This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/aa975c-b9b5-4651-bc5b-ba7956b0f2dd/1/KL69RlhhhHPtTIN2fFHejiM8MpI.mft File: KL69RlhhhHPtTIN2fFHejiM8MpI.mft (raw, json) Hash identifier: DJJs2n5BxLyz2oxYi1rsQZ55b5Y9ZgkFg26Wnsv+PV8= Subject key identifier: BC:99:D2:8B:30:A8:AD:EC:F8:E6:83:BC:D3:18:98:37:BA:0E:2A:42 Authority key identifier: 28:BE:BD:46:58:61:84:73:ED:4C:83:76:7C:51:DE:8E:23:3C:32:92 Certificate issuer: /CN=28bebd4658618473ed4c83767c51de8e233c3292 Certificate serial: 019B2E54CE8A1C7CADF2487485116B279367 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KL69RlhhhHPtTIN2fFHejiM8MpI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/aa975c-b9b5-4651-bc5b-ba7956b0f2dd/1/KL69RlhhhHPtTIN2fFHejiM8MpI.mft Manifest number: 10FE Signing time: Wed 17 Dec 2025 22:01:08 +0000 Manifest this update: Wed 17 Dec 2025 22:01:08 +0000 Manifest next update: Thu 18 Dec 2025 22:01:08 +0000 Files and hashes: 1: KL69RlhhhHPtTIN2fFHejiM8MpI.crl (hash: 9Gm7/vbgdOKM/ZhUvv6x+UlMaLDb7wG2bszgROf+kPs=) 2: jp-8lbUOvN6sUPZsTL-dh7MOVR8.roa (hash: /kMpoM5rzLA4Q5DdnfjuYEV0in2H+0XYtN+u4LENV/A=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/aa975c-b9b5-4651-bc5b-ba7956b0f2dd/1/KL69RlhhhHPtTIN2fFHejiM8MpI.crl rsync://rpki.ripe.net/repository/DEFAULT/4c/aa975c-b9b5-4651-bc5b-ba7956b0f2dd/1/KL69RlhhhHPtTIN2fFHejiM8MpI.mft rsync://rpki.ripe.net/repository/DEFAULT/KL69RlhhhHPtTIN2fFHejiM8MpI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 18 Dec 2025 19:00:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2e:54:ce:8a:1c:7c:ad:f2:48:74:85:11:6b:27:93:67 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=28bebd4658618473ed4c83767c51de8e233c3292 Validity Not Before: Dec 17 22:01:08 2025 GMT Not After : Dec 18 22:01:08 2025 GMT Subject: CN=bc99d28b30a8adecf8e683bcd3189837ba0e2a42 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:7d:5c:42:a0:e7:7c:1f:3e:6a:7e:91:42:70: 12:6d:76:bd:ff:92:ec:a8:65:8b:a8:70:f1:79:8d: 40:7c:80:b0:0f:43:2c:b8:a8:6c:11:9c:8c:5c:71: 3a:87:c3:e2:55:0f:b4:b4:89:13:02:71:e0:be:74: d2:6e:c3:d1:e6:0e:52:7b:96:28:6f:23:4e:8a:98: ca:4b:2d:3b:59:12:c0:98:be:31:64:9c:34:00:5f: b6:37:ff:fb:92:ee:a8:fb:0c:48:91:2a:6c:72:dc: b6:e0:11:b0:de:55:24:13:dc:25:80:bf:29:4e:24: ef:89:12:ac:f2:f9:ac:32:2f:72:29:13:c9:f1:68: 6e:d5:64:12:d3:5d:8b:5d:dd:fc:8f:32:e4:4a:b7: d4:16:c5:8e:82:91:3d:ac:91:d7:b3:63:c4:5b:64: 5f:c1:5c:3d:44:3d:ab:fa:3d:00:64:ef:a5:3a:f3: 39:a5:ea:19:65:b2:e5:19:a6:3d:18:fd:7b:c2:06: 55:52:c0:37:df:98:4c:aa:29:db:08:59:81:71:f6: f0:49:c7:08:f5:40:4c:17:e1:12:42:71:16:a5:74: 01:97:c4:0c:6c:b5:83:45:56:55:2f:77:44:a4:91: ff:0d:31:5b:71:91:26:a6:de:c1:d4:91:bb:63:a4: 04:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BC:99:D2:8B:30:A8:AD:EC:F8:E6:83:BC:D3:18:98:37:BA:0E:2A:42 X509v3 Authority Key Identifier: keyid:28:BE:BD:46:58:61:84:73:ED:4C:83:76:7C:51:DE:8E:23:3C:32:92 