This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/e1d6b7-555c-4d9b-afe1-e63ce55370eb/1/kHb3fahBt7lCFbb6wtQaccIVFgE.mft File: kHb3fahBt7lCFbb6wtQaccIVFgE.mft (raw, json) Hash identifier: PQQ0sYIcvaVN5sDlbGZgHUyfyJenB7aQRiDpkrswQMM= Subject key identifier: 70:FD:65:55:1D:85:72:51:4E:6D:0C:81:24:32:AD:61:4D:09:59:C0 Authority key identifier: 90:76:F7:7D:A8:41:B7:B9:42:15:B6:FA:C2:D4:1A:71:C2:15:16:01 Certificate issuer: /CN=9076f77da841b7b94215b6fac2d41a71c2151601 Certificate serial: 019AF50A8AF514478C99960FBB7EB7B9A055 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kHb3fahBt7lCFbb6wtQaccIVFgE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/e1d6b7-555c-4d9b-afe1-e63ce55370eb/1/kHb3fahBt7lCFbb6wtQaccIVFgE.mft Manifest number: 10F3 Signing time: Sat 06 Dec 2025 19:01:40 +0000 Manifest this update: Sat 06 Dec 2025 19:01:40 +0000 Manifest next update: Sun 07 Dec 2025 19:01:40 +0000 Files and hashes: 1: 79LYqjKNTJN0ouKGzdcbqvTlAUQ.roa (hash: ql/wdfFz1qsER0EkZDThbVWptAlBg9mw+jziuKWlZyc=) 2: kHb3fahBt7lCFbb6wtQaccIVFgE.crl (hash: RnnOQTuzsboYROts6N88J7dBMjnBVQ/4sjn806YtF6s=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/e1d6b7-555c-4d9b-afe1-e63ce55370eb/1/kHb3fahBt7lCFbb6wtQaccIVFgE.crl rsync://rpki.ripe.net/repository/DEFAULT/a1/e1d6b7-555c-4d9b-afe1-e63ce55370eb/1/kHb3fahBt7lCFbb6wtQaccIVFgE.mft rsync://rpki.ripe.net/repository/DEFAULT/kHb3fahBt7lCFbb6wtQaccIVFgE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 19:01:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:0a:8a:f5:14:47:8c:99:96:0f:bb:7e:b7:b9:a0:55 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9076f77da841b7b94215b6fac2d41a71c2151601 Validity Not Before: Dec 6 19:01:40 2025 GMT Not After : Dec 7 19:01:40 2025 GMT Subject: CN=70fd65551d8572514e6d0c812432ad614d0959c0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:52:70:72:ab:2f:b8:e5:be:2b:3d:f9:40:9e: ba:a7:92:9c:67:47:2c:6c:c8:45:de:de:fe:0b:ab: 29:c2:b5:71:a1:d1:77:5f:ec:4a:68:34:ae:3f:d0: 41:ca:96:03:a0:48:ea:30:82:87:7f:f2:61:bd:d7: 5e:a7:1c:b1:16:22:5b:02:d3:07:ad:dc:34:c7:6c: 84:ba:d6:cc:d3:8b:6c:58:96:83:1d:85:04:a0:7d: 65:c2:16:da:4f:06:18:c0:e8:2f:89:c6:21:e9:dd: f9:1a:3b:0f:c3:67:10:89:d8:3e:38:c6:ad:29:94: 21:ef:fc:1d:09:39:f1:53:22:37:2a:6c:0f:99:a1: 85:fd:64:9c:f7:e9:63:1f:be:d2:23:c8:7a:77:c1: 1b:b9:72:d7:47:0e:80:54:ef:74:19:7d:a9:6c:00: 8e:b4:3e:26:58:9c:e8:33:52:a4:d9:6d:72:bb:ea: 60:14:69:d4:58:e9:a1:f2:0f:53:78:45:e3:45:9b: 11:20:a5:10:b0:1a:97:c0:46:e1:62:60:f5:04:6b: 79:25:45:f6:93:02:b2:e2:9f:1e:ca:5f:4e:c8:d6: 0b:99:f1:b4:1e:73:57:26:25:3a:f8:d5:40:64:b2: 1b:3a:6a:fd:19:5e:4e:0c:40:42:cb:fe:20:20:0e: 12:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 70:FD:65:55:1D:85:72:51:4E:6D:0C:81:24:32:AD:61:4D:09:59:C0 X509v3 Authority Key Identifier: keyid:90:76:F7:7D:A8:41:B7:B9:42:15:B6:FA:C2:D4:1A:71:C2:15:16:01 