This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/9e81f3-2e02-4857-af49-61be8a06f3af/1/KNX3dyLGFlf4HJ965JznKbWA9ng.mft File: KNX3dyLGFlf4HJ965JznKbWA9ng.mft (raw, json) Hash identifier: thy9i/VzM195Co67501UBZ6IAIpbOByNeG0fVBmyTqA= Subject key identifier: 92:C8:32:34:64:FE:79:1F:77:D4:7C:E5:F0:CF:C9:59:91:CE:E1:35 Authority key identifier: 28:D5:F7:77:22:C6:16:57:F8:1C:9F:7A:E4:9C:E7:29:B5:80:F6:78 Certificate issuer: /CN=28d5f77722c61657f81c9f7ae49ce729b580f678 Certificate serial: 019AF12D21EEFED5E1850CF547D4BA768502 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KNX3dyLGFlf4HJ965JznKbWA9ng.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/9e81f3-2e02-4857-af49-61be8a06f3af/1/KNX3dyLGFlf4HJ965JznKbWA9ng.mft Manifest number: 175E Signing time: Sat 06 Dec 2025 01:00:58 +0000 Manifest this update: Sat 06 Dec 2025 01:00:58 +0000 Manifest next update: Sun 07 Dec 2025 01:00:58 +0000 Files and hashes: 1: KNX3dyLGFlf4HJ965JznKbWA9ng.crl (hash: Pan1tvoHVSWQJeDxGXT1D5Mw8dVGGY/jJwsK/rpFW44=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/9e81f3-2e02-4857-af49-61be8a06f3af/1/KNX3dyLGFlf4HJ965JznKbWA9ng.crl rsync://rpki.ripe.net/repository/DEFAULT/87/9e81f3-2e02-4857-af49-61be8a06f3af/1/KNX3dyLGFlf4HJ965JznKbWA9ng.mft rsync://rpki.ripe.net/repository/DEFAULT/KNX3dyLGFlf4HJ965JznKbWA9ng.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:00:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2d:21:ee:fe:d5:e1:85:0c:f5:47:d4:ba:76:85:02 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=28d5f77722c61657f81c9f7ae49ce729b580f678 Validity Not Before: Dec 6 01:00:58 2025 GMT Not After : Dec 7 01:00:58 2025 GMT Subject: CN=92c8323464fe791f77d47ce5f0cfc95991cee135 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:69:8c:a6:15:57:b5:af:f0:d7:40:8d:d8:d4: 51:b4:dc:d6:cd:13:63:f6:9a:9d:63:03:df:ac:89: ed:d5:23:65:f5:8c:b8:fa:0b:a3:44:81:67:07:47: 4b:41:e7:3d:27:25:aa:3b:9a:bd:bd:72:e6:18:0f: 71:dc:9d:1c:42:c0:f5:b5:df:9e:b3:41:52:ee:66: 80:b3:04:18:0a:c6:2f:ce:54:e5:a4:86:6e:dd:77: 8f:04:9c:1e:2d:24:fb:36:90:f7:60:fe:8c:e2:37: ed:37:8f:d0:f7:35:68:dc:55:fc:9e:78:e1:81:b8: 58:60:b3:0d:90:9f:d7:32:1f:1c:d3:a2:c5:d7:21: 12:6a:9f:ce:5c:54:e2:96:e7:71:3d:ca:4c:05:f0: 9a:d3:7e:24:66:a4:f8:9f:f0:69:ca:53:b7:16:c8: 01:43:38:f8:da:9b:5e:95:df:6b:f7:61:26:43:65: 48:d1:28:be:7a:17:c8:28:4e:e0:11:97:d8:cf:6a: 0e:21:de:a6:16:64:95:71:33:f7:97:3b:82:81:a5: 90:cc:1b:fd:0a:bd:45:e5:c9:c2:16:4d:9f:0f:0d: b1:b9:5b:63:b0:60:1f:41:1c:b3:c7:0a:04:b1:2a: bf:90:5e:f4:e1:55:0d:e0:ad:56:6a:b5:00:cf:26: 8e:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 92:C8:32:34:64:FE:79:1F:77:D4:7C:E5:F0:CF:C9:59:91:CE:E1:35 X509v3 Authority Key Identifier: keyid:28:D5:F7:77:22:C6:16:57:F8:1C:9F:7A:E4:9C:E7:29:B5:80:F6:78 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KNX3dyLGFlf4HJ965JznKbWA9ng.