This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/6e40ee-7935-41a9-8ee7-f9a69449d5fa/1/KMvNlssXsh1iT9IXD9DXCBY68j0.mft File: KMvNlssXsh1iT9IXD9DXCBY68j0.mft (raw, json) Hash identifier: QK+ZfN+ZM9TWD1nNHPAhlASvtKgMUOTTVCmx71pKYmU= Subject key identifier: 20:92:0E:5B:DB:5A:CC:28:11:09:6C:E6:F0:C1:32:7B:79:E2:03:0E Authority key identifier: 28:CB:CD:96:CB:17:B2:1D:62:4F:D2:17:0F:D0:D7:08:16:3A:F2:3D Certificate issuer: /CN=28cbcd96cb17b21d624fd2170fd0d708163af23d Certificate serial: 019AF12DF108C002E97A28781405F238BD07 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KMvNlssXsh1iT9IXD9DXCBY68j0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/6e40ee-7935-41a9-8ee7-f9a69449d5fa/1/KMvNlssXsh1iT9IXD9DXCBY68j0.mft Manifest number: 1089 Signing time: Sat 06 Dec 2025 01:01:51 +0000 Manifest this update: Sat 06 Dec 2025 01:01:51 +0000 Manifest next update: Sun 07 Dec 2025 01:01:51 +0000 Files and hashes: 1: KMvNlssXsh1iT9IXD9DXCBY68j0.crl (hash: E2pMfmDi5v4WKwC1sBZqHshng7cvAJEhV46Cs+ynJtg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b8/6e40ee-7935-41a9-8ee7-f9a69449d5fa/1/KMvNlssXsh1iT9IXD9DXCBY68j0.crl rsync://rpki.ripe.net/repository/DEFAULT/b8/6e40ee-7935-41a9-8ee7-f9a69449d5fa/1/KMvNlssXsh1iT9IXD9DXCBY68j0.mft rsync://rpki.ripe.net/repository/DEFAULT/KMvNlssXsh1iT9IXD9DXCBY68j0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:01:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2d:f1:08:c0:02:e9:7a:28:78:14:05:f2:38:bd:07 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=28cbcd96cb17b21d624fd2170fd0d708163af23d Validity Not Before: Dec 6 01:01:51 2025 GMT Not After : Dec 7 01:01:51 2025 GMT Subject: CN=20920e5bdb5acc2811096ce6f0c1327b79e2030e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:39:d7:a9:19:86:00:64:a2:7f:fd:ca:c0:85: 52:b0:ac:35:34:24:07:af:ec:92:40:e9:e4:e5:66: fa:5c:04:6a:4c:f0:8b:8f:10:2d:48:16:49:a1:ef: 89:b9:11:cf:fc:43:1c:fd:b0:9f:96:8b:37:48:87: 74:ca:8d:95:28:46:77:86:eb:df:c8:36:c7:dd:f0: 6e:40:69:09:ff:8c:c2:d4:72:d2:6f:cd:e8:a6:ce: f2:2f:4e:4f:57:25:a1:cd:20:ca:63:65:fa:d3:fe: 7d:53:65:12:66:d9:44:ff:11:86:64:6f:51:10:1a: 34:f8:72:06:9e:dc:12:c6:e6:bd:ad:42:10:60:ae: 12:53:e8:72:91:44:77:a6:97:0b:db:f6:fb:df:93: 42:e0:df:53:05:7e:dd:e8:48:3f:4c:10:70:21:d1: 9e:b0:f4:92:5e:53:3a:4f:31:fb:18:e3:cd:a9:58: 6b:f8:e9:18:50:36:5a:44:a7:a6:39:e3:83:36:08: 67:8f:69:ea:c9:26:eb:44:99:b0:f9:ea:f3:85:bf: f2:73:ce:69:5f:ff:76:4b:9a:97:c6:1a:a3:4a:8d: d1:aa:0e:af:94:95:8f:92:12:00:6d:4e:0f:b0:d8: 23:d2:0f:41:7e:30:64:5b:ab:09:cb:8e:e8:77:04: ba:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:92:0E:5B:DB:5A:CC:28:11:09:6C:E6:F0:C1:32:7B:79:E2:03:0E X509v3 Authority Key Identifier: keyid:28:CB:CD:96:CB:17:B2:1D:62:4F:D2:17:0F:D0:D7:08:16:3A:F2:3D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KMvNlssXsh1iT9IXD9DXCBY68j0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6e40ee-7935-41a9-8ee7-f9a69449d5fa/1/KMvNlssXsh1iT9IXD9DXCBY68j0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6e40ee-7935-41a9-8ee7-f9a69449d5fa/1/KMvNlssXsh1iT9IXD9DXCBY68j0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 82:0b:84:7a:b6:a0:97:b0:a6:3f:df:88:5d:e2:c3:01:8b:64: 6a:52:73:a5:4a:f2:02:b6:75:97:8f:b5:90:22:45:94:b3:c7: 2c:8e:2b:8e:54:08:12:71:e3:5e:17:f4:9a:f6:f1:d5:a0:4e: c1:eb:99:79:79:8a:65:b5:db:b1:d8:eb:45:f0:9a:1b:4d:02: 77:f9:4b:40:21:84:8b:41:98:5e:47:78:f0:e5:e4:d0:29:f8: 0a:42:11:25:9f:90:bb:b4:63:06:cf:98:00:4c:a6:31:6f:a8: 8c:2e:4d:39:86:32:32:95:2e:1a:23:f8:7e:f5:c9:56:cc:05: 26:03:90:ce:88:eb:55:81:0f:80:a9:06:d0:8d:8b:78:23:2e: 0d:64:13:7b:46:e0:08:ee:be:6b:9e:2b:7a:c9:72:e8:e9:d7: 33:96:c9:7d:aa:9a:37:5b:d5:70:3a:f2:42:ba:6f:aa:59:58: 87:cb:fe:26:7a:dd:e2:73:1e:b9:57:82:2a:cf:2c:1f:97:d7: b3:db:f5:20:bb:28:ce:4b:01:16:f7:54:df:d5:80:40:ac:57: 35:0e:71:8e:22:4a:b1:13:18:e6:f1:f6:cc:22:25:81:83:22: 4f:07:c5:08:9d:54:8b:50:af:4e:83:86:68:a6:8d:99:33:a5: 62:c6:cf:3c -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLfEIwALpeih4FAXyOL0HMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI4Y2JjZDk2Y2IxN2IyMWQ2MjRmZDIxNzBmZDBkNzA4MTYz YWYyM2QwHhcNMjUxMjA2MDEwMTUxWhcNMjUxMjA3MDEwMTUxWjAzMTEwLwYDVQQD EygyMDkyMGU1YmRiNWFjYzI4MTEwOTZjZTZmMGMxMzI3Yjc5ZTIwMzBlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7DnXqRmGAGSif/3KwIVSsKw1NCQH r+ySQOnk5Wb6XARqTPCLjxAtSBZJoe+JuRHP/EMc/bCflos3SId0yo2VKEZ3huvf yDbH3fBuQGkJ/4zC1HLSb83ops7yL05PVyWhzSDKY2X60/59U2USZtlE/xGGZG9R EBo0+HIGntwSxua9rUIQYK4SU+hykUR3ppcL2/b735NC4N9TBX7d6Eg/TBBwIdGe sPSSXlM6TzH7GOPNqVhr+OkYUDZaRKemOeODNghnj2nqySbrRJmw+erzhb/yc85p X/92S5qXxhqjSo3Rqg6vlJWPkhIAbU4PsNgj0g9BfjBkW6sJy47odwS61wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCCSDlvbWswoEQls5vDBMnt54gMOMB8GA1UdIwQY MBaAFCjLzZbLF7IdYk/SFw/Q1wgWOvI9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS012Tmxzc1hzaDFpVDlJWEQ5RFhDQlk2OGowLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC82ZTQwZWUtNzkzNS00MWE5LThlZTct ZjlhNjk0NDlkNWZhLzEvS012Tmxzc1hzaDFpVDlJWEQ5RFhDQlk2OGowLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iOC82ZTQwZWUtNzkzNS00MWE5LThlZTctZjlhNjk0NDlkNWZh LzEvS012Tmxzc1hzaDFpVDlJWEQ5RFhDQlk2OGowLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgguEerag l7CmP9+IXeLDAYtkalJzpUryArZ1l4+1kCJFlLPHLI4rjlQIEnHjXhf0mvbx1aBO weuZeXmKZbXbsdjrRfCaG00Cd/lLQCGEi0GYXkd48OXk0Cn4CkIRJZ+Qu7RjBs+Y AEymMW+ojC5NOYYyMpUuGiP4fvXJVswFJgOQzojrVYEPgKkG0I2LeCMuDWQTe0bg CO6+a54resly6OnXM5bJfaqaN1vVcDryQrpvqllYh8v+Jnrd4nMeuVeCKs8sH5fX s9v1ILsozksBFvdU39WAQKxXNQ5xjiJKsRMY5vH2zCIlgYMiTwfFCJ1Ui1CvToOG aKaNmTOlYsbPPA== -----END CERTIFICATE-----Generated at Sat Dec 6 11:07:43 2025 by rpki-client