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kHb3fahBt7lCFbb6wtQaccIVFgE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/e1d6b7-555c-4d9b-afe1-e63ce55370eb/1/kHb3fahBt7lCFbb6wtQaccIVFgE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/e1d6b7-555c-4d9b-afe1-e63ce55370eb/1/kHb3fahBt7lCFbb6wtQaccIVFgE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 41:e3:cf:b2:30:51:3b:cc:ec:e5:dc:d8:a6:2f:9e:10:e1:3d: c6:f0:a4:e2:69:b4:99:8b:1e:94:90:07:ec:5c:de:47:1d:e1: 51:95:61:3d:06:14:12:56:8e:89:93:7e:2b:f9:ca:4a:74:2e: 57:28:27:56:dd:bb:64:84:7e:c6:bc:12:68:1a:2d:f3:04:c6: d6:63:29:88:e4:ca:81:8f:86:a7:fd:6c:fe:f3:e9:69:7a:01: f7:01:72:ad:9f:28:4a:6d:4d:55:4e:4c:0b:4f:16:cd:e3:8e: 6b:29:c4:70:30:c7:84:eb:42:3c:a6:b6:49:ee:cf:b8:a7:dc: 31:6e:1e:eb:fd:8e:8d:bf:29:80:0d:6b:31:6a:54:f0:42:2a: d4:0c:93:d6:67:18:f1:ad:3e:20:0c:f9:af:42:f7:9d:cd:1e: 62:97:41:3d:d5:4e:22:6f:a2:8c:26:78:b6:56:2d:ca:32:82: 99:23:ab:21:94:10:2b:00:ff:f2:57:32:26:ef:f3:26:8a:e1: 8c:23:7d:3e:f9:39:0d:b4:57:d3:c6:2c:98:ec:9a:43:25:5f: 13:8b:4f:a9:16:eb:0f:47:cf:33:2a:2e:e5:c8:94:e1:a0:13: 75:2b:7b:fa:ab:bb:98:26:76:20:5b:bd:17:e2:f2:06:99:b5: 29:31:6d:70 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr1Cor1FEeMmZYPu363uaBVMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkwNzZmNzdkYTg0MWI3Yjk0MjE1YjZmYWMyZDQxYTcxYzIx NTE2MDEwHhcNMjUxMjA2MTkwMTQwWhcNMjUxMjA3MTkwMTQwWjAzMTEwLwYDVQQD Eyg3MGZkNjU1NTFkODU3MjUxNGU2ZDBjODEyNDMyYWQ2MTRkMDk1OWMwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuVJwcqsvuOW+Kz35QJ66p5KcZ0cs bMhF3t7+C6spwrVxodF3X+xKaDSuP9BBypYDoEjqMIKHf/JhvddepxyxFiJbAtMH rdw0x2yEutbM04tsWJaDHYUEoH1lwhbaTwYYwOgvicYh6d35GjsPw2cQidg+OMat KZQh7/wdCTnxUyI3KmwPmaGF/WSc9+ljH77SI8h6d8EbuXLXRw6AVO90GX2pbACO tD4mWJzoM1Kk2W1yu+pgFGnUWOmh8g9TeEXjRZsRIKUQsBqXwEbhYmD1BGt5JUX2 kwKy4p8eyl9OyNYLmfG0HnNXJiU6+NVAZLIbOmr9GV5ODEBCy/4gIA4SPQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHD9ZVUdhXJRTm0MgSQyrWFNCVnAMB8GA1UdIwQY MBaAFJB2932oQbe5QhW2+sLUGnHCFRYBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva0hiM2ZhaEJ0N2xDRmJiNnd0UWFjY0lWRmdFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9lMWQ2YjctNTU1Yy00ZDliLWFmZTEt ZTYzY2U1NTM3MGViLzEva0hiM2ZhaEJ0N2xDRmJiNnd0UWFjY0lWRmdFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMS9lMWQ2YjctNTU1Yy00ZDliLWFmZTEtZTYzY2U1NTM3MGVi LzEva0hiM2ZhaEJ0N2xDRmJiNnd0UWFjY0lWRmdFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQePPsjBR O8zs5dzYpi+eEOE9xvCk4mm0mYselJAH7FzeRx3hUZVhPQYUElaOiZN+K/nKSnQu VygnVt27ZIR+xrwSaBot8wTG1mMpiOTKgY+Gp/1s/vPpaXoB9wFyrZ8oSm1NVU5M C08WzeOOaynEcDDHhOtCPKa2Se7PuKfcMW4e6/2Ojb8pgA1rMWpU8EIq1AyT1mcY 8a0+IAz5r0L3nc0eYpdBPdVOIm+ijCZ4tlYtyjKCmSOrIZQQKwD/8lcyJu/zJorh jCN9Pvk5DbRX08YsmOyaQyVfE4tPqRbrD0fPMyou5ciU4aATdSt7+qu7mCZ2IFu9 F+LyBpm1KTFtcA== -----END CERTIFICATE-----Generated at Sun Dec 7 01:50:27 2025 by rpki-client