This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/5f153d-71d9-470a-ba27-971139514bb1/1/CKKX-M-hzm0_4sUmkRxGippjGNA.mft File: CKKX-M-hzm0_4sUmkRxGippjGNA.mft (raw, json) Hash identifier: cvJ5otAgQsOTHfIv9yUYzeMn/cugdhk7UahFZ8U4c/M= Subject key identifier: AA:37:1C:07:6C:9A:5F:45:9F:31:41:50:B9:BB:B9:A5:9C:55:8A:87 Authority key identifier: 08:A2:97:F8:CF:A1:CE:6D:3F:E2:C5:26:91:1C:46:8A:9A:63:18:D0 Certificate issuer: /CN=08a297f8cfa1ce6d3fe2c526911c468a9a6318d0 Certificate serial: 019AF31B15AF472DF92E06FFF7EE0499BF38 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CKKX-M-hzm0_4sUmkRxGippjGNA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/5f153d-71d9-470a-ba27-971139514bb1/1/CKKX-M-hzm0_4sUmkRxGippjGNA.mft Manifest number: 1764 Signing time: Sat 06 Dec 2025 10:00:29 +0000 Manifest this update: Sat 06 Dec 2025 10:00:29 +0000 Manifest next update: Sun 07 Dec 2025 10:00:29 +0000 Files and hashes: 1: 5MRhSgchnAtf4S3HQR8A2P9G7a4.roa (hash: zhfGWwF8FWGDVI625aodd4CNBRsAZhPphxbbSuJ9Gk4=) 2: CKKX-M-hzm0_4sUmkRxGippjGNA.crl (hash: nUw4RCyFMkkAcm2729NhOb47p4hSPmw+n/iHEWVHNRM=) 3: KBS5ODGVPgLIrn_lzCZVpLCuM_o.roa (hash: tuJiuTZZDp+7DpYOFgzygNPFPeRHjujTGVj2/4ZqQWE=) 4: lf4o5O9cdWZQhb3j1ES-63-ld0k.roa (hash: MkYv77LnNtclc+nDDwEnxwywSZw8C8g7xWpLHjYSnn8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/71/5f153d-71d9-470a-ba27-971139514bb1/1/CKKX-M-hzm0_4sUmkRxGippjGNA.crl rsync://rpki.ripe.net/repository/DEFAULT/71/5f153d-71d9-470a-ba27-971139514bb1/1/CKKX-M-hzm0_4sUmkRxGippjGNA.mft rsync://rpki.ripe.net/repository/DEFAULT/CKKX-M-hzm0_4sUmkRxGippjGNA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1b:15:af:47:2d:f9:2e:06:ff:f7:ee:04:99:bf:38 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=08a297f8cfa1ce6d3fe2c526911c468a9a6318d0 Validity Not Before: Dec 6 10:00:29 2025 GMT Not After : Dec 7 10:00:29 2025 GMT Subject: CN=aa371c076c9a5f459f314150b9bbb9a59c558a87 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:fa:86:5d:c4:e2:a0:2a:ba:53:17:97:cd:8a:d2: fb:dc:47:1a:c5:29:cc:75:1c:82:92:19:c2:68:cd: d6:df:25:1a:a2:58:78:11:07:31:92:6f:ad:0a:c8: c4:a7:9b:65:f3:ef:54:72:3b:13:1d:fd:0d:aa:55: 08:b3:1c:7e:eb:1a:db:55:7b:bb:00:86:cb:78:51: ae:e8:d5:c4:96:06:9c:c5:94:44:e3:3c:29:2c:7e: 87:1e:ca:71:a0:7e:62:a7:28:b7:59:28:cf:63:2f: a7:fc:f6:e5:38:ad:70:3c:c5:6b:8a:1f:9a:3b:78: b5:2d:fc:f1:18:51:11:31:c4:e5:a7:1c:b7:6b:44: 23:4f:6c:51:81:72:0c:dc:2a:e0:bd:5e:27:00:29: 89:dc:ae:e6:a4:95:c8:76:fb:15:eb:e8:b3:d8:7a: fb:e4:9e:cb:3f:a6:70:3d:9d:3d:94:c7:a8:f6:49: 2c:49:b9:11:08:fb:db:30:dc:4d:fe:08:b9:6b:f2: 80:b9:45:3c:4c:e8:17:37:86:03:65:75:8b:71:a2: 30:53:58:bf:26:80:52:34:b7:87:8c:1d:21:39:76: e4:3d:23:11:2c:40:2b:98:8d:2e:c7:a9:94:f2:57: 31:d9:df:ca:1b:60:5c:27:72:a7:d7:a0:66:e3:c1: 5f:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AA:37:1C:07:6C:9A:5F:45:9F:31:41:50:B9:BB:B9:A5:9C:55:8A:87 X509v3 Authority Key Identifier: