This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/e7c692-9941-4bc1-b4c2-6f8cacc12339/1/kNRNBKKqhYbulMejNTbDaBatoWM.mft File: kNRNBKKqhYbulMejNTbDaBatoWM.mft (raw, json) Hash identifier: PbivCAgQgaqU3+A3DHCJZAVyhKjjNRlBSa+4Y3165ak= Subject key identifier: 3A:8D:97:FD:41:A8:C3:25:40:3F:91:9D:31:B5:7C:01:7E:0F:27:09 Authority key identifier: 90:D4:4D:04:A2:AA:85:86:EE:94:C7:A3:35:36:C3:68:16:AD:A1:63 Certificate issuer: /CN=90d44d04a2aa8586ee94c7a33536c36816ada163 Certificate serial: 019AF12EB868B92AB462E2965147121CB8A4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kNRNBKKqhYbulMejNTbDaBatoWM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/e7c692-9941-4bc1-b4c2-6f8cacc12339/1/kNRNBKKqhYbulMejNTbDaBatoWM.mft Manifest number: 175F Signing time: Sat 06 Dec 2025 01:02:42 +0000 Manifest this update: Sat 06 Dec 2025 01:02:42 +0000 Manifest next update: Sun 07 Dec 2025 01:02:42 +0000 Files and hashes: 1: kNRNBKKqhYbulMejNTbDaBatoWM.crl (hash: pbEjjrHIHxci9OejBxgZi6/o3U+k2kdXjscsIsGTNRs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/e7c692-9941-4bc1-b4c2-6f8cacc12339/1/kNRNBKKqhYbulMejNTbDaBatoWM.crl rsync://rpki.ripe.net/repository/DEFAULT/b1/e7c692-9941-4bc1-b4c2-6f8cacc12339/1/kNRNBKKqhYbulMejNTbDaBatoWM.mft rsync://rpki.ripe.net/repository/DEFAULT/kNRNBKKqhYbulMejNTbDaBatoWM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:02:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2e:b8:68:b9:2a:b4:62:e2:96:51:47:12:1c:b8:a4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=90d44d04a2aa8586ee94c7a33536c36816ada163 Validity Not Before: Dec 6 01:02:42 2025 GMT Not After : Dec 7 01:02:42 2025 GMT Subject: CN=3a8d97fd41a8c325403f919d31b57c017e0f2709 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:fd:ae:95:92:8d:01:92:58:6c:c6:2c:33:bf: 41:91:c6:21:b5:5c:d6:ae:6a:d4:4a:6a:7c:55:8b: c5:27:e8:c3:2c:6e:0c:f3:a6:91:d1:88:8d:91:09: 6b:1e:ee:2e:be:4f:51:19:dd:2b:d4:07:f4:22:a9: 00:fe:58:63:3c:01:0d:5d:94:03:32:c6:79:df:4b: 2e:b2:69:bb:db:2c:fa:ee:70:d9:01:73:a9:57:94: b8:75:8b:2c:2c:73:08:ca:8f:34:fd:40:5e:19:ea: ba:0b:63:92:89:1a:03:cb:2a:ff:44:11:99:40:b8: 8f:b1:d7:7b:f3:cc:b7:e7:4e:e9:fd:68:60:b4:5b: 3d:23:45:bc:0d:ef:13:77:01:4e:4a:0c:fa:c1:8e: cf:47:33:d3:40:18:8d:05:3e:4b:82:92:18:cf:aa: 72:b9:89:29:ec:a4:57:71:e8:2d:0f:15:d5:4e:0d: 76:fd:40:3b:94:14:e7:16:93:ee:93:75:34:2a:0f: 17:68:c5:fd:76:7c:19:32:38:4d:b3:cd:a2:cb:36: 65:09:5a:ce:23:a8:0d:ec:79:c2:fb:fc:d8:13:92: e6:0d:f0:d8:e0:80:de:71:2d:63:39:f4:ab:45:f0: 08:fe:de:a2:0d:09:4f:50:f7:ad:d5:4d:72:4c:72: b5:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:8D:97:FD:41:A8:C3:25:40:3F:91:9D:31:B5:7C:01:7E:0F:27:09 X509v3 Authority Key Identifier: keyid:90:D4:4D:04:A2:AA:85:86:EE:94:C7:A3:35:36:C3:68:16:AD:A1:63 