This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/54e498-e629-41e8-8abc-df5f20dd76ad/1/KhmTnyGLthMV6bOzez24WWCXXRQ.mft File: KhmTnyGLthMV6bOzez24WWCXXRQ.mft (raw, json) Hash identifier: o1IgQb+uZXYFUk6f2SakJY1t1n/LEFpQAIzKJL1Nsg4= Subject key identifier: 2D:D5:1C:A6:C5:45:57:33:99:A6:4B:0A:9D:81:22:50:03:28:2E:03 Authority key identifier: 2A:19:93:9F:21:8B:B6:13:15:E9:B3:B3:7B:3D:B8:59:60:97:5D:14 Certificate issuer: /CN=2a19939f218bb61315e9b3b37b3db85960975d14 Certificate serial: 019AF23FEED047EB8E3989C2C449F4A8D01C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KhmTnyGLthMV6bOzez24WWCXXRQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/54e498-e629-41e8-8abc-df5f20dd76ad/1/KhmTnyGLthMV6bOzez24WWCXXRQ.mft Manifest number: 115C Signing time: Sat 06 Dec 2025 06:01:07 +0000 Manifest this update: Sat 06 Dec 2025 06:01:07 +0000 Manifest next update: Sun 07 Dec 2025 06:01:07 +0000 Files and hashes: 1: ICnu7sUwpSSY15uEDFVsgADJKAc.roa (hash: OMIgQNcZqzMDzM+I0pk5KXUbjDdmpf89SBEO3vtX8ZE=) 2: KhmTnyGLthMV6bOzez24WWCXXRQ.crl (hash: GrNwPVxJGbBl/waE57WLf13587mtKf4pU9gvbUFLTjM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/54e498-e629-41e8-8abc-df5f20dd76ad/1/KhmTnyGLthMV6bOzez24WWCXXRQ.crl rsync://rpki.ripe.net/repository/DEFAULT/c1/54e498-e629-41e8-8abc-df5f20dd76ad/1/KhmTnyGLthMV6bOzez24WWCXXRQ.mft rsync://rpki.ripe.net/repository/DEFAULT/KhmTnyGLthMV6bOzez24WWCXXRQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 02:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:3f:ee:d0:47:eb:8e:39:89:c2:c4:49:f4:a8:d0:1c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a19939f218bb61315e9b3b37b3db85960975d14 Validity Not Before: Dec 6 06:01:07 2025 GMT Not After : Dec 7 06:01:07 2025 GMT Subject: CN=2dd51ca6c545573399a64b0a9d81225003282e03 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:f0:e6:0f:fd:23:d0:9b:c0:03:24:61:71:94: 82:df:1a:f0:ca:18:4a:b7:2f:e5:0b:68:7c:de:a9: 74:4d:6a:36:ba:26:ab:0e:49:2a:01:3f:46:c7:41: 81:61:5d:e5:63:cd:79:77:f2:0e:d1:bc:0a:6f:20: e7:19:cd:0e:70:73:bf:2e:6b:10:75:74:93:f8:52: e2:13:e6:23:0f:d8:ac:5a:14:70:d0:79:54:ab:32: af:3d:ae:95:f1:ee:18:08:4f:32:d2:ca:89:33:9d: e1:3e:47:8c:2d:93:9a:73:60:87:07:a0:af:df:29: 76:0b:2a:68:05:f2:e2:dc:a3:fb:68:54:ee:14:3d: f2:0f:44:6a:14:d9:1f:ac:b7:60:0e:ac:81:70:16: 1f:0b:b6:94:d9:e1:bb:b3:0a:64:09:5e:ac:7b:ca: 54:3f:41:e1:4f:9d:1d:d6:9a:9e:65:f7:8d:94:1f: fb:9a:e2:05:07:e4:71:bd:d7:1b:b8:36:db:9a:41: a8:ea:94:c5:58:1f:0e:d6:b1:c4:23:e6:af:66:60: 78:4e:ca:a9:62:8c:16:21:b7:6e:a5:fa:29:37:55: b6:33:b1:34:ce:9d:97:c9:64:51:fb:69:7d:e9:15: bc:3f:a4:77:95:33:5c:b1:a5:3c:fe:74:e1:fe:94: 66:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:D5:1C:A6:C5:45:57:33:99:A6:4B:0A:9D:81:22:50:03:28:2E:03 X509v3 Authority Key Identifier: keyid:2A:19:93:9F:21:8B:B6:13:15:E9:B3:B3:7B:3D:B8:59:60:97:5D:14 