This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/0bb8a0-3fb3-41ee-9f65-1c8d9e6ed124/1/KgedPD3CTph79wxKn6u6QFsIOkU.mft File: KgedPD3CTph79wxKn6u6QFsIOkU.mft (raw, json) Hash identifier: a7BwM1B6XzzfJ4aG5qwMxuZ0EqzwqiDVeRZME0ND85U= Subject key identifier: 5A:4A:F2:BE:56:AA:C9:A1:76:63:99:C2:09:5B:AC:1A:6B:EB:62:F4 Authority key identifier: 2A:07:9D:3C:3D:C2:4E:98:7B:F7:0C:4A:9F:AB:BA:40:5B:08:3A:45 Certificate issuer: /CN=2a079d3c3dc24e987bf70c4a9fabba405b083a45 Certificate serial: 019AF12D4B6136FB59A6120F8E8C1C631907 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KgedPD3CTph79wxKn6u6QFsIOkU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/0bb8a0-3fb3-41ee-9f65-1c8d9e6ed124/1/KgedPD3CTph79wxKn6u6QFsIOkU.mft Manifest number: 0CD6 Signing time: Sat 06 Dec 2025 01:01:08 +0000 Manifest this update: Sat 06 Dec 2025 01:01:08 +0000 Manifest next update: Sun 07 Dec 2025 01:01:08 +0000 Files and hashes: 1: KgedPD3CTph79wxKn6u6QFsIOkU.crl (hash: vquynd3MMz7H+j3d9XA8HU1hTSsHbjYs0Vzdxi9t4xk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/0bb8a0-3fb3-41ee-9f65-1c8d9e6ed124/1/KgedPD3CTph79wxKn6u6QFsIOkU.crl rsync://rpki.ripe.net/repository/DEFAULT/80/0bb8a0-3fb3-41ee-9f65-1c8d9e6ed124/1/KgedPD3CTph79wxKn6u6QFsIOkU.mft rsync://rpki.ripe.net/repository/DEFAULT/KgedPD3CTph79wxKn6u6QFsIOkU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:01:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2d:4b:61:36:fb:59:a6:12:0f:8e:8c:1c:63:19:07 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a079d3c3dc24e987bf70c4a9fabba405b083a45 Validity Not Before: Dec 6 01:01:08 2025 GMT Not After : Dec 7 01:01:08 2025 GMT Subject: CN=5a4af2be56aac9a1766399c2095bac1a6beb62f4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:c4:a6:5c:31:bc:67:06:fb:2f:b9:3e:13:e7: a1:1e:35:76:f9:81:61:2a:62:bb:3a:f3:c7:cf:44: cc:29:ce:5a:e8:0f:e2:79:6f:a8:4a:11:d4:71:35: eb:43:1d:3f:5b:fd:6f:f6:ac:ca:47:7b:bf:61:c6: b3:8b:df:3a:76:b1:71:45:43:20:0c:5b:22:83:a8: ef:f8:e0:0b:63:51:83:af:b7:84:70:4a:b8:f6:e0: 63:af:af:a6:82:61:e0:61:2e:e2:84:4d:19:5e:63: 9f:a5:f5:e1:ef:6d:86:37:77:86:df:d1:80:c0:6b: 7d:10:16:cc:a2:16:9c:23:a8:ed:e8:d0:b2:bb:63: 18:fb:b2:01:04:88:c5:e7:c4:4d:3e:41:98:84:a9: df:c3:88:96:59:c6:0f:5c:1f:e3:5f:f9:04:64:5e: a7:75:e5:05:a0:91:03:85:b6:74:1b:fa:8c:e1:a5: 43:53:30:2b:39:46:a6:d8:6b:74:71:d1:4f:1f:05: bc:51:f2:81:59:eb:41:29:01:ec:85:9e:cd:81:61: c6:0f:6a:0f:43:c6:b4:bb:16:13:d4:9e:e1:f9:21: 59:2a:54:40:00:f9:0c:48:3e:61:21:37:01:d2:04: 7f:55:df:8e:80:50:25:ed:0b:80:95:23:95:fb:7d: 01:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5A:4A:F2:BE:56:AA:C9:A1:76:63:99:C2:09:5B:AC:1A:6B:EB:62:F4 X509v3 Authority Key Identifier: keyid:2A:07:9D:3C:3D:C2:4E:98:7B:F7:0C:4A:9F:AB:BA:40:5B:08:3A:45 