This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/bacc77-df30-4941-be33-dcb5b9e88e9a/1/KxcHiJeUzqBiK9SSHWvb3VbvCwY.mft File: KxcHiJeUzqBiK9SSHWvb3VbvCwY.mft (raw, json) Hash identifier: 2JdWQadgMUz8xkoEWYpaFXV6YUmjtyeA76m+Ry1r7ok= Subject key identifier: B2:88:67:0B:12:06:19:1D:8D:A0:60:DE:F8:5C:78:69:C3:38:AD:DA Authority key identifier: 2B:17:07:88:97:94:CE:A0:62:2B:D4:92:1D:6B:DB:DD:56:EF:0B:06 Certificate issuer: /CN=2b1707889794cea0622bd4921d6bdbdd56ef0b06 Certificate serial: 019AF31C67BC6CC2A402267FD381B9147CE0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KxcHiJeUzqBiK9SSHWvb3VbvCwY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/bacc77-df30-4941-be33-dcb5b9e88e9a/1/KxcHiJeUzqBiK9SSHWvb3VbvCwY.mft Manifest number: 0731 Signing time: Sat 06 Dec 2025 10:01:56 +0000 Manifest this update: Sat 06 Dec 2025 10:01:56 +0000 Manifest next update: Sun 07 Dec 2025 10:01:56 +0000 Files and hashes: 1: FN4mbfTwvi8Xhlnmnlqh5KIO2hw.roa (hash: Z0wCpt0sE7ChkFPlKeGXtBFCnXabrU9fj1GXtnw3GDg=) 2: KxcHiJeUzqBiK9SSHWvb3VbvCwY.crl (hash: 3ceq2sFZ6Js7GhLmSqvWYEGSPJ7OJI4ogtFwNy8fFUY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/bacc77-df30-4941-be33-dcb5b9e88e9a/1/KxcHiJeUzqBiK9SSHWvb3VbvCwY.crl rsync://rpki.ripe.net/repository/DEFAULT/d0/bacc77-df30-4941-be33-dcb5b9e88e9a/1/KxcHiJeUzqBiK9SSHWvb3VbvCwY.mft rsync://rpki.ripe.net/repository/DEFAULT/KxcHiJeUzqBiK9SSHWvb3VbvCwY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 10:01:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1c:67:bc:6c:c2:a4:02:26:7f:d3:81:b9:14:7c:e0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2b1707889794cea0622bd4921d6bdbdd56ef0b06 Validity Not Before: Dec 6 10:01:56 2025 GMT Not After : Dec 7 10:01:56 2025 GMT Subject: CN=b288670b1206191d8da060def85c7869c338adda Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:a3:21:07:82:15:e6:ab:04:74:02:32:2f:1a: d5:ef:18:4c:85:7e:62:49:55:67:d6:0c:af:13:10: 88:e8:74:02:82:6e:f1:2a:4c:e1:92:3d:5f:a1:29: 00:30:18:6b:c1:2e:ec:76:05:a4:1c:76:1a:90:c0: 3d:8f:98:81:f8:fd:1e:62:3f:a5:d1:c1:33:33:74: 6c:1f:8f:0e:af:ac:39:ee:75:de:b7:20:7a:93:b7: 3a:b0:de:a7:e8:d5:08:6c:17:97:6b:1d:83:a0:35: 2d:2f:4e:84:6c:d4:5e:42:65:b7:89:d1:68:37:aa: 5a:e9:7d:d1:a9:03:be:68:e1:a8:e7:a2:26:a4:5b: f7:a3:65:cc:bc:db:25:8e:90:8f:be:ad:6c:b1:42: 23:8d:0b:65:a1:bb:f3:5e:ca:3d:c6:57:c4:9a:63: 26:b8:26:d1:52:e7:c4:b0:90:33:b3:e4:4b:1d:3b: 62:fe:74:63:33:0c:d7:69:8c:b9:b5:40:35:83:b3: 9e:1f:49:68:7e:bc:4e:76:06:7e:c9:2c:c6:7a:20: 40:8a:73:15:dd:0f:fa:85:92:2f:34:1e:95:f3:34: cb:6f:e9:a9:3a:8e:a4:e0:8a:a6:31:3d:17:dc:5a: 0e:38:2c:a3:6f:cb:bf:d1:00:92:77:e8:db:88:a9: ca:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B2:88:67:0B:12:06:19:1D:8D:A0:60:DE:F8:5C:78:69:C3:38:AD:DA X509v3 Authority Key Identifier: keyid:2B:17:07:88:97:94:CE:A0:62:2B:D4:92:1D:6B:DB:DD:56:EF:0B:06 