This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/7a1b60-3aec-44dd-9662-365985409bfa/1/KLwbPQy41cqsOntK0XlF--9QWKU.mft File: KLwbPQy41cqsOntK0XlF--9QWKU.mft (raw, json) Hash identifier: ZFdtGxy/Jbt+M9r9yjirAmfuSIo/z16gVLk/S2Obqow= Subject key identifier: 30:6A:44:48:0D:AD:72:0C:E0:96:C5:12:06:DC:C2:31:FE:06:B5:64 Authority key identifier: 28:BC:1B:3D:0C:B8:D5:CA:AC:3A:7B:4A:D1:79:45:FB:EF:50:58:A5 Certificate issuer: /CN=28bc1b3d0cb8d5caac3a7b4ad17945fbef5058a5 Certificate serial: 019AF5782970D7E51C0308A075608F53A2B4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KLwbPQy41cqsOntK0XlF--9QWKU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/7a1b60-3aec-44dd-9662-365985409bfa/1/KLwbPQy41cqsOntK0XlF--9QWKU.mft Manifest number: 0372 Signing time: Sat 06 Dec 2025 21:01:24 +0000 Manifest this update: Sat 06 Dec 2025 21:01:24 +0000 Manifest next update: Sun 07 Dec 2025 21:01:24 +0000 Files and hashes: 1: KLwbPQy41cqsOntK0XlF--9QWKU.crl (hash: Mepr2ORDnUDXz8F5v8J+4AA3H2dx7w4YOzw+OBKlI5k=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/49/7a1b60-3aec-44dd-9662-365985409bfa/1/KLwbPQy41cqsOntK0XlF--9QWKU.crl rsync://rpki.ripe.net/repository/DEFAULT/49/7a1b60-3aec-44dd-9662-365985409bfa/1/KLwbPQy41cqsOntK0XlF--9QWKU.mft rsync://rpki.ripe.net/repository/DEFAULT/KLwbPQy41cqsOntK0XlF--9QWKU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 21:01:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:78:29:70:d7:e5:1c:03:08:a0:75:60:8f:53:a2:b4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=28bc1b3d0cb8d5caac3a7b4ad17945fbef5058a5 Validity Not Before: Dec 6 21:01:24 2025 GMT Not After : Dec 7 21:01:24 2025 GMT Subject: CN=306a44480dad720ce096c51206dcc231fe06b564 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:38:ad:7a:99:ad:bf:69:e2:7f:1d:cb:38:a2: d7:d4:aa:11:6b:dc:0b:7e:93:5b:be:5b:28:54:3a: 72:0e:85:93:34:c3:40:fa:a0:69:95:aa:c4:af:ca: 46:2a:82:38:09:a4:4d:bc:a6:04:40:ef:1b:46:71: ae:29:f1:80:d2:f1:21:67:ff:4c:93:cf:7d:08:16: f5:cd:cc:12:b0:87:79:2c:3e:05:24:02:f2:3e:bf: a0:ff:f0:42:8b:9b:bb:8d:85:ce:d8:10:d1:08:41: ba:08:ba:c5:9c:ed:23:58:f2:af:3f:f1:6b:78:f1: 84:4d:cc:c3:3b:35:7f:7a:0d:d7:0e:0e:69:5a:c4: b5:7b:38:39:33:c9:44:f6:37:ce:cc:df:4b:43:15: 93:73:c4:8e:9b:cf:2e:49:8a:bf:7f:e5:ab:69:e9: b4:f3:46:fe:d4:3b:e5:cd:49:84:d3:af:cc:af:d4: 84:bc:72:ac:8a:a7:1c:21:69:09:44:83:87:96:10: d1:49:c5:de:9f:25:89:84:c4:61:d1:a6:14:47:6e: 00:9a:ee:e6:31:d5:77:14:a3:ca:c1:9b:8d:08:e9: 6d:db:0e:8f:57:4d:75:49:68:15:84:35:35:f3:9d: 8b:4a:2a:5a:52:8b:a5:09:b5:c1:66:a8:6c:fe:47: c8:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 30:6A:44:48:0D:AD:72:0C:E0:96:C5:12:06:DC:C2:31:FE:06:B5:64 X509v3 Authority Key Identifier: keyid:28:BC:1B:3D:0C:B8:D5:CA:AC:3A:7B:4A:D1:79:45:FB:EF:50:58:A5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KLwbPQy41cqsOntK0XlF--9QWKU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/7a1b60-3aec-44dd-9662-365985409bfa/1/KLwbPQy41cqsOntK0XlF--9QWKU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/49/7a1b60-3aec-44dd-9662-365985409bfa/1/KLwbPQy41cqsOntK0XlF--9QWKU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8a:fd:69:65:97:06:84:68:3d:6e:09:57:6d:b7:f0:dc:3c:bf: 98:2d:94:57:fd:0a:b8:fd:4a:16:1f:c8:5b:ad:a2:04:af:04: 6c:0d:cf:8e:91:f7:88:03:6b:f6:f3:50:f8:92:5f:bd:7d:3c: e4:dd:f1:da:97:d1:f3:45:0f:92:ac:1f:26:59:cb:ff:10:a1: 72:b1:9b:df:d6:30:9f:29:f6:84:11:93:01:96:dd:ef:75:5f: 40:39:cb:1a:fb:b6:46:75:ca:5c:c7:4e:e5:51:e2:ec:96:6b: e8:20:a2:bf:37:27:dc:2b:d7:e4:79:e6:15:3f:25:ac:5c:b4: e8:c9:d2:22:03:bf:d5:3d:1d:b2:ce:f5:2f:dd:b5:86:67:fd: 45:00:94:8d:b1:f0:f0:da:7a:3a:f2:fc:0b:e7:9e:a6:83:e6: 36:21:09:14:47:2e:9e:09:c4:42:f4:f9:6f:0f:39:09:55:66: 61:4d:4c:a2:6f:d9:42:93:f5:84:6e:a1:85:9f:c7:74:2d:77: e5:50:d3:7f:2a:97:a6:72:04:a1:5e:b6:d1:ae:b5:dc:4e:4a: 58:69:65:41:19:09:4e:93:68:46:44:e2:d4:b3:f2:76:90:66: 4e:51:f9:54:c1:93:3e:9d:fb:d3:53:cc:5b:01:3e:e9:29:27: f3:d4:c3:41 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr1eClw1+UcAwigdWCPU6K0MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI4YmMxYjNkMGNiOGQ1Y2FhYzNhN2I0YWQxNzk0NWZiZWY1 MDU4YTUwHhcNMjUxMjA2MjEwMTI0WhcNMjUxMjA3MjEwMTI0WjAzMTEwLwYDVQQD EygzMDZhNDQ0ODBkYWQ3MjBjZTA5NmM1MTIwNmRjYzIzMWZlMDZiNTY0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArTitepmtv2nifx3LOKLX1KoRa9wL fpNbvlsoVDpyDoWTNMNA+qBplarEr8pGKoI4CaRNvKYEQO8bRnGuKfGA0vEhZ/9M k899CBb1zcwSsId5LD4FJALyPr+g//BCi5u7jYXO2BDRCEG6CLrFnO0jWPKvP/Fr ePGETczDOzV/eg3XDg5pWsS1ezg5M8lE9jfOzN9LQxWTc8SOm88uSYq/f+Wraem0 80b+1DvlzUmE06/Mr9SEvHKsiqccIWkJRIOHlhDRScXenyWJhMRh0aYUR24Amu7m MdV3FKPKwZuNCOlt2w6PV011SWgVhDU1852LSipaUoulCbXBZqhs/kfIZQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDBqREgNrXIM4JbFEgbcwjH+BrVkMB8GA1UdIwQY MBaAFCi8Gz0MuNXKrDp7StF5RfvvUFilMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS0x3YlBReTQxY3FzT250SzBYbEYtLTlRV0tVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS83YTFiNjAtM2FlYy00NGRkLTk2NjIt MzY1OTg1NDA5YmZhLzEvS0x3YlBReTQxY3FzT250SzBYbEYtLTlRV0tVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80OS83YTFiNjAtM2FlYy00NGRkLTk2NjItMzY1OTg1NDA5YmZh LzEvS0x3YlBReTQxY3FzT250SzBYbEYtLTlRV0tVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiv1pZZcG hGg9bglXbbfw3Dy/mC2UV/0KuP1KFh/IW62iBK8EbA3PjpH3iANr9vNQ+JJfvX08 5N3x2pfR80UPkqwfJlnL/xChcrGb39Ywnyn2hBGTAZbd73VfQDnLGvu2RnXKXMdO 5VHi7JZr6CCivzcn3CvX5HnmFT8lrFy06MnSIgO/1T0dss71L921hmf9RQCUjbHw 8Np6OvL8C+eepoPmNiEJFEcungnEQvT5bw85CVVmYU1Mom/ZQpP1hG6hhZ/HdC13 5VDTfyqXpnIEoV620a613E5KWGllQRkJTpNoRkTi1LPydpBmTlH5VMGTPp3701PM WwE+6Skn89TDQQ== -----END CERTIFICATE-----Generated at Sun Dec 7 01:54:05 2025 by rpki-client