This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/7dde44-d7b5-48da-bc68-2c5bac35c344/1/CKkhe9gwYnyz5lfAuQY8giNN28s.mft File: CKkhe9gwYnyz5lfAuQY8giNN28s.mft (raw, json) Hash identifier: 0LG3mmuLwJR9GBvjTdAvFFclb2ifzqZvB20pk/uOvDE= Subject key identifier: E0:FA:BF:BB:EF:AA:52:98:4A:E6:92:05:08:1F:85:E2:DE:10:09:1F Authority key identifier: 08:A9:21:7B:D8:30:62:7C:B3:E6:57:C0:B9:06:3C:82:23:4D:DB:CB Certificate issuer: /CN=08a9217bd830627cb3e657c0b9063c82234ddbcb Certificate serial: 019AF388F7700DC70990F6507AA9E98E9EDC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CKkhe9gwYnyz5lfAuQY8giNN28s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/7dde44-d7b5-48da-bc68-2c5bac35c344/1/CKkhe9gwYnyz5lfAuQY8giNN28s.mft Manifest number: 1765 Signing time: Sat 06 Dec 2025 12:00:30 +0000 Manifest this update: Sat 06 Dec 2025 12:00:30 +0000 Manifest next update: Sun 07 Dec 2025 12:00:30 +0000 Files and hashes: 1: 34veN2ucTJBbi388PrmLekhLRzM.roa (hash: zPkkR8nXQL9mfEVd+D/kn8bIVDt7EDLAoyKRPC1BVEk=) 2: CKkhe9gwYnyz5lfAuQY8giNN28s.crl (hash: JyuLxeaqfIhieKtp4mtC+xpHDcN6ap8MDrsxeeCHKnk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/7dde44-d7b5-48da-bc68-2c5bac35c344/1/CKkhe9gwYnyz5lfAuQY8giNN28s.crl rsync://rpki.ripe.net/repository/DEFAULT/90/7dde44-d7b5-48da-bc68-2c5bac35c344/1/CKkhe9gwYnyz5lfAuQY8giNN28s.mft rsync://rpki.ripe.net/repository/DEFAULT/CKkhe9gwYnyz5lfAuQY8giNN28s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 12:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:88:f7:70:0d:c7:09:90:f6:50:7a:a9:e9:8e:9e:dc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=08a9217bd830627cb3e657c0b9063c82234ddbcb Validity Not Before: Dec 6 12:00:30 2025 GMT Not After : Dec 7 12:00:30 2025 GMT Subject: CN=e0fabfbbefaa52984ae69205081f85e2de10091f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:80:7c:9b:a1:29:f5:f8:6c:12:de:99:f3:44: 09:97:84:81:51:46:4a:96:db:a0:19:06:7f:9f:bc: 9b:52:b7:34:f0:97:9e:47:91:96:af:3b:fe:72:05: 4b:90:fc:8d:3e:32:a2:62:ab:cc:3b:27:bf:3e:08: 77:14:66:55:ab:79:a9:68:fb:04:d5:ab:f9:20:71: 8b:69:ee:b6:55:24:22:fe:12:92:d2:94:e1:7d:74: 7b:39:2d:97:5c:e6:b6:1d:70:34:f3:6e:70:56:ad: 5a:ce:43:f1:82:04:e7:45:e7:fe:8c:89:16:bf:7f: 41:58:af:81:36:97:cf:03:1e:eb:83:e2:01:d4:2b: 94:92:06:93:d7:56:ca:01:06:80:40:30:08:d7:d1: ea:19:59:92:45:7e:6e:5c:f1:71:1d:bc:98:6d:85: 69:74:e3:5e:b5:2d:bc:8e:98:dc:82:6e:4a:53:e7: 14:d5:51:4f:69:89:5f:b0:70:9f:d7:82:13:ac:f4: f2:31:2f:4d:2a:ca:3b:17:fa:5a:71:2a:c0:4d:29: 46:1e:03:d3:30:65:e1:e1:45:00:76:c2:dc:d0:c8: 2a:3c:76:7f:2b:6e:1b:87:c7:ba:26:7c:b6:fb:37: 08:2e:1e:7e:35:db:60:57:70:22:4d:79:70:bd:19: ba:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E0:FA:BF:BB:EF:AA:52:98:4A:E6:92:05:08:1F:85:E2:DE:10:09:1F X509v3 Authority Key Identifier: keyid:08:A9:21:7B:D8:30:62:7C:B3:E6:57:C0:B9:06:3C:82:23:4D:DB:CB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CKkhe9gwYnyz5lfAuQY8giNN28s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/7dde44-d7b5-48da-bc68-2c5bac35c344/1/CKkhe9gwYnyz5lfAuQY8giNN28s.