keyid:08:A2:97:F8:CF:A1:CE:6D:3F:E2:C5:26:91:1C:46:8A:9A:63:18:D0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CKKX-M-hzm0_4sUmkRxGippjGNA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/5f153d-71d9-470a-ba27-971139514bb1/1/CKKX-M-hzm0_4sUmkRxGippjGNA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/71/5f153d-71d9-470a-ba27-971139514bb1/1/CKKX-M-hzm0_4sUmkRxGippjGNA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 48:d0:cf:bb:23:81:b1:a2:e0:e2:19:c1:16:9c:58:f2:37:26: 7b:c8:7f:4a:6e:33:f7:ae:74:a1:04:c4:96:5a:e9:73:ba:18: 13:5a:4a:19:05:27:1b:4d:fc:4c:e1:31:01:00:32:59:a8:26: 62:a9:b4:cf:b1:ab:44:49:27:b6:58:04:ad:ad:24:70:1b:e2: 62:82:bd:46:9d:68:c9:f5:d4:fc:02:39:2a:2a:28:3f:14:33: a0:8f:0e:33:92:6d:2c:2b:8c:f6:c5:d9:50:6e:10:27:a0:ff: a1:aa:41:d8:20:4c:cc:b4:5e:d7:20:f9:eb:fe:95:ad:df:0d: 17:5c:4b:42:b5:01:43:f8:87:a6:a4:c5:b6:d8:1a:dd:7f:81: 76:e4:bc:7c:2e:96:eb:c5:e2:f2:6d:be:4c:43:f9:bf:cf:02: ef:45:fc:62:f4:56:f9:24:05:1a:99:ab:30:58:12:66:c7:47: 87:a7:cf:3c:a1:c9:85:1a:23:f1:4e:18:2f:44:d8:16:0e:d3: cf:12:b4:3a:f5:16:09:49:1d:12:b5:ab:f4:97:20:72:b3:f8: e0:0d:c9:b1:8c:6c:c5:51:98:b4:30:a3:d0:e9:80:08:ce:80: 57:c8:88:9e:07:f2:7e:bf:f4:52:6d:a6:95:2b:05:b0:fa:7c: 61:ad:4f:59 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzGxWvRy35Lgb/9+4Emb84MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA4YTI5N2Y4Y2ZhMWNlNmQzZmUyYzUyNjkxMWM0NjhhOWE2 MzE4ZDAwHhcNMjUxMjA2MTAwMDI5WhcNMjUxMjA3MTAwMDI5WjAzMTEwLwYDVQQD EyhhYTM3MWMwNzZjOWE1ZjQ1OWYzMTQxNTBiOWJiYjlhNTljNTU4YTg3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+oZdxOKgKrpTF5fNitL73EcaxSnM dRyCkhnCaM3W3yUaolh4EQcxkm+tCsjEp5tl8+9UcjsTHf0NqlUIsxx+6xrbVXu7 AIbLeFGu6NXElgacxZRE4zwpLH6HHspxoH5ipyi3WSjPYy+n/PblOK1wPMVrih+a O3i1LfzxGFERMcTlpxy3a0QjT2xRgXIM3CrgvV4nACmJ3K7mpJXIdvsV6+iz2Hr7 5J7LP6ZwPZ09lMeo9kksSbkRCPvbMNxN/gi5a/KAuUU8TOgXN4YDZXWLcaIwU1i/ JoBSNLeHjB0hOXbkPSMRLEArmI0ux6mU8lcx2d/KG2BcJ3Kn16Bm48FfMwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKo3HAdsml9FnzFBULm7uaWcVYqHMB8GA1UdIwQY MBaAFAiil/jPoc5tP+LFJpEcRoqaYxjQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ0tLWC1NLWh6bTBfNHNVbWtSeEdpcHBqR05BLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS81ZjE1M2QtNzFkOS00NzBhLWJhMjct OTcxMTM5NTE0YmIxLzEvQ0tLWC1NLWh6bTBfNHNVbWtSeEdpcHBqR05BLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83MS81ZjE1M2QtNzFkOS00NzBhLWJhMjctOTcxMTM5NTE0YmIx LzEvQ0tLWC1NLWh6bTBfNHNVbWtSeEdpcHBqR05BLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASNDPuyOB saLg4hnBFpxY8jcme8h/Sm4z9650oQTEllrpc7oYE1pKGQUnG038TOExAQAyWagm Yqm0z7GrREkntlgEra0kcBviYoK9Rp1oyfXU/AI5KiooPxQzoI8OM5JtLCuM9sXZ UG4QJ6D/oapB2CBMzLRe1yD56/6Vrd8NF1xLQrUBQ/iHpqTFttga3X+BduS8fC6W 68Xi8m2+TEP5v88C70X8YvRW+SQFGpmrMFgSZsdHh6fPPKHJhRoj8U4YL0TYFg7T zxK0OvUWCUkdErWr9JcgcrP44A3JsYxsxVGYtDCj0OmACM6AV8iIngfyfr/0Um2m lSsFsPp8Ya1PWQ== -----END CERTIFICATE-----Generated at Sat Dec 6 12:26:42 2025 by rpki-client