This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/9ab02c-0ac8-47f1-8c7c-a629d1976ea3/1/KMWxDr1MOSkgFDB-h_prHJtCFn0.mft File: KMWxDr1MOSkgFDB-h_prHJtCFn0.mft (raw, json) Hash identifier: Gk+ZFmvNYFqezISDucX7j5JT/5XEZWpLuyrnuk0YXgE= Subject key identifier: 94:9B:75:0D:E7:AD:6A:01:19:79:40:5C:FE:01:16:96:BC:A9:E4:67 Authority key identifier: 28:C5:B1:0E:BD:4C:39:29:20:14:30:7E:87:FA:6B:1C:9B:42:16:7D Certificate issuer: /CN=28c5b10ebd4c39292014307e87fa6b1c9b42167d Certificate serial: 019AF31B98C4CF1E379DFDAB609161E70D40 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KMWxDr1MOSkgFDB-h_prHJtCFn0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/9ab02c-0ac8-47f1-8c7c-a629d1976ea3/1/KMWxDr1MOSkgFDB-h_prHJtCFn0.mft Manifest number: 0801 Signing time: Sat 06 Dec 2025 10:01:03 +0000 Manifest this update: Sat 06 Dec 2025 10:01:03 +0000 Manifest next update: Sun 07 Dec 2025 10:01:03 +0000 Files and hashes: 1: KMWxDr1MOSkgFDB-h_prHJtCFn0.crl (hash: hQRVZwZPApwn9dXcg/n9/BrBb7agaRb7gtidJQv33Eg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/74/9ab02c-0ac8-47f1-8c7c-a629d1976ea3/1/KMWxDr1MOSkgFDB-h_prHJtCFn0.crl rsync://rpki.ripe.net/repository/DEFAULT/74/9ab02c-0ac8-47f1-8c7c-a629d1976ea3/1/KMWxDr1MOSkgFDB-h_prHJtCFn0.mft rsync://rpki.ripe.net/repository/DEFAULT/KMWxDr1MOSkgFDB-h_prHJtCFn0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 10:01:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1b:98:c4:cf:1e:37:9d:fd:ab:60:91:61:e7:0d:40 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=28c5b10ebd4c39292014307e87fa6b1c9b42167d Validity Not Before: Dec 6 10:01:03 2025 GMT Not After : Dec 7 10:01:03 2025 GMT Subject: CN=949b750de7ad6a011979405cfe011696bca9e467 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:49:3f:1a:9e:a9:17:bc:49:2b:4f:9b:bb:16: 29:09:a9:ff:62:8f:87:fc:7e:93:da:7d:b3:ad:ed: 4e:aa:a9:ad:e1:64:5f:56:58:fe:d6:f0:d2:c7:37: d2:cc:eb:61:df:6d:bc:df:64:93:91:f5:a2:e6:e0: 25:4a:3a:b9:eb:90:4e:a4:c5:2c:f8:07:37:5f:d9: de:6c:01:e0:0b:c5:0a:89:c2:0e:6e:c1:5a:19:a3: 6c:6e:b2:08:79:22:9d:82:eb:bd:02:cf:fb:30:fc: cf:b8:6b:56:2c:17:b3:7b:87:9f:92:64:7e:8e:90: c0:17:6d:35:16:ab:5e:e6:d9:2d:25:eb:f2:70:96: 39:25:ce:a7:07:ee:13:ea:66:ee:62:54:e8:10:11: d0:e1:88:32:8f:c1:c3:e4:b4:bc:1c:0c:0b:ca:86: df:65:5a:07:1e:f1:4d:04:3f:41:fa:7a:84:ae:5c: 8e:9e:04:55:e3:4f:93:c1:74:89:8f:0c:65:aa:b0: b2:12:d9:12:74:e0:35:78:2c:82:a4:5e:96:a0:cb: ce:46:0e:65:ca:68:55:46:c1:a8:47:84:e2:9b:27: 18:fe:8a:4d:85:f8:56:5e:50:b7:23:a0:43:0a:2a: 42:19:5d:64:4d:14:b0:48:d6:de:b0:15:73:48:26: 6a:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:9B:75:0D:E7:AD:6A:01:19:79:40:5C:FE:01:16:96:BC:A9:E4:67 X509v3 Authority Key Identifier: keyid:28:C5:B1:0E:BD:4C:39:29:20:14:30:7E:87:FA:6B:1C:9B:42:16:7D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KMWxDr1MOSkgFDB-h_prHJtCFn0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/9ab02c-0ac8-47f1-8c7c-a629d1976ea3/1/KMWxDr1MOSkgFDB-h_prHJtCFn0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/74/9ab02c-0ac8-47f1-8c7c-a629d1976ea3/1/KMWxDr1MOSkgFDB-h_prHJtCFn0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 45:d4:9e:47:45:42:49:12:d5:5d:c3:5c:67:33:b4:f7:47:ab: 1f:af:56:43:cf:69:d6:0d:0a:5a:a5:1d:37:90:b8:07:4e:39: d0:de:ec:65:23:24:40:7e:40:d6:c0:78:13:9e:df:8f:46:a4: 53:51:4f:2d:50:59:73:40:aa:08:91:8b:3a:15:09:e6:88:2a: b9:55:e4:25:b4:20:5e:be:3c:7d:c3:25:b4:0a:79:c6:bf:cf: 01:e4:58:00:cd:69:6b:be:c9:b2:3c:56:dd:e2:0a:d5:41:da: 96:74:60:b1:50:f9:e7:d3:c0:da:18:55:52:ee:ad:82:f1:ec: 42:29:cd:40:52:1b:7e:b1:94:15:6b:3d:0a:c8:3b:c3:44:dd: 42:e3:c9:93:a1:8f:8c:3a:dd:e6:0b:94:d9:a2:0d:55:dc:38: 03:6d:de:3b:71:30:13:39:11:b0:dc:6d:1b:8a:f7:6d:c6:26: cf:2b:6b:b9:87:ae:86:78:52:b1:c0:ec:3b:46:64:78:73:c5: e4:68:f4:05:89:28:4f:b5:f8:87:31:13:5a:6c:aa:61:23:fd: fe:df:72:1f:da:20:90:8c:98:c0:de:8e:72:2d:a6:d4:b6:1c: 5a:95:b0:67:01:3b:32:1a:e2:a4:fd:7b:db:c3:93:aa:da:2e: 12:8a:a4:3e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzG5jEzx43nf2rYJFh5w1AMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI4YzViMTBlYmQ0YzM5MjkyMDE0MzA3ZTg3ZmE2YjFjOWI0 MjE2N2QwHhcNMjUxMjA2MTAwMTAzWhcNMjUxMjA3MTAwMTAzWjAzMTEwLwYDVQQD Eyg5NDliNzUwZGU3YWQ2YTAxMTk3OTQwNWNmZTAxMTY5NmJjYTllNDY3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArEk/Gp6pF7xJK0+buxYpCan/Yo+H /H6T2n2zre1Oqqmt4WRfVlj+1vDSxzfSzOth322832STkfWi5uAlSjq565BOpMUs +Ac3X9nebAHgC8UKicIObsFaGaNsbrIIeSKdguu9As/7MPzPuGtWLBeze4efkmR+ jpDAF201Fqte5tktJevycJY5Jc6nB+4T6mbuYlToEBHQ4Ygyj8HD5LS8HAwLyobf ZVoHHvFNBD9B+nqErlyOngRV40+TwXSJjwxlqrCyEtkSdOA1eCyCpF6WoMvORg5l ymhVRsGoR4TimycY/opNhfhWXlC3I6BDCipCGV1kTRSwSNbesBVzSCZqqwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJSbdQ3nrWoBGXlAXP4BFpa8qeRnMB8GA1UdIwQY MBaAFCjFsQ69TDkpIBQwfof6axybQhZ9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS01XeERyMU1PU2tnRkRCLWhfcHJISnRDRm4wLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC85YWIwMmMtMGFjOC00N2YxLThjN2Mt YTYyOWQxOTc2ZWEzLzEvS01XeERyMU1PU2tnRkRCLWhfcHJISnRDRm4wLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83NC85YWIwMmMtMGFjOC00N2YxLThjN2MtYTYyOWQxOTc2ZWEz LzEvS01XeERyMU1PU2tnRkRCLWhfcHJISnRDRm4wLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARdSeR0VC SRLVXcNcZzO090erH69WQ89p1g0KWqUdN5C4B0450N7sZSMkQH5A1sB4E57fj0ak U1FPLVBZc0CqCJGLOhUJ5ogquVXkJbQgXr48fcMltAp5xr/PAeRYAM1pa77JsjxW 3eIK1UHalnRgsVD559PA2hhVUu6tgvHsQinNQFIbfrGUFWs9Csg7w0TdQuPJk6GP jDrd5guU2aINVdw4A23eO3EwEzkRsNxtG4r3bcYmzytruYeuhnhSscDsO0ZkeHPF 5Gj0BYkoT7X4hzETWmyqYSP9/t9yH9ogkIyYwN6Oci2m1LYcWpWwZwE7MhripP17 28OTqtouEoqkPg== -----END CERTIFICATE-----Generated at Sat Dec 6 15:42:23 2025 by rpki-client