This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/1b6624-8441-4d01-96e3-601812ef428b/1/kCGOgBpTJZXptxxkNoTqBflr9fM.mft File: kCGOgBpTJZXptxxkNoTqBflr9fM.mft (raw, json) Hash identifier: IUheSQvBGa2BrLiYvI6JsNdSG7MgD01cv3ekRF1pR+8= Subject key identifier: D7:BB:DC:B2:48:DD:A2:14:62:9A:32:4A:09:3F:99:AC:D0:EC:B1:69 Authority key identifier: 90:21:8E:80:1A:53:25:95:E9:B7:1C:64:36:84:EA:05:F9:6B:F5:F3 Certificate issuer: /CN=90218e801a532595e9b71c643684ea05f96bf5f3 Certificate serial: 019AF49C755842CB154493A266AC91FDACF7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kCGOgBpTJZXptxxkNoTqBflr9fM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/1b6624-8441-4d01-96e3-601812ef428b/1/kCGOgBpTJZXptxxkNoTqBflr9fM.mft Manifest number: 04C7 Signing time: Sat 06 Dec 2025 17:01:25 +0000 Manifest this update: Sat 06 Dec 2025 17:01:25 +0000 Manifest next update: Sun 07 Dec 2025 17:01:25 +0000 Files and hashes: 1: kCGOgBpTJZXptxxkNoTqBflr9fM.crl (hash: BOmKwgsfHjSR1f5TQjantQAqdeGUGIWAzIU17OpYHdg=) 2: wO4tKRWBwJAF_Ti9XP-8yjRZuUU.roa (hash: G7Rk/RipLXF/QPRugyDtoGfESmr50WO1Zig00oPYW14=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3f/1b6624-8441-4d01-96e3-601812ef428b/1/kCGOgBpTJZXptxxkNoTqBflr9fM.crl rsync://rpki.ripe.net/repository/DEFAULT/3f/1b6624-8441-4d01-96e3-601812ef428b/1/kCGOgBpTJZXptxxkNoTqBflr9fM.mft rsync://rpki.ripe.net/repository/DEFAULT/kCGOgBpTJZXptxxkNoTqBflr9fM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 17:01:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f4:9c:75:58:42:cb:15:44:93:a2:66:ac:91:fd:ac:f7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=90218e801a532595e9b71c643684ea05f96bf5f3 Validity Not Before: Dec 6 17:01:25 2025 GMT Not After : Dec 7 17:01:25 2025 GMT Subject: CN=d7bbdcb248dda214629a324a093f99acd0ecb169 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:e1:7a:02:ad:1b:d2:2b:50:c1:b9:97:9b:66: 9b:b8:b6:8e:67:73:57:57:29:1f:15:f1:b7:f6:b0: c2:e9:fd:aa:6e:57:ce:8a:aa:6d:db:95:f7:07:08: fc:7c:4b:37:2c:e9:7f:c9:99:31:b5:be:60:ed:54: ad:1e:ab:b4:fc:2d:39:ec:f6:dd:61:49:aa:6b:ec: f1:00:8f:88:a8:af:d8:2a:8b:58:6e:ab:e4:01:c4: f9:78:4a:76:25:73:2c:cf:17:c1:51:d8:db:9e:47: 05:13:ce:99:71:31:16:d9:4d:3c:34:1a:d7:3b:b2: e5:51:df:94:ad:f9:a0:c3:bc:13:89:8f:a1:0f:13: 6a:0b:ac:b4:6f:eb:f6:15:f5:f6:4e:3c:55:08:fa: 06:05:2f:ab:53:9c:bc:bd:41:98:4e:c6:4f:d7:b2: 22:21:4f:ad:5f:67:a7:d5:e3:47:7b:7d:30:5e:be: 01:c7:0d:ee:fd:53:37:68:4d:67:07:4f:36:88:8c: e6:96:03:f5:45:0e:e2:7d:dc:1b:c5:70:15:0e:fd: bf:d7:ee:83:35:1c:76:42:00:95:1d:bd:c5:c9:5b: 77:9c:5d:13:85:1d:e4:9e:63:bd:bc:93:af:f8:6c: 43:27:8d:71:6e:fc:8f:92:2b:a6:69:c4:8f:70:1f: 48:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D7:BB:DC:B2:48:DD:A2:14:62:9A:32:4A:09:3F:99:AC:D0:EC:B1:69 X509v3 Authority Key Identifier: keyid:90:21:8E:80:1A:53:25:95:E9:B7:1C:64:36:84:EA:05:F9:6B:F5:F3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kCGOgBpTJZXptxxkNoTqBflr9fM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/1b6624-8441-4d01-96e3-601812ef428b/1/kCGOgBpTJZXptxxkNoTqBflr9fM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/1b6624-8441-4d01-96e3-601812ef428b/1/kCGOgBpTJZXptxxkNoTqBflr9fM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption bc:77:59:05:f2:fc:d6:16:37:85:5e:bb:f5:53:3c:a6:b0:41: 6b:49:7e:0b:a4:a5:92:18:e2:9b:dc:b0:22:dc:16:05:a5:75: df:bf:7c:73:93:cb:4b:1b:a1:4c:5a:8c:58:a7:3b:ca:7f:99: 8c:eb:b2:4a:c5:39:ba:bd:4d:68:f0:06:13:09:04:88:b7:a5: bf:b3:2d:55:e1:c5:08:e2:f4:f1:34:97:9f:9e:23:d2:0a:d8: be:e8:9a:d5:25:3d:d0:58:c5:80:fd:41:67:8d:42:db:33:5b: 29:a5:a6:83:b6:22:40:25:fc:a1:0f:67:0c:da:ee:43:e7:11: 04:f1:fc:73:fc:24:3e:be:a3:d7:45:b6:23:c9:8e:41:9a:bc: df:64:42:ac:50:7b:fc:bb:81:78:a5:3a:32:ab:d2:fe:20:b6: fa:6d:ca:f8:85:4d:4f:98:2b:a5:c3:4a:8a:be:27:33:3f:00: 95:8c:b0:e7:67:96:30:9e:bb:59:19:18:0c:62:e1:6d:d4:34: 1c:f1:c5:ec:59:34:2b:a1:4d:60:0d:c0:4c:3c:e6:c6:0d:15: f8:0e:4a:32:62:9f:1b:b2:4b:e3:22:e7:6f:ad:66:6d:a6:8f: 3c:0d:3d:2e:73:dc:43:e3:c4:37:a6:09:5a:63:50:7a:24:ca: 90:28:3e:b2 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr0nHVYQssVRJOiZqyR/az3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkwMjE4ZTgwMWE1MzI1OTVlOWI3MWM2NDM2ODRlYTA1Zjk2 YmY1ZjMwHhcNMjUxMjA2MTcwMTI1WhcNMjUxMjA3MTcwMTI1WjAzMTEwLwYDVQQD EyhkN2JiZGNiMjQ4ZGRhMjE0NjI5YTMyNGEwOTNmOTlhY2QwZWNiMTY5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqOF6Aq0b0itQwbmXm2abuLaOZ3NX VykfFfG39rDC6f2qblfOiqpt25X3Bwj8fEs3LOl/yZkxtb5g7VStHqu0/C057Pbd YUmqa+zxAI+IqK/YKotYbqvkAcT5eEp2JXMszxfBUdjbnkcFE86ZcTEW2U08NBrX O7LlUd+Urfmgw7wTiY+hDxNqC6y0b+v2FfX2TjxVCPoGBS+rU5y8vUGYTsZP17Ii IU+tX2en1eNHe30wXr4Bxw3u/VM3aE1nB082iIzmlgP1RQ7ifdwbxXAVDv2/1+6D NRx2QgCVHb3FyVt3nF0ThR3knmO9vJOv+GxDJ41xbvyPkiumacSPcB9I7QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNe73LJI3aIUYpoySgk/mazQ7LFpMB8GA1UdIwQY MBaAFJAhjoAaUyWV6bccZDaE6gX5a/XzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva0NHT2dCcFRKWlhwdHh4a05vVHFCZmxyOWZNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8xYjY2MjQtODQ0MS00ZDAxLTk2ZTMt NjAxODEyZWY0MjhiLzEva0NHT2dCcFRKWlhwdHh4a05vVHFCZmxyOWZNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zZi8xYjY2MjQtODQ0MS00ZDAxLTk2ZTMtNjAxODEyZWY0Mjhi LzEva0NHT2dCcFRKWlhwdHh4a05vVHFCZmxyOWZNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAvHdZBfL8 1hY3hV679VM8prBBa0l+C6Slkhjim9ywItwWBaV13798c5PLSxuhTFqMWKc7yn+Z jOuySsU5ur1NaPAGEwkEiLelv7MtVeHFCOL08TSXn54j0grYvuia1SU90FjFgP1B Z41C2zNbKaWmg7YiQCX8oQ9nDNruQ+cRBPH8c/wkPr6j10W2I8mOQZq832RCrFB7 /LuBeKU6MqvS/iC2+m3K+IVNT5grpcNKir4nMz8AlYyw52eWMJ67WRkYDGLhbdQ0 HPHF7Fk0K6FNYA3ATDzmxg0V+A5KMmKfG7JL4yLnb61mbaaPPA09LnPcQ+PEN6YJ WmNQeiTKkCg+sg== -----END CERTIFICATE-----Generated at Sun Dec 7 01:33:23 2025 by rpki-client