This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/be370e-6729-4df7-aabe-0a525b69db8f/1/kMABN-5t-utOpII7wXPDvAADHfk.mft File: kMABN-5t-utOpII7wXPDvAADHfk.mft (raw, json) Hash identifier: REPr9NZdjbNaZobKk/SNVKIv2MYuwn718ut9sK5ZKb4= Subject key identifier: FB:94:26:36:16:1B:B4:20:D2:59:A7:B1:E2:93:D1:3E:6B:F3:2D:87 Authority key identifier: 90:C0:01:37:EE:6D:FA:EB:4E:A4:82:3B:C1:73:C3:BC:00:03:1D:F9 Certificate issuer: /CN=90c00137ee6dfaeb4ea4823bc173c3bc00031df9 Certificate serial: 019AF31CC73234152694541859005786127A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kMABN-5t-utOpII7wXPDvAADHfk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/be370e-6729-4df7-aabe-0a525b69db8f/1/kMABN-5t-utOpII7wXPDvAADHfk.mft Manifest number: 0747 Signing time: Sat 06 Dec 2025 10:02:20 +0000 Manifest this update: Sat 06 Dec 2025 10:02:20 +0000 Manifest next update: Sun 07 Dec 2025 10:02:20 +0000 Files and hashes: 1: FCW2bGoLdcM6i-Jx_GrHtMzXAlk.roa (hash: WJgWrgAT99wsdStIPz/Fl698liisGeyhumyE7tw/O7c=) 2: kMABN-5t-utOpII7wXPDvAADHfk.crl (hash: fZdWSKdDcMw1Lwy+2AaTcojLRYtiaP11F5mzSD6mqd8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/be370e-6729-4df7-aabe-0a525b69db8f/1/kMABN-5t-utOpII7wXPDvAADHfk.crl rsync://rpki.ripe.net/repository/DEFAULT/36/be370e-6729-4df7-aabe-0a525b69db8f/1/kMABN-5t-utOpII7wXPDvAADHfk.mft rsync://rpki.ripe.net/repository/DEFAULT/kMABN-5t-utOpII7wXPDvAADHfk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1c:c7:32:34:15:26:94:54:18:59:00:57:86:12:7a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=90c00137ee6dfaeb4ea4823bc173c3bc00031df9 Validity Not Before: Dec 6 10:02:20 2025 GMT Not After : Dec 7 10:02:20 2025 GMT Subject: CN=fb942636161bb420d259a7b1e293d13e6bf32d87 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:9a:34:5d:23:1e:28:9b:72:23:31:df:e6:91: 00:c9:d4:eb:11:15:65:82:60:f1:32:d9:13:5f:2b: 67:2a:3f:55:8f:79:ea:fa:3a:d9:9c:33:fc:fc:28: 67:9d:64:c2:07:ba:ea:72:3a:c5:7d:66:85:d1:50: 55:a5:ef:c9:d6:ff:1c:78:2c:41:2d:46:e2:ad:f3: cd:26:6b:18:7e:67:3f:c5:0f:4d:92:0f:90:bb:b5: ac:6c:9b:ec:b6:a6:f7:a7:37:7a:14:02:ef:9c:12: 37:47:eb:b7:47:9a:67:25:9a:c8:30:26:07:4a:c7: ec:f6:77:23:46:14:88:21:36:db:89:9b:39:46:b0: 4a:8b:86:17:f5:1d:42:67:60:34:d7:6f:70:e1:4d: 4d:7c:b0:b7:5b:9b:f1:bd:66:8d:8d:5b:ea:d7:de: 12:a4:7d:27:7f:e9:2e:bc:e8:ba:d5:f2:32:f0:72: 70:9c:1b:f3:9c:99:d8:70:c2:21:0e:c4:f4:8e:16: 92:be:a4:32:79:24:88:1d:39:1d:67:51:4f:ca:50: b4:d7:b1:5c:9a:fb:0e:8d:e8:90:c6:e3:00:2f:06: a4:e3:c1:ba:30:60:44:21:7c:30:54:26:6a:62:8a: 06:ce:40:c8:3e:73:d1:5a:f2:b2:ad:39:a7:ed:3a: 16:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FB:94:26:36:16:1B:B4:20:D2:59:A7:B1:E2:93:D1:3E:6B:F3:2D:87 X509v3 Authority Key Identifier: keyid:90:C0:01:37:EE:6D:FA:EB:4E:A4:82:3B:C1:73:C3:BC:00:03:1D:F9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kMABN-5t-utOpII7wXPDvAADHfk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/be370e-6729-4df7-aabe-0a525b69db8f/1/kMABN-5t-utOpII7wXPDvAADHfk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/36/be370e-6729-4df7-aabe-0a525b69db8f/1/kMABN-5t-utOpII7wXPDvAADHfk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 48:48:2c:8c:2b:5d:d2:40:70:43:70:79:97:2f:d1:bc:41:a4: 79:8f:18:84:2b:6c:35:3a:52:0a:26:08:28:12:83:9b:ed:fd: b1:2c:c0:92:4d:93:1c:ef:6e:bb:c1:8c:b0:81:63:19:4e:da: 5a:cd:24:a8:c3:f9:e3:9f:1b:3e:16:87:37:f7:49:c6:db:17: 6e:a4:65:ab:f3:2c:7b:c0:a8:a6:92:ea:b5:cd:54:2d:e4:e5: 50:6e:10:67:5a:4b:5a:9d:b7:a1:87:a5:06:ae:3c:b8:eb:26: 7e:9e:6d:9e:21:65:4c:20:5d:39:63:ef:24:74:a9:32:00:c9: 4d:76:4a:5d:ed:3c:43:82:b4:77:f8:06:dc:2a:e6:73:4a:61: fa:9d:9d:7c:6c:ef:23:f9:6f:6d:ed:3b:1a:76:20:c1:29:dc: 83:20:be:08:ed:cf:75:9c:41:a8:6d:9b:5e:7f:9c:48:33:e0: 15:24:93:eb:85:4d:81:96:a7:d6:89:fa:b5:9a:ce:e4:1d:8f: 23:e1:00:5b:de:fc:cb:95:71:c1:7a:f6:05:28:63:a9:c9:44: d5:e4:7c:c2:2d:88:4e:2c:2c:fb:c0:d2:7a:2a:eb:7b:d4:7d: a5:9c:68:81:dc:17:c7:7e:0a:33:47:b3:30:a6:0e:6b:c8:5c: c3:fb:fa:b4 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzHMcyNBUmlFQYWQBXhhJ6MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkwYzAwMTM3ZWU2ZGZhZWI0ZWE0ODIzYmMxNzNjM2JjMDAw MzFkZjkwHhcNMjUxMjA2MTAwMjIwWhcNMjUxMjA3MTAwMjIwWjAzMTEwLwYDVQQD EyhmYjk0MjYzNjE2MWJiNDIwZDI1OWE3YjFlMjkzZDEzZTZiZjMyZDg3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuJo0XSMeKJtyIzHf5pEAydTrERVl gmDxMtkTXytnKj9Vj3nq+jrZnDP8/ChnnWTCB7rqcjrFfWaF0VBVpe/J1v8ceCxB LUbirfPNJmsYfmc/xQ9Nkg+Qu7WsbJvstqb3pzd6FALvnBI3R+u3R5pnJZrIMCYH Ssfs9ncjRhSIITbbiZs5RrBKi4YX9R1CZ2A0129w4U1NfLC3W5vxvWaNjVvq194S pH0nf+kuvOi61fIy8HJwnBvznJnYcMIhDsT0jhaSvqQyeSSIHTkdZ1FPylC017Fc mvsOjeiQxuMALwak48G6MGBEIXwwVCZqYooGzkDIPnPRWvKyrTmn7ToWQQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPuUJjYWG7Qg0lmnseKT0T5r8y2HMB8GA1UdIwQY MBaAFJDAATfubfrrTqSCO8Fzw7wAAx35MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva01BQk4tNXQtdXRPcElJN3dYUER2QUFESGZrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9iZTM3MGUtNjcyOS00ZGY3LWFhYmUt MGE1MjViNjlkYjhmLzEva01BQk4tNXQtdXRPcElJN3dYUER2QUFESGZrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNi9iZTM3MGUtNjcyOS00ZGY3LWFhYmUtMGE1MjViNjlkYjhm LzEva01BQk4tNXQtdXRPcElJN3dYUER2QUFESGZrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASEgsjCtd 0kBwQ3B5ly/RvEGkeY8YhCtsNTpSCiYIKBKDm+39sSzAkk2THO9uu8GMsIFjGU7a Ws0kqMP5458bPhaHN/dJxtsXbqRlq/Mse8CoppLqtc1ULeTlUG4QZ1pLWp23oYel Bq48uOsmfp5tniFlTCBdOWPvJHSpMgDJTXZKXe08Q4K0d/gG3Crmc0ph+p2dfGzv I/lvbe07GnYgwSncgyC+CO3PdZxBqG2bXn+cSDPgFSST64VNgZan1on6tZrO5B2P I+EAW978y5VxwXr2BShjqclE1eR8wi2ITiws+8DSeirre9R9pZxogdwXx34KM0ez MKYOa8hcw/v6tA== -----END CERTIFICATE-----Generated at Sat Dec 6 14:01:31 2025 by rpki-client