This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/551847-332d-4e27-b47a-1d591bbd4060/1/KcmwQBb28CGDMHwX32MKAonsW7U.mft File: KcmwQBb28CGDMHwX32MKAonsW7U.mft (raw, json) Hash identifier: bs5LGh6ghSrAU3lnNOm0XI9AjS2qfQaECM/aNGtvcjA= Subject key identifier: F3:43:6D:84:B1:FE:AB:3C:3D:0F:1F:F8:23:BF:A5:C2:99:5A:E0:E2 Authority key identifier: 29:C9:B0:40:16:F6:F0:21:83:30:7C:17:DF:63:0A:02:89:EC:5B:B5 Certificate issuer: /CN=29c9b04016f6f02183307c17df630a0289ec5bb5 Certificate serial: 019AF27664B86CDB3B4181F94A1A74638108 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KcmwQBb28CGDMHwX32MKAonsW7U.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/551847-332d-4e27-b47a-1d591bbd4060/1/KcmwQBb28CGDMHwX32MKAonsW7U.mft Manifest number: 0FC3 Signing time: Sat 06 Dec 2025 07:00:36 +0000 Manifest this update: Sat 06 Dec 2025 07:00:36 +0000 Manifest next update: Sun 07 Dec 2025 07:00:36 +0000 Files and hashes: 1: KcmwQBb28CGDMHwX32MKAonsW7U.crl (hash: twfocukYMoxJWvtDunUkemQNEuEKUTJJjwELjVPKSIM=) 2: UdEEZQE09FsGfYOWUhVww5xs81M.roa (hash: 6mSyURdhs/eGBTOXFJi0QulmUdFyZbb3K6nx0/FAyzo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/551847-332d-4e27-b47a-1d591bbd4060/1/KcmwQBb28CGDMHwX32MKAonsW7U.crl rsync://rpki.ripe.net/repository/DEFAULT/ac/551847-332d-4e27-b47a-1d591bbd4060/1/KcmwQBb28CGDMHwX32MKAonsW7U.mft rsync://rpki.ripe.net/repository/DEFAULT/KcmwQBb28CGDMHwX32MKAonsW7U.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:76:64:b8:6c:db:3b:41:81:f9:4a:1a:74:63:81:08 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=29c9b04016f6f02183307c17df630a0289ec5bb5 Validity Not Before: Dec 6 07:00:36 2025 GMT Not After : Dec 7 07:00:36 2025 GMT Subject: CN=f3436d84b1feab3c3d0f1ff823bfa5c2995ae0e2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:1d:2b:37:ed:05:a7:11:cd:fc:53:71:56:d7: a6:8e:72:c8:b3:03:7f:e3:9c:19:fb:26:82:bd:c9: 1d:75:49:88:f7:62:f1:2f:c0:da:2b:5d:68:5d:9e: 54:60:5a:81:39:9b:a2:06:e4:3c:19:4b:4d:2b:53: 2f:5b:95:ab:19:d5:76:66:86:66:5e:77:b8:b6:19: 46:3d:0c:77:48:b2:c0:17:0b:8b:94:e1:51:a4:9a: 4e:96:3a:ca:33:31:70:1f:ba:7d:4b:2d:ce:ab:f6: dd:66:10:e3:5b:a9:67:94:ad:ce:31:60:3e:c6:04: 49:7e:4d:4b:36:5a:c5:1e:3a:0e:6e:9c:1f:44:fd: 1c:56:6c:08:41:7c:27:ed:f2:c5:b4:2a:28:e4:3f: 46:a5:84:aa:53:3d:f4:f0:5a:fd:52:c3:58:e9:28: 3f:40:3e:33:66:f5:cd:73:1d:e9:c7:03:36:00:78: 25:28:0c:c2:6a:5b:96:b1:e9:63:61:b8:1c:7c:46: 8c:d7:f3:0c:83:a4:b7:f3:ed:51:25:80:34:d8:ce: 1c:e5:21:6d:20:f0:0b:5f:8f:51:dd:98:bd:4b:62: 81:e0:14:bf:1f:c2:34:5b:bd:11:8a:d6:4a:76:7a: 7d:40:86:b8:1a:d3:50:b9:72:50:57:2a:2b:38:49: 2d:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F3:43:6D:84:B1:FE:AB:3C:3D:0F:1F:F8:23:BF:A5:C2:99:5A:E0:E2 X509v3 Authority Key Identifier: keyid:29:C9:B0:40:16:F6:F0:21:83:30:7C:17:DF:63:0A:02:89:EC:5B:B5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KcmwQBb28CGDMHwX32MKAonsW7U.