This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/b35c9a-8495-4169-8c50-3692f7841619/1/kNWCLTx7v3q1QE3aiP2dqSE43iE.mft File: kNWCLTx7v3q1QE3aiP2dqSE43iE.mft (raw, json) Hash identifier: 81SxpXQ1C5vy2H/2Gp0oLSDVptxEy1Gjmbe5b3do58A= Subject key identifier: DE:69:79:98:C1:DB:3B:FB:9A:8F:1D:A9:A6:19:D7:E9:5D:8A:1C:82 Authority key identifier: 90:D5:82:2D:3C:7B:BF:7A:B5:40:4D:DA:88:FD:9D:A9:21:38:DE:21 Certificate issuer: /CN=90d5822d3c7bbf7ab5404dda88fd9da92138de21 Certificate serial: 019AF577DCC1C90C4801BE264A2C3916A036 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kNWCLTx7v3q1QE3aiP2dqSE43iE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/b35c9a-8495-4169-8c50-3692f7841619/1/kNWCLTx7v3q1QE3aiP2dqSE43iE.mft Manifest number: 0820 Signing time: Sat 06 Dec 2025 21:01:04 +0000 Manifest this update: Sat 06 Dec 2025 21:01:04 +0000 Manifest next update: Sun 07 Dec 2025 21:01:04 +0000 Files and hashes: 1: kNWCLTx7v3q1QE3aiP2dqSE43iE.crl (hash: DHtshBAYHGE/SSOLS5J33g+Y5sz+O7YxZ4qB2TfqioI=) 2: wd_UoJqlC6X8mKMfS7O-YEGVRuo.roa (hash: xFPdoUnkz2JIkzmQ5taq1hUGjTFKvPuKX93R37CXGQk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/b35c9a-8495-4169-8c50-3692f7841619/1/kNWCLTx7v3q1QE3aiP2dqSE43iE.crl rsync://rpki.ripe.net/repository/DEFAULT/aa/b35c9a-8495-4169-8c50-3692f7841619/1/kNWCLTx7v3q1QE3aiP2dqSE43iE.mft rsync://rpki.ripe.net/repository/DEFAULT/kNWCLTx7v3q1QE3aiP2dqSE43iE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 21:01:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:77:dc:c1:c9:0c:48:01:be:26:4a:2c:39:16:a0:36 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=90d5822d3c7bbf7ab5404dda88fd9da92138de21 Validity Not Before: Dec 6 21:01:04 2025 GMT Not After : Dec 7 21:01:04 2025 GMT Subject: CN=de697998c1db3bfb9a8f1da9a619d7e95d8a1c82 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:08:15:ea:00:95:27:61:40:54:8a:12:d7:e8: 45:f4:a3:e8:b1:fd:1c:25:a3:d3:19:8f:2e:0b:00: c5:9b:2e:b4:a2:34:24:f3:17:b3:b3:97:59:3f:2c: eb:5c:46:84:d9:f4:e2:05:09:7a:1c:7e:3d:fd:ab: 9b:a6:c7:89:a4:40:02:15:9b:e7:c1:1a:b7:45:9a: 86:41:6f:4d:b4:fa:a8:07:15:20:8b:9a:a4:6d:4b: be:6b:9f:c4:96:b4:44:f1:a2:41:3c:6a:fc:68:0a: f1:5b:3c:3d:76:b5:ed:dc:7d:56:3f:cd:d5:80:af: 81:39:46:ac:6d:19:f0:33:24:0e:db:10:2d:6c:e5: 42:ff:a9:f3:f4:81:fa:63:49:b7:d3:8c:08:bd:52: 38:ea:8c:bf:30:0f:16:af:18:17:c3:96:40:35:38: bc:b0:81:df:10:05:e8:2b:10:5b:36:b3:86:da:75: 09:2a:67:4a:59:2d:8a:e0:d1:16:1c:9c:60:16:55: a9:c7:7a:15:d4:34:cb:0b:66:18:8b:44:dd:ad:cd: ba:a0:77:9c:02:9d:38:be:91:ad:be:d2:86:c1:01: 28:bb:60:06:59:fb:28:9c:63:31:f0:e2:a5:30:5f: af:8b:0b:0d:f3:67:27:36:35:41:cb:52:45:cc:dd: 64:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DE:69:79:98:C1:DB:3B:FB:9A:8F:1D:A9:A6:19:D7:E9:5D:8A:1C:82 X509v3 Authority Key Identifier: keyid:90:D5:82:2D:3C:7B:BF:7A:B5:40:4D:DA:88:FD:9D:A9:21:38:DE:21 