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KL69RlhhhHPtTIN2fFHejiM8MpI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/aa975c-b9b5-4651-bc5b-ba7956b0f2dd/1/KL69RlhhhHPtTIN2fFHejiM8MpI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/aa975c-b9b5-4651-bc5b-ba7956b0f2dd/1/KL69RlhhhHPtTIN2fFHejiM8MpI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 92:b9:be:c5:25:6d:57:7e:a5:3d:bb:98:32:01:57:2b:b3:ff: 8e:74:09:b2:3c:b7:99:d4:25:91:91:a2:65:23:3b:6b:bb:dc: 7f:53:96:2e:b0:3f:62:af:71:60:16:8f:a7:ff:95:76:41:e7: 64:cc:c3:08:30:0d:c9:00:95:a8:a3:1d:50:54:a3:d8:36:df: 3f:8b:88:1c:f4:fd:6f:db:28:3a:0d:aa:00:af:d5:8f:71:bf: a2:13:07:9a:84:9c:c4:7b:73:73:ff:9c:7f:70:fd:af:44:31: d3:fd:b1:3e:82:9e:1b:a7:df:6d:46:c4:11:d1:56:40:b5:70: 96:55:7c:8b:10:9d:e9:a0:5a:82:92:09:5a:a1:ee:32:ac:54: 50:a1:d5:ff:2f:83:59:65:18:db:d6:f0:a2:f0:43:7a:7f:89: 91:44:75:a8:2c:a4:b3:15:55:2d:0d:2e:a5:2f:19:ce:8a:aa: 59:b3:e6:f6:e6:8e:14:be:20:71:af:39:61:8d:18:39:23:3b: 76:54:99:ea:23:5a:2b:76:fe:61:52:84:26:df:76:89:a6:7b: 89:6a:e5:20:87:08:b2:f1:ce:f6:73:34:e8:28:1e:df:9e:2e: 75:b2:a3:d3:4c:5e:30:1f:c5:ef:a8:f4:67:a1:21:cd:1d:a3: 38:2c:b0:39 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsuVM6KHHyt8kh0hRFrJ5NnMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI4YmViZDQ2NTg2MTg0NzNlZDRjODM3NjdjNTFkZThlMjMz YzMyOTIwHhcNMjUxMjE3MjIwMTA4WhcNMjUxMjE4MjIwMTA4WjAzMTEwLwYDVQQD EyhiYzk5ZDI4YjMwYThhZGVjZjhlNjgzYmNkMzE4OTgzN2JhMGUyYTQyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5X1cQqDnfB8+an6RQnASbXa9/5Ls qGWLqHDxeY1AfICwD0MsuKhsEZyMXHE6h8PiVQ+0tIkTAnHgvnTSbsPR5g5Se5Yo byNOipjKSy07WRLAmL4xZJw0AF+2N//7ku6o+wxIkSpscty24BGw3lUkE9wlgL8p TiTviRKs8vmsMi9yKRPJ8Whu1WQS012LXd38jzLkSrfUFsWOgpE9rJHXs2PEW2Rf wVw9RD2r+j0AZO+lOvM5peoZZbLlGaY9GP17wgZVUsA335hMqinbCFmBcfbwSccI 9UBMF+ESQnEWpXQBl8QMbLWDRVZVL3dEpJH/DTFbcZEmpt7B1JG7Y6QE+wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLyZ0oswqK3s+OaDvNMYmDe6DipCMB8GA1UdIwQY MBaAFCi+vUZYYYRz7UyDdnxR3o4jPDKSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS0w2OVJsaGhoSFB0VElOMmZGSGVqaU04TXBJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy9hYTk3NWMtYjliNS00NjUxLWJjNWIt YmE3OTU2YjBmMmRkLzEvS0w2OVJsaGhoSFB0VElOMmZGSGVqaU04TXBJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Yy9hYTk3NWMtYjliNS00NjUxLWJjNWItYmE3OTU2YjBmMmRk LzEvS0w2OVJsaGhoSFB0VElOMmZGSGVqaU04TXBJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkrm+xSVt V36lPbuYMgFXK7P/jnQJsjy3mdQlkZGiZSM7a7vcf1OWLrA/Yq9xYBaPp/+VdkHn ZMzDCDANyQCVqKMdUFSj2DbfP4uIHPT9b9soOg2qAK/Vj3G/ohMHmoScxHtzc/+c f3D9r0Qx0/2xPoKeG6ffbUbEEdFWQLVwllV8ixCd6aBagpIJWqHuMqxUUKHV/y+D WWUY29bwovBDen+JkUR1qCyksxVVLQ0upS8ZzoqqWbPm9uaOFL4gca85YY0YOSM7 dlSZ6iNaK3b+YVKEJt92iaZ7iWrlIIcIsvHO9nM06Cge354udbKj00xeMB/F76j0 Z6EhzR2jOCywOQ== -----END CERTIFICATE-----Generated at Thu Dec 18 05:46:53 2025 by rpki-client