This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/569574-441e-415b-803f-54bd649b4852/1/KhQFaUht0XjbWDoKHklt8iMYXTU.mft File: KhQFaUht0XjbWDoKHklt8iMYXTU.mft (raw, json) Hash identifier: 7RZ4gqUoMtT2PfcPG4+90STcr0yzLAjK33t2O9bUqMY= Subject key identifier: 3A:5A:26:78:53:80:DE:3F:40:5B:2D:21:09:80:4E:C2:CE:CC:3C:00 Authority key identifier: 2A:14:05:69:48:6D:D1:78:DB:58:3A:0A:1E:49:6D:F2:23:18:5D:35 Certificate issuer: /CN=2a140569486dd178db583a0a1e496df223185d35 Certificate serial: 019AF19AA917F65E2F3EFFA4EDFDBCB2647F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KhQFaUht0XjbWDoKHklt8iMYXTU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/569574-441e-415b-803f-54bd649b4852/1/KhQFaUht0XjbWDoKHklt8iMYXTU.mft Manifest number: 09A7 Signing time: Sat 06 Dec 2025 03:00:36 +0000 Manifest this update: Sat 06 Dec 2025 03:00:36 +0000 Manifest next update: Sun 07 Dec 2025 03:00:36 +0000 Files and hashes: 1: KhQFaUht0XjbWDoKHklt8iMYXTU.crl (hash: j8437WfhyvoFL66OVWkL0Kw4DEkj2X/ryx3vk+i43aQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/569574-441e-415b-803f-54bd649b4852/1/KhQFaUht0XjbWDoKHklt8iMYXTU.crl rsync://rpki.ripe.net/repository/DEFAULT/44/569574-441e-415b-803f-54bd649b4852/1/KhQFaUht0XjbWDoKHklt8iMYXTU.mft rsync://rpki.ripe.net/repository/DEFAULT/KhQFaUht0XjbWDoKHklt8iMYXTU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 03:00:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:9a:a9:17:f6:5e:2f:3e:ff:a4:ed:fd:bc:b2:64:7f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a140569486dd178db583a0a1e496df223185d35 Validity Not Before: Dec 6 03:00:36 2025 GMT Not After : Dec 7 03:00:36 2025 GMT Subject: CN=3a5a26785380de3f405b2d2109804ec2cecc3c00 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:3f:f7:1f:58:85:e5:c3:82:d4:c7:c9:e9:af: 14:fb:f7:fd:50:b4:cd:ca:ab:f7:d0:5b:7a:ea:03: bc:fe:ef:50:3a:6c:81:c7:2f:48:78:f2:43:fe:b8: 18:5d:6a:d0:a7:8a:ff:d5:a2:33:89:63:f8:26:2f: 19:14:3b:9f:09:cc:cf:1f:e5:02:7c:f4:01:04:c6: bd:4e:85:c5:a0:35:ad:d7:ec:d7:8a:d7:14:f3:24: a3:ee:a8:a8:e8:06:72:4d:e7:24:c4:f4:95:a5:28: 12:53:c2:5f:78:f6:01:ce:ba:30:5a:3c:54:3e:1b: ec:55:20:3f:3b:eb:03:42:47:99:78:36:f0:03:7e: bc:b0:12:ee:0a:9a:79:d7:d7:a1:91:62:12:30:45: 27:6c:88:2f:6e:07:ab:a0:0f:44:2b:09:0e:74:b1: fc:f7:51:0d:c8:98:fd:b9:18:b9:c6:57:15:47:20: e7:c3:60:a2:48:d9:9c:d8:9f:5c:82:5b:fe:d5:15: cc:c7:fc:4d:7b:f7:0f:b6:14:a8:f1:bf:c9:f4:c9: d8:46:e7:47:a7:7a:c7:5d:f6:b5:0f:b2:66:5f:97: 68:76:48:d0:2a:c0:9f:03:bb:2f:98:c9:ff:8e:31: e2:7b:50:15:e2:9e:cc:37:3e:47:b7:a0:a9:76:44: ac:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:5A:26:78:53:80:DE:3F:40:5B:2D:21:09:80:4E:C2:CE:CC:3C:00 X509v3 Authority Key Identifier: keyid:2A:14:05:69:48:6D:D1:78:DB:58:3A:0A:1E:49:6D:F2:23:18:5D:35 