This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/50d855-cd81-481a-95ef-b84487f920e4/1/ktf2mgS9nK1SOzn3ei3atEwpEZI.mft File: ktf2mgS9nK1SOzn3ei3atEwpEZI.mft (raw, json) Hash identifier: sBsG5LXgrXaC1DowCMYqnNu/73zRJN3+QERrhEHVVDY= Subject key identifier: D8:9E:55:E4:B3:5D:D2:60:CC:AD:E6:0C:4E:45:CD:15:3C:5B:A2:7C Authority key identifier: 92:D7:F6:9A:04:BD:9C:AD:52:3B:39:F7:7A:2D:DA:B4:4C:29:11:92 Certificate issuer: /CN=92d7f69a04bd9cad523b39f77a2ddab44c291192 Certificate serial: 019AF3526ADF01DC262BD879F0DE3458E01E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktf2mgS9nK1SOzn3ei3atEwpEZI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/50d855-cd81-481a-95ef-b84487f920e4/1/ktf2mgS9nK1SOzn3ei3atEwpEZI.mft Manifest number: 16F3 Signing time: Sat 06 Dec 2025 11:00:55 +0000 Manifest this update: Sat 06 Dec 2025 11:00:55 +0000 Manifest next update: Sun 07 Dec 2025 11:00:55 +0000 Files and hashes: 1: ktf2mgS9nK1SOzn3ei3atEwpEZI.crl (hash: N8P6KNI7Xl201+oZ3GObpY93ssUzcXc14qbtakeqyNg=) 2: tX7ugzTELMCfaa10qZ6cRQFzo6s.roa (hash: pM1f1c7cpi8tX6YPlXTmsRIvmuNbzIiqqMIx6Cp/Bqk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/50d855-cd81-481a-95ef-b84487f920e4/1/ktf2mgS9nK1SOzn3ei3atEwpEZI.crl rsync://rpki.ripe.net/repository/DEFAULT/37/50d855-cd81-481a-95ef-b84487f920e4/1/ktf2mgS9nK1SOzn3ei3atEwpEZI.mft rsync://rpki.ripe.net/repository/DEFAULT/ktf2mgS9nK1SOzn3ei3atEwpEZI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 11:00:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:52:6a:df:01:dc:26:2b:d8:79:f0:de:34:58:e0:1e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=92d7f69a04bd9cad523b39f77a2ddab44c291192 Validity Not Before: Dec 6 11:00:55 2025 GMT Not After : Dec 7 11:00:55 2025 GMT Subject: CN=d89e55e4b35dd260ccade60c4e45cd153c5ba27c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:89:55:db:fe:28:80:b2:55:09:26:05:6c:7a:08: d4:43:42:e1:fd:6e:cb:98:66:62:8e:64:02:09:a9: e7:c5:1a:27:68:65:c6:c2:bf:ca:b2:7f:87:86:74: 55:d7:14:10:48:fe:5e:cc:41:37:2a:87:d7:63:f1: 6a:89:d1:bc:a0:8c:bc:2e:26:59:27:40:89:25:5b: 74:01:0e:80:f2:ad:1f:ec:2b:7d:07:c6:31:06:68: 6b:c5:d4:c0:f6:f4:83:f8:61:c7:3c:3c:53:b9:d5: dd:75:38:fa:d2:8b:61:2c:19:8e:38:98:03:1c:e8: 2f:5f:c7:38:92:7d:a7:c2:64:93:a7:03:7f:8b:d3: 3f:3f:b6:f8:df:dc:9b:3f:a5:1c:85:96:d5:77:85: c9:ec:38:69:e3:1a:27:46:41:1b:51:72:35:a8:73: e2:08:bd:30:c4:7a:ca:6f:b0:ac:21:56:4e:eb:63: c5:f4:d8:a7:06:ec:a7:4e:fb:e3:72:aa:17:09:42: 7e:90:8a:e3:c6:4d:c5:49:ad:1b:8d:93:69:bb:98: 70:bf:0d:fd:75:5b:1a:94:1f:b7:5a:73:89:98:08: fe:d4:ec:ac:9d:10:ba:c7:4a:d7:dc:6a:36:ea:52: 25:04:f0:98:96:fc:56:35:ae:49:59:1f:85:0e:ac: 9e:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:9E:55:E4:B3:5D:D2:60:CC:AD:E6:0C:4E:45:CD:15:3C:5B:A2:7C X509v3 Authority Key Identifier: keyid:92:D7:F6:9A:04:BD:9C:AD:52:3B:39:F7:7A:2D:DA:B4:4C:29:11:92 