0e:89:6c:f4:4d: 77:3c:b0:67:5e:92:fd:bb:49:59:ad:6f:53:a9:5f:e5:45:95: a0:3e:ec:89:3c:95:0b:42:de:dc:bd:d7:00:0a:bc:c7:2e:1b: 96:09:56:51:57:34:5b:17:32:79:c6:b5:c7:cd:64:48:92:8f: bb:45:cd:45:11:23:1d:88:7b:31:7e:cf:fd:c2:46:a7:58:a4: 93:0d:b3:7e:12:4e:90:8f:2f:ef:c6:dd:34:c4:d5:ba:68:5a: a3:f3:7e:ea:07:64:a4:25:d9:8e:e1:1f:10:67:04:fe:e3:42: 5d:7c:c4:34 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryCSFRKsDwCbPhFSB5hVlFMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkxYTExNzNhNzBlNDFmNDU5MzU0NzY2OWFkYTIyZjBkN2Y2 OGYzNTQwHhcNMjUxMjA2MDUwMTE1WhcNMjUxMjA3MDUwMTE1WjAzMTEwLwYDVQQD Eyg4MTM2ZjI4MzdlMzg0NzIyMDdmOTA5Yzg4NWQ2YmU5MjZlNDFkZDAzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlowPSTfEOpw/8W7mN9cHNbKr0fRM otTuqTwe//VCVimE854wPH6XMxEcdaYLXbRXVgTxnj4o9KWgOtj3iM3RbFBxiTbm Edxx3EINFDDqQxp8pYxBRA0aMAFfUSePRgxmgQ3A5kbwEQtkKoc2wBi0DcZCUPv9 wZwd4cl3tyiCPa8LHaOGg/tJn2NyDISyNBYgyC/5DbgpgT78nkLXgznjihQXxDpm KbIHQwdM7jT0lIc7QHyVtaFH+wKbSIOQL4ZNtmK9fR1PqWapvsqUerxWcGpN1kHx 4IvdzFBCOXNQvh2Z59L4aOtw4uCvc7lB1L8Ue4QN+qGJmvWNQfMZTIyfDwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIE28oN+OEciB/kJyIXWvpJuQd0DMB8GA1UdIwQY MBaAFJGhFzpw5B9Fk1R2aa2iLw1/aPNUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva2FFWE9uRGtIMFdUVkhacHJhSXZEWDlvODFRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi8zNGU1M2YtNjc1OS00Y2Y1LTk4MDEt NWQ2MzBlMjAzZmQ1LzEva2FFWE9uRGtIMFdUVkhacHJhSXZEWDlvODFRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYi8zNGU1M2YtNjc1OS00Y2Y1LTk4MDEtNWQ2MzBlMjAzZmQ1 LzEva2FFWE9uRGtIMFdUVkhacHJhSXZEWDlvODFRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcyo2P0Qy U6+4Q0eORcX/MnYHS0S1twnF8jMeYrz7K9R++L6k5C9leBUg46p6kl5QdXz8JHHj GWBnSSSlT9J89HgPJD2ZnqdkwB7hjYdgzJtC6Q89m5nchzyencG3x7IAFGKsDJ5t cJ96lY1BXLhA2GDB8vwa//RcsPXx4/GAXhH2arxxl85Onbkk4Q6JbPRNdzywZ16S /btJWa1vU6lf5UWVoD7siTyVC0Le3L3XAAq8xy4blglWUVc0Wxcyeca1x81kSJKP u0XNRREjHYh7MX7P/cJGp1ikkw2zfhJOkI8v78bdNMTVumhao/N+6gdkpCXZjuEf EGcE/uNCXXzENA== -----END CERTIFICATE-----Generated at Sat Dec 6 09:26:00 2025 by rpki-client