This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/375522-b695-431b-8d49-66b434fdf9ae/1/KAK1sCXPTqEzlfxXtaTWiY5zMs8.mft File: KAK1sCXPTqEzlfxXtaTWiY5zMs8.mft (raw, json) Hash identifier: jYZkfghTyn4yUemSFYi3eLrDORbTUoQc1BFXzBCcUrc= Subject key identifier: 82:1E:87:1E:42:E2:12:4C:91:A8:80:15:D8:DC:B4:01:CA:6A:79:AE Authority key identifier: 28:02:B5:B0:25:CF:4E:A1:33:95:FC:57:B5:A4:D6:89:8E:73:32:CF Certificate issuer: /CN=2802b5b025cf4ea13395fc57b5a4d6898e7332cf Certificate serial: 019AF1D223B05724AD3B5D6067DCFDE9C7EA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KAK1sCXPTqEzlfxXtaTWiY5zMs8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/375522-b695-431b-8d49-66b434fdf9ae/1/KAK1sCXPTqEzlfxXtaTWiY5zMs8.mft Manifest number: 16DE Signing time: Sat 06 Dec 2025 04:01:11 +0000 Manifest this update: Sat 06 Dec 2025 04:01:11 +0000 Manifest next update: Sun 07 Dec 2025 04:01:11 +0000 Files and hashes: 1: CgAYwcYqjGUwI5cuY-inYF9ViL4.roa (hash: DG9lxho2Qdp+1bj1jPdlMwaM6onKyvGHv7zkZeOCV70=) 2: KAK1sCXPTqEzlfxXtaTWiY5zMs8.crl (hash: YAwg2BwTimfT9ZS8pTuRMJ8KsqjM6rjqD/UezabWdkk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/73/375522-b695-431b-8d49-66b434fdf9ae/1/KAK1sCXPTqEzlfxXtaTWiY5zMs8.crl rsync://rpki.ripe.net/repository/DEFAULT/73/375522-b695-431b-8d49-66b434fdf9ae/1/KAK1sCXPTqEzlfxXtaTWiY5zMs8.mft rsync://rpki.ripe.net/repository/DEFAULT/KAK1sCXPTqEzlfxXtaTWiY5zMs8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:d2:23:b0:57:24:ad:3b:5d:60:67:dc:fd:e9:c7:ea Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2802b5b025cf4ea13395fc57b5a4d6898e7332cf Validity Not Before: Dec 6 04:01:11 2025 GMT Not After : Dec 7 04:01:11 2025 GMT Subject: CN=821e871e42e2124c91a88015d8dcb401ca6a79ae Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:a6:72:cc:69:ba:1c:bc:c6:85:d7:3e:cb:78: 2d:1a:e5:30:18:47:b4:ea:2d:05:cd:a6:81:bd:17: 84:a2:1c:63:bb:07:00:44:7a:34:e5:1b:f1:f0:c5: b0:a0:8c:9c:bf:20:ed:ed:ad:2a:da:b1:1a:aa:4e: 13:23:b7:90:87:0f:7a:6b:b3:f9:fe:f1:b2:15:0a: ae:f4:ca:6c:b6:c2:c3:fe:0a:39:7d:2b:16:88:de: 4a:90:19:de:e1:5b:91:6d:d6:17:a1:74:29:05:8f: b6:11:62:56:35:df:e0:76:8d:a6:74:35:7c:2d:c2: 8b:d6:8a:07:36:bb:05:66:fb:2e:97:f1:ba:19:56: 31:6d:84:00:31:a5:a9:11:5e:2b:a3:82:b1:47:b0: 0b:a2:1c:09:40:6f:0e:28:7a:00:a2:72:dd:20:3a: 73:dc:34:b0:a4:90:8e:6e:0a:a7:e7:2d:41:55:47: 3d:57:10:df:8f:7c:ac:3f:eb:ab:51:20:a3:26:f1: df:6f:27:8f:c3:c9:f3:ac:80:ad:ba:fc:76:99:ce: 2a:23:ec:80:e8:ec:fe:44:7b:fb:5d:9d:53:5a:14: 83:40:06:4e:60:60:6d:c8:2f:cd:7f:e4:7d:62:42: 0b:e8:21:fe:a7:c9:33:9f:26:fc:60:10:cd:36:26: 05:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 82:1E:87:1E:42:E2:12:4C:91:A8:80:15:D8:DC:B4:01:CA:6A:79:AE X509v3 Authority Key Identifier: keyid:28:02:B5:B0:25:CF:4E:A1:33:95:FC:57:B5:A4:D6:89:8E:73:32:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KAK1sCXPTqEzlfxXtaTWiY5zMs8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/375522-b695-431b-8d49-66b434fdf9ae/1/KAK1sCXPTqEzlfxXtaTWiY5zMs8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/73/375522-b695-431b-8d49-66b434fdf9ae/1/KAK1sCXPTqEzlfxXtaTWiY5zMs8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 29:49:ce:42:65:57:bf:04:48:d8:bd:fc:08:eb:4b:95:0d:c8: a4:8d:7e:8f:90:67:b4:e4:f1:96:15:41:59:34:00:19:07:dc: e8:9f:db:25:60:3b:38:cb:f1:10:19:9d:9d:c4:41:07:f0:b0: 8b:c7:af:f0:c1:d1:80:8b:b9:ca:9e:3f:c9:37:a6:83:80:a4: a3:8b:85:92:1c:22:0d:20:6e:24:ef:43:e0:0c:dc:a0:42:f2: 05:de:1d:6f:fc:0e:7f:02:79:13:05:ce:5b:69:bf:3a:a9:3a: dc:09:16:8b:9d:56:ae:f5:c1:67:7c:22:ce:ae:ba:a8:69:29: f6:67:dd:eb:8c:88:de:40:4f:57:97:ac:b9:3c:3c:86:51:5a: 45:ee:b2:04:91:26:8c:7d:47:66:7e:2a:4a:e7:23:10:31:b1: 4c:f2:2b:d8:41:9d:73:16:46:67:09:f3:8f:46:d9:c1:b2:a6: b6:a7:63:f1:95:71:52:0a:5c:a8:ba:bc:4f:58:0a:a8:59:fe: 99:34:15:08:65:88:47:12:6c:25:c4:b3:00:a8:98:27:5c:6d: 8a:90:4e:ab:17:60:55:d5:7b:7a:7d:ff:7f:ce:80:81:29:c6: d6:3d:b8:21:ae:cd:28:01:fa:3d:2e:a9:3e:60:32:50:e2:dc: d4:e9:04:e3 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrx0iOwVyStO11gZ9z96cfqMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI4MDJiNWIwMjVjZjRlYTEzMzk1ZmM1N2I1YTRkNjg5OGU3 MzMyY2YwHhcNMjUxMjA2MDQwMTExWhcNMjUxMjA3MDQwMTExWjAzMTEwLwYDVQQD Eyg4MjFlODcxZTQyZTIxMjRjOTFhODgwMTVkOGRjYjQwMWNhNmE3OWFlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1qZyzGm6HLzGhdc+y3gtGuUwGEe0 6i0FzaaBvReEohxjuwcARHo05Rvx8MWwoIycvyDt7a0q2rEaqk4TI7eQhw96a7P5 /vGyFQqu9MpstsLD/go5fSsWiN5KkBne4VuRbdYXoXQpBY+2EWJWNd/gdo2mdDV8 LcKL1ooHNrsFZvsul/G6GVYxbYQAMaWpEV4ro4KxR7ALohwJQG8OKHoAonLdIDpz 3DSwpJCObgqn5y1BVUc9VxDfj3ysP+urUSCjJvHfbyePw8nzrICtuvx2mc4qI+yA 6Oz+RHv7XZ1TWhSDQAZOYGBtyC/Nf+R9YkIL6CH+p8kznyb8YBDNNiYFawIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIIehx5C4hJMkaiAFdjctAHKanmuMB8GA1UdIwQY MBaAFCgCtbAlz06hM5X8V7Wk1omOczLPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS0FLMXNDWFBUcUV6bGZ4WHRhVFdpWTV6TXM4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My8zNzU1MjItYjY5NS00MzFiLThkNDkt NjZiNDM0ZmRmOWFlLzEvS0FLMXNDWFBUcUV6bGZ4WHRhVFdpWTV6TXM4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83My8zNzU1MjItYjY5NS00MzFiLThkNDktNjZiNDM0ZmRmOWFl LzEvS0FLMXNDWFBUcUV6bGZ4WHRhVFdpWTV6TXM4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAKUnOQmVX vwRI2L38COtLlQ3IpI1+j5BntOTxlhVBWTQAGQfc6J/bJWA7OMvxEBmdncRBB/Cw i8ev8MHRgIu5yp4/yTemg4Cko4uFkhwiDSBuJO9D4AzcoELyBd4db/wOfwJ5EwXO W2m/Oqk63AkWi51WrvXBZ3wizq66qGkp9mfd64yI3kBPV5esuTw8hlFaRe6yBJEm jH1HZn4qSucjEDGxTPIr2EGdcxZGZwnzj0bZwbKmtqdj8ZVxUgpcqLq8T1gKqFn+ mTQVCGWIRxJsJcSzAKiYJ1xtipBOqxdgVdV7en3/f86AgSnG1j24Ia7NKAH6PS6p PmAyUOLc1OkE4w== -----END CERTIFICATE-----Generated at Sat Dec 6 08:15:32 2025 by rpki-client