This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/80b4c0-06cb-4424-9dd5-5a988931ea33/1/KXGU9LUrn_Qz8r8NFrWMEcfPETE.mft File: KXGU9LUrn_Qz8r8NFrWMEcfPETE.mft (raw, json) Hash identifier: 2M+vXK92mDKU20N1USBrjHECDem3flx5eypc8cudbe4= Subject key identifier: 94:5A:9A:32:B9:2C:83:3B:AE:29:B9:56:8C:BC:4C:73:FE:2C:CE:0B Authority key identifier: 29:71:94:F4:B5:2B:9F:F4:33:F2:BF:0D:16:B5:8C:11:C7:CF:11:31 Certificate issuer: /CN=297194f4b52b9ff433f2bf0d16b58c11c7cf1131 Certificate serial: 019AF464C2D566EDEABDAFA9590145A8735D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KXGU9LUrn_Qz8r8NFrWMEcfPETE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/80b4c0-06cb-4424-9dd5-5a988931ea33/1/KXGU9LUrn_Qz8r8NFrWMEcfPETE.mft Manifest number: 0DFD Signing time: Sat 06 Dec 2025 16:00:35 +0000 Manifest this update: Sat 06 Dec 2025 16:00:35 +0000 Manifest next update: Sun 07 Dec 2025 16:00:35 +0000 Files and hashes: 1: 3Q4b3ZrB5hBNl0sc19tX6sYik8M.roa (hash: Y2d6NgWxe37Sh2Kw4xqcfrnYvSssw7Fp3dHdg6i9y18=) 2: KXGU9LUrn_Qz8r8NFrWMEcfPETE.crl (hash: WOCZd+DslDKGCHitae/ARIOmBEsKAIKxAyqqZOawRy4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/85/80b4c0-06cb-4424-9dd5-5a988931ea33/1/KXGU9LUrn_Qz8r8NFrWMEcfPETE.crl rsync://rpki.ripe.net/repository/DEFAULT/85/80b4c0-06cb-4424-9dd5-5a988931ea33/1/KXGU9LUrn_Qz8r8NFrWMEcfPETE.mft rsync://rpki.ripe.net/repository/DEFAULT/KXGU9LUrn_Qz8r8NFrWMEcfPETE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f4:64:c2:d5:66:ed:ea:bd:af:a9:59:01:45:a8:73:5d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=297194f4b52b9ff433f2bf0d16b58c11c7cf1131 Validity Not Before: Dec 6 16:00:35 2025 GMT Not After : Dec 7 16:00:35 2025 GMT Subject: CN=945a9a32b92c833bae29b9568cbc4c73fe2cce0b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:31:1d:ad:f0:6a:33:43:e7:93:3d:09:1e:b4: 0a:03:a7:0b:c9:f1:60:15:e5:a1:d0:13:61:53:77: 97:f3:be:48:69:26:15:af:2a:52:de:e8:23:7d:ca: 3f:43:2f:12:47:bd:95:9f:9e:3e:65:f5:57:73:1c: 06:3b:32:13:27:54:07:44:a9:0d:13:48:80:38:22: 5c:ec:09:eb:98:83:de:49:2e:b1:d4:90:cf:46:a9: a8:12:6f:82:22:3f:b7:48:eb:dc:13:11:9b:00:20: c3:bc:b0:87:36:f8:88:52:9d:64:6e:66:04:ce:6d: 23:c9:18:11:18:ec:2a:df:a4:53:6c:c7:91:51:2a: 3e:18:87:5e:69:8a:06:d0:3d:28:88:58:02:bf:60: 75:89:29:e0:22:f2:31:a2:80:ea:2b:f4:b9:fc:be: 41:bb:15:b9:2d:50:4e:d8:76:b3:3b:b1:b1:34:3b: 34:67:55:50:1f:b6:3e:d1:19:f7:90:b7:62:ab:95: 97:8a:84:7d:d0:aa:28:81:fa:f0:5c:8f:99:96:f7: 30:44:92:5c:56:d2:3a:83:26:9e:71:2c:ce:45:c7: 22:de:d8:f1:a8:42:44:52:3a:7b:f4:29:e4:58:fa: 60:12:d0:f7:48:aa:96:4a:38:ff:09:00:0a:55:04: 2d:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:5A:9A:32:B9:2C:83:3B:AE:29:B9:56:8C:BC:4C:73:FE:2C:CE:0B X509v3 Authority Key Identifier: keyid:29:71:94:F4:B5:2B:9F:F4:33:F2:BF:0D:16:B5:8C:11:C7:CF:11:31 