This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/40d220-621d-46fb-ac9c-48b8366ff23e/1/K_CgGXhoxtjDTdFrP0TezF5CNvU.mft File: K_CgGXhoxtjDTdFrP0TezF5CNvU.mft (raw, json) Hash identifier: lJh8DefxVrN7K+GBm5lP2Job4AuoStDC+do6feDv43M= Subject key identifier: 62:F6:5C:2C:99:7E:6E:7D:BE:B5:A1:20:18:65:0E:CF:CA:48:AC:3D Authority key identifier: 2B:F0:A0:19:78:68:C6:D8:C3:4D:D1:6B:3F:44:DE:CC:5E:42:36:F5 Certificate issuer: /CN=2bf0a0197868c6d8c34dd16b3f44decc5e4236f5 Certificate serial: 019AF12EED51E66C66A81144FDDDD7F42297 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K_CgGXhoxtjDTdFrP0TezF5CNvU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/40d220-621d-46fb-ac9c-48b8366ff23e/1/K_CgGXhoxtjDTdFrP0TezF5CNvU.mft Manifest number: 0F19 Signing time: Sat 06 Dec 2025 01:02:55 +0000 Manifest this update: Sat 06 Dec 2025 01:02:55 +0000 Manifest next update: Sun 07 Dec 2025 01:02:55 +0000 Files and hashes: 1: K_CgGXhoxtjDTdFrP0TezF5CNvU.crl (hash: 7sElcnreJC0qrT5FaYU+OMKSrVSZoFg/XhLRP5AulOA=) 2: cwewYqqUz_DTY7N101NBNvby5-A.roa (hash: 12Ilbr32JYBfPHCal30nzRY5XUe8GWiDmB7OIucWhgs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/40d220-621d-46fb-ac9c-48b8366ff23e/1/K_CgGXhoxtjDTdFrP0TezF5CNvU.crl rsync://rpki.ripe.net/repository/DEFAULT/b0/40d220-621d-46fb-ac9c-48b8366ff23e/1/K_CgGXhoxtjDTdFrP0TezF5CNvU.mft rsync://rpki.ripe.net/repository/DEFAULT/K_CgGXhoxtjDTdFrP0TezF5CNvU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:02:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2e:ed:51:e6:6c:66:a8:11:44:fd:dd:d7:f4:22:97 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2bf0a0197868c6d8c34dd16b3f44decc5e4236f5 Validity Not Before: Dec 6 01:02:55 2025 GMT Not After : Dec 7 01:02:55 2025 GMT Subject: CN=62f65c2c997e6e7dbeb5a12018650ecfca48ac3d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:62:de:2e:c8:63:2f:12:6a:7e:e3:5f:f0:ae: 63:da:44:e7:f5:27:49:2c:78:ea:bd:6e:d3:86:5c: b3:d6:59:bb:d8:84:67:84:31:d0:25:89:36:d9:81: 77:a9:61:91:43:33:20:56:33:57:8a:10:00:6a:03: 3e:3d:54:a5:44:36:7a:8c:42:7f:c3:d5:60:eb:4b: 16:8c:9e:59:24:f0:f0:f6:ee:aa:2c:c5:e8:b9:c8: 0e:fe:f2:f3:af:09:a8:99:c2:79:76:a9:2f:67:a7: 2c:e8:e7:81:8f:c7:50:23:17:54:b2:bc:32:d5:2f: b5:58:77:ba:39:f8:8b:cf:6f:4a:8e:47:d3:fd:9a: e9:e7:ee:3c:79:46:fe:5b:7d:2a:20:0f:2b:b0:40: 76:38:2c:ec:6e:be:27:05:42:07:7f:4d:51:38:cf: e9:89:18:93:59:39:a6:b7:2c:01:3d:27:8f:d3:26: 1b:fb:59:0c:67:91:aa:96:78:2a:77:4d:11:1e:83: 49:e3:2b:dd:1a:53:4e:41:10:c4:bd:c6:97:1a:8f: 08:0c:9c:3f:b9:fb:71:1c:2d:ef:b0:de:4f:43:78: a9:5b:ca:ba:a0:b7:80:8f:9d:08:27:67:31:16:b9: 25:5f:e0:e3:30:20:6a:24:33:80:e5:b5:2c:d4:dd: ac:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 62:F6:5C:2C:99:7E:6E:7D:BE:B5:A1:20:18:65:0E:CF:CA:48:AC:3D X509v3 Authority Key Identifier: