This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/8694b9-01d7-48b8-a882-94e700bd55f5/1/kTOA6LhQRU2zgd3euawsyKL2JTE.mft File: kTOA6LhQRU2zgd3euawsyKL2JTE.mft (raw, json) Hash identifier: KVk2jlFw6d3QjSzETnAxHupzqVWXRaEft3JCsOTnVIc= Subject key identifier: 81:8A:8D:17:A4:16:D4:A1:12:20:87:3E:C3:BF:DC:F8:CB:8C:14:C7 Authority key identifier: 91:33:80:E8:B8:50:45:4D:B3:81:DD:DE:B9:AC:2C:C8:A2:F6:25:31 Certificate issuer: /CN=913380e8b850454db381dddeb9ac2cc8a2f62531 Certificate serial: 019B2D0B7DA6AA930AD195F3C21841210034 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kTOA6LhQRU2zgd3euawsyKL2JTE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/8694b9-01d7-48b8-a882-94e700bd55f5/1/kTOA6LhQRU2zgd3euawsyKL2JTE.mft Manifest number: 067B Signing time: Wed 17 Dec 2025 16:01:26 +0000 Manifest this update: Wed 17 Dec 2025 16:01:26 +0000 Manifest next update: Thu 18 Dec 2025 16:01:26 +0000 Files and hashes: 1: U5Y7YWVXNPPm9KoqmwsivloXzrs.roa (hash: ca5vcs2GJ+zXpmrDaBzBSEBE+1Vnejqdln+cTCo9uxU=) 2: kTOA6LhQRU2zgd3euawsyKL2JTE.crl (hash: dOhQWNarPxD1+UqT4iYNQ1XCKTa/+fX0sQnAfSIshsc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c2/8694b9-01d7-48b8-a882-94e700bd55f5/1/kTOA6LhQRU2zgd3euawsyKL2JTE.crl rsync://rpki.ripe.net/repository/DEFAULT/c2/8694b9-01d7-48b8-a882-94e700bd55f5/1/kTOA6LhQRU2zgd3euawsyKL2JTE.mft rsync://rpki.ripe.net/repository/DEFAULT/kTOA6LhQRU2zgd3euawsyKL2JTE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 18 Dec 2025 10:00:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2d:0b:7d:a6:aa:93:0a:d1:95:f3:c2:18:41:21:00:34 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=913380e8b850454db381dddeb9ac2cc8a2f62531 Validity Not Before: Dec 17 16:01:26 2025 GMT Not After : Dec 18 16:01:26 2025 GMT Subject: CN=818a8d17a416d4a11220873ec3bfdcf8cb8c14c7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:53:bc:e0:bc:20:29:eb:9d:ef:90:4a:9c:f3: 94:b7:e3:cb:77:ff:86:67:fc:46:d2:e0:9b:61:8a: 8d:3d:90:63:37:0b:b1:38:5b:85:51:f7:ad:29:b4: 22:3a:5a:99:b7:67:7b:93:d1:b3:e5:fd:13:ba:2a: 23:9b:59:7a:70:88:e1:4d:80:7c:89:2a:8c:ff:09: 7a:18:ad:f5:5d:90:bf:b8:18:9b:4f:6f:cd:64:d4: 50:d5:0c:cb:ee:29:e9:f0:42:25:04:df:44:96:36: 6f:14:69:a2:43:0d:7d:d9:4a:4b:82:46:af:b3:e6: cf:2d:29:9e:9d:2d:55:2d:05:bb:a3:76:0d:3a:04: 13:74:7d:08:bb:0b:7c:75:7c:ac:55:44:92:3a:3e: c0:41:c7:0e:b3:e4:3c:d3:cc:09:f6:8c:09:bd:cc: b6:58:c8:f4:11:a6:8d:b6:cf:98:04:ef:74:26:c5: 02:c9:93:c6:06:ef:ba:51:32:81:97:dc:c3:6b:8a: ae:e1:e2:db:ea:ba:c0:e3:59:d0:1c:e1:c3:8c:41: 87:9e:25:d9:04:74:15:07:6d:25:da:4c:cb:81:2f: df:37:32:2f:20:36:9a:db:86:12:4e:68:f4:f4:64: 82:a9:a2:28:11:1c:24:15:af:58:45:cd:e8:53:5b: 39:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 81:8A:8D:17:A4:16:D4:A1:12:20:87:3E:C3:BF:DC:F8:CB:8C:14:C7 X509v3 Authority Key Identifier: keyid:91:33:80:E8:B8:50:45:4D:B3:81:DD:DE:B9:AC:2C:C8:A2:F6:25:31 