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KXGU9LUrn_Qz8r8NFrWMEcfPETE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/80b4c0-06cb-4424-9dd5-5a988931ea33/1/KXGU9LUrn_Qz8r8NFrWMEcfPETE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/85/80b4c0-06cb-4424-9dd5-5a988931ea33/1/KXGU9LUrn_Qz8r8NFrWMEcfPETE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a1:53:7f:6e:e2:d1:27:42:1a:3f:cc:dc:1c:26:28:2f:a6:a9: 45:6d:1a:e4:86:95:9f:99:d4:e7:15:3c:96:92:3a:8e:6b:d4: 10:de:61:6d:7c:1a:2f:96:ff:4e:0d:32:2a:d5:f0:58:f8:a4: bc:11:a1:4c:7c:06:30:7c:68:e7:b4:e0:ff:5a:f2:11:d0:33: da:a4:d9:a9:23:31:17:32:b0:36:86:e9:05:f8:08:4d:96:7e: eb:c2:b6:f0:b0:3f:fa:c3:dc:30:0a:2f:24:c3:6a:9d:83:b6: 16:50:83:97:81:79:b6:63:09:37:34:3d:e4:88:d7:01:7c:8c: a2:2a:cd:e0:e5:b3:4d:ef:f6:c2:d0:22:8c:95:f4:d0:38:bb: 10:20:3f:88:c0:1b:a4:d9:63:bd:ac:12:fb:eb:54:76:6f:a6: d8:7f:4c:87:b1:88:48:9e:1d:ea:e9:a6:ea:ac:ce:6d:7f:a5: 9e:8b:da:a8:c3:06:7f:4a:10:a5:9d:35:c1:b1:b4:51:fe:ba: 4b:84:a7:36:55:c3:47:e1:2f:ba:8c:18:2a:84:12:e7:58:fb: e9:a2:59:6b:48:79:8d:21:0f:1d:b4:80:70:db:ff:98:85:16: 34:ea:46:90:99:87:92:67:e3:df:b9:00:9c:bc:8b:f2:72:9d: d2:b1:e3:84 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr0ZMLVZu3qva+pWQFFqHNdMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI5NzE5NGY0YjUyYjlmZjQzM2YyYmYwZDE2YjU4YzExYzdj ZjExMzEwHhcNMjUxMjA2MTYwMDM1WhcNMjUxMjA3MTYwMDM1WjAzMTEwLwYDVQQD Eyg5NDVhOWEzMmI5MmM4MzNiYWUyOWI5NTY4Y2JjNGM3M2ZlMmNjZTBiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5TEdrfBqM0Pnkz0JHrQKA6cLyfFg FeWh0BNhU3eX875IaSYVrypS3ugjfco/Qy8SR72Vn54+ZfVXcxwGOzITJ1QHRKkN E0iAOCJc7AnrmIPeSS6x1JDPRqmoEm+CIj+3SOvcExGbACDDvLCHNviIUp1kbmYE zm0jyRgRGOwq36RTbMeRUSo+GIdeaYoG0D0oiFgCv2B1iSngIvIxooDqK/S5/L5B uxW5LVBO2HazO7GxNDs0Z1VQH7Y+0Rn3kLdiq5WXioR90KoogfrwXI+ZlvcwRJJc VtI6gyaecSzORcci3tjxqEJEUjp79CnkWPpgEtD3SKqWSjj/CQAKVQQtDwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJRamjK5LIM7rim5Voy8THP+LM4LMB8GA1UdIwQY MBaAFClxlPS1K5/0M/K/DRa1jBHHzxExMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS1hHVTlMVXJuX1F6OHI4TkZyV01FY2ZQRVRFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS84MGI0YzAtMDZjYi00NDI0LTlkZDUt NWE5ODg5MzFlYTMzLzEvS1hHVTlMVXJuX1F6OHI4TkZyV01FY2ZQRVRFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84NS84MGI0YzAtMDZjYi00NDI0LTlkZDUtNWE5ODg5MzFlYTMz LzEvS1hHVTlMVXJuX1F6OHI4TkZyV01FY2ZQRVRFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAoVN/buLR J0IaP8zcHCYoL6apRW0a5IaVn5nU5xU8lpI6jmvUEN5hbXwaL5b/Tg0yKtXwWPik vBGhTHwGMHxo57Tg/1ryEdAz2qTZqSMxFzKwNobpBfgITZZ+68K28LA/+sPcMAov JMNqnYO2FlCDl4F5tmMJNzQ95IjXAXyMoirN4OWzTe/2wtAijJX00Di7ECA/iMAb pNljvawS++tUdm+m2H9Mh7GISJ4d6umm6qzObX+lnovaqMMGf0oQpZ01wbG0Uf66 S4SnNlXDR+EvuowYKoQS51j76aJZa0h5jSEPHbSAcNv/mIUWNOpGkJmHkmfj37kA nLyL8nKd0rHjhA== -----END CERTIFICATE-----Generated at Sat Dec 6 18:11:46 2025 by rpki-client