keyid:2B:F0:A0:19:78:68:C6:D8:C3:4D:D1:6B:3F:44:DE:CC:5E:42:36:F5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K_CgGXhoxtjDTdFrP0TezF5CNvU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/40d220-621d-46fb-ac9c-48b8366ff23e/1/K_CgGXhoxtjDTdFrP0TezF5CNvU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/40d220-621d-46fb-ac9c-48b8366ff23e/1/K_CgGXhoxtjDTdFrP0TezF5CNvU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6a:db:bd:79:61:29:2a:26:fb:05:58:99:83:ea:ff:ff:cb:5e: 9a:4a:f3:92:07:5d:ac:5f:79:e6:42:36:25:95:3d:e5:66:9f: ef:bd:c4:e0:ca:b5:77:79:4f:77:2f:7e:ea:d1:00:6b:4e:cb: 2e:a8:86:39:0e:9b:71:00:7d:ac:ba:a7:a2:39:bd:fd:c4:50: 34:e7:12:12:bc:36:46:55:38:77:e0:d3:05:64:4f:20:d3:33: c1:1b:8b:be:53:f8:33:86:a1:60:07:83:96:cf:69:98:97:f4: 98:58:7c:7b:d5:1c:1e:38:e7:7e:8f:93:9b:bd:b7:1f:2a:42: 75:92:2e:c3:9b:13:a4:d6:48:e8:7c:0e:ad:74:ab:78:4e:d9: c0:22:b6:86:34:fb:36:ab:07:d8:14:1c:97:9f:ac:d4:62:86: 03:74:62:b4:77:0d:b4:b0:21:06:69:d9:97:47:5f:fc:73:33: 39:e4:5c:ea:12:5a:f1:09:40:19:37:8b:27:76:fa:f8:12:f3: 02:3f:db:bc:68:78:87:33:cb:8b:cd:72:dd:09:40:61:bc:f9: 44:b2:71:ed:ca:71:10:86:bd:84:91:31:c2:97:f8:83:34:88: 61:a8:e8:a6:88:cb:90:a5:97:97:36:4b:fb:5a:de:2a:a7:e9: 53:5d:b2:90 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLu1R5mxmqBFE/d3X9CKXMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJiZjBhMDE5Nzg2OGM2ZDhjMzRkZDE2YjNmNDRkZWNjNWU0 MjM2ZjUwHhcNMjUxMjA2MDEwMjU1WhcNMjUxMjA3MDEwMjU1WjAzMTEwLwYDVQQD Eyg2MmY2NWMyYzk5N2U2ZTdkYmViNWExMjAxODY1MGVjZmNhNDhhYzNkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2LeLshjLxJqfuNf8K5j2kTn9SdJ LHjqvW7Thlyz1lm72IRnhDHQJYk22YF3qWGRQzMgVjNXihAAagM+PVSlRDZ6jEJ/ w9Vg60sWjJ5ZJPDw9u6qLMXoucgO/vLzrwmomcJ5dqkvZ6cs6OeBj8dQIxdUsrwy 1S+1WHe6OfiLz29KjkfT/Zrp5+48eUb+W30qIA8rsEB2OCzsbr4nBUIHf01ROM/p iRiTWTmmtywBPSeP0yYb+1kMZ5Gqlngqd00RHoNJ4yvdGlNOQRDEvcaXGo8IDJw/ uftxHC3vsN5PQ3ipW8q6oLeAj50IJ2cxFrklX+DjMCBqJDOA5bUs1N2sgwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGL2XCyZfm59vrWhIBhlDs/KSKw9MB8GA1UdIwQY MBaAFCvwoBl4aMbYw03Raz9E3sxeQjb1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS19DZ0dYaG94dGpEVGRGclAwVGV6RjVDTnZVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80MGQyMjAtNjIxZC00NmZiLWFjOWMt NDhiODM2NmZmMjNlLzEvS19DZ0dYaG94dGpEVGRGclAwVGV6RjVDTnZVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMC80MGQyMjAtNjIxZC00NmZiLWFjOWMtNDhiODM2NmZmMjNl LzEvS19DZ0dYaG94dGpEVGRGclAwVGV6RjVDTnZVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAatu9eWEp Kib7BViZg+r//8temkrzkgddrF955kI2JZU95Waf773E4Mq1d3lPdy9+6tEAa07L LqiGOQ6bcQB9rLqnojm9/cRQNOcSErw2RlU4d+DTBWRPINMzwRuLvlP4M4ahYAeD ls9pmJf0mFh8e9UcHjjnfo+Tm723HypCdZIuw5sTpNZI6HwOrXSreE7ZwCK2hjT7 NqsH2BQcl5+s1GKGA3RitHcNtLAhBmnZl0df/HMzOeRc6hJa8QlAGTeLJ3b6+BLz Aj/bvGh4hzPLi81y3QlAYbz5RLJx7cpxEIa9hJExwpf4gzSIYajopojLkKWXlzZL +1reKqfpU12ykA== -----END CERTIFICATE-----Generated at Sat Dec 6 10:18:40 2025 by rpki-client