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KhQFaUht0XjbWDoKHklt8iMYXTU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/569574-441e-415b-803f-54bd649b4852/1/KhQFaUht0XjbWDoKHklt8iMYXTU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/44/569574-441e-415b-803f-54bd649b4852/1/KhQFaUht0XjbWDoKHklt8iMYXTU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2b:4e:8b:36:40:18:63:c8:11:17:90:1d:7d:5a:ed:0a:13:40: a4:a4:9e:6e:f2:a7:02:54:80:ea:d3:99:c6:0a:ac:d3:e7:68: 82:20:da:28:c3:40:33:68:3d:1b:64:5e:43:45:86:0e:50:28: 65:a7:c8:3e:48:f9:2d:e0:2b:10:7d:ca:8e:35:fd:08:50:da: ec:a4:40:4d:09:cb:a3:38:2b:af:18:ab:f4:5a:f2:53:76:e7: bb:cb:73:95:42:56:6f:fc:0f:d6:52:9c:53:47:e6:01:8c:cf: 22:0b:bb:cf:6a:8f:ca:f7:5b:fa:cc:19:71:1d:7a:0f:4c:31: 4b:bd:76:f2:0d:04:7f:b9:46:d8:63:8a:f4:31:c6:ad:61:68: e1:53:27:14:ef:90:76:04:ea:98:7f:e7:6c:32:67:dd:2c:70: 24:18:87:c4:61:83:7c:70:ac:8a:d3:60:b1:39:51:5d:57:21: 4f:9f:ae:01:01:91:41:d5:1d:39:14:67:17:8e:f6:84:ae:22: 20:84:cb:e5:7b:c8:42:7b:ab:ad:10:3e:df:fb:b0:b2:a5:3f: cc:f3:19:e5:50:38:18:b6:c2:28:74:34:e4:fe:31:3e:64:5d: b0:07:50:c5:d6:cb:ca:cf:3c:72:dc:18:73:01:a0:14:be:ec: 7d:5f:c3:39 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxmqkX9l4vPv+k7f28smR/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhMTQwNTY5NDg2ZGQxNzhkYjU4M2EwYTFlNDk2ZGYyMjMx ODVkMzUwHhcNMjUxMjA2MDMwMDM2WhcNMjUxMjA3MDMwMDM2WjAzMTEwLwYDVQQD EygzYTVhMjY3ODUzODBkZTNmNDA1YjJkMjEwOTgwNGVjMmNlY2MzYzAwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArT/3H1iF5cOC1MfJ6a8U+/f9ULTN yqv30Ft66gO8/u9QOmyBxy9IePJD/rgYXWrQp4r/1aIziWP4Ji8ZFDufCczPH+UC fPQBBMa9ToXFoDWt1+zXitcU8ySj7qio6AZyTeckxPSVpSgSU8JfePYBzrowWjxU PhvsVSA/O+sDQkeZeDbwA368sBLuCpp519ehkWISMEUnbIgvbgeroA9EKwkOdLH8 91ENyJj9uRi5xlcVRyDnw2CiSNmc2J9cglv+1RXMx/xNe/cPthSo8b/J9MnYRudH p3rHXfa1D7JmX5dodkjQKsCfA7svmMn/jjHie1AV4p7MNz5Ht6CpdkSsLQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDpaJnhTgN4/QFstIQmATsLOzDwAMB8GA1UdIwQY MBaAFCoUBWlIbdF421g6Ch5JbfIjGF01MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS2hRRmFVaHQwWGpiV0RvS0hrbHQ4aU1ZWFRVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC81Njk1NzQtNDQxZS00MTViLTgwM2Yt NTRiZDY0OWI0ODUyLzEvS2hRRmFVaHQwWGpiV0RvS0hrbHQ4aU1ZWFRVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80NC81Njk1NzQtNDQxZS00MTViLTgwM2YtNTRiZDY0OWI0ODUy LzEvS2hRRmFVaHQwWGpiV0RvS0hrbHQ4aU1ZWFRVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAK06LNkAY Y8gRF5AdfVrtChNApKSebvKnAlSA6tOZxgqs0+dogiDaKMNAM2g9G2ReQ0WGDlAo ZafIPkj5LeArEH3KjjX9CFDa7KRATQnLozgrrxir9FryU3bnu8tzlUJWb/wP1lKc U0fmAYzPIgu7z2qPyvdb+swZcR16D0wxS7128g0Ef7lG2GOK9DHGrWFo4VMnFO+Q dgTqmH/nbDJn3SxwJBiHxGGDfHCsitNgsTlRXVchT5+uAQGRQdUdORRnF472hK4i IITL5XvIQnurrRA+3/uwsqU/zPMZ5VA4GLbCKHQ05P4xPmRdsAdQxdbLys88ctwY cwGgFL7sfV/DOQ== -----END CERTIFICATE-----Generated at Sat Dec 6 11:12:47 2025 by rpki-client