This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/6e40ee-7935-41a9-8ee7-f9a69449d5fa/1/KMvNlssXsh1iT9IXD9DXCBY68j0.mft File: KMvNlssXsh1iT9IXD9DXCBY68j0.mft (raw, json) Hash identifier: m+itEaDMr6vxf7ZDtBD2dkBVOU9S1TxTCNAtqM1DIS0= Subject key identifier: F4:6B:AD:49:DE:5A:A3:AE:0D:36:E1:BE:29:2B:9F:73:B5:3A:E1:38 Authority key identifier: 28:CB:CD:96:CB:17:B2:1D:62:4F:D2:17:0F:D0:D7:08:16:3A:F2:3D Certificate issuer: /CN=28cbcd96cb17b21d624fd2170fd0d708163af23d Certificate serial: 019B2EFA3193800323444037580DBEFB4243 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KMvNlssXsh1iT9IXD9DXCBY68j0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/6e40ee-7935-41a9-8ee7-f9a69449d5fa/1/KMvNlssXsh1iT9IXD9DXCBY68j0.mft Manifest number: 10A9 Signing time: Thu 18 Dec 2025 01:01:47 +0000 Manifest this update: Thu 18 Dec 2025 01:01:47 +0000 Manifest next update: Fri 19 Dec 2025 01:01:47 +0000 Files and hashes: 1: KMvNlssXsh1iT9IXD9DXCBY68j0.crl (hash: HCJHskdYhHbiOg+pG8edbL8lpnTczfZzqh8V4gtiv5s=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b8/6e40ee-7935-41a9-8ee7-f9a69449d5fa/1/KMvNlssXsh1iT9IXD9DXCBY68j0.crl rsync://rpki.ripe.net/repository/DEFAULT/b8/6e40ee-7935-41a9-8ee7-f9a69449d5fa/1/KMvNlssXsh1iT9IXD9DXCBY68j0.mft rsync://rpki.ripe.net/repository/DEFAULT/KMvNlssXsh1iT9IXD9DXCBY68j0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 01:01:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2e:fa:31:93:80:03:23:44:40:37:58:0d:be:fb:42:43 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=28cbcd96cb17b21d624fd2170fd0d708163af23d Validity Not Before: Dec 18 01:01:47 2025 GMT Not After : Dec 19 01:01:47 2025 GMT Subject: CN=f46bad49de5aa3ae0d36e1be292b9f73b53ae138 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:19:5e:00:ec:4c:00:45:50:f3:bf:5a:5d:4b: eb:10:57:44:c5:cf:bb:32:d6:11:8d:22:e0:c4:a7: 6b:46:ea:72:7c:15:f2:54:a5:2c:75:d5:07:0f:92: 03:02:23:cf:38:22:6e:c6:6d:67:66:11:ca:d4:ed: eb:f0:42:4c:e9:1d:0b:bb:2e:b2:60:c4:59:a5:79: a8:32:e7:31:c9:14:f4:e8:e0:61:d4:38:aa:fd:7a: c0:92:18:7f:60:4d:72:cb:7c:2b:01:75:7b:47:4f: 4b:b2:f0:65:cd:a7:25:9e:7b:fd:5a:cb:13:3e:9e: 5b:10:e8:c2:9c:8f:e5:63:a2:b8:31:76:52:fd:11: dc:4b:c8:24:cb:b0:16:d7:58:0e:5b:ef:99:70:a3: 4d:3a:cf:4a:2d:3e:08:8d:c4:3e:5b:69:ab:25:ab: ff:4b:d1:74:00:c8:90:33:a2:6f:4b:dd:41:ac:48: b7:44:37:05:4c:9b:9f:14:65:58:a9:17:5b:e3:fa: 46:28:f0:b0:bc:2a:c1:aa:93:51:b1:47:71:c1:4f: 05:86:15:56:2b:57:88:fb:16:de:a0:d2:a3:bc:11: c6:fd:48:5f:3a:dd:34:1b:cd:ca:98:9c:0e:a0:cb: 3e:94:07:b0:67:15:de:b8:f3:2d:4f:b4:1e:29:0e: 77:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F4:6B:AD:49:DE:5A:A3:AE:0D:36:E1:BE:29:2B:9F:73:B5:3A:E1:38 X509v3 Authority Key Identifier: