This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.mft File: KYXMQ9gGohtjMwIZ62OLsbpJroA.mft (raw, json) Hash identifier: SgvToggqQYHooN5DHOpwjaBW8+y4Z9bRI/CRExYZ63o= Subject key identifier: DC:EA:95:D8:BB:BB:DA:C2:AE:A7:D7:5D:25:2D:86:8B:C5:38:B2:E3 Authority key identifier: 29:85:CC:43:D8:06:A2:1B:63:33:02:19:EB:63:8B:B1:BA:49:AE:80 Certificate issuer: /CN=2985cc43d806a21b63330219eb638bb1ba49ae80 Certificate serial: 019B3C103A6F11D488808361F8003F3E21DA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KYXMQ9gGohtjMwIZ62OLsbpJroA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.mft Manifest number: 0571 Signing time: Sat 20 Dec 2025 14:00:54 +0000 Manifest this update: Sat 20 Dec 2025 14:00:54 +0000 Manifest next update: Sun 21 Dec 2025 14:00:54 +0000 Files and hashes: 1: 2Erepc7c7P1VRx_bLNiYu7weRzk.roa (hash: k2SMyfwtPMsgu8pAJX36t6HmVMk0LqM07DF6s7B27wo=) 2: KYXMQ9gGohtjMwIZ62OLsbpJroA.crl (hash: r7f5GlQEII0VlKfAFSsHRH4YMPF8TNl/Wug3JSx4oKE=) 3: L_UMuGgef__KCIxYo719-pYnMY0.roa (hash: qQUOKChy81kdhWvOW3DW3K7T6hbp7d9kPXUCB0/Qv9Q=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.crl rsync://rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.mft rsync://rpki.ripe.net/repository/DEFAULT/KYXMQ9gGohtjMwIZ62OLsbpJroA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 14:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3c:10:3a:6f:11:d4:88:80:83:61:f8:00:3f:3e:21:da Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2985cc43d806a21b63330219eb638bb1ba49ae80 Validity Not Before: Dec 20 14:00:54 2025 GMT Not After : Dec 21 14:00:54 2025 GMT Subject: CN=dcea95d8bbbbdac2aea7d75d252d868bc538b2e3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:c5:23:31:ea:3f:28:fc:6a:02:93:42:d7:57: a5:6d:60:9e:3e:a0:c8:12:ba:2e:c7:20:e7:3c:a6: 33:95:cb:d5:69:07:e7:08:ab:cb:99:13:63:f4:71: 6e:87:8c:a8:d6:ec:fb:89:73:b0:a9:1a:fe:2f:f9: 09:ed:74:f9:b1:28:f4:2b:c5:6a:c8:b8:9d:af:fb: 3b:3a:ca:01:6a:88:a4:18:c6:0b:c6:b5:58:81:5c: d5:72:c6:00:6b:e3:96:74:5a:fc:0d:a0:b6:44:64: 9c:a0:7d:6c:b2:43:d4:67:2e:18:3b:33:05:08:39: ec:22:44:ea:8c:8d:b5:66:75:dc:92:2e:5d:d3:cd: 0e:5c:32:48:97:81:01:00:e8:72:22:fe:5a:07:36: 04:31:36:04:74:80:51:ef:45:f7:0f:6b:7c:49:c9: 3f:d4:70:b9:87:79:f0:b8:00:cb:4b:ba:c8:54:97: 18:f5:dd:e0:b7:d2:7b:d7:71:2b:31:03:52:f6:d5: 34:d9:14:10:34:05:98:3e:8d:4d:0c:4e:0b:b8:8f: 7d:b3:32:7f:63:2b:32:90:da:37:b2:3f:0e:93:18: 91:dc:ed:7c:73:cc:39:58:67:73:9e:1a:b6:53:67: 55:ec:44:f5:37:3d:0e:4c:d7:79:b7:cd:b8:37:82: f6:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:EA:95:D8:BB:BB:DA:C2:AE:A7:D7:5D:25:2D:86:8B:C5:38:B2:E3 X509v3 Authority Key Identifier: keyid:29:85:CC:43:D8:06:A2:1B:63:33:02:19:EB:63:8B:B1:BA:49:AE:80 