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kNRNBKKqhYbulMejNTbDaBatoWM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/e7c692-9941-4bc1-b4c2-6f8cacc12339/1/kNRNBKKqhYbulMejNTbDaBatoWM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/e7c692-9941-4bc1-b4c2-6f8cacc12339/1/kNRNBKKqhYbulMejNTbDaBatoWM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a6:90:ae:32:1e:9f:43:1b:81:f2:f2:43:44:34:32:f2:af:4e: ee:d2:60:b1:80:68:dd:99:20:12:0b:af:73:32:ec:47:1c:5a: 27:11:da:da:60:eb:f8:6d:b4:98:08:d0:d8:66:e0:0d:a9:b6: c5:b0:fb:f1:31:be:55:45:41:fe:1c:57:e5:11:bd:c9:0e:2b: 24:dd:c9:49:c4:17:f3:6e:0b:4e:8b:c8:dd:a2:ee:60:8d:72: c4:4f:35:56:6b:b7:98:54:e7:47:13:88:c9:68:d1:04:99:20: fe:cd:fc:74:59:2b:f5:0e:6a:80:d4:cf:d2:05:88:c5:3c:02: 7d:49:70:34:89:49:54:f7:52:46:72:ad:66:19:42:b1:24:b2: 28:6b:65:d1:6d:4e:ce:6f:6d:83:e6:0e:86:1d:9e:db:65:90: c9:49:38:aa:2b:c5:80:39:3b:b5:a9:e6:b8:a2:75:4a:75:81: e9:75:78:a5:88:1e:1d:05:05:e8:36:16:54:a7:5f:d1:8d:9e: 4c:d3:4b:aa:16:ea:b9:11:fe:d2:d0:6c:b8:9b:39:2e:5f:56: fc:b7:83:52:d0:b5:d1:c4:b5:5c:cb:2e:45:ec:2a:de:f3:e6: 54:e4:2b:58:02:70:63:f0:0c:24:c1:0a:c4:fd:d8:42:d1:ad: 8e:d9:d7:bc -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLrhouSq0YuKWUUcSHLikMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkwZDQ0ZDA0YTJhYTg1ODZlZTk0YzdhMzM1MzZjMzY4MTZh ZGExNjMwHhcNMjUxMjA2MDEwMjQyWhcNMjUxMjA3MDEwMjQyWjAzMTEwLwYDVQQD EygzYThkOTdmZDQxYThjMzI1NDAzZjkxOWQzMWI1N2MwMTdlMGYyNzA5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqv2ulZKNAZJYbMYsM79BkcYhtVzW rmrUSmp8VYvFJ+jDLG4M86aR0YiNkQlrHu4uvk9RGd0r1Af0IqkA/lhjPAENXZQD MsZ530susmm72yz67nDZAXOpV5S4dYssLHMIyo80/UBeGeq6C2OSiRoDyyr/RBGZ QLiPsdd788y3507p/WhgtFs9I0W8De8TdwFOSgz6wY7PRzPTQBiNBT5LgpIYz6py uYkp7KRXcegtDxXVTg12/UA7lBTnFpPuk3U0Kg8XaMX9dnwZMjhNs82iyzZlCVrO I6gN7HnC+/zYE5LmDfDY4IDecS1jOfSrRfAI/t6iDQlPUPet1U1yTHK1MQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDqNl/1BqMMlQD+RnTG1fAF+DycJMB8GA1UdIwQY MBaAFJDUTQSiqoWG7pTHozU2w2gWraFjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva05STkJLS3FoWWJ1bE1lak5UYkRhQmF0b1dNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9lN2M2OTItOTk0MS00YmMxLWI0YzIt NmY4Y2FjYzEyMzM5LzEva05STkJLS3FoWWJ1bE1lak5UYkRhQmF0b1dNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMS9lN2M2OTItOTk0MS00YmMxLWI0YzItNmY4Y2FjYzEyMzM5 LzEva05STkJLS3FoWWJ1bE1lak5UYkRhQmF0b1dNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAppCuMh6f QxuB8vJDRDQy8q9O7tJgsYBo3ZkgEguvczLsRxxaJxHa2mDr+G20mAjQ2GbgDam2 xbD78TG+VUVB/hxX5RG9yQ4rJN3JScQX824LTovI3aLuYI1yxE81Vmu3mFTnRxOI yWjRBJkg/s38dFkr9Q5qgNTP0gWIxTwCfUlwNIlJVPdSRnKtZhlCsSSyKGtl0W1O zm9tg+YOhh2e22WQyUk4qivFgDk7tanmuKJ1SnWB6XV4pYgeHQUF6DYWVKdf0Y2e TNNLqhbquRH+0tBsuJs5Ll9W/LeDUtC10cS1XMsuRewq3vPmVOQrWAJwY/AMJMEK xP3YQtGtjtnXvA== -----END CERTIFICATE-----Generated at Sat Dec 6 10:19:33 2025 by rpki-client