keyid:28:CB:CD:96:CB:17:B2:1D:62:4F:D2:17:0F:D0:D7:08:16:3A:F2:3D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KMvNlssXsh1iT9IXD9DXCBY68j0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6e40ee-7935-41a9-8ee7-f9a69449d5fa/1/KMvNlssXsh1iT9IXD9DXCBY68j0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6e40ee-7935-41a9-8ee7-f9a69449d5fa/1/KMvNlssXsh1iT9IXD9DXCBY68j0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 93:c9:31:fe:98:a1:fa:72:6e:56:a7:81:3a:52:0c:28:f6:68: e0:d2:1d:be:18:06:bd:c7:14:e4:73:de:db:b3:ad:7b:a5:61: 26:50:b7:8d:64:23:11:b6:e6:9d:e8:87:c1:91:5b:e7:e4:2d: 43:51:b9:15:40:39:40:66:7d:19:60:d1:10:ca:f4:64:e1:11: 11:49:0c:4b:b9:49:bc:44:e3:a4:79:46:35:fc:3d:7d:73:80: a0:91:8a:f8:de:59:10:46:84:4d:4b:e0:cb:02:5e:a1:60:3f: 7f:2a:00:f8:e9:7f:ee:ff:85:58:a8:9c:45:6c:a7:27:2e:31: 6d:ef:e2:b8:a8:50:89:60:69:5b:6f:e5:7b:9e:cb:d2:6a:fc: 35:da:0e:68:e7:90:4a:79:4c:90:75:09:e7:33:cb:b5:02:d4: ab:2d:3b:42:5c:c0:79:14:b6:fc:4c:3c:e0:23:9a:9e:b7:a5: 5d:eb:90:54:22:9f:c9:ed:47:da:1e:24:c7:e4:de:87:7a:3f: b4:43:1f:0b:16:34:ab:0c:76:32:1b:85:db:e2:a0:50:cd:19: 8f:74:2c:b2:53:2c:83:51:77:92:4e:b3:9c:ee:d3:c8:ce:9c: 77:ea:51:83:76:60:0a:76:4a:3c:39:52:3d:7e:c2:63:3f:75: a8:0c:64:07 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsu+jGTgAMjREA3WA2++0JDMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI4Y2JjZDk2Y2IxN2IyMWQ2MjRmZDIxNzBmZDBkNzA4MTYz YWYyM2QwHhcNMjUxMjE4MDEwMTQ3WhcNMjUxMjE5MDEwMTQ3WjAzMTEwLwYDVQQD EyhmNDZiYWQ0OWRlNWFhM2FlMGQzNmUxYmUyOTJiOWY3M2I1M2FlMTM4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoBleAOxMAEVQ879aXUvrEFdExc+7 MtYRjSLgxKdrRupyfBXyVKUsddUHD5IDAiPPOCJuxm1nZhHK1O3r8EJM6R0Luy6y YMRZpXmoMucxyRT06OBh1Diq/XrAkhh/YE1yy3wrAXV7R09LsvBlzaclnnv9WssT Pp5bEOjCnI/lY6K4MXZS/RHcS8gky7AW11gOW++ZcKNNOs9KLT4IjcQ+W2mrJav/ S9F0AMiQM6JvS91BrEi3RDcFTJufFGVYqRdb4/pGKPCwvCrBqpNRsUdxwU8FhhVW K1eI+xbeoNKjvBHG/UhfOt00G83KmJwOoMs+lAewZxXeuPMtT7QeKQ53qwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPRrrUneWqOuDTbhvikrn3O1OuE4MB8GA1UdIwQY MBaAFCjLzZbLF7IdYk/SFw/Q1wgWOvI9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS012Tmxzc1hzaDFpVDlJWEQ5RFhDQlk2OGowLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC82ZTQwZWUtNzkzNS00MWE5LThlZTct ZjlhNjk0NDlkNWZhLzEvS012Tmxzc1hzaDFpVDlJWEQ5RFhDQlk2OGowLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iOC82ZTQwZWUtNzkzNS00MWE5LThlZTctZjlhNjk0NDlkNWZh LzEvS012Tmxzc1hzaDFpVDlJWEQ5RFhDQlk2OGowLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAk8kx/pih +nJuVqeBOlIMKPZo4NIdvhgGvccU5HPe27Ote6VhJlC3jWQjEbbmneiHwZFb5+Qt Q1G5FUA5QGZ9GWDREMr0ZOEREUkMS7lJvETjpHlGNfw9fXOAoJGK+N5ZEEaETUvg ywJeoWA/fyoA+Ol/7v+FWKicRWynJy4xbe/iuKhQiWBpW2/le57L0mr8NdoOaOeQ SnlMkHUJ5zPLtQLUqy07QlzAeRS2/Ew84COanrelXeuQVCKfye1H2h4kx+Teh3o/ tEMfCxY0qwx2MhuF2+KgUM0Zj3QsslMsg1F3kk6znO7TyM6cd+pRg3ZgCnZKPDlS PX7CYz91qAxkBw== -----END CERTIFICATE-----Generated at Thu Dec 18 11:23:20 2025 by rpki-client