This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/bacc77-df30-4941-be33-dcb5b9e88e9a/1/KxcHiJeUzqBiK9SSHWvb3VbvCwY.mft File: KxcHiJeUzqBiK9SSHWvb3VbvCwY.mft (raw, json) Hash identifier: cKTjhsUWH92+2gFY2oEM5QtwMdmSadPhyEVclXIJe0Y= Subject key identifier: 87:29:56:14:3A:F8:6C:B2:A7:F7:2F:50:EF:C9:BD:B7:F2:F0:E0:30 Authority key identifier: 2B:17:07:88:97:94:CE:A0:62:2B:D4:92:1D:6B:DB:DD:56:EF:0B:06 Certificate issuer: /CN=2b1707889794cea0622bd4921d6bdbdd56ef0b06 Certificate serial: 019B21756EC619669841B4B2A5930ED2291B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KxcHiJeUzqBiK9SSHWvb3VbvCwY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/bacc77-df30-4941-be33-dcb5b9e88e9a/1/KxcHiJeUzqBiK9SSHWvb3VbvCwY.mft Manifest number: 0749 Signing time: Mon 15 Dec 2025 10:01:42 +0000 Manifest this update: Mon 15 Dec 2025 10:01:42 +0000 Manifest next update: Tue 16 Dec 2025 10:01:42 +0000 Files and hashes: 1: FN4mbfTwvi8Xhlnmnlqh5KIO2hw.roa (hash: Z0wCpt0sE7ChkFPlKeGXtBFCnXabrU9fj1GXtnw3GDg=) 2: KxcHiJeUzqBiK9SSHWvb3VbvCwY.crl (hash: 0HUsFdZDriyladV3vyhZOy/baM/gYQYudoyvTuydwVE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/bacc77-df30-4941-be33-dcb5b9e88e9a/1/KxcHiJeUzqBiK9SSHWvb3VbvCwY.crl rsync://rpki.ripe.net/repository/DEFAULT/d0/bacc77-df30-4941-be33-dcb5b9e88e9a/1/KxcHiJeUzqBiK9SSHWvb3VbvCwY.mft rsync://rpki.ripe.net/repository/DEFAULT/KxcHiJeUzqBiK9SSHWvb3VbvCwY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 10:01:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:21:75:6e:c6:19:66:98:41:b4:b2:a5:93:0e:d2:29:1b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2b1707889794cea0622bd4921d6bdbdd56ef0b06 Validity Not Before: Dec 15 10:01:42 2025 GMT Not After : Dec 16 10:01:42 2025 GMT Subject: CN=872956143af86cb2a7f72f50efc9bdb7f2f0e030 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:92:ac:95:53:e5:e4:8b:a1:42:18:53:9e:1c: bf:ae:88:2f:fc:f0:8f:46:65:49:95:06:78:a4:58: 4b:6e:48:c0:76:69:c8:71:2c:0e:80:df:28:36:e0: ed:23:ba:5d:8a:dc:8e:63:3f:f8:87:47:7c:9f:04: a8:b7:0a:d3:d3:a0:48:53:9f:c5:3f:e6:01:a9:04: 2e:f2:b1:6e:16:c1:5d:28:84:a0:ce:f6:86:e8:20: fb:53:65:4b:52:2e:cd:e7:74:77:47:42:38:02:a9: 13:5c:09:af:8d:40:8e:e7:71:bc:06:e8:ea:ba:62: f5:b6:0a:7a:fa:ee:60:30:61:e3:6f:d6:07:54:25: cc:b4:e7:3a:f9:53:d6:82:fc:b8:a7:d4:08:24:37: 9a:55:bf:88:06:da:3e:b0:2d:10:da:98:8d:66:93: 28:96:56:9f:83:f9:14:7e:61:62:42:a7:74:43:df: 2c:d0:3c:4d:e9:51:b9:50:54:8b:9e:c0:41:c2:67: fb:aa:e5:b7:2f:77:29:25:a9:33:83:c9:4f:d6:c3: 6b:e3:44:18:67:6b:95:eb:89:4b:7e:7a:58:e9:79: 82:ef:7f:ea:bf:6e:ed:b1:a4:72:ef:0b:8a:8c:0a: 5a:76:cf:08:61:fb:96:3d:f1:f8:c0:45:f1:da:55: 9a:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:29:56:14:3A:F8:6C:B2:A7:F7:2F:50:EF:C9:BD:B7:F2:F0:E0:30 X509v3 Authority Key Identifier: keyid:2B:17:07:88:97:94:CE:A0:62:2B:D4:92:1D:6B:DB:DD:56:EF:0B:06 