This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.mft File: kpbYTmTVXsgSR2-4BvD-daCL-ys.mft (raw, json) Hash identifier: jCEFtMm3dykbX63A9q29sSDNfg2Hp0ssbK4QEvySAwI= Subject key identifier: 49:99:1C:36:F4:37:EF:90:5A:C4:D7:91:0C:6C:CC:30:BC:72:4E:F2 Authority key identifier: 92:96:D8:4E:64:D5:5E:C8:12:47:6F:B8:06:F0:FE:75:A0:8B:FB:2B Certificate issuer: /CN=9296d84e64d55ec812476fb806f0fe75a08bfb2b Certificate serial: 019AF31B2C20D740C00CE858DA79AD5C32A5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kpbYTmTVXsgSR2-4BvD-daCL-ys.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.mft Manifest number: 1763 Signing time: Sat 06 Dec 2025 10:00:35 +0000 Manifest this update: Sat 06 Dec 2025 10:00:35 +0000 Manifest next update: Sun 07 Dec 2025 10:00:35 +0000 Files and hashes: 1: kpbYTmTVXsgSR2-4BvD-daCL-ys.crl (hash: XhzfYxRZq3paHrhXuuREJ7FamSNG7sTwezFA5pCG+gI=) 2: r4bjJ2cCOInhIlG1f9hIdTm3g6M.roa (hash: aZToxg96BEY8Qvj4uVJxCXKyOgQmRt2zg6OKjNY/eQ0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.crl rsync://rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.mft rsync://rpki.ripe.net/repository/DEFAULT/kpbYTmTVXsgSR2-4BvD-daCL-ys.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1b:2c:20:d7:40:c0:0c:e8:58:da:79:ad:5c:32:a5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9296d84e64d55ec812476fb806f0fe75a08bfb2b Validity Not Before: Dec 6 10:00:35 2025 GMT Not After : Dec 7 10:00:35 2025 GMT Subject: CN=49991c36f437ef905ac4d7910c6ccc30bc724ef2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:93:db:43:49:38:f6:8b:f9:e7:8d:e3:2b:74:78: a9:a3:c3:5a:e7:f6:e7:ef:f0:63:8c:2e:1f:71:06: 24:73:09:00:84:d5:cc:35:e0:44:93:72:d7:1d:58: cc:a8:2a:a7:f1:c3:db:04:36:cb:49:aa:05:67:3a: d7:a4:b3:a4:d6:f5:b8:f5:86:29:7e:62:6b:92:39: 82:4d:49:7a:fd:ed:6e:a1:d5:5a:ad:62:54:75:78: 5d:22:bd:6c:2f:f3:f8:61:99:6d:e0:70:5b:83:8f: e1:5b:22:24:be:c7:42:fa:55:ae:c3:ca:85:4e:cd: a5:7d:9e:f9:78:ca:ec:6e:29:9e:1f:27:0f:e2:5c: 12:99:bf:b7:c6:d7:c6:ae:34:cb:ca:27:20:dc:af: 8e:29:ea:82:97:d7:5a:0d:d3:fb:3a:b5:e9:a0:84: 2b:c5:f5:81:1b:78:c6:e0:6a:7d:48:08:d3:af:82: a9:82:01:56:91:d3:ef:84:b0:6c:fa:51:1a:56:31: 8c:7f:c3:c8:d8:63:9e:4c:79:4d:8c:89:f4:16:d4: 9e:6c:ef:4d:50:08:b1:b0:82:bb:f2:cd:cf:25:f1: 2b:8c:e1:f4:a2:b8:1c:68:0a:4c:cf:9a:48:96:e6: 1c:df:fc:f1:07:03:c6:00:42:be:9c:e7:4c:e6:91: 29:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 49:99:1C:36:F4:37:EF:90:5A:C4:D7:91:0C:6C:CC:30:BC:72:4E:F2 X509v3 Authority Key Identifier: keyid:92:96:D8:4E:64:D5:5E:C8:12:47:6F:B8:06:F0:FE:75:A0:8B:FB:2B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kpbYTmTVXsgSR2-4BvD-daCL-ys.