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KgedPD3CTph79wxKn6u6QFsIOkU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/0bb8a0-3fb3-41ee-9f65-1c8d9e6ed124/1/KgedPD3CTph79wxKn6u6QFsIOkU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/80/0bb8a0-3fb3-41ee-9f65-1c8d9e6ed124/1/KgedPD3CTph79wxKn6u6QFsIOkU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6a:29:12:ad:65:ab:2e:64:eb:37:d6:1f:66:56:6b:e8:d6:54: ce:cd:1f:fe:09:31:9e:54:15:ff:f2:08:ec:c6:3f:ac:4f:d2: 7d:a0:87:43:21:cb:b6:d9:2c:9e:25:56:47:c7:4e:72:30:4a: 20:12:ee:6e:14:3e:5e:a7:21:dd:9f:bc:67:96:0f:23:61:46: fa:a0:06:3d:f6:54:81:ef:b6:3a:36:4f:05:16:81:15:d9:d4: 15:9d:82:18:9c:4a:0b:48:43:e5:e7:9e:e7:d4:40:18:a2:b4: 5f:c7:32:2e:c7:31:64:cd:de:4b:88:41:43:b8:b5:41:bd:dd: cc:61:b3:7a:c6:c5:77:c1:a1:84:3e:fd:70:ed:50:83:c6:26: d8:ba:f4:01:47:f8:73:ca:f2:fe:62:ff:31:07:28:db:77:49: 71:bb:3f:e3:5b:da:db:bf:33:7e:a0:ae:dc:fe:47:18:5c:ad: 39:1e:34:c0:94:62:fc:91:49:87:a4:bd:50:7a:aa:3f:06:4c: b3:c5:e5:f6:df:92:6e:72:f0:86:09:be:8b:cb:76:ae:f1:85: 54:7b:57:b4:d4:bd:6e:05:72:c1:a3:ce:c2:1e:b4:43:55:19: 01:f3:49:bc:43:bf:b6:9e:c5:de:e7:93:2a:e0:1f:cf:6b:41: dc:93:7d:d3 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLUthNvtZphIPjowcYxkHMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhMDc5ZDNjM2RjMjRlOTg3YmY3MGM0YTlmYWJiYTQwNWIw ODNhNDUwHhcNMjUxMjA2MDEwMTA4WhcNMjUxMjA3MDEwMTA4WjAzMTEwLwYDVQQD Eyg1YTRhZjJiZTU2YWFjOWExNzY2Mzk5YzIwOTViYWMxYTZiZWI2MmY0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0cSmXDG8Zwb7L7k+E+ehHjV2+YFh KmK7OvPHz0TMKc5a6A/ieW+oShHUcTXrQx0/W/1v9qzKR3u/Ycazi986drFxRUMg DFsig6jv+OALY1GDr7eEcEq49uBjr6+mgmHgYS7ihE0ZXmOfpfXh722GN3eG39GA wGt9EBbMohacI6jt6NCyu2MY+7IBBIjF58RNPkGYhKnfw4iWWcYPXB/jX/kEZF6n deUFoJEDhbZ0G/qM4aVDUzArOUam2Gt0cdFPHwW8UfKBWetBKQHshZ7NgWHGD2oP Q8a0uxYT1J7h+SFZKlRAAPkMSD5hITcB0gR/Vd+OgFAl7QuAlSOV+30BXwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFpK8r5WqsmhdmOZwglbrBpr62L0MB8GA1UdIwQY MBaAFCoHnTw9wk6Ye/cMSp+rukBbCDpFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS2dlZFBEM0NUcGg3OXd4S242dTZRRnNJT2tVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8wYmI4YTAtM2ZiMy00MWVlLTlmNjUt MWM4ZDllNmVkMTI0LzEvS2dlZFBEM0NUcGg3OXd4S242dTZRRnNJT2tVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84MC8wYmI4YTAtM2ZiMy00MWVlLTlmNjUtMWM4ZDllNmVkMTI0 LzEvS2dlZFBEM0NUcGg3OXd4S242dTZRRnNJT2tVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAaikSrWWr LmTrN9YfZlZr6NZUzs0f/gkxnlQV//II7MY/rE/SfaCHQyHLttksniVWR8dOcjBK IBLubhQ+Xqch3Z+8Z5YPI2FG+qAGPfZUge+2OjZPBRaBFdnUFZ2CGJxKC0hD5eee 59RAGKK0X8cyLscxZM3eS4hBQ7i1Qb3dzGGzesbFd8GhhD79cO1Qg8Ym2Lr0AUf4 c8ry/mL/MQco23dJcbs/41va278zfqCu3P5HGFytOR40wJRi/JFJh6S9UHqqPwZM s8Xl9t+SbnLwhgm+i8t2rvGFVHtXtNS9bgVywaPOwh60Q1UZAfNJvEO/tp7F3ueT KuAfz2tB3JN90w== -----END CERTIFICATE-----Generated at Sat Dec 6 07:13:50 2025 by rpki-client