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KxcHiJeUzqBiK9SSHWvb3VbvCwY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/bacc77-df30-4941-be33-dcb5b9e88e9a/1/KxcHiJeUzqBiK9SSHWvb3VbvCwY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/bacc77-df30-4941-be33-dcb5b9e88e9a/1/KxcHiJeUzqBiK9SSHWvb3VbvCwY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 7a:e3:58:bf:57:cd:48:8a:55:a5:51:98:4b:d1:ef:c8:06:cd: b3:ff:5c:84:56:cd:85:e7:84:f0:7b:7f:76:10:3b:6b:f5:a0: 34:0e:64:a4:a5:b3:99:88:a3:08:69:ac:f8:32:f9:57:8f:8a: 51:40:1a:41:e6:4f:b0:d0:9a:86:69:58:7a:0c:86:6d:d5:e6: ff:b7:df:a2:e1:84:9a:b9:a6:d5:9b:2d:e7:f2:4a:2a:94:ee: bf:f7:c1:74:39:d2:41:41:e0:71:2e:4b:34:41:50:69:63:07: c6:f5:d9:5f:6e:1a:d2:2e:cf:49:7a:eb:87:8f:b5:a2:ef:b4: f3:78:a9:56:1c:98:79:3f:30:34:01:8b:04:c2:80:cd:2e:86: 03:a8:03:88:a1:e3:6d:68:bc:56:23:8b:52:36:df:41:2e:c1: e7:5c:8b:f3:f2:37:0f:3f:45:32:41:80:e0:2e:66:79:7a:7b: ce:da:d7:97:cd:70:10:8b:f4:64:28:89:4e:4b:dd:17:f5:5d: 73:3e:b3:7d:27:9c:2a:df:55:9e:02:37:7a:06:23:f3:49:05: 6c:29:5a:8c:07:0b:d8:c1:ea:c5:2c:87:c8:7a:72:47:05:7a: f7:c6:4a:bc:dc:59:89:90:ef:07:fc:3e:07:56:1e:78:46:9c: 26:8b:b8:6e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZshdW7GGWaYQbSypZMO0ikbMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJiMTcwNzg4OTc5NGNlYTA2MjJiZDQ5MjFkNmJkYmRkNTZl ZjBiMDYwHhcNMjUxMjE1MTAwMTQyWhcNMjUxMjE2MTAwMTQyWjAzMTEwLwYDVQQD Eyg4NzI5NTYxNDNhZjg2Y2IyYTdmNzJmNTBlZmM5YmRiN2YyZjBlMDMwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm5KslVPl5IuhQhhTnhy/rogv/PCP RmVJlQZ4pFhLbkjAdmnIcSwOgN8oNuDtI7pdityOYz/4h0d8nwSotwrT06BIU5/F P+YBqQQu8rFuFsFdKISgzvaG6CD7U2VLUi7N53R3R0I4AqkTXAmvjUCO53G8Bujq umL1tgp6+u5gMGHjb9YHVCXMtOc6+VPWgvy4p9QIJDeaVb+IBto+sC0Q2piNZpMo llafg/kUfmFiQqd0Q98s0DxN6VG5UFSLnsBBwmf7quW3L3cpJakzg8lP1sNr40QY Z2uV64lLfnpY6XmC73/qv27tsaRy7wuKjApads8IYfuWPfH4wEXx2lWaDQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIcpVhQ6+Gyyp/cvUO/Jvbfy8OAwMB8GA1UdIwQY MBaAFCsXB4iXlM6gYivUkh1r291W7wsGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS3hjSGlKZVV6cUJpSzlTU0hXdmIzVmJ2Q3dZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9iYWNjNzctZGYzMC00OTQxLWJlMzMt ZGNiNWI5ZTg4ZTlhLzEvS3hjSGlKZVV6cUJpSzlTU0hXdmIzVmJ2Q3dZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMC9iYWNjNzctZGYzMC00OTQxLWJlMzMtZGNiNWI5ZTg4ZTlh LzEvS3hjSGlKZVV6cUJpSzlTU0hXdmIzVmJ2Q3dZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeuNYv1fN SIpVpVGYS9HvyAbNs/9chFbNheeE8Ht/dhA7a/WgNA5kpKWzmYijCGms+DL5V4+K UUAaQeZPsNCahmlYegyGbdXm/7ffouGEmrmm1Zst5/JKKpTuv/fBdDnSQUHgcS5L NEFQaWMHxvXZX24a0i7PSXrrh4+1ou+083ipVhyYeT8wNAGLBMKAzS6GA6gDiKHj bWi8ViOLUjbfQS7B51yL8/I3Dz9FMkGA4C5meXp7ztrXl81wEIv0ZCiJTkvdF/Vd cz6zfSecKt9VngI3egYj80kFbClajAcL2MHqxSyHyHpyRwV698ZKvNxZiZDvB/w+ B1YeeEacJou4bg== -----END CERTIFICATE-----Generated at Mon Dec 15 20:21:29 2025 by rpki-client