This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/693cc3-ab75-44c6-a740-7461a56ce95e/1/KIBHSpYWHd4pQs-58YVsL_yICQQ.mft File: KIBHSpYWHd4pQs-58YVsL_yICQQ.mft (raw, json) Hash identifier: 4E4/ltW3rpuPel1wUXemc2lEPX6Fnsg+dnGQyedVe1k= Subject key identifier: DE:82:53:91:6D:24:DE:FF:E5:DE:A2:50:53:F6:CE:54:8D:64:C8:DF Authority key identifier: 28:80:47:4A:96:16:1D:DE:29:42:CF:B9:F1:85:6C:2F:FC:88:09:04 Certificate issuer: /CN=2880474a96161dde2942cfb9f1856c2ffc880904 Certificate serial: 019AF3C067BE3B9A7B577F6621FE142FD8EE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KIBHSpYWHd4pQs-58YVsL_yICQQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/693cc3-ab75-44c6-a740-7461a56ce95e/1/KIBHSpYWHd4pQs-58YVsL_yICQQ.mft Manifest number: 0320 Signing time: Sat 06 Dec 2025 13:01:04 +0000 Manifest this update: Sat 06 Dec 2025 13:01:04 +0000 Manifest next update: Sun 07 Dec 2025 13:01:04 +0000 Files and hashes: 1: KIBHSpYWHd4pQs-58YVsL_yICQQ.crl (hash: b8X6mE8sLGwq3SH3YbJd8sY1BSM0UDIstiFnbFkIvIo=) 2: q2_sbJziOr7rwxyhvKWnkNjMans.roa (hash: 0BH7DATsPfSUKJPP/TZdwOG931UfHO+OV4ftBhPZrwY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/693cc3-ab75-44c6-a740-7461a56ce95e/1/KIBHSpYWHd4pQs-58YVsL_yICQQ.crl rsync://rpki.ripe.net/repository/DEFAULT/ba/693cc3-ab75-44c6-a740-7461a56ce95e/1/KIBHSpYWHd4pQs-58YVsL_yICQQ.mft rsync://rpki.ripe.net/repository/DEFAULT/KIBHSpYWHd4pQs-58YVsL_yICQQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:01:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:c0:67:be:3b:9a:7b:57:7f:66:21:fe:14:2f:d8:ee Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2880474a96161dde2942cfb9f1856c2ffc880904 Validity Not Before: Dec 6 13:01:04 2025 GMT Not After : Dec 7 13:01:04 2025 GMT Subject: CN=de8253916d24deffe5dea25053f6ce548d64c8df Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:85:eb:30:ee:44:1a:ac:6b:25:97:b9:c0:56: 0f:fd:d0:95:b4:a8:68:04:b4:08:08:b8:2d:5c:e9: 9d:7a:56:15:5e:5d:50:31:4f:f7:28:f7:db:eb:ce: 60:96:54:6e:9e:0c:89:14:7e:e0:a3:fc:db:5a:46: 96:3a:33:e5:44:87:76:84:e5:54:ab:9f:0c:00:68: a0:0e:d3:23:23:ba:c7:7a:07:d3:f0:18:30:77:0a: fa:1b:9b:c3:95:c1:63:b5:f5:d3:52:c9:44:b8:cf: 0f:13:a2:e9:67:87:0f:ed:0d:62:63:4d:50:d7:3d: 72:21:ed:26:01:14:53:a3:27:47:d2:9d:e5:c6:96: 0f:b5:f9:2e:61:7b:6c:d9:15:bb:ca:ec:96:42:ab: 09:8f:ef:8e:0e:5e:8b:1b:94:c4:f0:ed:73:0a:13: ec:93:82:80:fb:4a:a8:ed:74:74:88:57:31:fe:49: da:8c:8c:b6:e7:17:54:f0:f7:69:ef:d7:1a:b1:18: 44:08:a8:e9:43:3a:89:40:70:9a:7f:f1:93:1a:62: 7e:61:66:8c:e9:24:01:bc:18:2c:73:40:9e:b5:2c: 76:80:f3:92:55:31:aa:c4:6f:3f:de:ef:9b:f0:d5: 9e:26:f2:4c:1f:76:e4:e5:45:ff:f6:b4:ea:96:95: 57:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DE:82:53:91:6D:24:DE:FF:E5:DE:A2:50:53:F6:CE:54:8D:64:C8:DF X509v3 Authority Key Identifier: keyid:28:80:47:4A:96:16:1D:DE:29:42:CF:B9:F1:85:6C:2F:FC:88:09:04 