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 60:e1:ff:cc:2a:78:36:5a:4a:e3:ab:9b:bd:6b:7e:2e:80:85: 8a:d3:55:02:d6:f4:e2:13:32:b4:73:f8:57:d0:68:0b:11:db: a7:e1:8d:27:5b:de:28:dc:ef:b0:c4:ea:38:bf:c9:88:7d:b1: ef:f1:2c:ff:0d:e4:71:cf:66:c4:95:2c:21:b2:5a:10:c3:cc: e5:1a:1b:d3:c1:fe:f0:34:d6:70:e9:8c:7e:ef:60:98:cd:20: 1e:d6:ef:0c:16:7d:02:32:a6:0d:8d:11:0f:85:be:ae:55:c7: b2:61:dc:35:9f:6d:10:bf:85:a3:58:84:e0:3c:15:97:34:42: 90:fd:8a:7f:64:cb:f7:05:d6:e7:75:62:cc:1e:63:7b:df:26: d8:cb:9b:d3:8c:b6:1b:38:71:f1:e7:44:91:e9:ab:6f:b5:fd: 0c:0c:72:56:76:ae:c0:65:09:93:d8:f5:4a:36:1b:a0:63:41: ef:4f:7c:97:c7:06:d7:0f:ce:65:38:2a:c3:6b:66:88:c3:ba: 96:45:65:ac:84:cc:01:4a:22:5a:33:64:bc:d2:b5:63:f6:fe: 70:5e:f3:5b:1d:24:bf:58:96:8d:7c:e2:1d:0e:8e:68:16:f9: e2:82:42:07:79:21:c6:09:29:08:75:96:f8:92:63:c2:24:ae: 34:32:9f:49 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzGywg10DADOhY2nmtXDKlMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkyOTZkODRlNjRkNTVlYzgxMjQ3NmZiODA2ZjBmZTc1YTA4 YmZiMmIwHhcNMjUxMjA2MTAwMDM1WhcNMjUxMjA3MTAwMDM1WjAzMTEwLwYDVQQD Eyg0OTk5MWMzNmY0MzdlZjkwNWFjNGQ3OTEwYzZjY2MzMGJjNzI0ZWYyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk9tDSTj2i/nnjeMrdHipo8Na5/bn 7/BjjC4fcQYkcwkAhNXMNeBEk3LXHVjMqCqn8cPbBDbLSaoFZzrXpLOk1vW49YYp fmJrkjmCTUl6/e1uodVarWJUdXhdIr1sL/P4YZlt4HBbg4/hWyIkvsdC+lWuw8qF Ts2lfZ75eMrsbimeHycP4lwSmb+3xtfGrjTLyicg3K+OKeqCl9daDdP7OrXpoIQr xfWBG3jG4Gp9SAjTr4KpggFWkdPvhLBs+lEaVjGMf8PI2GOeTHlNjIn0FtSebO9N UAixsIK78s3PJfErjOH0orgcaApMz5pIluYc3/zxBwPGAEK+nOdM5pEpbwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFEmZHDb0N++QWsTXkQxszDC8ck7yMB8GA1UdIwQY MBaAFJKW2E5k1V7IEkdvuAbw/nWgi/srMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva3BiWVRtVFZYc2dTUjItNEJ2RC1kYUNMLXlzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9hNTRlYjEtMzNkZS00MDFmLTkzNWEt ZjM0OTI4NDUwOWI3LzEva3BiWVRtVFZYc2dTUjItNEJ2RC1kYUNMLXlzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81My9hNTRlYjEtMzNkZS00MDFmLTkzNWEtZjM0OTI4NDUwOWI3 LzEva3BiWVRtVFZYc2dTUjItNEJ2RC1kYUNMLXlzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYOH/zCp4 NlpK46ubvWt+LoCFitNVAtb04hMytHP4V9BoCxHbp+GNJ1veKNzvsMTqOL/JiH2x 7/Es/w3kcc9mxJUsIbJaEMPM5Rob08H+8DTWcOmMfu9gmM0gHtbvDBZ9AjKmDY0R D4W+rlXHsmHcNZ9tEL+Fo1iE4DwVlzRCkP2Kf2TL9wXW53VizB5je98m2Mub04y2 Gzhx8edEkemrb7X9DAxyVnauwGUJk9j1SjYboGNB7098l8cG1w/OZTgqw2tmiMO6 lkVlrITMAUoiWjNkvNK1Y/b+cF7zWx0kv1iWjXziHQ6OaBb54oJCB3khxgkpCHWW +JJjwiSuNDKfSQ== -----END CERTIFICATE-----Generated at Sat Dec 6 13:49:29 2025 by rpki-client