This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/f0a611-f6f4-40f7-8628-72e99ee4766d/1/Km9uXKXbQ3eec6znzhbs4O55R5k.mft File: Km9uXKXbQ3eec6znzhbs4O55R5k.mft (raw, json) Hash identifier: iGy0znGcFih2/mzeE94bfYdYGwHuelrcRtvviotDrLI= Subject key identifier: 49:60:0E:C5:A8:F8:A7:7E:14:F7:1D:D1:54:CE:BB:04:21:5D:08:6F Authority key identifier: 2A:6F:6E:5C:A5:DB:43:77:9E:73:AC:E7:CE:16:EC:E0:EE:79:47:99 Certificate issuer: /CN=2a6f6e5ca5db43779e73ace7ce16ece0ee794799 Certificate serial: 019AF16481287DCC26D04BE00CD5C2E70B1E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Km9uXKXbQ3eec6znzhbs4O55R5k.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/f0a611-f6f4-40f7-8628-72e99ee4766d/1/Km9uXKXbQ3eec6znzhbs4O55R5k.mft Manifest number: 05E3 Signing time: Sat 06 Dec 2025 02:01:26 +0000 Manifest this update: Sat 06 Dec 2025 02:01:26 +0000 Manifest next update: Sun 07 Dec 2025 02:01:26 +0000 Files and hashes: 1: Km9uXKXbQ3eec6znzhbs4O55R5k.crl (hash: ZU0VmsfsoYpzWH3uIsiehYwrJuyHZqiYI1GyoZz1t9o=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/f0a611-f6f4-40f7-8628-72e99ee4766d/1/Km9uXKXbQ3eec6znzhbs4O55R5k.crl rsync://rpki.ripe.net/repository/DEFAULT/51/f0a611-f6f4-40f7-8628-72e99ee4766d/1/Km9uXKXbQ3eec6znzhbs4O55R5k.mft rsync://rpki.ripe.net/repository/DEFAULT/Km9uXKXbQ3eec6znzhbs4O55R5k.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:64:81:28:7d:cc:26:d0:4b:e0:0c:d5:c2:e7:0b:1e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a6f6e5ca5db43779e73ace7ce16ece0ee794799 Validity Not Before: Dec 6 02:01:26 2025 GMT Not After : Dec 7 02:01:26 2025 GMT Subject: CN=49600ec5a8f8a77e14f71dd154cebb04215d086f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:ca:53:38:06:c3:d8:8a:6e:7a:e9:43:8f:72: bf:34:17:4c:c9:74:dc:b5:ae:c0:44:67:d5:b5:65: fe:0f:26:86:a8:14:89:14:45:f9:73:a0:f9:92:76: 75:36:f0:a6:8d:63:d3:b8:6b:28:46:aa:f5:30:05: 99:7b:4f:aa:a9:de:10:da:7e:62:70:ab:7d:0a:c0: 2a:34:59:2e:c5:5d:30:97:fa:ac:a5:91:2a:df:60: 8e:34:1a:01:24:16:3e:ea:c7:3d:26:9f:4e:df:29: 56:bc:7b:21:25:db:89:56:57:89:4f:d4:69:04:0e: 4c:2b:a4:9f:4d:94:88:4a:05:ed:c9:dc:81:33:09: 4b:06:7d:53:6f:bc:15:d1:d9:ec:fb:28:37:4d:7d: b3:d2:88:98:b8:3f:a3:d1:b4:88:e6:ca:b1:3b:4c: 1d:47:be:51:c1:5d:14:e6:4f:66:34:60:e3:b6:1d: 1c:6a:99:c7:39:e3:18:71:c4:8a:19:bc:72:94:90: 71:9d:d9:92:4a:d1:22:04:d6:b4:4c:ec:b8:e6:7a: b6:8c:ff:ca:94:bc:05:86:1a:7d:ad:2e:1b:60:55: 2d:b3:f4:72:a1:e9:31:00:bb:48:be:7a:d0:f0:1f: 47:a9:92:05:b4:39:33:7d:47:b8:71:79:13:fb:c5: ff:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 49:60:0E:C5:A8:F8:A7:7E:14:F7:1D:D1:54:CE:BB:04:21:5D:08:6F X509v3 Authority Key Identifier: keyid:2A:6F:6E:5C:A5:DB:43:77:9E:73:AC:E7:CE:16:EC:E0:EE:79:47:99 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Km9uXKXbQ3eec6znzhbs4O55R5k.