This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/66a439-cf33-47c5-92ab-80b5118abaf6/1/KhfSVHdMl6nGhansXSTy_GlomQg.mft File: KhfSVHdMl6nGhansXSTy_GlomQg.mft (raw, json) Hash identifier: D2oSWHz9WyNVnNUaZZFj03vmCf2wROGOz2rGZtIQ0to= Subject key identifier: AC:09:59:AA:FA:99:ED:86:5A:23:E6:E8:3E:55:CE:15:97:28:AE:F1 Authority key identifier: 2A:17:D2:54:77:4C:97:A9:C6:85:A9:EC:5D:24:F2:FC:69:68:99:08 Certificate issuer: /CN=2a17d254774c97a9c685a9ec5d24f2fc69689908 Certificate serial: 019B3043394E88214F0513AF1C2FCDC836EC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KhfSVHdMl6nGhansXSTy_GlomQg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/66a439-cf33-47c5-92ab-80b5118abaf6/1/KhfSVHdMl6nGhansXSTy_GlomQg.mft Manifest number: 14BD Signing time: Thu 18 Dec 2025 07:01:10 +0000 Manifest this update: Thu 18 Dec 2025 07:01:10 +0000 Manifest next update: Fri 19 Dec 2025 07:01:10 +0000 Files and hashes: 1: 1ibpJfSu5zvmElDRsm3yBPA2Psc.roa (hash: fl2TXrWlprslHDoqKeFpyUnoLUsON1oTzkxdU0IwAjQ=) 2: KhfSVHdMl6nGhansXSTy_GlomQg.crl (hash: KLfo0icw92ZYE5RTH8xuC2uuC0U6rfdKlFuNkmfwUW4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/66a439-cf33-47c5-92ab-80b5118abaf6/1/KhfSVHdMl6nGhansXSTy_GlomQg.crl rsync://rpki.ripe.net/repository/DEFAULT/b2/66a439-cf33-47c5-92ab-80b5118abaf6/1/KhfSVHdMl6nGhansXSTy_GlomQg.mft rsync://rpki.ripe.net/repository/DEFAULT/KhfSVHdMl6nGhansXSTy_GlomQg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 04:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:30:43:39:4e:88:21:4f:05:13:af:1c:2f:cd:c8:36:ec Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a17d254774c97a9c685a9ec5d24f2fc69689908 Validity Not Before: Dec 18 07:01:10 2025 GMT Not After : Dec 19 07:01:10 2025 GMT Subject: CN=ac0959aafa99ed865a23e6e83e55ce159728aef1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:db:8a:a4:cb:38:83:f2:8a:5c:c0:be:44:8c: 0a:21:29:7a:d8:2a:01:69:ee:6f:6e:c3:b3:c9:ed: 7f:53:92:35:91:b5:76:84:38:26:6e:aa:d9:6e:81: 6f:cf:89:0b:0f:d8:f2:16:b2:42:44:76:39:79:d2: e6:e8:50:cf:6b:5b:4c:49:10:5c:0b:a4:33:9f:4c: a5:89:62:b9:df:ec:2c:aa:a2:76:97:40:e5:28:5a: 49:72:f8:3d:3a:61:7f:c5:2b:55:86:07:36:20:55: 01:9d:bf:c4:93:83:a9:dc:e7:9d:40:cb:58:d0:0a: d5:f0:08:1a:3d:1c:4c:7c:41:41:b8:5f:3d:65:20: f8:6b:5b:52:94:50:be:a0:02:40:ca:6a:ab:a0:56: 4a:cc:47:f4:e4:f7:ff:b7:e5:64:b8:eb:d8:3f:f0: f0:f2:35:24:b9:f7:c7:25:e8:90:5b:36:a7:bd:d4: 9b:c8:f2:79:d9:18:ca:f4:8c:29:0c:25:73:27:84: 1c:88:d6:3d:9a:0f:47:74:59:14:16:ec:4b:c6:42: 2d:82:8c:ad:ff:40:96:75:b9:56:85:62:30:47:32: 9e:19:a2:49:f5:64:e7:f1:66:d9:0e:a8:9e:de:52: a5:0b:7f:12:b2:e5:2b:2a:4b:41:92:57:cb:7c:a3: 7b:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AC:09:59:AA:FA:99:ED:86:5A:23:E6:E8:3E:55:CE:15:97:28:AE:F1 X509v3 Authority Key Identifier: keyid:2A:17:D2:54:77:4C:97:A9:C6:85:A9:EC:5D:24:F2:FC:69:68:99:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KhfSVHdMl6nGhansXSTy_GlomQg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/66a439-cf33-47c5-92ab-80b5118abaf6/1/KhfSVHdMl6nGhansXSTy_GlomQg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/66a439-cf33-47c5-92ab-80b5118abaf6/1/KhfSVHdMl6nGhansXSTy_GlomQg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption a2:44:26:bd:1c:32:b4:5b:e6:8b:d7:5d:83:21:36:e9:a7:03: 6c:04:fa:f6:02:42:a4:a0:99:2c:21:49:d6:0b:fa:af:70:a2: 1c:f3:e5:71:5c:87:7b:58:9f:4f:7a:22:be:29:66:4d:3f:be: 17:ac:e4:b6:ff:52:d8:95:18:3a:6c:93:4d:a1:c6:48:e5:ff: 3d:52:69:52:d9:49:2a:ea:24:9e:a6:68:28:6c:a9:bb:ec:e2: 6d:68:1d:63:4e:23:55:b2:dd:4f:b4:e6:dc:33:f6:5a:bd:88: 24:7b:0d:3b:23:59:3d:f1:51:77:de:3d:3a:12:b2:70:0c:64: 9b:1f:0a:78:5c:81:c7:6d:14:69:77:77:4a:3d:f9:f5:c4:28: 76:66:da:37:22:19:31:e0:fc:73:c1:31:e5:a3:1a:d8:c2:46: 34:d8:5f:78:ea:2d:78:f7:4d:7a:84:85:7d:04:d0:bf:c7:bb: 06:59:d1:f4:2b:d5:e0:9b:23:1a:52:1d:7a:6d:36:85:81:53: 28:b6:9c:24:fb:50:e1:c4:e1:50:4b:f1:38:ea:13:2d:a6:bc: cc:9f:f7:aa:57:6e:f6:d4:8b:8c:33:65:8f:e4:be:6d:9f:23: 0a:41:5b:70:2d:59:c0:5f:61:0f:25:98:14:a7:51:07:7c:3c: 2b:23:35:63 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZswQzlOiCFPBROvHC/NyDbsMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhMTdkMjU0Nzc0Yzk3YTljNjg1YTllYzVkMjRmMmZjNjk2 ODk5MDgwHhcNMjUxMjE4MDcwMTEwWhcNMjUxMjE5MDcwMTEwWjAzMTEwLwYDVQQD EyhhYzA5NTlhYWZhOTllZDg2NWEyM2U2ZTgzZTU1Y2UxNTk3MjhhZWYxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6tuKpMs4g/KKXMC+RIwKISl62CoB ae5vbsOzye1/U5I1kbV2hDgmbqrZboFvz4kLD9jyFrJCRHY5edLm6FDPa1tMSRBc C6Qzn0yliWK53+wsqqJ2l0DlKFpJcvg9OmF/xStVhgc2IFUBnb/Ek4Op3OedQMtY 0ArV8AgaPRxMfEFBuF89ZSD4a1tSlFC+oAJAymqroFZKzEf05Pf/t+VkuOvYP/Dw 8jUkuffHJeiQWzanvdSbyPJ52RjK9IwpDCVzJ4QciNY9mg9HdFkUFuxLxkItgoyt /0CWdblWhWIwRzKeGaJJ9WTn8WbZDqie3lKlC38SsuUrKktBklfLfKN7hQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKwJWar6me2GWiPm6D5VzhWXKK7xMB8GA1UdIwQY MBaAFCoX0lR3TJepxoWp7F0k8vxpaJkIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS2hmU1ZIZE1sNm5HaGFuc1hTVHlfR2xvbVFnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi82NmE0MzktY2YzMy00N2M1LTkyYWIt ODBiNTExOGFiYWY2LzEvS2hmU1ZIZE1sNm5HaGFuc1hTVHlfR2xvbVFnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMi82NmE0MzktY2YzMy00N2M1LTkyYWItODBiNTExOGFiYWY2 LzEvS2hmU1ZIZE1sNm5HaGFuc1hTVHlfR2xvbVFnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAokQmvRwy tFvmi9ddgyE26acDbAT69gJCpKCZLCFJ1gv6r3CiHPPlcVyHe1ifT3oivilmTT++ F6zktv9S2JUYOmyTTaHGSOX/PVJpUtlJKuoknqZoKGypu+zibWgdY04jVbLdT7Tm 3DP2Wr2IJHsNOyNZPfFRd949OhKycAxkmx8KeFyBx20UaXd3Sj359cQodmbaNyIZ MeD8c8Ex5aMa2MJGNNhfeOotePdNeoSFfQTQv8e7BlnR9CvV4JsjGlIdem02hYFT KLacJPtQ4cThUEvxOOoTLaa8zJ/3qldu9tSLjDNlj+S+bZ8jCkFbcC1ZwF9hDyWY FKdRB3w8KyM1Yw== -----END CERTIFICATE-----Generated at Thu Dec 18 11:27:15 2025 by rpki-client