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/9e81f3-2e02-4857-af49-61be8a06f3af/1/KNX3dyLGFlf4HJ965JznKbWA9ng.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/87/9e81f3-2e02-4857-af49-61be8a06f3af/1/KNX3dyLGFlf4HJ965JznKbWA9ng.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3a:3a:f7:96:ca:33:9c:e7:f0:36:c6:6f:fe:da:54:2b:5d:ef: 05:08:31:e4:76:44:e5:97:11:e4:75:e5:2d:1c:ea:68:a2:ba: 5a:13:d5:02:23:0a:2f:3b:ab:0f:50:7c:71:6b:b0:9a:08:01: d1:e3:b0:b0:82:74:9f:cb:6a:d7:a7:d1:a5:89:4c:9f:4b:dd: cf:d1:13:e9:92:ed:88:72:bd:f4:63:03:56:c6:67:58:6a:53: 73:bd:a7:fa:9a:39:57:e7:a5:ae:df:9b:07:b9:5e:2a:1f:28: 6d:68:53:aa:3a:d5:58:96:03:54:9d:01:e9:11:35:1c:10:8b: fc:e0:bc:4f:1a:67:6f:2c:2f:38:ae:78:e8:42:88:82:8a:ae: db:cf:5f:c2:c8:46:4b:28:ed:0c:16:4d:fa:7a:d2:d6:62:43: 93:53:14:86:e6:44:fa:75:9f:43:1c:1a:64:1c:8a:7f:ba:8d: 30:a6:51:39:e1:db:6e:32:98:44:a4:9e:62:7c:05:3b:82:a9: bd:5e:8d:51:47:32:37:66:c9:b6:9f:a4:0b:69:e9:3f:12:7c: bd:68:75:f0:79:66:65:cb:92:17:92:be:03:ad:c9:c5:00:ed: 48:57:23:88:b3:70:28:b6:07:0f:ee:50:f6:00:09:28:ff:d5: 76:2d:70:07 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLSHu/tXhhQz1R9S6doUCMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI4ZDVmNzc3MjJjNjE2NTdmODFjOWY3YWU0OWNlNzI5YjU4 MGY2NzgwHhcNMjUxMjA2MDEwMDU4WhcNMjUxMjA3MDEwMDU4WjAzMTEwLwYDVQQD Eyg5MmM4MzIzNDY0ZmU3OTFmNzdkNDdjZTVmMGNmYzk1OTkxY2VlMTM1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0mmMphVXta/w10CN2NRRtNzWzRNj 9pqdYwPfrInt1SNl9Yy4+gujRIFnB0dLQec9JyWqO5q9vXLmGA9x3J0cQsD1td+e s0FS7maAswQYCsYvzlTlpIZu3XePBJweLST7NpD3YP6M4jftN4/Q9zVo3FX8nnjh gbhYYLMNkJ/XMh8c06LF1yESap/OXFTiludxPcpMBfCa034kZqT4n/BpylO3FsgB Qzj42pteld9r92EmQ2VI0Si+ehfIKE7gEZfYz2oOId6mFmSVcTP3lzuCgaWQzBv9 Cr1F5cnCFk2fDw2xuVtjsGAfQRyzxwoEsSq/kF704VUN4K1WarUAzyaOywIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJLIMjRk/nkfd9R85fDPyVmRzuE1MB8GA1UdIwQY MBaAFCjV93cixhZX+ByfeuSc5ym1gPZ4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS05YM2R5TEdGbGY0SEo5NjVKem5LYldBOW5nLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85ZTgxZjMtMmUwMi00ODU3LWFmNDkt NjFiZThhMDZmM2FmLzEvS05YM2R5TEdGbGY0SEo5NjVKem5LYldBOW5nLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Ny85ZTgxZjMtMmUwMi00ODU3LWFmNDktNjFiZThhMDZmM2Fm LzEvS05YM2R5TEdGbGY0SEo5NjVKem5LYldBOW5nLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOjr3lsoz nOfwNsZv/tpUK13vBQgx5HZE5ZcR5HXlLRzqaKK6WhPVAiMKLzurD1B8cWuwmggB 0eOwsIJ0n8tq16fRpYlMn0vdz9ET6ZLtiHK99GMDVsZnWGpTc72n+po5V+elrt+b B7leKh8obWhTqjrVWJYDVJ0B6RE1HBCL/OC8TxpnbywvOK546EKIgoqu289fwshG SyjtDBZN+nrS1mJDk1MUhuZE+nWfQxwaZByKf7qNMKZROeHbbjKYRKSeYnwFO4Kp vV6NUUcyN2bJtp+kC2npPxJ8vWh18HlmZcuSF5K+A63JxQDtSFcjiLNwKLYHD+5Q 9gAJKP/Vdi1wBw== -----END CERTIFICATE-----Generated at Sat Dec 6 10:18:49 2025 by rpki-client