This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/66a439-cf33-47c5-92ab-80b5118abaf6/1/KhfSVHdMl6nGhansXSTy_GlomQg.mft File: KhfSVHdMl6nGhansXSTy_GlomQg.mft (raw, json) Hash identifier: W8LeHTZ7JQp3mbN5L3wWEb+Fu/EWrb1fn/nNPb1v7sU= Subject key identifier: 8B:2C:94:42:AD:90:FD:17:2B:21:1E:65:8D:3F:96:F1:91:82:8B:60 Authority key identifier: 2A:17:D2:54:77:4C:97:A9:C6:85:A9:EC:5D:24:F2:FC:69:68:99:08 Certificate issuer: /CN=2a17d254774c97a9c685a9ec5d24f2fc69689908 Certificate serial: 019B2E54EF689949892A4624EB2C59B32120 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KhfSVHdMl6nGhansXSTy_GlomQg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/66a439-cf33-47c5-92ab-80b5118abaf6/1/KhfSVHdMl6nGhansXSTy_GlomQg.mft Manifest number: 14BC Signing time: Wed 17 Dec 2025 22:01:16 +0000 Manifest this update: Wed 17 Dec 2025 22:01:16 +0000 Manifest next update: Thu 18 Dec 2025 22:01:16 +0000 Files and hashes: 1: 1ibpJfSu5zvmElDRsm3yBPA2Psc.roa (hash: fl2TXrWlprslHDoqKeFpyUnoLUsON1oTzkxdU0IwAjQ=) 2: KhfSVHdMl6nGhansXSTy_GlomQg.crl (hash: jQQDDT0l2R8Tx3TRkslIFQ+TIYjWJBd947Dy7+pl9NA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/66a439-cf33-47c5-92ab-80b5118abaf6/1/KhfSVHdMl6nGhansXSTy_GlomQg.crl rsync://rpki.ripe.net/repository/DEFAULT/b2/66a439-cf33-47c5-92ab-80b5118abaf6/1/KhfSVHdMl6nGhansXSTy_GlomQg.mft rsync://rpki.ripe.net/repository/DEFAULT/KhfSVHdMl6nGhansXSTy_GlomQg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 18 Dec 2025 22:01:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2e:54:ef:68:99:49:89:2a:46:24:eb:2c:59:b3:21:20 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a17d254774c97a9c685a9ec5d24f2fc69689908 Validity Not Before: Dec 17 22:01:16 2025 GMT Not After : Dec 18 22:01:16 2025 GMT Subject: CN=8b2c9442ad90fd172b211e658d3f96f191828b60 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:a4:51:9b:64:13:24:21:c2:20:5e:f9:0e:ac: 73:41:5c:a4:8c:41:03:b7:1f:97:8b:31:f9:4d:f3: 4a:ab:e3:b5:58:e3:95:58:24:82:15:f9:34:0c:bc: 8e:08:dd:3c:f3:b9:81:93:d0:fc:74:ec:3c:90:77: 85:46:ba:ae:9f:4c:b7:75:80:cc:c3:9d:0f:fc:a4: dc:20:de:04:09:89:ff:d3:70:52:51:48:a4:55:52: 86:67:56:dd:ca:b1:6c:d9:00:ff:cf:86:90:e2:ff: 42:52:6d:e2:bd:76:aa:52:4b:35:2a:d4:ba:b1:c2: 29:d1:4a:0b:4e:35:85:9d:8e:d8:54:6a:a8:8f:6e: 41:d3:63:36:32:cf:1b:54:db:4d:0e:4c:75:50:9a: 23:7c:1e:31:77:8a:7d:2a:48:d7:68:98:5a:a6:1d: 2f:9a:2b:cb:3a:95:8e:f5:7b:8e:d2:d8:3a:d3:73: 2d:ae:30:d8:5e:d6:f1:0c:00:96:4e:55:a9:15:71: df:4a:48:65:9c:86:9f:b5:47:a9:0c:17:27:9d:9d: 28:32:15:93:ae:cf:a8:da:c2:f0:cc:10:6a:42:66: e6:bf:bb:b4:3c:57:f1:4f:f7:0b:f0:ff:40:f2:10: b3:9f:4e:1c:41:bd:c5:86:c7:0a:98:39:57:81:50: 29:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8B:2C:94:42:AD:90:FD:17:2B:21:1E:65:8D:3F:96:F1:91:82:8B:60 X509v3 Authority Key Identifier: keyid:2A:17:D2:54:77:4C:97:A9:C6:85:A9:EC:5D:24:F2:FC:69:68:99:08 