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktf2mgS9nK1SOzn3ei3atEwpEZI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/50d855-cd81-481a-95ef-b84487f920e4/1/ktf2mgS9nK1SOzn3ei3atEwpEZI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/37/50d855-cd81-481a-95ef-b84487f920e4/1/ktf2mgS9nK1SOzn3ei3atEwpEZI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption c1:81:97:c0:0f:88:e3:3a:19:eb:93:e9:4f:2c:d7:2a:be:e8: e7:4a:fc:85:42:33:3c:9a:e8:f6:ed:a9:32:3a:68:61:5e:e2: eb:04:07:f6:08:6d:41:aa:e7:ce:7f:ce:d9:f3:98:2d:aa:37: 5b:03:d9:32:5c:d5:11:e9:cc:01:9d:f2:99:bb:f3:b2:a5:7b: b5:e0:ae:90:c1:7c:1c:1d:6d:91:14:fa:82:3a:ef:09:3a:40: 7c:8d:56:85:45:c5:ac:34:5b:f7:47:33:70:da:2e:1a:fc:6b: 61:73:cf:dd:01:36:50:ff:52:53:f7:a6:28:2d:eb:12:76:65: a6:da:3f:84:c2:11:71:31:a7:8b:99:48:04:19:63:6d:cf:57: 9b:4a:75:42:a1:55:e9:50:d5:88:b9:9d:c8:64:27:fc:e9:10: a4:0d:34:1c:9f:18:cc:f9:68:5e:8c:24:11:1e:e4:15:bb:fb: 9c:bd:06:2b:c2:c5:a5:ea:4b:c5:a9:01:80:01:97:c8:d8:a4: 57:a0:fb:69:46:8c:14:89:12:2b:59:75:cd:bb:14:86:df:eb: f6:57:8d:37:2f:4b:d8:bc:d9:fe:3c:e6:b3:3a:1d:9f:05:72: 54:c1:22:cc:b6:87:3d:50:2c:4d:fc:2f:f4:d8:4f:30:ee:8b: a7:fb:92:05 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzUmrfAdwmK9h58N40WOAeMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkyZDdmNjlhMDRiZDljYWQ1MjNiMzlmNzdhMmRkYWI0NGMy OTExOTIwHhcNMjUxMjA2MTEwMDU1WhcNMjUxMjA3MTEwMDU1WjAzMTEwLwYDVQQD EyhkODllNTVlNGIzNWRkMjYwY2NhZGU2MGM0ZTQ1Y2QxNTNjNWJhMjdjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiVXb/iiAslUJJgVsegjUQ0Lh/W7L mGZijmQCCannxRonaGXGwr/Ksn+HhnRV1xQQSP5ezEE3KofXY/FqidG8oIy8LiZZ J0CJJVt0AQ6A8q0f7Ct9B8YxBmhrxdTA9vSD+GHHPDxTudXddTj60othLBmOOJgD HOgvX8c4kn2nwmSTpwN/i9M/P7b439ybP6UchZbVd4XJ7Dhp4xonRkEbUXI1qHPi CL0wxHrKb7CsIVZO62PF9NinBuynTvvjcqoXCUJ+kIrjxk3FSa0bjZNpu5hwvw39 dVsalB+3WnOJmAj+1OysnRC6x0rX3Go26lIlBPCYlvxWNa5JWR+FDqyeywIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNieVeSzXdJgzK3mDE5FzRU8W6J8MB8GA1UdIwQY MBaAFJLX9poEvZytUjs593ot2rRMKRGSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva3RmMm1nUzluSzFTT3puM2VpM2F0RXdwRVpJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy81MGQ4NTUtY2Q4MS00ODFhLTk1ZWYt Yjg0NDg3ZjkyMGU0LzEva3RmMm1nUzluSzFTT3puM2VpM2F0RXdwRVpJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNy81MGQ4NTUtY2Q4MS00ODFhLTk1ZWYtYjg0NDg3ZjkyMGU0 LzEva3RmMm1nUzluSzFTT3puM2VpM2F0RXdwRVpJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAwYGXwA+I 4zoZ65PpTyzXKr7o50r8hUIzPJro9u2pMjpoYV7i6wQH9ghtQarnzn/O2fOYLao3 WwPZMlzVEenMAZ3ymbvzsqV7teCukMF8HB1tkRT6gjrvCTpAfI1WhUXFrDRb90cz cNouGvxrYXPP3QE2UP9SU/emKC3rEnZlpto/hMIRcTGni5lIBBljbc9Xm0p1QqFV 6VDViLmdyGQn/OkQpA00HJ8YzPloXowkER7kFbv7nL0GK8LFpepLxakBgAGXyNik V6D7aUaMFIkSK1l1zbsUht/r9leNNy9L2LzZ/jzmszodnwVyVMEizLaHPVAsTfwv 9NhPMO6Lp/uSBQ== -----END CERTIFICATE-----Generated at Sat Dec 6 20:26:15 2025 by rpki-client