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KxcHiJeUzqBiK9SSHWvb3VbvCwY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/bacc77-df30-4941-be33-dcb5b9e88e9a/1/KxcHiJeUzqBiK9SSHWvb3VbvCwY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/bacc77-df30-4941-be33-dcb5b9e88e9a/1/KxcHiJeUzqBiK9SSHWvb3VbvCwY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5a:46:91:f4:ee:8e:8f:45:f0:f8:22:fe:e7:d6:31:65:f1:02: f3:0e:01:bc:0a:b4:0c:2a:33:8c:04:f0:61:d9:ff:92:41:71: 61:92:dd:5f:8f:f4:28:e8:cf:60:0b:13:27:b1:16:7a:2d:47: e1:62:1f:63:21:ef:8d:a6:4d:38:c3:2e:64:31:25:37:96:d9: a7:b5:c3:d5:a7:a5:56:31:6c:66:3a:45:c5:96:e4:b8:56:d7: df:74:e8:30:9c:75:86:d7:02:75:41:38:cc:65:75:9b:0a:9e: 33:22:60:12:12:3e:e9:3e:3a:a2:ca:34:62:61:33:47:9b:7e: 5d:90:c0:0a:5e:1e:5e:79:62:4e:04:ad:5f:b4:51:9f:68:1b: 5c:d2:cf:56:8e:83:66:15:ff:7b:81:63:20:4a:0e:29:68:01: 8c:de:4c:88:5b:42:46:fa:7b:47:e1:5c:3f:2e:b5:9d:9b:61: 12:1c:2b:05:c9:a6:74:5d:2e:dc:0a:e4:a7:3a:61:ff:55:a0: 6d:88:84:30:fa:ff:d4:81:8d:b1:8e:28:64:0d:3e:a0:f2:77: 31:1d:25:77:f4:11:67:21:7f:c0:b7:b0:e4:e2:fa:48:1b:6b: c6:a7:fa:d4:8c:6a:d7:3c:91:a0:6f:e7:77:d7:29:1b:ac:53: a2:a6:77:55 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzHGe8bMKkAiZ/04G5FHzgMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJiMTcwNzg4OTc5NGNlYTA2MjJiZDQ5MjFkNmJkYmRkNTZl ZjBiMDYwHhcNMjUxMjA2MTAwMTU2WhcNMjUxMjA3MTAwMTU2WjAzMTEwLwYDVQQD EyhiMjg4NjcwYjEyMDYxOTFkOGRhMDYwZGVmODVjNzg2OWMzMzhhZGRhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr6MhB4IV5qsEdAIyLxrV7xhMhX5i SVVn1gyvExCI6HQCgm7xKkzhkj1foSkAMBhrwS7sdgWkHHYakMA9j5iB+P0eYj+l 0cEzM3RsH48Or6w57nXetyB6k7c6sN6n6NUIbBeXax2DoDUtL06EbNReQmW3idFo N6pa6X3RqQO+aOGo56ImpFv3o2XMvNsljpCPvq1ssUIjjQtlobvzXso9xlfEmmMm uCbRUufEsJAzs+RLHTti/nRjMwzXaYy5tUA1g7OeH0lofrxOdgZ+ySzGeiBAinMV 3Q/6hZIvNB6V8zTLb+mpOo6k4IqmMT0X3FoOOCyjb8u/0QCSd+jbiKnKtwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLKIZwsSBhkdjaBg3vhceGnDOK3aMB8GA1UdIwQY MBaAFCsXB4iXlM6gYivUkh1r291W7wsGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS3hjSGlKZVV6cUJpSzlTU0hXdmIzVmJ2Q3dZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9iYWNjNzctZGYzMC00OTQxLWJlMzMt ZGNiNWI5ZTg4ZTlhLzEvS3hjSGlKZVV6cUJpSzlTU0hXdmIzVmJ2Q3dZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMC9iYWNjNzctZGYzMC00OTQxLWJlMzMtZGNiNWI5ZTg4ZTlh LzEvS3hjSGlKZVV6cUJpSzlTU0hXdmIzVmJ2Q3dZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWkaR9O6O j0Xw+CL+59YxZfEC8w4BvAq0DCozjATwYdn/kkFxYZLdX4/0KOjPYAsTJ7EWei1H 4WIfYyHvjaZNOMMuZDElN5bZp7XD1aelVjFsZjpFxZbkuFbX33ToMJx1htcCdUE4 zGV1mwqeMyJgEhI+6T46oso0YmEzR5t+XZDACl4eXnliTgStX7RRn2gbXNLPVo6D ZhX/e4FjIEoOKWgBjN5MiFtCRvp7R+FcPy61nZthEhwrBcmmdF0u3Arkpzph/1Wg bYiEMPr/1IGNsY4oZA0+oPJ3MR0ld/QRZyF/wLew5OL6SBtrxqf61Ixq1zyRoG/n d9cpG6xToqZ3VQ== -----END CERTIFICATE-----Generated at Sat Dec 6 19:39:17 2025 by rpki-client