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KhfSVHdMl6nGhansXSTy_GlomQg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/66a439-cf33-47c5-92ab-80b5118abaf6/1/KhfSVHdMl6nGhansXSTy_GlomQg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/66a439-cf33-47c5-92ab-80b5118abaf6/1/KhfSVHdMl6nGhansXSTy_GlomQg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 27:ea:24:e0:b1:b6:c8:57:64:96:10:1f:8b:7c:34:28:7b:7c: 3c:f5:db:f8:31:ba:36:cf:a8:c9:1c:91:cf:d8:48:11:27:bd: 50:b0:4b:d9:c7:86:9e:1f:6c:d0:97:8e:20:a3:7b:24:bc:23: 17:01:29:ab:1b:e7:46:be:d6:ee:25:a9:a2:4a:84:bf:60:53: 96:90:85:f3:10:d1:45:64:2d:e1:17:03:bb:1f:9f:2f:b9:fb: 65:47:93:20:76:98:b0:6e:c0:5b:65:d3:89:1c:2e:e1:52:ad: dd:0a:3e:2d:a1:c0:d9:f6:d4:c4:17:9e:04:06:46:b0:53:c8: 7f:a7:b9:8c:52:0f:2a:f7:85:54:35:c3:58:06:db:2b:85:01: 12:e9:ac:22:fb:41:d5:b2:b4:0a:ed:ee:fc:40:93:ec:51:4a: 3e:68:ad:b6:03:fe:84:83:bf:8c:3f:57:e6:c2:da:02:fb:f6: e5:e4:30:80:6e:df:4b:03:81:4a:9a:d1:7f:e8:c6:a7:92:7c: b5:d8:5e:3f:25:43:9e:4c:bf:1e:65:2d:26:93:50:23:59:e5: b7:d9:cd:45:ce:dc:03:27:7c:cb:35:0a:44:6f:5c:1c:98:5f: 93:cb:f1:ce:d0:85:92:31:de:71:bd:cc:98:f6:0b:b3:9c:54: b3:a9:7a:8d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsuVO9omUmJKkYk6yxZsyEgMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhMTdkMjU0Nzc0Yzk3YTljNjg1YTllYzVkMjRmMmZjNjk2 ODk5MDgwHhcNMjUxMjE3MjIwMTE2WhcNMjUxMjE4MjIwMTE2WjAzMTEwLwYDVQQD Eyg4YjJjOTQ0MmFkOTBmZDE3MmIyMTFlNjU4ZDNmOTZmMTkxODI4YjYwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy6RRm2QTJCHCIF75DqxzQVykjEED tx+XizH5TfNKq+O1WOOVWCSCFfk0DLyOCN0887mBk9D8dOw8kHeFRrqun0y3dYDM w50P/KTcIN4ECYn/03BSUUikVVKGZ1bdyrFs2QD/z4aQ4v9CUm3ivXaqUks1KtS6 scIp0UoLTjWFnY7YVGqoj25B02M2Ms8bVNtNDkx1UJojfB4xd4p9KkjXaJhaph0v mivLOpWO9XuO0tg603MtrjDYXtbxDACWTlWpFXHfSkhlnIaftUepDBcnnZ0oMhWT rs+o2sLwzBBqQmbmv7u0PFfxT/cL8P9A8hCzn04cQb3FhscKmDlXgVApEQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIsslEKtkP0XKyEeZY0/lvGRgotgMB8GA1UdIwQY MBaAFCoX0lR3TJepxoWp7F0k8vxpaJkIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS2hmU1ZIZE1sNm5HaGFuc1hTVHlfR2xvbVFnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi82NmE0MzktY2YzMy00N2M1LTkyYWIt ODBiNTExOGFiYWY2LzEvS2hmU1ZIZE1sNm5HaGFuc1hTVHlfR2xvbVFnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMi82NmE0MzktY2YzMy00N2M1LTkyYWItODBiNTExOGFiYWY2 LzEvS2hmU1ZIZE1sNm5HaGFuc1hTVHlfR2xvbVFnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJ+ok4LG2 yFdklhAfi3w0KHt8PPXb+DG6Ns+oyRyRz9hIESe9ULBL2ceGnh9s0JeOIKN7JLwj FwEpqxvnRr7W7iWpokqEv2BTlpCF8xDRRWQt4RcDux+fL7n7ZUeTIHaYsG7AW2XT iRwu4VKt3Qo+LaHA2fbUxBeeBAZGsFPIf6e5jFIPKveFVDXDWAbbK4UBEumsIvtB 1bK0Cu3u/ECT7FFKPmittgP+hIO/jD9X5sLaAvv25eQwgG7fSwOBSprRf+jGp5J8 tdhePyVDnky/HmUtJpNQI1nlt9nNRc7cAyd8yzUKRG9cHJhfk8vxztCFkjHecb3M mPYLs5xUs6l6jQ== -----END CERTIFICATE-----Generated at Thu Dec 18 08:15:05 2025 by rpki-client