This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/rKZqWTivVnqeKbT3bxFWB8K4qiA.mft File: rKZqWTivVnqeKbT3bxFWB8K4qiA.mft (raw, json) Hash identifier: Y6L9Z9FpZP7BOjX/p+s2RPIfamXVKRvHlkyWKthUa+c= Subject key identifier: 11:39:DE:9B:88:3D:C6:C7:59:C6:76:85:8A:2C:9D:08:92:E9:CC:D6 Authority key identifier: AC:A6:6A:59:38:AF:56:7A:9E:29:B4:F7:6F:11:56:07:C2:B8:AA:20 Certificate issuer: /CN=aca66a5938af567a9e29b4f76f115607c2b8aa20 Certificate serial: 019AF4651E38B9491BC0F80331F603CE963B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rKZqWTivVnqeKbT3bxFWB8K4qiA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/rKZqWTivVnqeKbT3bxFWB8K4qiA.mft Manifest number: 17AB Signing time: Sat 06 Dec 2025 16:00:58 +0000 Manifest this update: Sat 06 Dec 2025 16:00:58 +0000 Manifest next update: Sun 07 Dec 2025 16:00:58 +0000 Files and hashes: 1: ImHRlfwmPN78P_Oh9gE4V3RQlNI.roa (hash: milMy3dSE5K3t0uErJqYwzKrh2KzlT2VgvjtrqJfAkI=) 2: NXi6BiEUeLmLx0EnK11CHUUboHU.roa (hash: S/TsUoCXZkfTfOOKvUTF8Zz4Fuiobz4qRMGvcIUvZaQ=) 3: UkCQdP3RrZAe6U2EZsGgmUYM6T4.roa (hash: v1eSSUjEmDBKjFNO3CwwmScWxLPiyY9bodIun8a3QK4=) 4: _BA7tm8EF_tbwBM_8Y5W_eHYfic.roa (hash: db4l1hxQOgB+o48kmvSgTfCUsHPyWt6jnE1LZ4z2tb8=) 5: gt3jbvK7kO8d_xTYIGYJD2cUiGE.roa (hash: 4UbuDpyze6Z3g+LOHqr6qp0gaoTqf6iKQVEolNVaZbk=) 6: rKZqWTivVnqeKbT3bxFWB8K4qiA.crl (hash: 09S1k4LNEJ/jcZX/Dr+/u1xxPopA7H9vxJVMgAZx2HY=) 7: zaD-dp88t1vdyZK_258nhN4-HRE.roa (hash: 1ZtcUEcaTgE5bSHzBmJkaAjk5HYhgpCLfkDuM5vJsHA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/rKZqWTivVnqeKbT3bxFWB8K4qiA.crl rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/rKZqWTivVnqeKbT3bxFWB8K4qiA.mft rsync://rpki.ripe.net/repository/DEFAULT/rKZqWTivVnqeKbT3bxFWB8K4qiA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f4:65:1e:38:b9:49:1b:c0:f8:03:31:f6:03:ce:96:3b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=aca66a5938af567a9e29b4f76f115607c2b8aa20 Validity Not Before: Dec 6 16:00:58 2025 GMT Not After : Dec 7 16:00:58 2025 GMT Subject: CN=1139de9b883dc6c759c676858a2c9d0892e9ccd6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:57:43:e3:ed:9f:b0:1e:28:d1:59:a0:c9:0d: c3:cd:c3:eb:ce:4b:68:c9:07:e8:48:a9:50:db:8b: 3b:72:ff:77:74:db:6e:3e:ba:3f:7e:a8:40:eb:40: 6e:28:6e:ed:ac:a7:90:66:98:47:df:e9:75:9e:f5: c0:97:cc:9b:95:9b:9e:54:73:ed:95:b6:38:81:7e: b9:69:1d:9a:11:c8:dd:3e:63:aa:1c:6a:f7:05:a9: 56:0f:a8:62:ec:b2:e0:f3:10:82:47:66:d2:eb:1d: 39:72:91:fd:58:8e:46:7d:c0:1f:d5:71:c8:c7:29: ce:3b:a8:c0:87:92:87:ec:61:51:30:e0:0a:2f:b8: dd:73:93:cd:d5:84:16:26:ad:0b:a9:d3:8b:72:21: 8c:99:af:25:0d:b4:2b:05:fb:ff:5c:78:81:1e:cb: 79:b9:be:18:23:b0:5e:9f:21:42:3f:56:a3:b9:61: 89:29:e7:0f:92:4a:cb:c5:f4:5c:9f:81:48:ec:04: a7:54:0b:2f:ad:74:b4:b7:57:2d:5f:8c:d8:37:b6: 53:77:ca:57:4e:a3:5c:bd:c5:eb:14:a8:4a:65:2c: b3:13:c7:b7:19:70:e3:7c:d8:51:d4:d5:fe:86:f3: 2c:11:45:75:00:2a:8b:44:8b:09:91:a8:78:35:4c: cc:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 