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KIBHSpYWHd4pQs-58YVsL_yICQQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/693cc3-ab75-44c6-a740-7461a56ce95e/1/KIBHSpYWHd4pQs-58YVsL_yICQQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/693cc3-ab75-44c6-a740-7461a56ce95e/1/KIBHSpYWHd4pQs-58YVsL_yICQQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 87:0c:34:3a:ed:b9:7b:d5:9d:8e:33:79:2b:6c:14:10:50:f1: 1d:a6:6e:e4:50:cc:9a:44:fc:14:24:ac:c6:f3:1e:73:69:07: 11:62:21:25:5d:1f:39:04:23:ed:92:c9:2f:5a:3e:3d:4b:0a: d9:4e:3a:b7:58:a0:75:c5:99:e7:85:92:a2:51:50:e8:3c:48: 84:c7:7d:51:17:59:da:e7:11:d4:5d:de:31:07:b6:61:47:b5: 3a:ff:14:a4:1a:73:68:cf:cc:c2:61:f5:72:8f:d3:47:0c:24: 22:28:3d:41:9e:97:76:3a:b4:ec:72:95:9d:f0:23:a7:27:4a: e1:ef:83:3c:5b:74:64:31:a7:53:b4:9f:b1:f6:9c:d5:98:f7: f8:d2:80:60:1a:d2:d0:3b:15:e6:eb:35:ab:db:8a:99:11:a3: c5:95:9f:bc:41:ee:7d:ce:a5:6e:dc:98:12:ef:35:53:2a:e1: 4b:89:ae:e9:19:4e:a8:8e:da:d4:8d:99:8c:e2:ec:d8:7c:ef: d7:56:f8:52:78:b8:29:f5:dd:4b:70:0d:f2:78:83:1c:ba:e6: e3:76:f0:01:b9:bc:38:c9:f5:ab:88:f6:4d:d1:b7:81:8e:7c: 4b:7d:37:0f:dc:82:8d:ed:11:d9:43:c5:2b:ee:ea:2f:12:6f: 15:4c:f9:ae -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzwGe+O5p7V39mIf4UL9juMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI4ODA0NzRhOTYxNjFkZGUyOTQyY2ZiOWYxODU2YzJmZmM4 ODA5MDQwHhcNMjUxMjA2MTMwMTA0WhcNMjUxMjA3MTMwMTA0WjAzMTEwLwYDVQQD EyhkZTgyNTM5MTZkMjRkZWZmZTVkZWEyNTA1M2Y2Y2U1NDhkNjRjOGRmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzoXrMO5EGqxrJZe5wFYP/dCVtKho BLQICLgtXOmdelYVXl1QMU/3KPfb685gllRungyJFH7go/zbWkaWOjPlRId2hOVU q58MAGigDtMjI7rHegfT8Bgwdwr6G5vDlcFjtfXTUslEuM8PE6LpZ4cP7Q1iY01Q 1z1yIe0mARRToydH0p3lxpYPtfkuYXts2RW7yuyWQqsJj++ODl6LG5TE8O1zChPs k4KA+0qo7XR0iFcx/knajIy25xdU8Pdp79casRhECKjpQzqJQHCaf/GTGmJ+YWaM 6SQBvBgsc0CetSx2gPOSVTGqxG8/3u+b8NWeJvJMH3bk5UX/9rTqlpVX3QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFN6CU5FtJN7/5d6iUFP2zlSNZMjfMB8GA1UdIwQY MBaAFCiAR0qWFh3eKULPufGFbC/8iAkEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS0lCSFNwWVdIZDRwUXMtNThZVnNMX3lJQ1FRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS82OTNjYzMtYWI3NS00NGM2LWE3NDAt NzQ2MWE1NmNlOTVlLzEvS0lCSFNwWVdIZDRwUXMtNThZVnNMX3lJQ1FRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYS82OTNjYzMtYWI3NS00NGM2LWE3NDAtNzQ2MWE1NmNlOTVl LzEvS0lCSFNwWVdIZDRwUXMtNThZVnNMX3lJQ1FRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhww0Ou25 e9WdjjN5K2wUEFDxHaZu5FDMmkT8FCSsxvMec2kHEWIhJV0fOQQj7ZLJL1o+PUsK 2U46t1igdcWZ54WSolFQ6DxIhMd9URdZ2ucR1F3eMQe2YUe1Ov8UpBpzaM/MwmH1 co/TRwwkIig9QZ6Xdjq07HKVnfAjpydK4e+DPFt0ZDGnU7Sfsfac1Zj3+NKAYBrS 0DsV5us1q9uKmRGjxZWfvEHufc6lbtyYEu81UyrhS4mu6RlOqI7a1I2ZjOLs2Hzv 11b4Uni4KfXdS3AN8niDHLrm43bwAbm8OMn1q4j2TdG3gY58S303D9yCje0R2UPF K+7qLxJvFUz5rg== -----END CERTIFICATE-----Generated at Sat Dec 6 20:22:20 2025 by rpki-client