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/f0a611-f6f4-40f7-8628-72e99ee4766d/1/Km9uXKXbQ3eec6znzhbs4O55R5k.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/51/f0a611-f6f4-40f7-8628-72e99ee4766d/1/Km9uXKXbQ3eec6znzhbs4O55R5k.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 36:12:3b:d0:e3:cb:e3:a2:23:4e:b6:6c:49:c0:73:3d:33:96: 54:4d:8f:b1:2d:bb:3a:f9:40:19:5b:c7:72:f6:8b:59:35:18: ee:7e:f5:35:b6:65:29:74:2a:ac:25:0b:74:4c:da:0f:59:e1: 6e:7f:6d:68:e9:f3:2d:56:85:69:e9:df:2c:d4:de:8f:02:7f: 41:fd:b0:67:4c:20:9d:87:45:d7:5b:f0:c3:dd:58:af:1f:ff: c2:06:50:d7:8d:01:61:5c:22:bd:5b:1a:1c:c8:73:01:c2:fc: ea:2e:67:e7:c5:8d:0a:ac:18:1d:15:f1:1d:c3:27:60:bb:fa: 4a:6b:07:af:7b:c9:ff:34:00:54:83:a6:76:81:dc:66:ab:6f: 2d:cf:5a:b1:2c:2f:42:e3:8c:96:31:cf:ad:5b:9c:94:62:4f: 6b:db:fb:c9:93:6f:90:71:58:c6:6f:b6:aa:1e:5b:57:08:4f: 5f:83:25:13:38:7d:f4:ca:89:29:5c:a1:e4:65:f6:2a:10:5e: 7f:40:69:93:b9:72:96:89:be:86:33:4b:19:bf:01:15:61:c7: fe:8c:74:8e:05:29:f4:97:60:2b:ba:0e:23:d5:8e:0c:3a:9d: d2:f3:ca:27:e1:83:42:79:cc:00:47:dd:46:1b:fb:fd:a8:2a: e6:56:94:d6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxZIEofcwm0EvgDNXC5wseMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhNmY2ZTVjYTVkYjQzNzc5ZTczYWNlN2NlMTZlY2UwZWU3 OTQ3OTkwHhcNMjUxMjA2MDIwMTI2WhcNMjUxMjA3MDIwMTI2WjAzMTEwLwYDVQQD Eyg0OTYwMGVjNWE4ZjhhNzdlMTRmNzFkZDE1NGNlYmIwNDIxNWQwODZmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr8pTOAbD2IpueulDj3K/NBdMyXTc ta7ARGfVtWX+DyaGqBSJFEX5c6D5knZ1NvCmjWPTuGsoRqr1MAWZe0+qqd4Q2n5i cKt9CsAqNFkuxV0wl/qspZEq32CONBoBJBY+6sc9Jp9O3ylWvHshJduJVleJT9Rp BA5MK6SfTZSISgXtydyBMwlLBn1Tb7wV0dns+yg3TX2z0oiYuD+j0bSI5sqxO0wd R75RwV0U5k9mNGDjth0capnHOeMYccSKGbxylJBxndmSStEiBNa0TOy45nq2jP/K lLwFhhp9rS4bYFUts/RyoekxALtIvnrQ8B9HqZIFtDkzfUe4cXkT+8X/1wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFElgDsWo+Kd+FPcd0VTOuwQhXQhvMB8GA1UdIwQY MBaAFCpvblyl20N3nnOs584W7ODueUeZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS205dVhLWGJRM2VlYzZ6bnpoYnM0TzU1UjVrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9mMGE2MTEtZjZmNC00MGY3LTg2Mjgt NzJlOTllZTQ3NjZkLzEvS205dVhLWGJRM2VlYzZ6bnpoYnM0TzU1UjVrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81MS9mMGE2MTEtZjZmNC00MGY3LTg2MjgtNzJlOTllZTQ3NjZk LzEvS205dVhLWGJRM2VlYzZ6bnpoYnM0TzU1UjVrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANhI70OPL 46IjTrZsScBzPTOWVE2PsS27OvlAGVvHcvaLWTUY7n71NbZlKXQqrCULdEzaD1nh bn9taOnzLVaFaenfLNTejwJ/Qf2wZ0wgnYdF11vww91Yrx//wgZQ140BYVwivVsa HMhzAcL86i5n58WNCqwYHRXxHcMnYLv6SmsHr3vJ/zQAVIOmdoHcZqtvLc9asSwv QuOMljHPrVuclGJPa9v7yZNvkHFYxm+2qh5bVwhPX4MlEzh99MqJKVyh5GX2KhBe f0Bpk7lylom+hjNLGb8BFWHH/ox0jgUp9JdgK7oOI9WODDqd0vPKJ+GDQnnMAEfd Rhv7/agq5laU1g== -----END CERTIFICATE-----Generated at Sat Dec 6 08:22:35 2025 by rpki-client