This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/688da5-d238-47ce-b2e8-890ffea8d0bc/1/kgm43V6nJYkIN4Zh8rqe-JrToLE.mft File: kgm43V6nJYkIN4Zh8rqe-JrToLE.mft (raw, json) Hash identifier: Yc0PUWzlh+yEb5jNX3bufbbgiwoLJNOLooPDIUOriOQ= Subject key identifier: 32:9E:5F:FF:24:28:9C:7D:F1:12:62:AF:53:EB:EA:88:14:FD:5C:F1 Authority key identifier: 92:09:B8:DD:5E:A7:25:89:08:37:86:61:F2:BA:9E:F8:9A:D3:A0:B1 Certificate issuer: /CN=9209b8dd5ea7258908378661f2ba9ef89ad3a0b1 Certificate serial: 019B2F305F88CE1C29DDD5A990572461E6E6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kgm43V6nJYkIN4Zh8rqe-JrToLE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/688da5-d238-47ce-b2e8-890ffea8d0bc/1/kgm43V6nJYkIN4Zh8rqe-JrToLE.mft Manifest number: 02F4 Signing time: Thu 18 Dec 2025 02:00:57 +0000 Manifest this update: Thu 18 Dec 2025 02:00:57 +0000 Manifest next update: Fri 19 Dec 2025 02:00:57 +0000 Files and hashes: 1: WReM2adAhR_LtpNyhGqyNjE1Y4M.roa (hash: CfgqMj+xDVkXamVtZy6LM6aMe3AmsivTTFfgXAb+rPQ=) 2: kgm43V6nJYkIN4Zh8rqe-JrToLE.crl (hash: 3ps9PyMHy37Vr6S+084VMMqwInjroRmsQEFd8ThWZN8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/688da5-d238-47ce-b2e8-890ffea8d0bc/1/kgm43V6nJYkIN4Zh8rqe-JrToLE.crl rsync://rpki.ripe.net/repository/DEFAULT/a3/688da5-d238-47ce-b2e8-890ffea8d0bc/1/kgm43V6nJYkIN4Zh8rqe-JrToLE.mft rsync://rpki.ripe.net/repository/DEFAULT/kgm43V6nJYkIN4Zh8rqe-JrToLE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 01:18:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2f:30:5f:88:ce:1c:29:dd:d5:a9:90:57:24:61:e6:e6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9209b8dd5ea7258908378661f2ba9ef89ad3a0b1 Validity Not Before: Dec 18 02:00:57 2025 GMT Not After : Dec 19 02:00:57 2025 GMT Subject: CN=329e5fff24289c7df11262af53ebea8814fd5cf1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:26:df:be:c7:8f:5d:cf:d4:ce:a1:9a:aa:91: 56:9c:65:75:f2:1a:84:ab:29:cf:f3:29:58:8d:dc: fe:84:31:2f:0e:8e:7d:4c:8c:b6:9a:05:8a:e3:92: 3e:45:2d:c3:73:31:c1:2b:55:0c:b5:46:0f:75:da: 45:5d:85:0f:0f:6d:d5:0d:1b:a7:12:4f:7e:08:a5: 0f:1e:32:77:ee:14:d2:a9:db:87:e1:2c:08:19:2e: f3:69:37:c8:a1:f9:97:2f:be:ef:f3:43:00:79:9f: 66:df:49:ea:6d:08:92:25:5b:67:5c:57:9c:d3:c3: f4:11:18:c6:78:b5:f8:02:e0:1d:11:47:9b:52:d0: be:2f:4e:88:7c:e0:a4:e1:27:14:03:22:81:92:ef: 0e:8d:b4:5d:a6:7f:5e:f5:65:92:50:f2:76:6e:92: 4c:63:32:15:6c:a1:5c:39:c6:71:54:78:5b:23:8f: bd:64:d5:fb:6e:f1:fd:a6:87:1e:32:b3:99:0d:c4: 08:c5:9f:0e:38:60:5a:36:63:73:26:e7:b1:92:d2: 61:22:6c:0e:b5:18:d6:88:3d:be:e5:b1:e1:b2:71: eb:64:e8:f5:a7:e4:d4:36:fe:09:17:79:a0:7e:bd: 18:44:9e:ad:54:dc:cb:dd:ea:0c:8b:79:2a:e3:2f: 31:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:9E:5F:FF:24:28:9C:7D:F1:12:62:AF:53:EB:EA:88:14:FD:5C:F1 X509v3 Authority Key Identifier: keyid:92:09:B8:DD:5E:A7:25:89:08:37:86:61:F2:BA:9E:F8:9A:D3:A0:B1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kgm43V6nJYkIN4Zh8rqe-JrToLE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/688da5-d238-47ce-b2e8-890ffea8d0bc/1/kgm43V6nJYkIN4Zh8rqe-JrToLE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/688da5-d238-47ce-b2e8-890ffea8d0bc/1/kgm43V6nJYkIN4Zh8rqe-JrToLE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 45:e1:66:c6:30:04:fb:14:aa:fa:4b:5e:fa:58:f2:fa:1d:29: cf:f5:ba:52:31:e7:10:f5:2c:ec:ec:92:f1:08:f8:0c:a4:b9: 2b:22:0a:f1:44:55:4c:0c:be:5a:8a:d6:2e:88:2a:95:9c:48: 69:62:95:9f:9d:10:86:4b:7f:d2:9f:b4:e9:f3:21:ae:da:09: b6:ca:40:07:ac:27:18:93:a9:4d:88:b7:70:a3:50:92:32:46: 5f:84:89:0b:b9:66:9f:ba:3d:e1:cc:a2:12:f6:ea:37:d1:38: ad:1f:75:17:a8:41:fd:86:7d:06:a2:0d:31:1e:af:bb:86:0f: 17:78:00:fa:b2:9b:dc:92:71:67:3f:25:e2:12:d0:0d:25:f8: 6a:64:d8:7e:cf:54:18:09:3e:b7:22:3c:7f:b1:e2:1f:cd:95: fd:c9:7f:37:db:e8:bb:04:fc:2f:3f:97:49:fb:9e:b7:eb:68: f6:a4:39:6e:55:8d:69:18:49:52:ec:82:01:02:ea:06:ae:14: c5:1b:bb:b9:47:ca:f5:96:3c:23:1f:a7:42:c6:fd:42:76:4d: 8a:b3:a6:4d:aa:45:d3:5a:f2:52:25:5f:dc:a5:25:de:47:65: eb:cc:4d:8a:59:e8:01:6b:e4:3e:26:e7:7e:21:05:a7:4d:b8: f5:15:c5:e6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsvMF+Izhwp3dWpkFckYebmMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkyMDliOGRkNWVhNzI1ODkwODM3ODY2MWYyYmE5ZWY4OWFk M2EwYjEwHhcNMjUxMjE4MDIwMDU3WhcNMjUxMjE5MDIwMDU3WjAzMTEwLwYDVQQD EygzMjllNWZmZjI0Mjg5YzdkZjExMjYyYWY1M2ViZWE4ODE0ZmQ1Y2YxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArCbfvsePXc/UzqGaqpFWnGV18hqE qynP8ylYjdz+hDEvDo59TIy2mgWK45I+RS3DczHBK1UMtUYPddpFXYUPD23VDRun Ek9+CKUPHjJ37hTSqduH4SwIGS7zaTfIofmXL77v80MAeZ9m30nqbQiSJVtnXFec 08P0ERjGeLX4AuAdEUebUtC+L06IfOCk4ScUAyKBku8OjbRdpn9e9WWSUPJ2bpJM YzIVbKFcOcZxVHhbI4+9ZNX7bvH9poceMrOZDcQIxZ8OOGBaNmNzJuexktJhImwO tRjWiD2+5bHhsnHrZOj1p+TUNv4JF3mgfr0YRJ6tVNzL3eoMi3kq4y8xKwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDKeX/8kKJx98RJir1Pr6ogU/VzxMB8GA1UdIwQY MBaAFJIJuN1epyWJCDeGYfK6nvia06CxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva2dtNDNWNm5KWWtJTjRaaDhycWUtSnJUb0xFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy82ODhkYTUtZDIzOC00N2NlLWIyZTgt ODkwZmZlYThkMGJjLzEva2dtNDNWNm5KWWtJTjRaaDhycWUtSnJUb0xFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMy82ODhkYTUtZDIzOC00N2NlLWIyZTgtODkwZmZlYThkMGJj LzEva2dtNDNWNm5KWWtJTjRaaDhycWUtSnJUb0xFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAReFmxjAE +xSq+kte+ljy+h0pz/W6UjHnEPUs7OyS8Qj4DKS5KyIK8URVTAy+WorWLogqlZxI aWKVn50Qhkt/0p+06fMhrtoJtspAB6wnGJOpTYi3cKNQkjJGX4SJC7lmn7o94cyi EvbqN9E4rR91F6hB/YZ9BqINMR6vu4YPF3gA+rKb3JJxZz8l4hLQDSX4amTYfs9U GAk+tyI8f7HiH82V/cl/N9vouwT8Lz+XSfuet+to9qQ5blWNaRhJUuyCAQLqBq4U xRu7uUfK9ZY8Ix+nQsb9QnZNirOmTapF01ryUiVf3KUl3kdl68xNilnoAWvkPibn fiEFp0249RXF5g== -----END CERTIFICATE-----Generated at Thu Dec 18 07:15:01 2025 by rpki-client