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KYXMQ9gGohtjMwIZ62OLsbpJroA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/57/f3fef4-45da-4b43-98c2-4df8840efb17/1/KYXMQ9gGohtjMwIZ62OLsbpJroA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9c:d8:6a:fd:09:ea:d0:13:8a:95:86:5a:aa:6a:ac:75:21:1b: 80:ce:eb:ef:ab:f7:a4:63:13:c3:5b:8f:d4:18:2f:a2:19:42: 9f:9f:dd:18:3f:59:5d:bd:b2:f4:db:9a:bd:ed:25:c7:bf:15: fd:d0:5c:66:47:3d:69:d3:80:cf:40:64:ef:f0:50:25:92:8c: 85:79:a1:52:35:3b:5c:78:bf:1d:d1:72:73:ac:b9:22:37:9d: d6:5f:5f:84:f4:78:f6:90:63:b9:bf:e9:32:1a:b3:24:bb:28: a0:9f:e1:b2:71:2a:26:77:43:d8:28:b3:8d:f4:c3:fe:f6:6d: cb:20:c5:48:ce:06:fc:52:91:4c:dd:e9:4e:f9:59:b3:51:2e: 75:41:4a:57:62:32:69:52:06:6d:ff:22:2a:7f:dd:88:80:d7: 49:b5:10:b9:8b:e5:4c:7e:bd:73:f3:20:50:9e:85:b0:b0:9c: 3a:42:47:fb:49:6a:dc:d0:b8:5a:d7:5b:87:17:0d:f3:40:ae: db:47:ed:b6:7a:6b:d1:b2:50:17:f3:f5:90:e4:50:28:bd:0a: 0e:fe:04:09:67:9b:e4:44:9e:2f:df:a4:37:aa:39:f8:9e:21: 80:c7:84:a1:5b:b0:d0:5c:3b:00:7d:b3:eb:88:b1:e6:b3:36: 6e:21:58:14 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs8EDpvEdSIgINh+AA/PiHaMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI5ODVjYzQzZDgwNmEyMWI2MzMzMDIxOWViNjM4YmIxYmE0 OWFlODAwHhcNMjUxMjIwMTQwMDU0WhcNMjUxMjIxMTQwMDU0WjAzMTEwLwYDVQQD EyhkY2VhOTVkOGJiYmJkYWMyYWVhN2Q3NWQyNTJkODY4YmM1MzhiMmUzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwMUjMeo/KPxqApNC11elbWCePqDI ErouxyDnPKYzlcvVaQfnCKvLmRNj9HFuh4yo1uz7iXOwqRr+L/kJ7XT5sSj0K8Vq yLidr/s7OsoBaoikGMYLxrVYgVzVcsYAa+OWdFr8DaC2RGScoH1sskPUZy4YOzMF CDnsIkTqjI21ZnXcki5d080OXDJIl4EBAOhyIv5aBzYEMTYEdIBR70X3D2t8Sck/ 1HC5h3nwuADLS7rIVJcY9d3gt9J713ErMQNS9tU02RQQNAWYPo1NDE4LuI99szJ/ YysykNo3sj8OkxiR3O18c8w5WGdznhq2U2dV7ET1Nz0OTNd5t824N4L24wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNzqldi7u9rCrqfXXSUthovFOLLjMB8GA1UdIwQY MBaAFCmFzEPYBqIbYzMCGetji7G6Sa6AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS1lYTVE5Z0dvaHRqTXdJWjYyT0xzYnBKcm9BLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9mM2ZlZjQtNDVkYS00YjQzLTk4YzIt NGRmODg0MGVmYjE3LzEvS1lYTVE5Z0dvaHRqTXdJWjYyT0xzYnBKcm9BLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Ny9mM2ZlZjQtNDVkYS00YjQzLTk4YzItNGRmODg0MGVmYjE3 LzEvS1lYTVE5Z0dvaHRqTXdJWjYyT0xzYnBKcm9BLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnNhq/Qnq 0BOKlYZaqmqsdSEbgM7r76v3pGMTw1uP1BgvohlCn5/dGD9ZXb2y9Nuave0lx78V /dBcZkc9adOAz0Bk7/BQJZKMhXmhUjU7XHi/HdFyc6y5Ijed1l9fhPR49pBjub/p MhqzJLsooJ/hsnEqJndD2CizjfTD/vZtyyDFSM4G/FKRTN3pTvlZs1EudUFKV2Iy aVIGbf8iKn/diIDXSbUQuYvlTH69c/MgUJ6FsLCcOkJH+0lq3NC4WtdbhxcN80Cu 20fttnpr0bJQF/P1kORQKL0KDv4ECWeb5ESeL9+kN6o5+J4hgMeEoVuw0Fw7AH2z 64ix5rM2biFYFA== -----END CERTIFICATE-----Generated at Sat Dec 20 22:16:25 2025 by rpki-client