This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/e71d21-a360-4579-81a0-bcca26fc8945/1/_kFOohqRFtLN-PXALQhnOvpXaJM.mft File: _kFOohqRFtLN-PXALQhnOvpXaJM.mft (raw, json) Hash identifier: bRXqLWItEQJZTgk7+iM12BExYmOLPNor8sjf2Cy60WA= Subject key identifier: 1E:ED:73:99:23:48:19:99:BB:5B:5D:A1:10:AA:84:DC:C3:3A:82:01 Authority key identifier: FE:41:4E:A2:1A:91:16:D2:CD:F8:F5:C0:2D:08:67:3A:FA:57:68:93 Certificate issuer: /CN=fe414ea21a9116d2cdf8f5c02d08673afa576893 Certificate serial: 019AF57797750ADFB867B4619DDF6736B531 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_kFOohqRFtLN-PXALQhnOvpXaJM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/e71d21-a360-4579-81a0-bcca26fc8945/1/_kFOohqRFtLN-PXALQhnOvpXaJM.mft Manifest number: 04FE Signing time: Sat 06 Dec 2025 21:00:46 +0000 Manifest this update: Sat 06 Dec 2025 21:00:46 +0000 Manifest next update: Sun 07 Dec 2025 21:00:46 +0000 Files and hashes: 1: 0MAgU7sTLhp2qbqkuMgBEoG1GaM.roa (hash: qBfT5pIrk1/WlfhHIXDzrsxZlkpu9JZ5SsEtvG7MW+c=) 2: _kFOohqRFtLN-PXALQhnOvpXaJM.crl (hash: I9ROzvjglg8hqz6m1GPnam1k88MJfTRIxicSApiKEvk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/e71d21-a360-4579-81a0-bcca26fc8945/1/_kFOohqRFtLN-PXALQhnOvpXaJM.crl rsync://rpki.ripe.net/repository/DEFAULT/64/e71d21-a360-4579-81a0-bcca26fc8945/1/_kFOohqRFtLN-PXALQhnOvpXaJM.mft rsync://rpki.ripe.net/repository/DEFAULT/_kFOohqRFtLN-PXALQhnOvpXaJM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 21:00:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:77:97:75:0a:df:b8:67:b4:61:9d:df:67:36:b5:31 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=fe414ea21a9116d2cdf8f5c02d08673afa576893 Validity Not Before: Dec 6 21:00:46 2025 GMT Not After : Dec 7 21:00:46 2025 GMT Subject: CN=1eed739923481999bb5b5da110aa84dcc33a8201 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:c3:9e:00:65:9c:10:5b:29:af:6d:d3:2f:a1: 5c:d0:69:3e:96:d5:d1:1f:fd:f3:72:37:68:02:67: 55:f6:76:1b:6f:9c:92:e0:90:86:b5:fc:d6:bb:fa: d5:39:40:fa:30:5d:41:46:bc:d8:06:27:a5:f6:6d: c7:eb:a5:02:3d:9b:1d:6e:28:64:bc:29:ff:24:83: b9:4d:2c:59:ea:e8:d5:96:e1:73:b5:d1:1d:b4:b7: 6a:ef:ba:17:90:5d:1c:b8:90:e9:6a:7a:ef:a9:d8: 24:8a:05:fe:70:a5:59:6a:83:f8:d8:21:7a:91:30: 8c:a8:d8:35:1a:1f:40:2c:20:ef:f3:f1:a9:8e:fe: 6e:42:49:c9:8d:86:02:28:b7:8c:7f:63:03:da:f2: 4a:ad:1e:fa:85:06:fe:ad:9d:4b:5f:fd:f5:22:47: 0f:48:fe:a9:c3:73:cb:b8:af:9a:a3:25:cb:fe:4a: 65:2c:5a:c5:71:6e:90:b8:5b:b9:4f:74:84:dd:7f: 0a:ab:c8:9c:19:dc:b4:f9:c9:b9:a3:12:93:c8:da: db:41:19:a8:1b:8c:ab:aa:80:9d:59:df:b6:5d:ec: 04:50:79:de:25:23:e9:26:66:9b:d5:ba:d4:d8:33: 38:dd:5f:18:46:c2:1e:83:68:84:36:9e:c1:1e:da: 24:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:ED:73:99:23:48:19:99:BB:5B:5D:A1:10:AA:84:DC:C3:3A:82:01 X509v3 Authority Key Identifier: keyid:FE:41:4E:A2:1A:91:16:D2:CD:F8:F5:C0:2D:08:67:3A:FA:57:68:93 