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/90/7dde44-d7b5-48da-bc68-2c5bac35c344/1/CKkhe9gwYnyz5lfAuQY8giNN28s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4c:4e:80:23:5d:14:10:25:3c:e7:6f:89:aa:12:44:fd:48:8a: 03:ef:71:94:c9:f3:33:9e:4c:a2:2a:07:e1:9e:3b:63:49:be: 0e:e3:4f:89:24:ac:ea:32:02:4e:ec:49:fe:1e:a0:35:29:00: 91:5e:dc:d3:ec:7d:76:7c:68:4e:2a:d8:e2:cc:2d:2b:0f:b9: bb:98:77:3c:a7:97:ae:7f:1f:4b:52:95:9c:79:ea:50:c1:eb: 99:9f:0d:47:0b:88:d1:8d:f9:09:80:68:42:54:af:e0:b0:dd: cb:84:30:04:61:f7:97:59:4d:61:f2:19:54:43:df:a4:cf:20: 52:3e:a4:04:76:f4:87:a4:e4:88:54:ee:21:4c:8e:d3:77:d3: 24:75:95:eb:53:3f:13:98:4e:f9:18:c8:20:3a:77:12:16:05: cf:fc:18:c3:e7:c3:45:0f:4b:fe:91:21:b1:cc:7a:75:05:eb: ea:c2:a6:b7:d2:67:b3:51:dc:9a:e6:5b:73:07:fe:a1:63:c1: b5:27:76:ac:46:d1:7a:00:3a:69:1c:6a:86:6e:7e:42:80:d3: ef:05:7d:50:ca:af:d3:35:98:dd:57:ea:96:0f:a2:ed:a2:db: 2b:f7:3b:c4:93:02:a5:df:36:9e:44:02:42:2a:1a:d6:7b:cb: b5:51:12:7a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrziPdwDccJkPZQeqnpjp7cMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA4YTkyMTdiZDgzMDYyN2NiM2U2NTdjMGI5MDYzYzgyMjM0 ZGRiY2IwHhcNMjUxMjA2MTIwMDMwWhcNMjUxMjA3MTIwMDMwWjAzMTEwLwYDVQQD EyhlMGZhYmZiYmVmYWE1Mjk4NGFlNjkyMDUwODFmODVlMmRlMTAwOTFmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoYB8m6Ep9fhsEt6Z80QJl4SBUUZK ltugGQZ/n7ybUrc08JeeR5GWrzv+cgVLkPyNPjKiYqvMOye/Pgh3FGZVq3mpaPsE 1av5IHGLae62VSQi/hKS0pThfXR7OS2XXOa2HXA0825wVq1azkPxggTnRef+jIkW v39BWK+BNpfPAx7rg+IB1CuUkgaT11bKAQaAQDAI19HqGVmSRX5uXPFxHbyYbYVp dONetS28jpjcgm5KU+cU1VFPaYlfsHCf14ITrPTyMS9NKso7F/pacSrATSlGHgPT MGXh4UUAdsLc0MgqPHZ/K24bh8e6Jny2+zcILh5+NdtgV3AiTXlwvRm6fwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOD6v7vvqlKYSuaSBQgfheLeEAkfMB8GA1UdIwQY MBaAFAipIXvYMGJ8s+ZXwLkGPIIjTdvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ0traGU5Z3dZbnl6NWxmQXVRWThnaU5OMjhzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC83ZGRlNDQtZDdiNS00OGRhLWJjNjgt MmM1YmFjMzVjMzQ0LzEvQ0traGU5Z3dZbnl6NWxmQXVRWThnaU5OMjhzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85MC83ZGRlNDQtZDdiNS00OGRhLWJjNjgtMmM1YmFjMzVjMzQ0 LzEvQ0traGU5Z3dZbnl6NWxmQXVRWThnaU5OMjhzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEATE6AI10U ECU852+JqhJE/UiKA+9xlMnzM55MoioH4Z47Y0m+DuNPiSSs6jICTuxJ/h6gNSkA kV7c0+x9dnxoTirY4swtKw+5u5h3PKeXrn8fS1KVnHnqUMHrmZ8NRwuI0Y35CYBo QlSv4LDdy4QwBGH3l1lNYfIZVEPfpM8gUj6kBHb0h6TkiFTuIUyO03fTJHWV61M/ E5hO+RjIIDp3EhYFz/wYw+fDRQ9L/pEhscx6dQXr6sKmt9Jns1HcmuZbcwf+oWPB tSd2rEbRegA6aRxqhm5+QoDT7wV9UMqv0zWY3Vfqlg+i7aLbK/c7xJMCpd82nkQC Qioa1nvLtVESeg== -----END CERTIFICATE-----Generated at Sat Dec 6 21:49:28 2025 by rpki-client