This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/0c9d80-43a5-453a-ad25-4ee92ee1e0cd/1/knEFydH7BpBVSXH0ZMoh9KRcEGo.mft File: knEFydH7BpBVSXH0ZMoh9KRcEGo.mft (raw, json) Hash identifier: VGR3fUP/z/dgMdIEblqRQZSKEIht5EoR2ArME7ngsiE= Subject key identifier: 9D:F0:35:84:2F:2F:BF:E6:BC:E5:05:CD:4B:DE:11:59:77:F2:4E:1E Authority key identifier: 92:71:05:C9:D1:FB:06:90:55:49:71:F4:64:CA:21:F4:A4:5C:10:6A Certificate issuer: /CN=927105c9d1fb0690554971f464ca21f4a45c106a Certificate serial: 019AF08860BE39074895B20887BA461B8A7B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/knEFydH7BpBVSXH0ZMoh9KRcEGo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/0c9d80-43a5-453a-ad25-4ee92ee1e0cd/1/knEFydH7BpBVSXH0ZMoh9KRcEGo.mft Manifest number: 0E37 Signing time: Fri 05 Dec 2025 22:01:00 +0000 Manifest this update: Fri 05 Dec 2025 22:01:00 +0000 Manifest next update: Sat 06 Dec 2025 22:01:00 +0000 Files and hashes: 1: ipQ4XqSuTpQi-re2ZW_sK3VHNnQ.roa (hash: poFgPveu8J3ZCztPp1XhAex84n6Kit4aGgJE9uzT+QM=) 2: knEFydH7BpBVSXH0ZMoh9KRcEGo.crl (hash: qB96ScZhx6jVWPiz4Enp7QX19z0oSwjDZUlWIaT/NRg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9f/0c9d80-43a5-453a-ad25-4ee92ee1e0cd/1/knEFydH7BpBVSXH0ZMoh9KRcEGo.crl rsync://rpki.ripe.net/repository/DEFAULT/9f/0c9d80-43a5-453a-ad25-4ee92ee1e0cd/1/knEFydH7BpBVSXH0ZMoh9KRcEGo.mft rsync://rpki.ripe.net/repository/DEFAULT/knEFydH7BpBVSXH0ZMoh9KRcEGo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 22:01:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f0:88:60:be:39:07:48:95:b2:08:87:ba:46:1b:8a:7b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=927105c9d1fb0690554971f464ca21f4a45c106a Validity Not Before: Dec 5 22:01:00 2025 GMT Not After : Dec 6 22:01:00 2025 GMT Subject: CN=9df035842f2fbfe6bce505cd4bde115977f24e1e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:90:34:b0:43:22:a0:6a:5b:a5:d4:d2:09:68:b1: 8a:56:df:e4:a8:0e:bb:1e:6a:26:8d:08:89:6d:e9: cd:2e:27:ef:e4:4d:a7:b2:2b:a0:2f:f8:42:e6:71: e6:fa:7f:88:ea:54:9f:bb:b3:18:f9:2e:66:cf:08: fd:28:3c:c7:33:4c:e8:de:78:4a:10:34:be:3c:a5: 33:c6:9a:26:ad:2b:12:71:1d:fe:4d:1e:aa:b9:a5: 6e:fb:56:eb:ac:b8:84:e2:a2:52:0e:78:63:cf:4a: e7:dc:11:ef:f3:fc:ff:4b:75:e4:c8:ad:1e:d1:48: 43:4a:1e:d7:fd:14:70:27:b5:68:67:16:bf:7c:0d: 47:58:60:a4:ed:81:1e:32:82:b4:f8:f5:38:d2:4c: bf:ed:39:f9:e8:a9:19:bc:21:94:02:8a:8b:9b:86: b9:bc:67:c2:58:95:88:7a:c5:ff:cd:2f:1f:f1:d3: 5c:10:2a:51:02:b5:cc:73:df:e7:e4:98:dd:ed:f4: 47:c3:f0:51:0b:89:38:c1:77:52:c5:5e:95:ba:3a: af:dd:3b:d2:06:29:ae:45:41:08:95:0a:f0:22:8c: b2:ce:8a:4f:ce:4e:63:2b:ce:2b:b2:8e:f5:f2:6c: 8d:9f:80:6d:ec:5b:94:f8:91:e0:20:c0:83:1c:cc: c1:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9D:F0:35:84:2F:2F:BF:E6:BC:E5:05:CD:4B:DE:11:59:77:F2:4E:1E X509v3 Authority Key Identifier: keyid:92:71:05:C9:D1:FB:06:90:55:49:71:F4:64:CA:21:F4:A4:5C:10:6A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/knEFydH7BpBVSXH0ZMoh9KRcEGo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/0c9d80-43a5-453a-ad25-4ee92ee1e0cd/1/knEFydH7BpBVSXH0ZMoh9KRcEGo.