This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.mft File: kHpNEpJLU1fjAmev48XMc2QkEVg.mft (raw, json) Hash identifier: smePy1jYtG8yvtiUnLOZRJiatUha+/n4LfeZy4dtyc0= Subject key identifier: 9A:01:46:7F:EA:B5:ED:E9:D7:3F:EE:2E:40:7A:EC:83:31:C2:41:A7 Authority key identifier: 90:7A:4D:12:92:4B:53:57:E3:02:67:AF:E3:C5:CC:73:64:24:11:58 Certificate issuer: /CN=907a4d12924b5357e30267afe3c5cc7364241158 Certificate serial: 019AF31C91675430DC229BDC5DA1FDB2AAC4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kHpNEpJLU1fjAmev48XMc2QkEVg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.mft Manifest number: 1177 Signing time: Sat 06 Dec 2025 10:02:06 +0000 Manifest this update: Sat 06 Dec 2025 10:02:06 +0000 Manifest next update: Sun 07 Dec 2025 10:02:06 +0000 Files and hashes: 1: kHpNEpJLU1fjAmev48XMc2QkEVg.crl (hash: cJ7uieWpu/0MJhTlhiGZVp4qARdgJvJj1Di9AmKtv08=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.crl rsync://rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.mft rsync://rpki.ripe.net/repository/DEFAULT/kHpNEpJLU1fjAmev48XMc2QkEVg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 10:02:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1c:91:67:54:30:dc:22:9b:dc:5d:a1:fd:b2:aa:c4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=907a4d12924b5357e30267afe3c5cc7364241158 Validity Not Before: Dec 6 10:02:06 2025 GMT Not After : Dec 7 10:02:06 2025 GMT Subject: CN=9a01467feab5ede9d73fee2e407aec8331c241a7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:65:f7:9f:b6:da:cc:22:1e:df:ed:ef:35:6a: 28:bb:63:97:4d:f4:1d:0c:66:11:2c:69:64:16:69: 4c:94:17:9b:63:db:70:54:74:f3:27:7d:a7:3d:2f: 37:e5:84:77:a7:4e:56:79:6c:12:52:80:3f:c1:a1: e0:79:58:01:71:af:fa:a9:7a:8a:e2:36:19:f1:9e: b4:9a:7e:aa:2e:77:a8:06:bd:70:eb:b4:f5:8e:7a: 64:2f:24:7a:5a:cf:7c:eb:ea:ed:56:63:80:6a:7c: e3:eb:64:16:2a:81:20:9b:5f:b1:55:8c:11:ff:ef: 0f:d5:30:a3:21:c9:7c:08:7f:33:a8:d3:c5:cc:5b: 9b:a9:c5:42:db:cc:0d:71:52:0d:3f:ea:c6:00:93: fc:e4:b1:4b:dd:a2:27:8d:e2:9f:e6:4c:c3:ad:bd: eb:fb:29:24:f9:31:04:6d:39:2a:fe:ad:e0:a1:7c: 72:05:27:a7:4a:25:35:6d:16:5c:ad:08:a1:46:a9: 91:13:dc:b2:6b:b8:e1:eb:6f:31:70:3b:f7:43:ad: d9:f0:82:ca:7b:fd:92:5c:cc:55:27:5e:04:04:17: 75:2c:d0:15:19:bc:cb:dc:61:25:6c:b5:02:59:71: cc:c8:c8:4d:10:3e:8d:57:7b:cb:5a:61:d2:e3:60: bf:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9A:01:46:7F:EA:B5:ED:E9:D7:3F:EE:2E:40:7A:EC:83:31:C2:41:A7 X509v3 Authority Key Identifier: keyid:90:7A:4D:12:92:4B:53:57:E3:02:67:AF:E3:C5:CC:73:64:24:11:58 