This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/41a443-ee2b-4646-ba68-aab6c8ba5bd4/1/KHtQElUXlEJ0oUa7rNZOaRog-gY.mft File: KHtQElUXlEJ0oUa7rNZOaRog-gY.mft (raw, json) Hash identifier: sS0GegVjEskyQf69uMHGksiDt715Mxd1ETj2M4n5gyo= Subject key identifier: 35:1E:9B:FB:3A:A7:0E:0D:57:21:B5:CA:91:D8:63:58:51:81:A6:5D Authority key identifier: 28:7B:50:12:55:17:94:42:74:A1:46:BB:AC:D6:4E:69:1A:20:FA:06 Certificate issuer: /CN=287b50125517944274a146bbacd64e691a20fa06 Certificate serial: 019AF5098F3BABAE5FB368CBE561354863D3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KHtQElUXlEJ0oUa7rNZOaRog-gY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/41a443-ee2b-4646-ba68-aab6c8ba5bd4/1/KHtQElUXlEJ0oUa7rNZOaRog-gY.mft Manifest number: 100D Signing time: Sat 06 Dec 2025 19:00:35 +0000 Manifest this update: Sat 06 Dec 2025 19:00:35 +0000 Manifest next update: Sun 07 Dec 2025 19:00:35 +0000 Files and hashes: 1: KHtQElUXlEJ0oUa7rNZOaRog-gY.crl (hash: nOHY5cGfh70hJi04II3j2Lnm8pwCrIHBuJSl2aMMoow=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/60/41a443-ee2b-4646-ba68-aab6c8ba5bd4/1/KHtQElUXlEJ0oUa7rNZOaRog-gY.crl rsync://rpki.ripe.net/repository/DEFAULT/60/41a443-ee2b-4646-ba68-aab6c8ba5bd4/1/KHtQElUXlEJ0oUa7rNZOaRog-gY.mft rsync://rpki.ripe.net/repository/DEFAULT/KHtQElUXlEJ0oUa7rNZOaRog-gY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 19:00:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:09:8f:3b:ab:ae:5f:b3:68:cb:e5:61:35:48:63:d3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=287b50125517944274a146bbacd64e691a20fa06 Validity Not Before: Dec 6 19:00:35 2025 GMT Not After : Dec 7 19:00:35 2025 GMT Subject: CN=351e9bfb3aa70e0d5721b5ca91d863585181a65d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:87:03:28:eb:ca:c4:85:a3:ff:b1:7f:f6:21: b2:1c:01:71:0a:84:c0:14:13:e1:c0:d7:80:5c:bf: 4e:2b:96:98:64:1f:73:de:4c:ae:3c:94:33:a0:e5: a5:2e:6e:8b:97:e6:89:b5:09:d9:59:c4:52:3c:00: e7:b4:9e:ff:0d:f1:fb:4c:2d:0a:33:f1:b9:c0:ae: 13:08:e9:32:96:a6:b9:96:53:c2:ae:9b:9f:6a:54: b8:d3:ae:9e:8f:d0:33:b1:7b:d6:ea:aa:22:6f:66: c4:81:36:01:57:bb:e3:96:70:07:9a:36:96:91:ca: 10:51:1a:d9:4a:8c:c6:63:59:63:dc:f7:ce:a3:36: c8:c6:38:c3:1d:be:11:12:b4:b8:fe:0f:b1:91:e0: 6c:8a:6a:b6:0d:45:62:ca:a3:95:e7:e9:d5:82:88: 78:eb:23:17:7f:7f:79:af:d7:2e:2a:fe:8d:63:14: fc:06:75:00:06:8a:9e:27:aa:ab:06:2a:8c:9e:e8: 10:b7:3f:b9:3b:bb:55:67:ae:84:8e:50:67:41:40: d6:a1:aa:d2:f3:80:14:0d:19:e4:e6:cc:46:d4:73: 48:e6:75:8f:f5:79:87:60:1a:26:0f:0f:f8:d7:fa: 8f:a1:dc:e6:49:8f:07:5b:2f:65:b6:6c:a0:bd:c0: 00:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:1E:9B:FB:3A:A7:0E:0D:57:21:B5:CA:91:D8:63:58:51:81:A6:5D X509v3 Authority Key Identifier: keyid:28:7B:50:12:55:17:94:42:74:A1:46:BB:AC:D6:4E:69:1A:20:FA:06 