This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/c90a34-0afd-49b9-bbd6-a297c1408085/1/KCA97NCL1H2KkWKm4XQvPFPqPHQ.mft File: KCA97NCL1H2KkWKm4XQvPFPqPHQ.mft (raw, json) Hash identifier: iTueq0iFp5lm8jZFg2TrUw7P26WvilFCAvnL75+Y2fE= Subject key identifier: 15:45:8F:83:24:5E:8C:D5:C2:1F:F3:E0:B8:40:FF:3E:EF:95:AF:94 Authority key identifier: 28:20:3D:EC:D0:8B:D4:7D:8A:91:62:A6:E1:74:2F:3C:53:EA:3C:74 Certificate issuer: /CN=28203decd08bd47d8a9162a6e1742f3c53ea3c74 Certificate serial: 019AF31CB56FD4D43DBCD99D1C33526A5527 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KCA97NCL1H2KkWKm4XQvPFPqPHQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/c90a34-0afd-49b9-bbd6-a297c1408085/1/KCA97NCL1H2KkWKm4XQvPFPqPHQ.mft Manifest number: 09DF Signing time: Sat 06 Dec 2025 10:02:16 +0000 Manifest this update: Sat 06 Dec 2025 10:02:16 +0000 Manifest next update: Sun 07 Dec 2025 10:02:16 +0000 Files and hashes: 1: Ep5Q_paEMkoQ8JMNVQev_VtcdmY.roa (hash: Bu1EiGDnBTDp8uoDAPAoyCI9ib5FJjnia2bO4NVERCs=) 2: KCA97NCL1H2KkWKm4XQvPFPqPHQ.crl (hash: el9s+95PCQriXzDmRAukK7ncEN76UWxOfcAEM5Wi2aE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/c90a34-0afd-49b9-bbd6-a297c1408085/1/KCA97NCL1H2KkWKm4XQvPFPqPHQ.crl rsync://rpki.ripe.net/repository/DEFAULT/4e/c90a34-0afd-49b9-bbd6-a297c1408085/1/KCA97NCL1H2KkWKm4XQvPFPqPHQ.mft rsync://rpki.ripe.net/repository/DEFAULT/KCA97NCL1H2KkWKm4XQvPFPqPHQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1c:b5:6f:d4:d4:3d:bc:d9:9d:1c:33:52:6a:55:27 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=28203decd08bd47d8a9162a6e1742f3c53ea3c74 Validity Not Before: Dec 6 10:02:16 2025 GMT Not After : Dec 7 10:02:16 2025 GMT Subject: CN=15458f83245e8cd5c21ff3e0b840ff3eef95af94 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:02:77:b3:b1:26:52:c9:c8:e0:2a:80:19:04: 39:1f:a1:fd:ca:c3:30:da:8e:f7:60:09:63:3d:06: 8a:b1:63:b0:40:b0:de:8d:68:63:e5:4d:5f:4c:8e: db:9b:a1:04:98:99:d3:99:f2:01:f8:cd:91:fd:06: 7a:02:59:6b:4f:4e:23:3b:55:07:ce:6c:f1:df:69: 79:d5:b8:f2:85:30:dd:32:d3:8d:fa:15:72:8c:22: 8d:c4:9d:10:1d:4c:57:92:f0:f9:33:1e:7d:76:81: f1:ed:8b:56:fa:ec:77:43:29:0f:a3:fe:ed:4c:cb: e0:13:c0:6e:59:16:cb:93:37:79:35:a3:b6:3c:99: fd:97:59:5f:70:e8:31:67:f2:f5:c6:4c:ed:a6:c7: 24:26:a5:59:62:93:fb:5e:68:71:14:70:32:6b:61: 4f:f8:70:25:e9:cd:43:ce:72:9f:0c:78:81:dd:5b: d9:a6:f4:4b:2b:a7:1c:6a:1b:fa:65:c8:4a:dd:0f: 74:ac:63:96:c0:cf:57:24:d7:e3:a0:10:24:65:3a: 08:d2:cc:3e:2b:18:c7:d9:9b:25:4c:df:c6:ba:71: 3a:b0:17:41:9a:c8:2e:c0:92:63:d4:ab:cf:31:a2: 15:6b:a5:cb:52:ee:25:1f:3b:31:8a:3c:51:4b:ea: 13:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 15:45:8F:83:24:5E:8C:D5:C2:1F:F3:E0:B8:40:FF:3E:EF:95:AF:94 X509v3 Authority Key Identifier: keyid:28:20:3D:EC:D0:8B:D4:7D:8A:91:62:A6:E1:74:2F:3C:53:EA:3C:74 