This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/66a439-cf33-47c5-92ab-80b5118abaf6/1/KhfSVHdMl6nGhansXSTy_GlomQg.mft
File: KhfSVHdMl6nGhansXSTy_GlomQg.mft (raw, json)
Hash identifier: W8LeHTZ7JQp3mbN5L3wWEb+Fu/EWrb1fn/nNPb1v7sU=
Subject key identifier: 8B:2C:94:42:AD:90:FD:17:2B:21:1E:65:8D:3F:96:F1:91:82:8B:60
Authority key identifier: 2A:17:D2:54:77:4C:97:A9:C6:85:A9:EC:5D:24:F2:FC:69:68:99:08
Certificate issuer: /CN=2a17d254774c97a9c685a9ec5d24f2fc69689908
Certificate serial: 019B2E54EF689949892A4624EB2C59B32120
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KhfSVHdMl6nGhansXSTy_GlomQg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/66a439-cf33-47c5-92ab-80b5118abaf6/1/KhfSVHdMl6nGhansXSTy_GlomQg.mft
Manifest number: 14BC
Signing time: Wed 17 Dec 2025 22:01:16 +0000
Manifest this update: Wed 17 Dec 2025 22:01:16 +0000
Manifest next update: Thu 18 Dec 2025 22:01:16 +0000
Files and hashes: 1: 1ibpJfSu5zvmElDRsm3yBPA2Psc.roa (hash: fl2TXrWlprslHDoqKeFpyUnoLUsON1oTzkxdU0IwAjQ=)
2: KhfSVHdMl6nGhansXSTy_GlomQg.crl (hash: jQQDDT0l2R8Tx3TRkslIFQ+TIYjWJBd947Dy7+pl9NA=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/66a439-cf33-47c5-92ab-80b5118abaf6/1/KhfSVHdMl6nGhansXSTy_GlomQg.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/66a439-cf33-47c5-92ab-80b5118abaf6/1/KhfSVHdMl6nGhansXSTy_GlomQg.mft
rsync://rpki.ripe.net/repository/DEFAULT/KhfSVHdMl6nGhansXSTy_GlomQg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 18 Dec 2025 22:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:2e:54:ef:68:99:49:89:2a:46:24:eb:2c:59:b3:21:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a17d254774c97a9c685a9ec5d24f2fc69689908
Validity
Not Before: Dec 17 22:01:16 2025 GMT
Not After : Dec 18 22:01:16 2025 GMT
Subject: CN=8b2c9442ad90fd172b211e658d3f96f191828b60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:a4:51:9b:64:13:24:21:c2:20:5e:f9:0e:ac:
73:41:5c:a4:8c:41:03:b7:1f:97:8b:31:f9:4d:f3:
4a:ab:e3:b5:58:e3:95:58:24:82:15:f9:34:0c:bc:
8e:08:dd:3c:f3:b9:81:93:d0:fc:74:ec:3c:90:77:
85:46:ba:ae:9f:4c:b7:75:80:cc:c3:9d:0f:fc:a4:
dc:20:de:04:09:89:ff:d3:70:52:51:48:a4:55:52:
86:67:56:dd:ca:b1:6c:d9:00:ff:cf:86:90:e2:ff:
42:52:6d:e2:bd:76:aa:52:4b:35:2a:d4:ba:b1:c2:
29:d1:4a:0b:4e:35:85:9d:8e:d8:54:6a:a8:8f:6e:
41:d3:63:36:32:cf:1b:54:db:4d:0e:4c:75:50:9a:
23:7c:1e:31:77:8a:7d:2a:48:d7:68:98:5a:a6:1d:
2f:9a:2b:cb:3a:95:8e:f5:7b:8e:d2:d8:3a:d3:73:
2d:ae:30:d8:5e:d6:f1:0c:00:96:4e:55:a9:15:71:
df:4a:48:65:9c:86:9f:b5:47:a9:0c:17:27:9d:9d:
28:32:15:93:ae:cf:a8:da:c2:f0:cc:10:6a:42:66:
e6:bf:bb:b4:3c:57:f1:4f:f7:0b:f0:ff:40:f2:10:
b3:9f:4e:1c:41:bd:c5:86:c7:0a:98:39:57:81:50:
29:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:2C:94:42:AD:90:FD:17:2B:21:1E:65:8D:3F:96:F1:91:82:8B:60
X509v3 Authority Key Identifier:
keyid:2A:17:D2:54:77:4C:97:A9:C6:85:A9:EC:5D:24:F2:FC:69:68:99:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KhfSVHdMl6nGhansXSTy_GlomQg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/66a439-cf33-47c5-92ab-80b5118abaf6/1/KhfSVHdMl6nGhansXSTy_GlomQg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/66a439-cf33-47c5-92ab-80b5118abaf6/1/KhfSVHdMl6nGhansXSTy_GlomQg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
27:ea:24:e0:b1:b6:c8:57:64:96:10:1f:8b:7c:34:28:7b:7c:
3c:f5:db:f8:31:ba:36:cf:a8:c9:1c:91:cf:d8:48:11:27:bd:
50:b0:4b:d9:c7:86:9e:1f:6c:d0:97:8e:20:a3:7b:24:bc:23:
17:01:29:ab:1b:e7:46:be:d6:ee:25:a9:a2:4a:84:bf:60:53:
96:90:85:f3:10:d1:45:64:2d:e1:17:03:bb:1f:9f:2f:b9:fb:
65:47:93:20:76:98:b0:6e:c0:5b:65:d3:89:1c:2e:e1:52:ad:
dd:0a:3e:2d:a1:c0:d9:f6:d4:c4:17:9e:04:06:46:b0:53:c8:
7f:a7:b9:8c:52:0f:2a:f7:85:54:35:c3:58:06:db:2b:85:01:
12:e9:ac:22:fb:41:d5:b2:b4:0a:ed:ee:fc:40:93:ec:51:4a:
3e:68:ad:b6:03:fe:84:83:bf:8c:3f:57:e6:c2:da:02:fb:f6:
e5:e4:30:80:6e:df:4b:03:81:4a:9a:d1:7f:e8:c6:a7:92:7c:
b5:d8:5e:3f:25:43:9e:4c:bf:1e:65:2d:26:93:50:23:59:e5:
b7:d9:cd:45:ce:dc:03:27:7c:cb:35:0a:44:6f:5c:1c:98:5f:
93:cb:f1:ce:d0:85:92:31:de:71:bd:cc:98:f6:0b:b3:9c:54:
b3:a9:7a:8d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZsuVO9omUmJKkYk6yxZsyEgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhMTdkMjU0Nzc0Yzk3YTljNjg1YTllYzVkMjRmMmZjNjk2
ODk5MDgwHhcNMjUxMjE3MjIwMTE2WhcNMjUxMjE4MjIwMTE2WjAzMTEwLwYDVQQD
Eyg4YjJjOTQ0MmFkOTBmZDE3MmIyMTFlNjU4ZDNmOTZmMTkxODI4YjYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy6RRm2QTJCHCIF75DqxzQVykjEED
tx+XizH5TfNKq+O1WOOVWCSCFfk0DLyOCN0887mBk9D8dOw8kHeFRrqun0y3dYDM
w50P/KTcIN4ECYn/03BSUUikVVKGZ1bdyrFs2QD/z4aQ4v9CUm3ivXaqUks1KtS6
scIp0UoLTjWFnY7YVGqoj25B02M2Ms8bVNtNDkx1UJojfB4xd4p9KkjXaJhaph0v
mivLOpWO9XuO0tg603MtrjDYXtbxDACWTlWpFXHfSkhlnIaftUepDBcnnZ0oMhWT
rs+o2sLwzBBqQmbmv7u0PFfxT/cL8P9A8hCzn04cQb3FhscKmDlXgVApEQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIsslEKtkP0XKyEeZY0/lvGRgotgMB8GA1UdIwQY
MBaAFCoX0lR3TJepxoWp7F0k8vxpaJkIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2hmU1ZIZE1sNm5HaGFuc1hTVHlfR2xvbVFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi82NmE0MzktY2YzMy00N2M1LTkyYWIt
ODBiNTExOGFiYWY2LzEvS2hmU1ZIZE1sNm5HaGFuc1hTVHlfR2xvbVFnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi82NmE0MzktY2YzMy00N2M1LTkyYWItODBiNTExOGFiYWY2
LzEvS2hmU1ZIZE1sNm5HaGFuc1hTVHlfR2xvbVFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJ+ok4LG2
yFdklhAfi3w0KHt8PPXb+DG6Ns+oyRyRz9hIESe9ULBL2ceGnh9s0JeOIKN7JLwj
FwEpqxvnRr7W7iWpokqEv2BTlpCF8xDRRWQt4RcDux+fL7n7ZUeTIHaYsG7AW2XT
iRwu4VKt3Qo+LaHA2fbUxBeeBAZGsFPIf6e5jFIPKveFVDXDWAbbK4UBEumsIvtB
1bK0Cu3u/ECT7FFKPmittgP+hIO/jD9X5sLaAvv25eQwgG7fSwOBSprRf+jGp5J8
tdhePyVDnky/HmUtJpNQI1nlt9nNRc7cAyd8yzUKRG9cHJhfk8vxztCFkjHecb3M
mPYLs5xUs6l6jQ==
-----END CERTIFICATE-----
Generated at Thu Dec 18 08:15:05 2025 by rpki-client