This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.mft File: kdDHjDCaPpncmrdPLNwEhIWedTA.mft (raw, json) Hash identifier: WlWoNwovuQAgVgcb0g6846oxbIOWRHBVhlqd0ZybU3k= Subject key identifier: 5D:4E:40:F3:3D:5E:1A:58:D4:55:00:CF:49:68:1A:F1:2A:D4:9C:4F Authority key identifier: 91:D0:C7:8C:30:9A:3E:99:DC:9A:B7:4F:2C:DC:04:84:85:9E:75:30 Certificate issuer: /CN=91d0c78c309a3e99dc9ab74f2cdc0484859e7530 Certificate serial: 019AF2AD54AB395DDA62CE5200140EB9373C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kdDHjDCaPpncmrdPLNwEhIWedTA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.mft Manifest number: 127A Signing time: Sat 06 Dec 2025 08:00:36 +0000 Manifest this update: Sat 06 Dec 2025 08:00:36 +0000 Manifest next update: Sun 07 Dec 2025 08:00:36 +0000 Files and hashes: 1: 1-W_ixXGYX8sPaJagj-AVwFiwChc.roa (hash: L0D3lIfkN9efhBw5T+b3u9NkdIMxDqZ5UXxZUhgRWOs=) 2: 1wei3P__YsLq8D2DZQdx3r5Se8Q.roa (hash: mJ3sfO2t0ZrVqr8Lh/dS5cWV3uJ23FidlrzCBj85Xpg=) 3: D9OViOUA1-461O4zttxUuu7lHv0.roa (hash: 2itBNaHzhENVRyOefdMh6N1RENcyUMqY/eAvQKNqorQ=) 4: FL9fu1OvmoFGfhkDWCYg6qk3FZw.roa (hash: 4qo1m7CfLoe2e1/s3slGLhDBLmvad/IFz+DUbL4c5ro=) 5: QhTNtcmMP2d8JHj8beOVtwBfn-8.roa (hash: pGtJfsZnHgpcNHsy6MUt5rD0YLB/sQz5xjhWg8xCmoY=) 6: b_UNR9Xj_ycfuOSMA48F_QSRqts.roa (hash: V/FK04zH2Za3Nwu+0PjyuAuPUrWk9vHEnkwAOnyhoAs=) 7: bvT0XxpWvjhSrsyJnY-pHBlHicQ.roa (hash: jO921Nm2+NbwqmtR+BTndgCkDUsWuQ/tZNnxs0Ah0nM=) 8: jOvM-KkjMcocARVIZsXXSmhqwTk.roa (hash: /hlDFttzMgmj+4PtUECpeb46avxwmQavKNZsIngAs74=) 9: kdDHjDCaPpncmrdPLNwEhIWedTA.crl (hash: 8eRhLSUmFhM+FVSxvSXQGzsFRcE7qZu9ttjOr9tgTMw=) 10: mI6CMDbVFOggenhN7vYK1kqjlUM.roa (hash: Ix338GJteDKUBZwQ6uAO2I9vp00YeBcogG5YXz8IPLE=) 11: vUVcdpzXr2JQGsu1xtXoOvW_LHU.roa (hash: 2iN03nQJUllsMqRJ1fP7+P4h4U6MeEk1ERszIuxQ8MY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.crl rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.mft rsync://rpki.ripe.net/repository/DEFAULT/kdDHjDCaPpncmrdPLNwEhIWedTA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:ad:54:ab:39:5d:da:62:ce:52:00:14:0e:b9:37:3c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=91d0c78c309a3e99dc9ab74f2cdc0484859e7530 Validity Not Before: Dec 6 08:00:36 2025 GMT Not After : Dec 7 08:00:36 2025 GMT Subject: CN=5d4e40f33d5e1a58d45500cf49681af12ad49c4f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:94:00:6d:41:98:b3:30:36:83:2c:bf:7a:55:4c: f9:d7:09:9c:28:f2:3e:f6:82:77:aa:43:b1:08:33: 28:5a:02:66:96:50:a4:4a:fc:83:0d:01:4c:45:ac: af:40:2c:48:ff:ca:17:59:5f:17:95:24:2f:00:dc: a3:1d:32:26:61:65:6c:5b:53:ea:32:b7:ef:f5:54: 7f:3e:31:c1:9e:a6:58:0a:9d:9d:d2:9a:c4:51:d1: 47:87:10:df:be:af:1c:96:61:41:60:04:5b:7f:06: a9:4b:c0:0e:3d:59:08:49:c2:68:11:c8:da:70:d6: be:a6:b3:37:27:3a:c8:a6:b6:56:87:4f:0e:2f:d3: 03:a3:68:be:96:c5:ff:f7:82:11:08:70:54:6c:ad: 01:9a:50:7a:6d:59:97:93:6a:26:18:27:77:f5:20: a5:3f:ae:14:4f:d0:53:8b:45:e0:7c:1e:f4:d1:8f: 77:93:43:f3:d1:b2:a5:73:04:d8:30:c7:76:dd:d7: c0:58:30:99:8d:bc:a7:37:17:2e:42:08:e2:6e:b7: 