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KCA97NCL1H2KkWKm4XQvPFPqPHQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c90a34-0afd-49b9-bbd6-a297c1408085/1/KCA97NCL1H2KkWKm4XQvPFPqPHQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c90a34-0afd-49b9-bbd6-a297c1408085/1/KCA97NCL1H2KkWKm4XQvPFPqPHQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a4:f3:8d:2c:de:bc:3a:33:ce:25:74:db:76:e7:b7:d8:e2:9b: f3:3d:b5:98:c9:e7:36:01:09:66:68:a0:28:2f:8e:00:28:8a: 56:a4:c8:9f:44:38:d8:cb:3a:64:a0:00:96:b5:c0:04:b3:de: 5a:0d:fc:6e:57:ae:a3:b4:53:91:57:52:38:83:ae:33:d5:c0: fe:ba:55:55:22:5a:d5:16:eb:62:63:28:33:55:52:a0:d1:0f: 4a:25:e0:89:13:92:db:00:f9:99:ca:ab:27:5c:23:46:b4:ee: 35:90:fe:25:b8:89:70:03:37:55:0a:05:74:45:21:f6:c7:eb: 09:39:49:6d:df:63:ca:21:80:42:f5:7a:ad:b7:c8:47:3a:0a: 2f:01:db:02:d6:1b:8c:54:d4:38:0b:56:35:b7:a9:0e:24:c2: 88:12:5d:f8:e2:fe:08:5c:07:c3:33:b2:c0:19:b8:85:be:1e: 59:b6:76:b7:2d:66:da:c9:54:34:00:6c:de:36:ed:fe:84:48: 0c:74:7a:dc:ab:c4:69:7a:9a:de:9c:5c:a8:c7:27:04:3e:8c: ac:b8:b9:87:64:85:b5:18:d4:72:4d:69:82:57:3d:09:b9:4c: 05:6e:07:05:7a:3c:a3:da:96:45:3b:18:19:90:7e:29:09:01: 10:11:e6:72 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzHLVv1NQ9vNmdHDNSalUnMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI4MjAzZGVjZDA4YmQ0N2Q4YTkxNjJhNmUxNzQyZjNjNTNl YTNjNzQwHhcNMjUxMjA2MTAwMjE2WhcNMjUxMjA3MTAwMjE2WjAzMTEwLwYDVQQD EygxNTQ1OGY4MzI0NWU4Y2Q1YzIxZmYzZTBiODQwZmYzZWVmOTVhZjk0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyAJ3s7EmUsnI4CqAGQQ5H6H9ysMw 2o73YAljPQaKsWOwQLDejWhj5U1fTI7bm6EEmJnTmfIB+M2R/QZ6AllrT04jO1UH zmzx32l51bjyhTDdMtON+hVyjCKNxJ0QHUxXkvD5Mx59doHx7YtW+ux3QykPo/7t TMvgE8BuWRbLkzd5NaO2PJn9l1lfcOgxZ/L1xkztpsckJqVZYpP7XmhxFHAya2FP +HAl6c1DznKfDHiB3VvZpvRLK6ccahv6ZchK3Q90rGOWwM9XJNfjoBAkZToI0sw+ KxjH2ZslTN/GunE6sBdBmsguwJJj1KvPMaIVa6XLUu4lHzsxijxRS+oTRwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBVFj4MkXozVwh/z4LhA/z7vla+UMB8GA1UdIwQY MBaAFCggPezQi9R9ipFipuF0LzxT6jx0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS0NBOTdOQ0wxSDJLa1dLbTRYUXZQRlBxUEhRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9jOTBhMzQtMGFmZC00OWI5LWJiZDYt YTI5N2MxNDA4MDg1LzEvS0NBOTdOQ0wxSDJLa1dLbTRYUXZQRlBxUEhRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80ZS9jOTBhMzQtMGFmZC00OWI5LWJiZDYtYTI5N2MxNDA4MDg1 LzEvS0NBOTdOQ0wxSDJLa1dLbTRYUXZQRlBxUEhRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApPONLN68 OjPOJXTbdue32OKb8z21mMnnNgEJZmigKC+OACiKVqTIn0Q42Ms6ZKAAlrXABLPe Wg38bleuo7RTkVdSOIOuM9XA/rpVVSJa1RbrYmMoM1VSoNEPSiXgiROS2wD5mcqr J1wjRrTuNZD+JbiJcAM3VQoFdEUh9sfrCTlJbd9jyiGAQvV6rbfIRzoKLwHbAtYb jFTUOAtWNbepDiTCiBJd+OL+CFwHwzOywBm4hb4eWbZ2ty1m2slUNABs3jbt/oRI DHR63KvEaXqa3pxcqMcnBD6MrLi5h2SFtRjUck1pglc9CblMBW4HBXo8o9qWRTsY GZB+KQkBEBHmcg== -----END CERTIFICATE-----Generated at Sat Dec 6 12:34:51 2025 by rpki-client