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KhmTnyGLthMV6bOzez24WWCXXRQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/54e498-e629-41e8-8abc-df5f20dd76ad/1/KhmTnyGLthMV6bOzez24WWCXXRQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/54e498-e629-41e8-8abc-df5f20dd76ad/1/KhmTnyGLthMV6bOzez24WWCXXRQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 95:ac:18:39:6c:db:0c:70:34:c4:a8:23:fe:f9:2e:de:36:a5: 4e:bd:aa:9c:51:64:f7:65:f2:4d:15:df:8a:19:fa:f4:8a:73: 73:71:71:22:b2:3b:38:f5:03:d8:b8:66:53:0d:30:5f:98:ac: 1c:0d:40:10:59:d4:b7:2f:53:46:ec:af:7d:6d:ca:da:1e:e2: 69:30:b0:b7:9f:6f:40:61:65:35:4a:95:e1:75:ae:5f:19:de: 55:af:0c:1d:07:63:17:14:d5:3b:f6:b2:b6:02:19:5e:06:20: fd:31:f3:25:df:ac:54:a9:81:e8:e4:7d:ca:3d:62:dc:5a:23: 21:d7:67:c6:7a:39:a5:30:0d:20:76:74:13:16:cb:89:0e:b0: ef:97:5d:ea:bb:e7:0b:d1:ad:8b:bb:82:fd:38:42:fa:4a:58: 87:fc:42:5c:4d:ee:ac:22:09:d2:3d:83:64:29:0d:ea:f2:d1: 0f:c6:56:82:24:8a:de:f7:d1:4e:75:e4:96:1c:d1:c8:c6:eb: a0:2e:9a:53:7c:ea:78:fa:83:12:69:99:73:24:13:0e:d5:c0: 8e:35:8f:79:fc:54:ae:fe:e4:4e:9c:3f:7e:e2:58:19:84:4f: 8c:42:35:ee:8a:98:00:30:c5:d7:11:10:47:6c:38:3b:e3:b7: fd:db:46:a4 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryP+7QR+uOOYnCxEn0qNAcMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhMTk5MzlmMjE4YmI2MTMxNWU5YjNiMzdiM2RiODU5NjA5 NzVkMTQwHhcNMjUxMjA2MDYwMTA3WhcNMjUxMjA3MDYwMTA3WjAzMTEwLwYDVQQD EygyZGQ1MWNhNmM1NDU1NzMzOTlhNjRiMGE5ZDgxMjI1MDAzMjgyZTAzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmPDmD/0j0JvAAyRhcZSC3xrwyhhK ty/lC2h83ql0TWo2uiarDkkqAT9Gx0GBYV3lY815d/IO0bwKbyDnGc0OcHO/LmsQ dXST+FLiE+YjD9isWhRw0HlUqzKvPa6V8e4YCE8y0sqJM53hPkeMLZOac2CHB6Cv 3yl2CypoBfLi3KP7aFTuFD3yD0RqFNkfrLdgDqyBcBYfC7aU2eG7swpkCV6se8pU P0HhT50d1pqeZfeNlB/7muIFB+RxvdcbuDbbmkGo6pTFWB8O1rHEI+avZmB4Tsqp YowWIbdupfopN1W2M7E0zp2XyWRR+2l96RW8P6R3lTNcsaU8/nTh/pRmxwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFC3VHKbFRVczmaZLCp2BIlADKC4DMB8GA1UdIwQY MBaAFCoZk58hi7YTFemzs3s9uFlgl10UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS2htVG55R0x0aE1WNmJPemV6MjRXV0NYWFJRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS81NGU0OTgtZTYyOS00MWU4LThhYmMt ZGY1ZjIwZGQ3NmFkLzEvS2htVG55R0x0aE1WNmJPemV6MjRXV0NYWFJRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jMS81NGU0OTgtZTYyOS00MWU4LThhYmMtZGY1ZjIwZGQ3NmFk LzEvS2htVG55R0x0aE1WNmJPemV6MjRXV0NYWFJRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlawYOWzb DHA0xKgj/vku3jalTr2qnFFk92XyTRXfihn69Ipzc3FxIrI7OPUD2LhmUw0wX5is HA1AEFnUty9TRuyvfW3K2h7iaTCwt59vQGFlNUqV4XWuXxneVa8MHQdjFxTVO/ay tgIZXgYg/THzJd+sVKmB6OR9yj1i3FojIddnxno5pTANIHZ0ExbLiQ6w75dd6rvn C9Gti7uC/ThC+kpYh/xCXE3urCIJ0j2DZCkN6vLRD8ZWgiSK3vfRTnXklhzRyMbr oC6aU3zqePqDEmmZcyQTDtXAjjWPefxUrv7kTpw/fuJYGYRPjEI17oqYADDF1xEQ R2w4O+O3/dtGpA== -----END CERTIFICATE-----Generated at Sat Dec 6 08:06:14 2025 by rpki-client