11:39:DE:9B:88:3D:C6:C7:59:C6:76:85:8A:2C:9D:08:92:E9:CC:D6 X509v3 Authority Key Identifier: keyid:AC:A6:6A:59:38:AF:56:7A:9E:29:B4:F7:6F:11:56:07:C2:B8:AA:20 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rKZqWTivVnqeKbT3bxFWB8K4qiA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/rKZqWTivVnqeKbT3bxFWB8K4qiA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/rKZqWTivVnqeKbT3bxFWB8K4qiA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 58:11:09:df:6c:93:40:ba:80:31:bb:1c:8c:da:63:c5:88:21: 2a:5e:1d:64:90:0b:67:5a:bd:9e:32:cf:a0:8d:e5:d9:76:cb: cf:02:e7:09:68:33:fa:b5:7a:1f:0f:db:95:04:82:01:78:52: 4b:35:83:7b:2f:67:be:ff:f7:2b:a1:df:e7:0b:d7:56:17:6f: e7:0b:1b:fe:87:46:63:7f:4c:19:53:28:41:ab:e7:0d:dc:d9: 5c:83:5b:98:52:e3:35:09:3f:fa:46:44:b3:02:1e:f0:00:c1: 8e:e8:0c:6f:f6:31:dd:0e:0d:25:2d:0b:07:27:4a:f0:13:ea: b0:9d:6e:d0:ce:b1:e5:40:91:7a:2b:35:32:fa:ee:fe:1e:43: b5:fc:61:df:c3:ce:45:a7:98:ad:9a:26:f2:c3:35:f4:14:be: fb:ed:7c:b9:70:95:5f:a8:47:4a:49:4e:f5:d4:4c:30:0f:30: 16:56:08:b9:5b:28:3b:94:fe:67:e2:ad:30:8a:51:f2:03:49: 93:68:22:62:3a:48:c2:97:7d:6e:3f:a8:02:bf:2c:b4:f7:04: f9:4f:44:4c:0e:ae:ca:69:57:d3:73:b8:15:c4:13:3a:77:1f: d2:a0:37:80:ad:9f:b9:b0:9f:09:19:01:b2:0d:6b:b9:64:3c: a4:4e:23:21 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr0ZR44uUkbwPgDMfYDzpY7MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFjYTY2YTU5MzhhZjU2N2E5ZTI5YjRmNzZmMTE1NjA3YzJi OGFhMjAwHhcNMjUxMjA2MTYwMDU4WhcNMjUxMjA3MTYwMDU4WjAzMTEwLwYDVQQD EygxMTM5ZGU5Yjg4M2RjNmM3NTljNjc2ODU4YTJjOWQwODkyZTljY2Q2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqVdD4+2fsB4o0VmgyQ3DzcPrzkto yQfoSKlQ24s7cv93dNtuPro/fqhA60BuKG7trKeQZphH3+l1nvXAl8yblZueVHPt lbY4gX65aR2aEcjdPmOqHGr3BalWD6hi7LLg8xCCR2bS6x05cpH9WI5GfcAf1XHI xynOO6jAh5KH7GFRMOAKL7jdc5PN1YQWJq0LqdOLciGMma8lDbQrBfv/XHiBHst5 ub4YI7BenyFCP1ajuWGJKecPkkrLxfRcn4FI7ASnVAsvrXS0t1ctX4zYN7ZTd8pX TqNcvcXrFKhKZSyzE8e3GXDjfNhR1NX+hvMsEUV1ACqLRIsJkah4NUzMpwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBE53puIPcbHWcZ2hYosnQiS6czWMB8GA1UdIwQY MBaAFKymalk4r1Z6nim0928RVgfCuKogMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcktacVdUaXZWbnFlS2JUM2J4RldCOEs0cWlBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8xNTA4OWItMThkNy00ZmYwLTlkMjgt YjliNjU0MDJiOTI4LzEvcktacVdUaXZWbnFlS2JUM2J4RldCOEs0cWlBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yZi8xNTA4OWItMThkNy00ZmYwLTlkMjgtYjliNjU0MDJiOTI4 LzEvcktacVdUaXZWbnFlS2JUM2J4RldCOEs0cWlBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWBEJ32yT QLqAMbscjNpjxYghKl4dZJALZ1q9njLPoI3l2XbLzwLnCWgz+rV6Hw/blQSCAXhS SzWDey9nvv/3K6Hf5wvXVhdv5wsb/odGY39MGVMoQavnDdzZXINbmFLjNQk/+kZE swIe8ADBjugMb/Yx3Q4NJS0LBydK8BPqsJ1u0M6x5UCReis1Mvru/h5Dtfxh38PO RaeYrZom8sM19BS+++18uXCVX6hHSklO9dRMMA8wFlYIuVsoO5T+Z+KtMIpR8gNJ k2giYjpIwpd9bj+oAr8stPcE+U9ETA6uymlX03O4FcQTOncf0qA3gK2fubCfCRkB sg1ruWQ8pE4jIQ== -----END CERTIFICATE-----Generated at Sat Dec 6 22:42:11 2025 by rpki-client