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/551847-332d-4e27-b47a-1d591bbd4060/1/KcmwQBb28CGDMHwX32MKAonsW7U.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/551847-332d-4e27-b47a-1d591bbd4060/1/KcmwQBb28CGDMHwX32MKAonsW7U.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 97:3f:6a:cf:ad:6e:d2:6c:2f:95:20:ae:e8:cb:e0:2c:00:e8: 31:83:3d:6a:5b:0e:7c:2e:8f:3e:6a:8f:7b:9f:d7:de:6e:85: fc:1c:ff:c7:f4:e1:36:0e:f1:81:fd:b8:b7:f4:90:a7:2f:f8: 66:0d:c3:9c:8d:fe:80:dc:98:3d:48:e2:4c:0b:24:78:1d:e4: 99:09:ab:a1:69:64:10:04:c6:49:09:04:83:c2:90:93:c7:78: 25:a5:76:7c:bc:5e:f5:a0:7f:c6:49:d9:b3:59:1c:22:1f:16: c0:0f:38:76:43:7a:10:38:c7:0e:4f:55:f7:21:dc:a6:02:c4: 28:10:97:ce:b6:18:44:79:b5:a6:24:39:54:33:92:cf:fc:96: ce:c9:b3:65:ec:96:f4:45:0f:9d:23:bc:bd:a1:1f:f8:45:c6: 1f:cf:41:2e:fb:bd:9e:5a:9c:69:bd:c7:82:ae:a5:80:59:67: 64:bd:59:d2:df:6d:de:af:84:5b:6c:1a:f0:d2:82:12:3e:51: 6b:56:3a:53:8c:32:2d:06:cc:70:a5:a2:a8:01:e3:e4:50:7a: 91:27:8b:f8:6d:00:97:1f:23:ae:21:3b:92:21:49:1c:6b:69: ee:9b:ea:b2:e7:d4:f5:fc:f9:2b:6f:fc:6b:2d:ad:a3:d9:bc: f5:d5:55:cf -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrydmS4bNs7QYH5Shp0Y4EIMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI5YzliMDQwMTZmNmYwMjE4MzMwN2MxN2RmNjMwYTAyODll YzViYjUwHhcNMjUxMjA2MDcwMDM2WhcNMjUxMjA3MDcwMDM2WjAzMTEwLwYDVQQD EyhmMzQzNmQ4NGIxZmVhYjNjM2QwZjFmZjgyM2JmYTVjMjk5NWFlMGUyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArR0rN+0FpxHN/FNxVtemjnLIswN/ 45wZ+yaCvckddUmI92LxL8DaK11oXZ5UYFqBOZuiBuQ8GUtNK1MvW5WrGdV2ZoZm Xne4thlGPQx3SLLAFwuLlOFRpJpOljrKMzFwH7p9Sy3Oq/bdZhDjW6lnlK3OMWA+ xgRJfk1LNlrFHjoObpwfRP0cVmwIQXwn7fLFtCoo5D9GpYSqUz308Fr9UsNY6Sg/ QD4zZvXNcx3pxwM2AHglKAzCaluWseljYbgcfEaM1/MMg6S38+1RJYA02M4c5SFt IPALX49R3Zi9S2KB4BS/H8I0W70RitZKdnp9QIa4GtNQuXJQVyorOEktDwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPNDbYSx/qs8PQ8f+CO/pcKZWuDiMB8GA1UdIwQY MBaAFCnJsEAW9vAhgzB8F99jCgKJ7Fu1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS2Ntd1FCYjI4Q0dETUh3WDMyTUtBb25zVzdVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy81NTE4NDctMzMyZC00ZTI3LWI0N2Et MWQ1OTFiYmQ0MDYwLzEvS2Ntd1FCYjI4Q0dETUh3WDMyTUtBb25zVzdVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hYy81NTE4NDctMzMyZC00ZTI3LWI0N2EtMWQ1OTFiYmQ0MDYw LzEvS2Ntd1FCYjI4Q0dETUh3WDMyTUtBb25zVzdVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlz9qz61u 0mwvlSCu6MvgLADoMYM9alsOfC6PPmqPe5/X3m6F/Bz/x/ThNg7xgf24t/SQpy/4 Zg3DnI3+gNyYPUjiTAskeB3kmQmroWlkEATGSQkEg8KQk8d4JaV2fLxe9aB/xknZ s1kcIh8WwA84dkN6EDjHDk9V9yHcpgLEKBCXzrYYRHm1piQ5VDOSz/yWzsmzZeyW 9EUPnSO8vaEf+EXGH89BLvu9nlqcab3Hgq6lgFlnZL1Z0t9t3q+EW2wa8NKCEj5R a1Y6U4wyLQbMcKWiqAHj5FB6kSeL+G0Alx8jriE7kiFJHGtp7pvqsufU9fz5K2/8 ay2to9m89dVVzw== -----END CERTIFICATE-----Generated at Sat Dec 6 10:19:53 2025 by rpki-client