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_kFOohqRFtLN-PXALQhnOvpXaJM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/e71d21-a360-4579-81a0-bcca26fc8945/1/_kFOohqRFtLN-PXALQhnOvpXaJM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/64/e71d21-a360-4579-81a0-bcca26fc8945/1/_kFOohqRFtLN-PXALQhnOvpXaJM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 12:0c:23:77:4f:99:c8:30:05:4a:98:ec:9c:8b:8f:f5:13:d6: 07:92:61:eb:57:b0:f0:3a:5d:84:c2:ff:4b:ee:bd:51:2c:ef: 9b:ba:7c:84:90:a3:15:cb:41:df:f3:86:2d:74:e4:22:8a:fb: 90:2d:04:7d:aa:af:61:d7:9f:9d:dd:24:56:a0:87:9c:8c:c5: d9:74:72:a9:bc:bf:25:ce:01:3f:0e:e4:2d:ae:50:9a:d9:80: e5:7c:45:df:04:49:84:23:16:9a:39:e3:4e:da:34:5d:e8:f0: bd:e2:f9:2e:c9:11:de:5f:dd:cf:9b:99:bb:f3:ae:84:d7:e6: 09:3c:35:20:fa:19:d1:8d:f7:04:f4:e2:14:cf:df:a5:c7:f5: 54:0a:a1:22:1b:fc:bb:0d:0f:59:5d:d8:67:e4:55:d1:5f:59: 70:e9:4b:3f:6a:cf:b1:bd:56:bf:77:ef:1f:0a:28:6d:40:3c: dd:d9:3f:34:e5:c4:7f:76:20:d4:d7:c6:93:fb:5a:ab:46:11: 62:2b:a7:0d:df:11:61:ea:06:6d:54:19:d6:f9:8b:2e:f2:89: 17:0f:27:42:99:65:e6:4e:09:1a:fb:fc:46:e4:36:13:4d:77: 71:a3:7b:75:35:ed:13:02:d5:2c:d7:9f:c6:c4:a1:e3:1f:bb: 09:5c:65:74 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr1d5d1Ct+4Z7Rhnd9nNrUxMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGZlNDE0ZWEyMWE5MTE2ZDJjZGY4ZjVjMDJkMDg2NzNhZmE1 NzY4OTMwHhcNMjUxMjA2MjEwMDQ2WhcNMjUxMjA3MjEwMDQ2WjAzMTEwLwYDVQQD EygxZWVkNzM5OTIzNDgxOTk5YmI1YjVkYTExMGFhODRkY2MzM2E4MjAxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxsOeAGWcEFspr23TL6Fc0Gk+ltXR H/3zcjdoAmdV9nYbb5yS4JCGtfzWu/rVOUD6MF1BRrzYBiel9m3H66UCPZsdbihk vCn/JIO5TSxZ6ujVluFztdEdtLdq77oXkF0cuJDpanrvqdgkigX+cKVZaoP42CF6 kTCMqNg1Gh9ALCDv8/Gpjv5uQknJjYYCKLeMf2MD2vJKrR76hQb+rZ1LX/31IkcP SP6pw3PLuK+aoyXL/kplLFrFcW6QuFu5T3SE3X8Kq8icGdy0+cm5oxKTyNrbQRmo G4yrqoCdWd+2XewEUHneJSPpJmab1brU2DM43V8YRsIeg2iENp7BHtokvwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFB7tc5kjSBmZu1tdoRCqhNzDOoIBMB8GA1UdIwQY MBaAFP5BTqIakRbSzfj1wC0IZzr6V2iTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvX2tGT29ocVJGdExOLVBYQUxRaG5PdnBYYUpNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9lNzFkMjEtYTM2MC00NTc5LTgxYTAt YmNjYTI2ZmM4OTQ1LzEvX2tGT29ocVJGdExOLVBYQUxRaG5PdnBYYUpNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82NC9lNzFkMjEtYTM2MC00NTc5LTgxYTAtYmNjYTI2ZmM4OTQ1 LzEvX2tGT29ocVJGdExOLVBYQUxRaG5PdnBYYUpNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEgwjd0+Z yDAFSpjsnIuP9RPWB5Jh61ew8DpdhML/S+69USzvm7p8hJCjFctB3/OGLXTkIor7 kC0EfaqvYdefnd0kVqCHnIzF2XRyqby/Jc4BPw7kLa5QmtmA5XxF3wRJhCMWmjnj Tto0XejwveL5LskR3l/dz5uZu/OuhNfmCTw1IPoZ0Y33BPTiFM/fpcf1VAqhIhv8 uw0PWV3YZ+RV0V9ZcOlLP2rPsb1Wv3fvHwoobUA83dk/NOXEf3Yg1NfGk/taq0YR YiunDd8RYeoGbVQZ1vmLLvKJFw8nQpll5k4JGvv8RuQ2E013caN7dTXtEwLVLNef xsSh4x+7CVxldA== -----END CERTIFICATE-----Generated at Sun Dec 7 03:22:13 2025 by rpki-client