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KHtQElUXlEJ0oUa7rNZOaRog-gY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/41a443-ee2b-4646-ba68-aab6c8ba5bd4/1/KHtQElUXlEJ0oUa7rNZOaRog-gY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/60/41a443-ee2b-4646-ba68-aab6c8ba5bd4/1/KHtQElUXlEJ0oUa7rNZOaRog-gY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 48:5d:dd:96:53:2a:2f:1f:08:cf:f6:15:a1:31:1d:71:4c:9b: 15:34:fa:89:06:f0:26:ef:d9:87:1b:6f:d0:1f:ff:1e:37:c0: ce:53:d5:20:0c:96:f6:f0:33:6f:05:ff:3c:e8:76:37:d9:82: 9c:fd:a5:ad:0e:dc:a3:70:3d:48:b5:08:16:f8:00:fd:bf:9d: 57:ae:04:59:b3:82:c2:80:f1:6f:40:7d:bc:6f:55:2e:ef:d9: f7:58:28:a4:e7:03:09:b9:64:bf:f5:d1:1b:68:0f:f6:88:47: 88:f8:fa:62:4c:57:f4:24:32:be:62:49:fb:71:54:bf:26:7b: a5:44:4d:c6:c1:16:c7:ca:c4:7d:c3:6c:20:1c:37:ad:77:c3: 57:c9:90:98:fd:d0:b5:67:b3:0c:0c:e2:05:f5:74:e2:a0:45: 91:cc:ae:9b:63:af:ac:c7:77:8a:5d:4e:35:b4:26:c9:0f:8a: 6d:ed:5d:3f:dc:93:2c:ff:0f:ca:e0:ee:49:1c:18:07:a9:02: a7:57:20:a4:db:19:b3:d0:b7:8f:5c:f4:1e:4f:1c:06:3e:e4: d5:20:ef:7c:54:24:7a:5a:ce:d6:b5:83:a6:64:c0:ae:6e:31: b4:e6:ac:93:a5:1b:c0:69:61:b3:88:56:da:97:70:2e:f2:db: e5:53:5c:be -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr1CY87q65fs2jL5WE1SGPTMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI4N2I1MDEyNTUxNzk0NDI3NGExNDZiYmFjZDY0ZTY5MWEy MGZhMDYwHhcNMjUxMjA2MTkwMDM1WhcNMjUxMjA3MTkwMDM1WjAzMTEwLwYDVQQD EygzNTFlOWJmYjNhYTcwZTBkNTcyMWI1Y2E5MWQ4NjM1ODUxODFhNjVkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq4cDKOvKxIWj/7F/9iGyHAFxCoTA FBPhwNeAXL9OK5aYZB9z3kyuPJQzoOWlLm6Ll+aJtQnZWcRSPADntJ7/DfH7TC0K M/G5wK4TCOkylqa5llPCrpufalS4066ej9AzsXvW6qoib2bEgTYBV7vjlnAHmjaW kcoQURrZSozGY1lj3PfOozbIxjjDHb4RErS4/g+xkeBsimq2DUViyqOV5+nVgoh4 6yMXf395r9cuKv6NYxT8BnUABoqeJ6qrBiqMnugQtz+5O7tVZ66EjlBnQUDWoarS 84AUDRnk5sxG1HNI5nWP9XmHYBomDw/41/qPodzmSY8HWy9ltmygvcAAswIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDUem/s6pw4NVyG1ypHYY1hRgaZdMB8GA1UdIwQY MBaAFCh7UBJVF5RCdKFGu6zWTmkaIPoGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS0h0UUVsVVhsRUowb1VhN3JOWk9hUm9nLWdZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC80MWE0NDMtZWUyYi00NjQ2LWJhNjgt YWFiNmM4YmE1YmQ0LzEvS0h0UUVsVVhsRUowb1VhN3JOWk9hUm9nLWdZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82MC80MWE0NDMtZWUyYi00NjQ2LWJhNjgtYWFiNmM4YmE1YmQ0 LzEvS0h0UUVsVVhsRUowb1VhN3JOWk9hUm9nLWdZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASF3dllMq Lx8Iz/YVoTEdcUybFTT6iQbwJu/Zhxtv0B//HjfAzlPVIAyW9vAzbwX/POh2N9mC nP2lrQ7co3A9SLUIFvgA/b+dV64EWbOCwoDxb0B9vG9VLu/Z91gopOcDCblkv/XR G2gP9ohHiPj6YkxX9CQyvmJJ+3FUvyZ7pURNxsEWx8rEfcNsIBw3rXfDV8mQmP3Q tWezDAziBfV04qBFkcyum2OvrMd3il1ONbQmyQ+Kbe1dP9yTLP8PyuDuSRwYB6kC p1cgpNsZs9C3j1z0Hk8cBj7k1SDvfFQkelrO1rWDpmTArm4xtOask6UbwGlhs4hW 2pdwLvLb5VNcvg== -----END CERTIFICATE-----Generated at Sun Dec 7 02:02:02 2025 by rpki-client