This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/f433c3-132f-4d66-bd30-c62cf20a5ec9/1/CKNNqqiH2YpTSMOkYKIfyE4RpOY.mft File: CKNNqqiH2YpTSMOkYKIfyE4RpOY.mft (raw, json) Hash identifier: MMwjltNflrt0XzxEQcB4yMSI8ymZopOknFbLy+BjgC8= Subject key identifier: A5:1E:80:FB:3E:1C:1A:67:02:44:8C:AE:39:02:30:B8:16:AD:18:4E Authority key identifier: 08:A3:4D:AA:A8:87:D9:8A:53:48:C3:A4:60:A2:1F:C8:4E:11:A4:E6 Certificate issuer: /CN=08a34daaa887d98a5348c3a460a21fc84e11a4e6 Certificate serial: 019B36E9A0C658AB3DAAED29E519A7C3954F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CKNNqqiH2YpTSMOkYKIfyE4RpOY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/f433c3-132f-4d66-bd30-c62cf20a5ec9/1/CKNNqqiH2YpTSMOkYKIfyE4RpOY.mft Manifest number: 13EC Signing time: Fri 19 Dec 2025 14:00:39 +0000 Manifest this update: Fri 19 Dec 2025 14:00:39 +0000 Manifest next update: Sat 20 Dec 2025 14:00:39 +0000 Files and hashes: 1: CKNNqqiH2YpTSMOkYKIfyE4RpOY.crl (hash: ZczqA/ekV//NqsPFa+YkfAYXsvBYXs8KFimtw8XLPoI=) 2: DQ47vKDjcl-2XGhWvGpEltnbLx0.roa (hash: xO7ywYo6rKZE+1UGlrRMauCBtFM1TiMUXrJWYhc9zkg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/f433c3-132f-4d66-bd30-c62cf20a5ec9/1/CKNNqqiH2YpTSMOkYKIfyE4RpOY.crl rsync://rpki.ripe.net/repository/DEFAULT/33/f433c3-132f-4d66-bd30-c62cf20a5ec9/1/CKNNqqiH2YpTSMOkYKIfyE4RpOY.mft rsync://rpki.ripe.net/repository/DEFAULT/CKNNqqiH2YpTSMOkYKIfyE4RpOY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 07:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:36:e9:a0:c6:58:ab:3d:aa:ed:29:e5:19:a7:c3:95:4f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=08a34daaa887d98a5348c3a460a21fc84e11a4e6 Validity Not Before: Dec 19 14:00:39 2025 GMT Not After : Dec 20 14:00:39 2025 GMT Subject: CN=a51e80fb3e1c1a6702448cae390230b816ad184e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:19:dc:64:0f:67:9c:a4:fa:25:89:7d:7a:40: 83:80:cb:68:9e:51:d9:48:81:3c:a8:3f:6a:24:de: 4a:bf:47:39:36:62:8f:4d:30:07:60:c1:59:9f:d1: 06:cb:96:ed:18:aa:ca:85:74:90:06:50:10:95:a2: 6e:75:67:be:83:6c:34:74:8b:c0:9d:b7:09:86:4a: 4c:4f:bb:0d:d1:a7:35:4b:5c:16:ba:1c:39:6b:3b: 74:4f:36:47:8c:0b:b9:c4:fa:06:7f:94:17:43:64: 51:fe:6a:e9:cb:28:f4:53:42:b0:57:33:c8:9d:4f: 27:1b:b8:e4:36:34:4e:2a:33:b3:05:00:08:63:fd: 9d:48:ec:81:1e:7f:f7:cb:10:14:5e:c7:58:8f:c5: 68:22:c6:ca:84:47:87:22:41:d6:23:1c:6d:e4:82: c7:37:6b:03:7b:c9:84:ad:dd:32:1b:db:e6:f1:1d: 73:55:7d:39:7a:62:91:e0:c3:95:04:f2:54:b2:a8: 94:aa:fd:5d:62:3c:26:d4:23:03:05:86:65:82:0a: ac:ba:83:63:f6:c8:20:f8:c8:d3:6b:e2:16:10:1f: ac:22:1f:b7:5f:89:83:d2:a1:04:3a:78:35:0b:98: 39:52:f5:94:05:55:87:1f:60:d5:b6:07:0a:02:22: 0e:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A5:1E:80:FB:3E:1C:1A:67:02:44:8C:AE:39:02:30:B8:16:AD:18:4E X509v3 Authority Key Identifier: keyid:08:A3:4D:AA:A8:87:D9:8A:53:48:C3:A4:60:A2:1F:C8:4E:11:A4:E6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CKNNqqiH2YpTSMOkYKIfyE4RpOY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/f433c3-132f-4d66-bd30-c62cf20a5ec9/1/CKNNqqiH2YpTSMOkYKIfyE4RpOY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/33/f433c3-132f-4d66-bd30-c62cf20a5ec9/1/CKNNqqiH2YpTSMOkYKIfyE4RpOY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 16:c0:7b:fd:a6:a4:90:1c:e4:b2:c3:f0:2f:3d:f1:23:67:fe: 8f:a6:48:6d:5a:fd:90:2f:de:b5:de:86:8b:16:1a:e2:6b:10: 13:f9:9d:5c:0b:8d:99:16:54:f2:82:76:35:24:9d:0d:1a:81: f0:30:04:3b:e3:11:93:69:f0:93:97:18:1c:3e:a0:78:a1:d6: ef:cb:15:1b:dd:63:2c:05:a9:1f:a1:e1:ad:01:01:0d:8d:eb: d3:21:48:37:83:bb:3a:70:5a:e1:ba:d4:fe:4a:71:37:29:cd: 5e:d5:37:0e:b1:8b:38:a0:21:cc:28:af:39:93:ca:80:5f:ce: dd:e5:51:93:a9:2a:a6:28:20:1a:09:de:a6:22:dc:28:13:1e: 1f:21:d7:83:8e:2a:9c:2c:d2:7d:17:48:48:5f:0d:96:33:c5: 0a:eb:f5:af:45:8a:1b:44:12:d7:68:e8:7e:16:0a:14:38:9f: ed:76:d0:ca:81:b7:cc:4a:a0:37:fa:3a:3e:e4:8a:39:58:6f: f6:33:be:a5:93:36:55:14:59:ae:72:f3:e0:47:a0:2b:12:95: 2f:9a:61:dc:f6:37:6f:b7:f1:82:91:15:df:bc:eb:2c:3e:00: 25:4e:83:31:93:9f:d2:75:28:fc:83:c9:87:d0:c5:66:6e:e9: da:29:7c:46 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs26aDGWKs9qu0p5Rmnw5VPMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA4YTM0ZGFhYTg4N2Q5OGE1MzQ4YzNhNDYwYTIxZmM4NGUx MWE0ZTYwHhcNMjUxMjE5MTQwMDM5WhcNMjUxMjIwMTQwMDM5WjAzMTEwLwYDVQQD EyhhNTFlODBmYjNlMWMxYTY3MDI0NDhjYWUzOTAyMzBiODE2YWQxODRlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvBncZA9nnKT6JYl9ekCDgMtonlHZ SIE8qD9qJN5Kv0c5NmKPTTAHYMFZn9EGy5btGKrKhXSQBlAQlaJudWe+g2w0dIvA nbcJhkpMT7sN0ac1S1wWuhw5azt0TzZHjAu5xPoGf5QXQ2RR/mrpyyj0U0KwVzPI nU8nG7jkNjROKjOzBQAIY/2dSOyBHn/3yxAUXsdYj8VoIsbKhEeHIkHWIxxt5ILH N2sDe8mErd0yG9vm8R1zVX05emKR4MOVBPJUsqiUqv1dYjwm1CMDBYZlggqsuoNj 9sgg+MjTa+IWEB+sIh+3X4mD0qEEOng1C5g5UvWUBVWHH2DVtgcKAiIOUwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKUegPs+HBpnAkSMrjkCMLgWrRhOMB8GA1UdIwQY MBaAFAijTaqoh9mKU0jDpGCiH8hOEaTmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ0tOTnFxaUgyWXBUU01Pa1lLSWZ5RTRScE9ZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy9mNDMzYzMtMTMyZi00ZDY2LWJkMzAt YzYyY2YyMGE1ZWM5LzEvQ0tOTnFxaUgyWXBUU01Pa1lLSWZ5RTRScE9ZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMy9mNDMzYzMtMTMyZi00ZDY2LWJkMzAtYzYyY2YyMGE1ZWM5 LzEvQ0tOTnFxaUgyWXBUU01Pa1lLSWZ5RTRScE9ZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFsB7/aak kBzkssPwLz3xI2f+j6ZIbVr9kC/etd6GixYa4msQE/mdXAuNmRZU8oJ2NSSdDRqB 8DAEO+MRk2nwk5cYHD6geKHW78sVG91jLAWpH6HhrQEBDY3r0yFIN4O7OnBa4brU /kpxNynNXtU3DrGLOKAhzCivOZPKgF/O3eVRk6kqpiggGgnepiLcKBMeHyHXg44q nCzSfRdISF8NljPFCuv1r0WKG0QS12jofhYKFDif7XbQyoG3zEqgN/o6PuSKOVhv 9jO+pZM2VRRZrnLz4EegKxKVL5ph3PY3b7fxgpEV37zrLD4AJU6DMZOf0nUo/IPJ h9DFZm7p2il8Rg== -----END CERTIFICATE-----Generated at Fri Dec 19 15:46:58 2025 by rpki-client