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/0c9d80-43a5-453a-ad25-4ee92ee1e0cd/1/knEFydH7BpBVSXH0ZMoh9KRcEGo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 96:7a:9b:0f:66:5b:99:fd:49:8f:7a:a6:38:24:29:dd:5b:f5: 00:bc:39:1a:ed:40:51:e5:da:08:63:68:8d:cd:08:78:44:cc: 2e:21:ec:07:0d:e8:cd:1b:e5:44:b9:e7:40:c6:83:f0:5c:ae: 41:8f:86:a8:76:ef:10:d0:a8:13:f7:1f:23:7d:3f:cf:d1:89: b8:a3:19:6c:d7:1e:3b:0a:3e:f6:7e:0c:10:89:c0:2d:dd:f7: 47:b1:3f:a9:c0:20:8d:f3:ab:7e:32:07:2a:68:25:6c:92:d7: 25:7b:49:10:ca:ea:6c:81:2b:0b:c4:f4:18:b5:86:50:b6:d1: d9:de:a8:a2:4a:2d:37:37:a2:7f:59:10:a5:a1:05:ae:b1:af: fc:06:96:88:f7:b4:37:b6:6f:aa:98:76:8a:92:96:c8:c1:61: 95:6c:4a:d7:f3:db:5e:63:39:58:19:8f:7a:65:12:80:48:20: 53:3b:e0:c0:0c:cf:8d:ae:74:50:eb:78:47:e4:d6:6a:f9:f1: a0:21:48:37:1c:cc:6a:20:94:72:cf:8e:d8:53:bd:a5:05:d6: e0:e4:63:9f:7a:ef:b1:ad:d8:92:ae:e7:e3:67:57:4c:65:99: c8:42:ea:39:cf:eb:c1:95:51:cc:e7:e2:ac:c9:34:84:fc:af: f8:ad:60:78 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrwiGC+OQdIlbIIh7pGG4p7MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkyNzEwNWM5ZDFmYjA2OTA1NTQ5NzFmNDY0Y2EyMWY0YTQ1 YzEwNmEwHhcNMjUxMjA1MjIwMTAwWhcNMjUxMjA2MjIwMTAwWjAzMTEwLwYDVQQD Eyg5ZGYwMzU4NDJmMmZiZmU2YmNlNTA1Y2Q0YmRlMTE1OTc3ZjI0ZTFlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkDSwQyKgalul1NIJaLGKVt/kqA67 HmomjQiJbenNLifv5E2nsiugL/hC5nHm+n+I6lSfu7MY+S5mzwj9KDzHM0zo3nhK EDS+PKUzxpomrSsScR3+TR6quaVu+1brrLiE4qJSDnhjz0rn3BHv8/z/S3XkyK0e 0UhDSh7X/RRwJ7VoZxa/fA1HWGCk7YEeMoK0+PU40ky/7Tn56KkZvCGUAoqLm4a5 vGfCWJWIesX/zS8f8dNcECpRArXMc9/n5Jjd7fRHw/BRC4k4wXdSxV6Vujqv3TvS BimuRUEIlQrwIoyyzopPzk5jK84rso718myNn4Bt7FuU+JHgIMCDHMzBMwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJ3wNYQvL7/mvOUFzUveEVl38k4eMB8GA1UdIwQY MBaAFJJxBcnR+waQVUlx9GTKIfSkXBBqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva25FRnlkSDdCcEJWU1hIMFpNb2g5S1JjRUdvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi8wYzlkODAtNDNhNS00NTNhLWFkMjUt NGVlOTJlZTFlMGNkLzEva25FRnlkSDdCcEJWU1hIMFpNb2g5S1JjRUdvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85Zi8wYzlkODAtNDNhNS00NTNhLWFkMjUtNGVlOTJlZTFlMGNk LzEva25FRnlkSDdCcEJWU1hIMFpNb2g5S1JjRUdvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlnqbD2Zb mf1Jj3qmOCQp3Vv1ALw5Gu1AUeXaCGNojc0IeETMLiHsBw3ozRvlRLnnQMaD8Fyu QY+GqHbvENCoE/cfI30/z9GJuKMZbNceOwo+9n4MEInALd33R7E/qcAgjfOrfjIH KmglbJLXJXtJEMrqbIErC8T0GLWGULbR2d6ookotNzeif1kQpaEFrrGv/AaWiPe0 N7Zvqph2ipKWyMFhlWxK1/PbXmM5WBmPemUSgEggUzvgwAzPja50UOt4R+TWavnx oCFINxzMaiCUcs+O2FO9pQXW4ORjn3rvsa3Ykq7n42dXTGWZyELqOc/rwZVRzOfi rMk0hPyv+K1geA== -----END CERTIFICATE-----Generated at Sat Dec 6 08:08:44 2025 by rpki-client