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kNWCLTx7v3q1QE3aiP2dqSE43iE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/b35c9a-8495-4169-8c50-3692f7841619/1/kNWCLTx7v3q1QE3aiP2dqSE43iE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/b35c9a-8495-4169-8c50-3692f7841619/1/kNWCLTx7v3q1QE3aiP2dqSE43iE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 16:8d:60:6e:40:09:24:a6:30:8f:58:9f:06:da:01:6e:ef:cd: 00:98:e0:13:cc:c8:57:9f:93:11:4c:f0:43:cd:f1:78:a5:7a: 52:b1:78:51:57:a9:1e:c0:af:0f:57:9a:02:1e:d0:ec:69:48: be:11:69:58:97:86:25:e9:af:d2:b8:3a:29:31:7d:b8:1b:61: 6a:ff:63:8e:81:c5:e0:5c:06:13:28:c1:89:36:a4:a5:e3:ae: b7:93:47:fc:75:4e:44:81:4d:16:c3:20:65:bf:8d:89:35:70: 80:22:49:4d:b0:fe:c3:5f:c6:d4:2e:84:43:db:40:1d:2a:75: e9:d5:ab:b5:0e:ad:2f:30:e0:86:9d:a8:5e:2c:4d:c5:d4:a4: 96:e4:e1:4d:70:23:8f:d2:88:15:6f:7c:6f:5c:a3:f1:ec:3d: 3e:6b:4c:81:ca:35:75:1a:61:72:79:66:92:b3:3b:83:1f:df: d8:7f:8b:10:d0:c9:03:ca:ef:9d:7f:7b:97:98:44:d0:4c:2e: 75:f8:df:ef:74:6e:cd:b5:48:3a:21:8b:ef:e5:65:94:79:96: f2:cf:21:af:a8:37:90:dd:7d:d1:fa:67:dd:ae:8a:7e:a3:8b: ec:a5:74:68:71:39:34:f7:dd:bb:99:53:97:8b:bc:02:15:b4: 29:dd:0a:77 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr1d9zByQxIAb4mSiw5FqA2MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkwZDU4MjJkM2M3YmJmN2FiNTQwNGRkYTg4ZmQ5ZGE5MjEz OGRlMjEwHhcNMjUxMjA2MjEwMTA0WhcNMjUxMjA3MjEwMTA0WjAzMTEwLwYDVQQD EyhkZTY5Nzk5OGMxZGIzYmZiOWE4ZjFkYTlhNjE5ZDdlOTVkOGExYzgyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ggV6gCVJ2FAVIoS1+hF9KPosf0c JaPTGY8uCwDFmy60ojQk8xezs5dZPyzrXEaE2fTiBQl6HH49/aubpseJpEACFZvn wRq3RZqGQW9NtPqoBxUgi5qkbUu+a5/ElrRE8aJBPGr8aArxWzw9drXt3H1WP83V gK+BOUasbRnwMyQO2xAtbOVC/6nz9IH6Y0m304wIvVI46oy/MA8WrxgXw5ZANTi8 sIHfEAXoKxBbNrOG2nUJKmdKWS2K4NEWHJxgFlWpx3oV1DTLC2YYi0Tdrc26oHec Ap04vpGtvtKGwQEou2AGWfsonGMx8OKlMF+viwsN82cnNjVBy1JFzN1krwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFN5peZjB2zv7mo8dqaYZ1+ldihyCMB8GA1UdIwQY MBaAFJDVgi08e796tUBN2oj9nakhON4hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva05XQ0xUeDd2M3ExUUUzYWlQMmRxU0U0M2lFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9iMzVjOWEtODQ5NS00MTY5LThjNTAt MzY5MmY3ODQxNjE5LzEva05XQ0xUeDd2M3ExUUUzYWlQMmRxU0U0M2lFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hYS9iMzVjOWEtODQ5NS00MTY5LThjNTAtMzY5MmY3ODQxNjE5 LzEva05XQ0xUeDd2M3ExUUUzYWlQMmRxU0U0M2lFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFo1gbkAJ JKYwj1ifBtoBbu/NAJjgE8zIV5+TEUzwQ83xeKV6UrF4UVepHsCvD1eaAh7Q7GlI vhFpWJeGJemv0rg6KTF9uBthav9jjoHF4FwGEyjBiTakpeOut5NH/HVORIFNFsMg Zb+NiTVwgCJJTbD+w1/G1C6EQ9tAHSp16dWrtQ6tLzDghp2oXixNxdSkluThTXAj j9KIFW98b1yj8ew9PmtMgco1dRphcnlmkrM7gx/f2H+LENDJA8rvnX97l5hE0Ewu dfjf73RuzbVIOiGL7+VllHmW8s8hr6g3kN190fpn3a6KfqOL7KV0aHE5NPfdu5lT l4u8AhW0Kd0Kdw== -----END CERTIFICATE-----Generated at Sun Dec 7 03:42:46 2025 by rpki-client