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kTOA6LhQRU2zgd3euawsyKL2JTE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/8694b9-01d7-48b8-a882-94e700bd55f5/1/kTOA6LhQRU2zgd3euawsyKL2JTE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/8694b9-01d7-48b8-a882-94e700bd55f5/1/kTOA6LhQRU2zgd3euawsyKL2JTE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 67:5c:4b:88:4f:2e:69:bb:eb:96:bf:a1:ca:44:a9:19:6b:53: e0:bf:ba:2d:b8:b1:c4:8e:03:ab:af:f1:11:2d:c8:32:75:64: 7b:0e:55:3b:4c:50:d5:e9:b8:3d:39:47:d1:e3:03:e6:cc:b1: 4e:36:68:e9:d6:38:d2:11:d3:b0:fc:db:6f:a4:0b:15:d3:be: e4:e2:37:f5:27:1e:3f:06:e1:01:e5:5d:0c:ca:84:57:d3:b5: ba:65:07:ed:91:f5:ae:27:49:96:a6:d1:72:db:15:c8:24:da: 25:3f:ea:e1:61:25:e3:8b:fc:18:0d:6e:a6:84:d7:2a:1f:d9: e1:11:d6:09:41:2d:1c:e5:90:66:0f:63:f7:97:de:43:33:c8: 02:c8:72:7e:5e:5a:54:06:c3:ac:aa:71:8e:99:c1:6e:88:65: fe:47:b1:4b:b2:01:2c:ef:70:27:77:25:18:b4:f2:d0:e1:68: 3c:e1:b8:a8:59:f2:b3:4e:c1:be:c0:aa:b6:21:36:61:d4:4e: 0c:3a:fe:75:9f:0a:62:47:d8:44:c4:4c:ec:52:29:64:af:33: 07:8e:e0:a2:4b:ad:78:68:f2:35:5d:5a:f5:73:10:2d:99:05: 1c:98:60:c8:a1:92:31:39:25:3d:8e:01:a8:36:7d:12:22:9c: 66:7f:6d:8d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZstC32mqpMK0ZXzwhhBIQA0MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkxMzM4MGU4Yjg1MDQ1NGRiMzgxZGRkZWI5YWMyY2M4YTJm NjI1MzEwHhcNMjUxMjE3MTYwMTI2WhcNMjUxMjE4MTYwMTI2WjAzMTEwLwYDVQQD Eyg4MThhOGQxN2E0MTZkNGExMTIyMDg3M2VjM2JmZGNmOGNiOGMxNGM3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu1O84LwgKeud75BKnPOUt+PLd/+G Z/xG0uCbYYqNPZBjNwuxOFuFUfetKbQiOlqZt2d7k9Gz5f0Tuiojm1l6cIjhTYB8 iSqM/wl6GK31XZC/uBibT2/NZNRQ1QzL7inp8EIlBN9EljZvFGmiQw192UpLgkav s+bPLSmenS1VLQW7o3YNOgQTdH0Iuwt8dXysVUSSOj7AQccOs+Q808wJ9owJvcy2 WMj0EaaNts+YBO90JsUCyZPGBu+6UTKBl9zDa4qu4eLb6rrA41nQHOHDjEGHniXZ BHQVB20l2kzLgS/fNzIvIDaa24YSTmj09GSCqaIoERwkFa9YRc3oU1s54QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIGKjRekFtShEiCHPsO/3PjLjBTHMB8GA1UdIwQY MBaAFJEzgOi4UEVNs4Hd3rmsLMii9iUxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva1RPQTZMaFFSVTJ6Z2QzZXVhd3N5S0wySlRFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi84Njk0YjktMDFkNy00OGI4LWE4ODIt OTRlNzAwYmQ1NWY1LzEva1RPQTZMaFFSVTJ6Z2QzZXVhd3N5S0wySlRFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jMi84Njk0YjktMDFkNy00OGI4LWE4ODItOTRlNzAwYmQ1NWY1 LzEva1RPQTZMaFFSVTJ6Z2QzZXVhd3N5S0wySlRFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZ1xLiE8u abvrlr+hykSpGWtT4L+6LbixxI4Dq6/xES3IMnVkew5VO0xQ1em4PTlH0eMD5syx TjZo6dY40hHTsPzbb6QLFdO+5OI39ScePwbhAeVdDMqEV9O1umUH7ZH1ridJlqbR ctsVyCTaJT/q4WEl44v8GA1upoTXKh/Z4RHWCUEtHOWQZg9j95feQzPIAshyfl5a VAbDrKpxjpnBbohl/kexS7IBLO9wJ3clGLTy0OFoPOG4qFnys07BvsCqtiE2YdRO DDr+dZ8KYkfYRMRM7FIpZK8zB47gokuteGjyNV1a9XMQLZkFHJhgyKGSMTklPY4B qDZ9EiKcZn9tjQ== -----END CERTIFICATE-----Generated at Wed Dec 17 17:47:31 2025 by rpki-client