87:0a:f2:63:ac:53:d8:fd:de:d6:02:06:c6:18:6e: 99:db:2d:07:3c:99:c8:02:ed:e1:85:00:28:f5:03: 29:ce:c0:1e:f8:72:3c:bd:42:07:d8:3a:dc:1b:6f: f8:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:4E:40:F3:3D:5E:1A:58:D4:55:00:CF:49:68:1A:F1:2A:D4:9C:4F X509v3 Authority Key Identifier: keyid:91:D0:C7:8C:30:9A:3E:99:DC:9A:B7:4F:2C:DC:04:84:85:9E:75:30 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kdDHjDCaPpncmrdPLNwEhIWedTA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7a:a5:62:6b:17:9d:fa:07:64:66:79:a4:f1:bb:c4:5c:1d:4a: b9:b5:9c:16:1b:37:0e:c9:e9:b2:1b:00:5d:be:d4:67:5f:40: 02:a7:8d:cb:8c:e3:1c:b9:2b:c4:cc:48:4b:7c:6b:62:82:67: 42:25:d8:28:6d:f7:23:da:7c:f2:9e:61:0e:58:64:9d:c9:d1: 1d:a6:47:49:19:53:d7:cf:62:d8:92:dd:39:0a:1a:6f:eb:5e: 8d:a9:50:e4:51:1a:8a:fd:c2:f0:21:a1:ad:97:4e:54:43:3f: f2:c7:ff:bb:76:99:53:71:c9:13:2d:3a:79:8f:d6:d4:13:22: 25:2f:11:9f:19:e0:52:7c:2a:59:04:0b:37:fd:8a:25:b3:c1: 0b:c8:ca:d7:9b:87:5b:b5:5c:29:7c:d1:9b:dc:1d:ba:ce:c1: 8d:ec:04:1c:45:06:60:62:30:cc:66:aa:2e:22:3a:d1:33:84: 13:bf:02:9d:da:a9:85:96:5e:a3:b5:ff:ab:78:b4:9f:6c:dd: 05:7b:61:92:a5:d9:39:7b:ac:58:e8:d2:42:c4:6b:aa:f9:49: 7a:8d:12:e9:1e:ff:46:39:07:cd:d5:8b:ef:01:be:3b:9f:d3: 35:fb:f1:cc:8d:b3:8b:b6:28:63:15:b8:11:76:0a:ca:35:b4: 88:9a:54:af -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryrVSrOV3aYs5SABQOuTc8MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkxZDBjNzhjMzA5YTNlOTlkYzlhYjc0ZjJjZGMwNDg0ODU5 ZTc1MzAwHhcNMjUxMjA2MDgwMDM2WhcNMjUxMjA3MDgwMDM2WjAzMTEwLwYDVQQD Eyg1ZDRlNDBmMzNkNWUxYTU4ZDQ1NTAwY2Y0OTY4MWFmMTJhZDQ5YzRmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlABtQZizMDaDLL96VUz51wmcKPI+ 9oJ3qkOxCDMoWgJmllCkSvyDDQFMRayvQCxI/8oXWV8XlSQvANyjHTImYWVsW1Pq Mrfv9VR/PjHBnqZYCp2d0prEUdFHhxDfvq8clmFBYARbfwapS8AOPVkIScJoEcja cNa+prM3JzrIprZWh08OL9MDo2i+lsX/94IRCHBUbK0BmlB6bVmXk2omGCd39SCl P64UT9BTi0XgfB700Y93k0Pz0bKlcwTYMMd23dfAWDCZjbynNxcuQgjibreHCvJj rFPY/d7WAgbGGG6Z2y0HPJnIAu3hhQAo9QMpzsAe+HI8vUIH2DrcG2/4CwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFF1OQPM9XhpY1FUAz0loGvEq1JxPMB8GA1UdIwQY MBaAFJHQx4wwmj6Z3Jq3TyzcBISFnnUwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva2RESGpEQ2FQcG5jbXJkUExOd0VoSVdlZFRBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS8yOTNhMmYtMzk5Ny00OTdmLTllZjEt NDg1MmM4ZmY4YWYyLzEva2RESGpEQ2FQcG5jbXJkUExOd0VoSVdlZFRBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zOS8yOTNhMmYtMzk5Ny00OTdmLTllZjEtNDg1MmM4ZmY4YWYy LzEva2RESGpEQ2FQcG5jbXJkUExOd0VoSVdlZFRBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeqViaxed +gdkZnmk8bvEXB1KubWcFhs3DsnpshsAXb7UZ19AAqeNy4zjHLkrxMxIS3xrYoJn QiXYKG33I9p88p5hDlhkncnRHaZHSRlT189i2JLdOQoab+tejalQ5FEaiv3C8CGh rZdOVEM/8sf/u3aZU3HJEy06eY/W1BMiJS8RnxngUnwqWQQLN/2KJbPBC8jK15uH W7VcKXzRm9wdus7BjewEHEUGYGIwzGaqLiI60TOEE78CndqphZZeo7X/q3i0n2zd BXthkqXZOXusWOjSQsRrqvlJeo0S6R7/RjkHzdWL7wG+O5/TNfvxzI2zi7YoYxW4 EXYKyjW0iJpUrw== -----END CERTIFICATE-----Generated at Sat Dec 6 12:46:51 2025 by rpki-client