This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/90aa1e-0098-4fda-9829-a15ccf5b413e/1/ckKhNxX8VXjNwFqqpoxqQTzbyfU.mft File: ckKhNxX8VXjNwFqqpoxqQTzbyfU.mft (raw, json) Hash identifier: La02FPedOVV/LXtSVfAM9j4yJCyetRnjeg8pITBhl7I= Subject key identifier: FE:B6:57:49:69:31:8D:48:30:8C:17:5C:B1:2E:7F:52:EC:F2:C6:80 Authority key identifier: 72:42:A1:37:15:FC:55:78:CD:C0:5A:AA:A6:8C:6A:41:3C:DB:C9:F5 Certificate issuer: /CN=7242a13715fc5578cdc05aaaa68c6a413cdbc9f5 Certificate serial: 019AF31CE269486BFA18CA9B5BA1F94CC654 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ckKhNxX8VXjNwFqqpoxqQTzbyfU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/90aa1e-0098-4fda-9829-a15ccf5b413e/1/ckKhNxX8VXjNwFqqpoxqQTzbyfU.mft Manifest number: 1763 Signing time: Sat 06 Dec 2025 10:02:27 +0000 Manifest this update: Sat 06 Dec 2025 10:02:27 +0000 Manifest next update: Sun 07 Dec 2025 10:02:27 +0000 Files and hashes: 1: C324i-QiLStBQtj8SlSM_WsRhgA.roa (hash: 57MQFbrSaZ/38tAVb1G6ejMsXoqYvy5V/+YD5WOhbAY=) 2: ckKhNxX8VXjNwFqqpoxqQTzbyfU.crl (hash: BQPURunaHIMKBAkvBQbRCc54Qqdy0S69y96vdwTvYPM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/90aa1e-0098-4fda-9829-a15ccf5b413e/1/ckKhNxX8VXjNwFqqpoxqQTzbyfU.crl rsync://rpki.ripe.net/repository/DEFAULT/cb/90aa1e-0098-4fda-9829-a15ccf5b413e/1/ckKhNxX8VXjNwFqqpoxqQTzbyfU.mft rsync://rpki.ripe.net/repository/DEFAULT/ckKhNxX8VXjNwFqqpoxqQTzbyfU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 10:02:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1c:e2:69:48:6b:fa:18:ca:9b:5b:a1:f9:4c:c6:54 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7242a13715fc5578cdc05aaaa68c6a413cdbc9f5 Validity Not Before: Dec 6 10:02:27 2025 GMT Not After : Dec 7 10:02:27 2025 GMT Subject: CN=feb6574969318d48308c175cb12e7f52ecf2c680 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:44:b7:eb:ef:eb:3b:82:bb:87:2a:17:b4:c1: 97:70:98:1b:a5:92:c9:e1:b1:a8:0b:a7:05:6d:88: 52:9e:07:5f:1b:83:cf:f4:2c:c3:e0:61:15:f6:af: 1d:1c:c1:f4:34:6d:65:65:15:76:60:fa:75:27:af: f0:6e:88:dd:7e:d4:7b:ed:6e:d1:cc:97:3e:ab:13: f8:76:0e:8d:f0:c7:23:53:10:01:c4:19:c2:22:a3: ab:ab:76:8c:1e:c7:0c:9d:83:b9:6a:b6:d7:a2:fa: e1:75:9b:a6:70:57:3c:cf:2b:46:f8:06:b6:ba:18: 2f:b7:81:6d:5d:30:1f:aa:a0:21:f0:0f:2c:9d:d2: 74:66:52:78:44:64:cf:73:e3:ad:29:54:4e:73:ad: c1:74:8f:6e:a4:1e:95:3f:bb:bb:a9:e0:fd:a2:b3: f6:92:33:e5:1b:27:ea:5c:5b:1b:fb:18:66:42:ee: cf:82:25:46:3d:84:60:5e:a0:98:2b:9a:af:b0:d1: 9f:a4:8c:0b:6c:8f:f0:d8:41:3e:94:52:ca:b2:ff: 79:0b:9c:88:7d:11:28:be:ac:14:d3:fb:da:2c:68: 08:b2:a7:85:f7:af:78:b0:40:2b:7a:df:1f:92:c4: 80:04:de:bc:83:53:c1:5b:88:fa:6e:06:70:ee:d7: 65:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FE:B6:57:49:69:31:8D:48:30:8C:17:5C:B1:2E:7F:52:EC:F2:C6:80 X509v3 Authority Key Identifier: keyid:72:42:A1:37:15:FC:55:78:CD:C0:5A:AA:A6:8C:6A:41:3C:DB:C9:F5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ckKhNxX8VXjNwFqqpoxqQTzbyfU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/90aa1e-0098-4fda-9829-a15ccf5b413e/1/ckKhNxX8VXjNwFqqpoxqQTzbyfU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/90aa1e-0098-4fda-9829-a15ccf5b413e/1/ckKhNxX8VXjNwFqqpoxqQTzbyfU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 93:cf:7d:bc:11:c9:6a:53:5c:37:0e:9f:b2:00:23:34:0f:a8: 22:ec:84:7e:84:1d:bd:d1:9c:56:92:e4:df:3c:36:a6:08:b2: e8:a3:33:a1:91:dc:ae:ed:de:04:bd:e4:6a:13:59:46:18:0f: 99:cb:9d:2c:f5:df:57:7b:bc:df:c7:e4:e0:4d:5e:c5:0b:d2: d8:17:8d:90:f7:59:34:97:3b:67:27:6b:1c:b3:68:06:f6:12: 54:5f:65:7c:4b:a6:fd:56:b5:a1:00:c4:2a:e8:a2:63:2f:a6: 0e:ae:c3:ba:ea:8c:ac:53:6c:58:6f:44:2b:9a:68:36:f0:2c: 4b:27:3d:1c:45:77:16:d8:5f:8d:d2:b4:de:cc:bd:78:72:74: 6b:10:1b:76:a2:28:ff:81:61:13:fd:cd:49:5b:ff:84:58:7e: b9:d8:13:06:27:9e:49:8f:4d:3d:5a:8a:f1:2d:31:35:3b:ac: 61:cd:93:df:ce:f5:77:d6:9a:3b:47:c9:1e:1e:76:2d:6c:20: 0b:f0:6e:26:ee:19:33:46:85:11:ac:45:57:2d:c0:25:77:e6: 79:35:53:69:a1:58:f1:a3:89:96:81:2e:27:36:83:ad:f3:b5: 27:90:72:d3:f2:c5:49:79:b1:ea:c9:0d:5c:b4:f5:16:25:56: 1f:92:03:e8 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzHOJpSGv6GMqbW6H5TMZUMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDcyNDJhMTM3MTVmYzU1NzhjZGMwNWFhYWE2OGM2YTQxM2Nk YmM5ZjUwHhcNMjUxMjA2MTAwMjI3WhcNMjUxMjA3MTAwMjI3WjAzMTEwLwYDVQQD EyhmZWI2NTc0OTY5MzE4ZDQ4MzA4YzE3NWNiMTJlN2Y1MmVjZjJjNjgwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmES36+/rO4K7hyoXtMGXcJgbpZLJ 4bGoC6cFbYhSngdfG4PP9CzD4GEV9q8dHMH0NG1lZRV2YPp1J6/wbojdftR77W7R zJc+qxP4dg6N8McjUxABxBnCIqOrq3aMHscMnYO5arbXovrhdZumcFc8zytG+Aa2 uhgvt4FtXTAfqqAh8A8sndJ0ZlJ4RGTPc+OtKVROc63BdI9upB6VP7u7qeD9orP2 kjPlGyfqXFsb+xhmQu7PgiVGPYRgXqCYK5qvsNGfpIwLbI/w2EE+lFLKsv95C5yI fREovqwU0/vaLGgIsqeF9694sEAret8fksSABN68g1PBW4j6bgZw7tdlFwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFP62V0lpMY1IMIwXXLEuf1Ls8saAMB8GA1UdIwQY MBaAFHJCoTcV/FV4zcBaqqaMakE828n1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY2tLaE54WDhWWGpOd0ZxcXBveHFRVHpieWZVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi85MGFhMWUtMDA5OC00ZmRhLTk4Mjkt YTE1Y2NmNWI0MTNlLzEvY2tLaE54WDhWWGpOd0ZxcXBveHFRVHpieWZVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jYi85MGFhMWUtMDA5OC00ZmRhLTk4MjktYTE1Y2NmNWI0MTNl LzEvY2tLaE54WDhWWGpOd0ZxcXBveHFRVHpieWZVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAk899vBHJ alNcNw6fsgAjNA+oIuyEfoQdvdGcVpLk3zw2pgiy6KMzoZHcru3eBL3kahNZRhgP mcudLPXfV3u838fk4E1exQvS2BeNkPdZNJc7ZydrHLNoBvYSVF9lfEum/Va1oQDE KuiiYy+mDq7DuuqMrFNsWG9EK5poNvAsSyc9HEV3FthfjdK03sy9eHJ0axAbdqIo /4FhE/3NSVv/hFh+udgTBieeSY9NPVqK8S0xNTusYc2T3871d9aaO0fJHh52LWwg C/BuJu4ZM0aFEaxFVy3AJXfmeTVTaaFY8aOJloEuJzaDrfO1J5By0/LFSXmx6skN XLT1FiVWH5ID6A== -----END CERTIFICATE-----Generated at Sat Dec 6 20:29:12 2025 by rpki-client