This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/bb560a-4284-4fc0-b05d-a8be9932aa89/1/kBewvZCCfeCNJP72G8xEhiAkv34.mft File: kBewvZCCfeCNJP72G8xEhiAkv34.mft (raw, json) Hash identifier: 9eu38z+ibtrpDl32ggLz1mRM/HxjrDYfrlXFvybqbg8= Subject key identifier: A1:6F:30:50:B1:A0:8E:54:82:01:83:E4:D3:8D:8D:10:38:B6:63:5F Authority key identifier: 90:17:B0:BD:90:82:7D:E0:8D:24:FE:F6:1B:CC:44:86:20:24:BF:7E Certificate issuer: /CN=9017b0bd90827de08d24fef61bcc44862024bf7e Certificate serial: 019B3F48B5327E694AE68004BE1193685585 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kBewvZCCfeCNJP72G8xEhiAkv34.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/bb560a-4284-4fc0-b05d-a8be9932aa89/1/kBewvZCCfeCNJP72G8xEhiAkv34.mft Manifest number: 0E1E Signing time: Sun 21 Dec 2025 05:01:28 +0000 Manifest this update: Sun 21 Dec 2025 05:01:28 +0000 Manifest next update: Mon 22 Dec 2025 05:01:28 +0000 Files and hashes: 1: GDngKunQly0rXAZJTM9K6ouZldE.roa (hash: srWtclzCrCIl56nGBNOU8VqqYjtRTWRgnKIo2g1oYz4=) 2: kBewvZCCfeCNJP72G8xEhiAkv34.crl (hash: ulyBiovmgTvU3BBJ5BfhK2WE+IHHn+dNMkjuOGDYyAk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/83/bb560a-4284-4fc0-b05d-a8be9932aa89/1/kBewvZCCfeCNJP72G8xEhiAkv34.crl rsync://rpki.ripe.net/repository/DEFAULT/83/bb560a-4284-4fc0-b05d-a8be9932aa89/1/kBewvZCCfeCNJP72G8xEhiAkv34.mft rsync://rpki.ripe.net/repository/DEFAULT/kBewvZCCfeCNJP72G8xEhiAkv34.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3f:48:b5:32:7e:69:4a:e6:80:04:be:11:93:68:55:85 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9017b0bd90827de08d24fef61bcc44862024bf7e Validity Not Before: Dec 21 05:01:28 2025 GMT Not After : Dec 22 05:01:28 2025 GMT Subject: CN=a16f3050b1a08e54820183e4d38d8d1038b6635f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:e2:06:72:e0:1f:fa:58:7d:58:c8:2d:94:e7: c7:eb:8b:a5:c5:82:e4:99:e2:8b:56:d7:e7:c3:e8: 40:ea:7a:2b:2c:79:5c:eb:fb:5c:b3:a8:11:e8:04: 84:95:12:3a:82:c5:f3:08:a3:10:dc:61:fe:7b:c0: 56:42:0e:35:43:45:b9:de:67:3e:21:c0:ef:1a:66: a3:0f:1b:9d:f3:d8:81:32:d6:e2:23:1b:0e:0e:2c: 94:97:fd:3a:b0:23:28:18:29:9e:2d:f0:13:54:e0: d2:94:d6:15:30:74:86:b9:10:27:77:fd:c6:9c:71: 88:85:d2:89:bb:ea:75:7c:90:34:82:bd:1c:a0:73: d8:79:d5:8d:38:88:cf:d3:0f:db:34:93:5c:23:0a: b8:3d:f1:5f:e5:c0:b5:f7:11:b9:95:8d:83:2d:dc: 26:69:cc:52:30:b5:4f:69:06:f3:b1:72:33:1c:ab: 59:0f:81:89:89:1e:61:89:0e:bb:47:57:06:a4:10: 44:1b:3b:e6:50:9e:44:52:f5:2d:f5:8e:70:16:7d: c0:7c:15:3b:4d:92:e6:5d:ec:26:96:7b:84:c6:f9: 40:c8:6d:f8:c7:cc:7c:d6:73:7d:55:13:c9:32:fa: 8e:ab:b2:69:c8:ee:b9:eb:89:53:a6:71:59:88:43: 27:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A1:6F:30:50:B1:A0:8E:54:82:01:83:E4:D3:8D:8D:10:38:B6:63:5F X509v3 Authority Key Identifier: keyid:90:17:B0:BD:90:82:7D:E0:8D:24:FE:F6:1B:CC:44:86:20:24:BF:7E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kBewvZCCfeCNJP72G8xEhiAkv34.