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kHpNEpJLU1fjAmev48XMc2QkEVg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/aef44f-cbdf-4120-84f1-621a2bb40c66/1/kHpNEpJLU1fjAmev48XMc2QkEVg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 34:38:16:ad:60:7a:ba:45:8c:a8:f7:67:f6:00:1c:39:0d:d4: a6:5c:08:66:4c:b5:4e:1d:20:8e:6f:af:7a:42:9f:02:0c:83: a3:4b:b9:ef:a5:56:78:82:95:f5:d7:ea:0c:ac:f3:9e:99:61: 6a:71:c5:0d:e5:3f:25:d4:89:02:ce:c3:a4:32:a6:7b:8f:b5: b0:0c:9e:7e:ec:29:c0:23:18:af:d2:b5:ae:c1:7c:4d:87:66: a0:6e:19:72:01:ee:4f:6f:bc:7a:b2:c3:3b:45:a9:2c:95:08: 05:6a:32:ff:44:03:8e:2e:1c:b2:54:b6:0e:fd:bb:d3:bc:73: 1a:98:94:bd:c2:37:e3:1e:a1:84:11:38:3b:b4:13:e6:ab:fb: 27:da:ed:d0:f1:ee:a5:91:7d:76:49:f4:50:6e:f8:ec:7e:4f: 0e:90:fd:ea:84:de:c3:d6:56:fd:7e:37:fa:5e:dc:c0:1f:f5: b3:fe:ab:53:58:c5:14:3e:bb:50:33:b1:45:34:13:4f:f1:0d: f5:84:b9:20:41:8a:ea:80:ca:c5:f9:07:cc:19:61:14:7b:90: 99:c1:12:48:a4:09:f1:e6:24:e3:16:14:5c:ed:12:7c:aa:f5: a4:bc:09:17:12:86:dd:a0:57:f4:10:20:0f:4b:86:10:d8:84: fa:c4:24:71 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzHJFnVDDcIpvcXaH9sqrEMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkwN2E0ZDEyOTI0YjUzNTdlMzAyNjdhZmUzYzVjYzczNjQy NDExNTgwHhcNMjUxMjA2MTAwMjA2WhcNMjUxMjA3MTAwMjA2WjAzMTEwLwYDVQQD Eyg5YTAxNDY3ZmVhYjVlZGU5ZDczZmVlMmU0MDdhZWM4MzMxYzI0MWE3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz2X3n7bazCIe3+3vNWoou2OXTfQd DGYRLGlkFmlMlBebY9twVHTzJ32nPS835YR3p05WeWwSUoA/waHgeVgBca/6qXqK 4jYZ8Z60mn6qLneoBr1w67T1jnpkLyR6Ws986+rtVmOAanzj62QWKoEgm1+xVYwR /+8P1TCjIcl8CH8zqNPFzFubqcVC28wNcVINP+rGAJP85LFL3aInjeKf5kzDrb3r +ykk+TEEbTkq/q3goXxyBSenSiU1bRZcrQihRqmRE9yya7jh628xcDv3Q63Z8ILK e/2SXMxVJ14EBBd1LNAVGbzL3GElbLUCWXHMyMhNED6NV3vLWmHS42C/+wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJoBRn/qte3p1z/uLkB67IMxwkGnMB8GA1UdIwQY MBaAFJB6TRKSS1NX4wJnr+PFzHNkJBFYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva0hwTkVwSkxVMWZqQW1ldjQ4WE1jMlFrRVZnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9hZWY0NGYtY2JkZi00MTIwLTg0ZjEt NjIxYTJiYjQwYzY2LzEva0hwTkVwSkxVMWZqQW1ldjQ4WE1jMlFrRVZnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81YS9hZWY0NGYtY2JkZi00MTIwLTg0ZjEtNjIxYTJiYjQwYzY2 LzEva0hwTkVwSkxVMWZqQW1ldjQ4WE1jMlFrRVZnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANDgWrWB6 ukWMqPdn9gAcOQ3UplwIZky1Th0gjm+vekKfAgyDo0u576VWeIKV9dfqDKzznplh anHFDeU/JdSJAs7DpDKme4+1sAyefuwpwCMYr9K1rsF8TYdmoG4ZcgHuT2+8erLD O0WpLJUIBWoy/0QDji4cslS2Dv2707xzGpiUvcI34x6hhBE4O7QT5qv7J9rt0PHu pZF9dkn0UG747H5PDpD96oTew9ZW/X43+l7cwB/1s/6rU1jFFD67UDOxRTQTT/EN 9YS5IEGK6oDKxfkHzBlhFHuQmcESSKQJ8eYk4xYUXO0SfKr1pLwJFxKG3aBX9BAg D0uGENiE+sQkcQ== -----END CERTIFICATE-----Generated at Sat Dec 6 15:56:20 2025 by rpki-client