This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/89c3e4-b613-49ec-ae25-2e75228f9261/1/KwFArTlBTE6rAqxVQitEFj7TSw8.mft File: KwFArTlBTE6rAqxVQitEFj7TSw8.mft (raw, json) Hash identifier: XjXerKV/ke9tEYCifHV3YZ/kud6Y93q6Ru+fN+iApv4= Subject key identifier: E2:21:8D:25:66:50:3B:63:7B:87:DF:79:53:44:1A:8B:FD:4A:55:66 Authority key identifier: 2B:01:40:AD:39:41:4C:4E:AB:02:AC:55:42:2B:44:16:3E:D3:4B:0F Certificate issuer: /CN=2b0140ad39414c4eab02ac55422b44163ed34b0f Certificate serial: 019AF49C3397FC762DF8F2A71742FF20D5CB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KwFArTlBTE6rAqxVQitEFj7TSw8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/89c3e4-b613-49ec-ae25-2e75228f9261/1/KwFArTlBTE6rAqxVQitEFj7TSw8.mft Manifest number: 04B9 Signing time: Sat 06 Dec 2025 17:01:08 +0000 Manifest this update: Sat 06 Dec 2025 17:01:08 +0000 Manifest next update: Sun 07 Dec 2025 17:01:08 +0000 Files and hashes: 1: KwFArTlBTE6rAqxVQitEFj7TSw8.crl (hash: PQeL2MooCJX7F5CrABEewdtMcvKXOHL+XxZAAfGAK7g=) 2: OsS2avf_SCsvTL1pRqTL_5n-su8.roa (hash: q2VY8Sbvggao2o4h3H+VtLne6bMzXujw9hwcUuBVuOM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/89c3e4-b613-49ec-ae25-2e75228f9261/1/KwFArTlBTE6rAqxVQitEFj7TSw8.crl rsync://rpki.ripe.net/repository/DEFAULT/a3/89c3e4-b613-49ec-ae25-2e75228f9261/1/KwFArTlBTE6rAqxVQitEFj7TSw8.mft rsync://rpki.ripe.net/repository/DEFAULT/KwFArTlBTE6rAqxVQitEFj7TSw8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 17:01:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f4:9c:33:97:fc:76:2d:f8:f2:a7:17:42:ff:20:d5:cb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2b0140ad39414c4eab02ac55422b44163ed34b0f Validity Not Before: Dec 6 17:01:08 2025 GMT Not After : Dec 7 17:01:08 2025 GMT Subject: CN=e2218d2566503b637b87df7953441a8bfd4a5566 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:13:0f:ad:82:1b:cb:b0:bc:36:80:48:a1:e9: 99:51:ea:15:45:12:77:61:ba:cf:61:b2:fa:85:87: 82:b7:f4:ac:fa:c9:0f:59:8a:b8:f4:6e:68:2f:23: e9:a6:be:e1:3b:79:8b:23:de:5d:cf:9f:f4:48:62: a5:f6:9e:3e:6a:c8:80:97:85:6f:2f:00:c7:8d:d3: 06:a4:3a:d2:32:80:10:67:35:e6:0d:85:73:45:71: 64:09:c8:ee:e2:55:d2:07:41:20:29:91:85:5c:33: 4e:93:45:87:4d:e5:7b:be:5a:ac:0c:e2:53:03:a0: c7:18:42:ff:35:2f:18:a8:49:7c:35:08:08:19:5e: d1:95:79:6f:b4:c3:fb:5c:9d:17:90:fc:79:c9:bb: 5f:f2:86:11:2e:b0:57:e3:e2:d8:6d:15:01:c0:0a: c7:0c:e4:21:75:d8:ec:0a:35:15:37:9c:05:5f:26: d0:1f:54:48:a5:7f:74:7e:e9:1b:6e:b8:1e:96:4e: 6f:01:5c:7e:5e:78:c0:d0:31:17:75:75:13:ee:06: 92:6d:58:62:0b:9e:03:66:f4:0a:a1:21:16:a9:c6: 7f:4c:77:c2:a6:1b:bf:06:64:77:95:97:ee:16:08: 57:37:5b:fd:3e:2f:d7:ae:0b:a6:29:f2:69:f6:b5: 4d:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E2:21:8D:25:66:50:3B:63:7B:87:DF:79:53:44:1A:8B:FD:4A:55:66 X509v3 Authority Key Identifier: keyid:2B:01:40:AD:39:41:4C:4E:AB:02:AC:55:42:2B:44:16:3E:D3:4B:0F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KwFArTlBTE6rAqxVQitEFj7TSw8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/89c3e4-b613-49ec-ae25-2e75228f9261/1/KwFArTlBTE6rAqxVQitEFj7TSw8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/89c3e4-b613-49ec-ae25-2e75228f9261/1/KwFArTlBTE6rAqxVQitEFj7TSw8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 82:6e:98:83:7f:c1:04:78:2c:b7:d2:6c:54:e7:f1:0e:32:ea: 5a:4d:05:90:94:79:87:b2:af:b1:40:9d:2d:39:e1:85:cb:41: 40:10:c2:ee:60:b7:5a:1a:2b:9d:06:8c:bd:5d:b3:97:b3:b1: be:1b:62:de:fc:3f:5f:cd:7d:42:73:08:6a:36:3e:45:a4:9a: 45:8c:a6:11:17:73:ca:32:4f:f4:55:ab:03:32:bf:19:08:e8: d1:a4:31:3d:69:54:19:e4:cf:7f:0c:d1:f4:61:f7:c4:d0:0b: 56:1c:ef:4e:3a:2a:3d:72:e5:c7:80:50:ec:53:f0:6d:9a:d5: 78:61:a5:6f:ce:85:e3:1c:b4:c4:cd:de:29:12:6d:58:4a:14: 88:01:78:02:75:b6:54:05:d0:2f:6b:a8:a2:d5:dd:d8:5a:33: 31:96:19:02:13:53:8a:b0:21:8c:b5:ed:70:7e:33:b6:c5:8a: 83:29:a8:b7:ac:e0:67:89:2f:cc:b8:8b:1c:60:54:1d:4b:cb: b0:ae:4c:80:46:b3:35:a2:3e:1a:b4:d9:a4:89:c7:2b:25:b3: b5:f2:f6:8e:8c:eb:74:b8:9d:2b:4e:38:58:e4:0c:e7:e9:6d: 98:93:ff:a9:57:a7:58:1b:2d:7b:85:60:f7:56:0a:58:79:c9: aa:22:b4:fd -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr0nDOX/HYt+PKnF0L/INXLMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJiMDE0MGFkMzk0MTRjNGVhYjAyYWM1NTQyMmI0NDE2M2Vk MzRiMGYwHhcNMjUxMjA2MTcwMTA4WhcNMjUxMjA3MTcwMTA4WjAzMTEwLwYDVQQD EyhlMjIxOGQyNTY2NTAzYjYzN2I4N2RmNzk1MzQ0MWE4YmZkNGE1NTY2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0hMPrYIby7C8NoBIoemZUeoVRRJ3 YbrPYbL6hYeCt/Ss+skPWYq49G5oLyPppr7hO3mLI95dz5/0SGKl9p4+asiAl4Vv LwDHjdMGpDrSMoAQZzXmDYVzRXFkCcju4lXSB0EgKZGFXDNOk0WHTeV7vlqsDOJT A6DHGEL/NS8YqEl8NQgIGV7RlXlvtMP7XJ0XkPx5ybtf8oYRLrBX4+LYbRUBwArH DOQhddjsCjUVN5wFXybQH1RIpX90fukbbrgelk5vAVx+XnjA0DEXdXUT7gaSbVhi C54DZvQKoSEWqcZ/THfCphu/BmR3lZfuFghXN1v9Pi/XrgumKfJp9rVNVwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOIhjSVmUDtje4ffeVNEGov9SlVmMB8GA1UdIwQY MBaAFCsBQK05QUxOqwKsVUIrRBY+00sPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS3dGQXJUbEJURTZyQXF4VlFpdEVGajdUU3c4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy84OWMzZTQtYjYxMy00OWVjLWFlMjUt MmU3NTIyOGY5MjYxLzEvS3dGQXJUbEJURTZyQXF4VlFpdEVGajdUU3c4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMy84OWMzZTQtYjYxMy00OWVjLWFlMjUtMmU3NTIyOGY5MjYx LzEvS3dGQXJUbEJURTZyQXF4VlFpdEVGajdUU3c4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgm6Yg3/B BHgst9JsVOfxDjLqWk0FkJR5h7KvsUCdLTnhhctBQBDC7mC3WhornQaMvV2zl7Ox vhti3vw/X819QnMIajY+RaSaRYymERdzyjJP9FWrAzK/GQjo0aQxPWlUGeTPfwzR 9GH3xNALVhzvTjoqPXLlx4BQ7FPwbZrVeGGlb86F4xy0xM3eKRJtWEoUiAF4AnW2 VAXQL2uootXd2FozMZYZAhNTirAhjLXtcH4ztsWKgymot6zgZ4kvzLiLHGBUHUvL sK5MgEazNaI+GrTZpInHKyWztfL2jozrdLidK044WOQM5+ltmJP/qVenWBste4Vg 91YKWHnJqiK0/Q== -----END CERTIFICATE-----Generated at Sun Dec 7 01:51:02 2025 by rpki-client