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/bb560a-4284-4fc0-b05d-a8be9932aa89/1/kBewvZCCfeCNJP72G8xEhiAkv34.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/83/bb560a-4284-4fc0-b05d-a8be9932aa89/1/kBewvZCCfeCNJP72G8xEhiAkv34.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 65:9e:3d:2d:6a:d2:71:c3:af:40:ca:fe:b0:30:df:e0:9c:8e: 98:6a:de:7f:24:d1:a0:d0:c4:19:54:00:0e:8c:da:12:8c:07: a0:34:31:d1:dc:b0:d1:34:ed:c6:c8:36:30:e7:2b:cd:6b:60: 0f:69:39:ec:a5:02:de:90:7f:f0:be:30:57:ae:4a:79:bb:be: 6e:25:2c:76:1a:6f:d4:f0:73:e0:3e:91:b9:d5:70:37:6e:e9: ee:61:7b:15:50:b9:55:83:46:c8:92:e1:0c:51:7a:6b:c2:fe: 0d:e2:07:9a:20:b9:9b:16:27:f8:f9:c6:0f:3d:5b:98:67:74: 94:77:52:02:12:e3:e6:e5:11:63:e8:ca:8a:1b:76:90:df:f2: f4:8b:ee:f6:74:32:ed:7d:af:c0:ec:5c:cd:9e:6d:62:0c:b6: 7c:e3:a3:41:b0:70:4b:44:1a:62:fc:72:2c:cb:62:98:fe:53: 16:54:b9:4e:39:f8:8c:db:c5:6d:a7:dd:e1:60:5a:14:e1:e1: 42:cf:2e:dd:73:20:fe:3d:18:cc:20:4e:21:8f:9b:c1:d4:a4: 65:d7:0c:bb:22:4e:72:8c:95:87:27:90:bc:25:60:29:2f:77: eb:64:14:15:61:c4:9f:10:6e:f6:43:cd:d3:7d:00:33:8d:53: 07:7a:16:0b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs/SLUyfmlK5oAEvhGTaFWFMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkwMTdiMGJkOTA4MjdkZTA4ZDI0ZmVmNjFiY2M0NDg2MjAy NGJmN2UwHhcNMjUxMjIxMDUwMTI4WhcNMjUxMjIyMDUwMTI4WjAzMTEwLwYDVQQD EyhhMTZmMzA1MGIxYTA4ZTU0ODIwMTgzZTRkMzhkOGQxMDM4YjY2MzVmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyuIGcuAf+lh9WMgtlOfH64ulxYLk meKLVtfnw+hA6norLHlc6/tcs6gR6ASElRI6gsXzCKMQ3GH+e8BWQg41Q0W53mc+ IcDvGmajDxud89iBMtbiIxsODiyUl/06sCMoGCmeLfATVODSlNYVMHSGuRAnd/3G nHGIhdKJu+p1fJA0gr0coHPYedWNOIjP0w/bNJNcIwq4PfFf5cC19xG5lY2DLdwm acxSMLVPaQbzsXIzHKtZD4GJiR5hiQ67R1cGpBBEGzvmUJ5EUvUt9Y5wFn3AfBU7 TZLmXewmlnuExvlAyG34x8x81nN9VRPJMvqOq7JpyO6564lTpnFZiEMnPQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKFvMFCxoI5UggGD5NONjRA4tmNfMB8GA1UdIwQY MBaAFJAXsL2Qgn3gjST+9hvMRIYgJL9+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva0Jld3ZaQ0NmZUNOSlA3Mkc4eEVoaUFrdjM0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My9iYjU2MGEtNDI4NC00ZmMwLWIwNWQt YThiZTk5MzJhYTg5LzEva0Jld3ZaQ0NmZUNOSlA3Mkc4eEVoaUFrdjM0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84My9iYjU2MGEtNDI4NC00ZmMwLWIwNWQtYThiZTk5MzJhYTg5 LzEva0Jld3ZaQ0NmZUNOSlA3Mkc4eEVoaUFrdjM0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZZ49LWrS ccOvQMr+sDDf4JyOmGrefyTRoNDEGVQADozaEowHoDQx0dyw0TTtxsg2MOcrzWtg D2k57KUC3pB/8L4wV65Kebu+biUsdhpv1PBz4D6RudVwN27p7mF7FVC5VYNGyJLh DFF6a8L+DeIHmiC5mxYn+PnGDz1bmGd0lHdSAhLj5uURY+jKiht2kN/y9Ivu9nQy 7X2vwOxczZ5tYgy2fOOjQbBwS0QaYvxyLMtimP5TFlS5Tjn4jNvFbafd4WBaFOHh Qs8u3XMg/j0YzCBOIY+bwdSkZdcMuyJOcoyVhyeQvCVgKS9362QUFWHEnxBu9kPN 030AM41TB3oWCw== -----END CERTIFICATE-----Generated at Sun Dec 21 06:53:32 2025 by rpki-client