This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/3e6ea5-0d4e-434f-a6f3-eb346d9ce9e0/1/kh2gU5IfUoNniBiPgvYt1aqXP-k.mft File: kh2gU5IfUoNniBiPgvYt1aqXP-k.mft (raw, json) Hash identifier: +Oh5qEoQIlF4bM0WHD9gOMjjqg91OM19FLSgyhUMYEM= Subject key identifier: AF:47:20:1E:AC:71:CE:50:95:01:5F:9E:B4:37:3B:DF:A7:42:13:23 Authority key identifier: 92:1D:A0:53:92:1F:52:83:67:88:18:8F:82:F6:2D:D5:AA:97:3F:E9 Certificate issuer: /CN=921da053921f52836788188f82f62dd5aa973fe9 Certificate serial: 019B2B8AD32310E82E1D42DE11FF57A4D9AC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kh2gU5IfUoNniBiPgvYt1aqXP-k.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/3e6ea5-0d4e-434f-a6f3-eb346d9ce9e0/1/kh2gU5IfUoNniBiPgvYt1aqXP-k.mft Manifest number: 1044 Signing time: Wed 17 Dec 2025 09:01:16 +0000 Manifest this update: Wed 17 Dec 2025 09:01:16 +0000 Manifest next update: Thu 18 Dec 2025 09:01:16 +0000 Files and hashes: 1: kh2gU5IfUoNniBiPgvYt1aqXP-k.crl (hash: viJ6PrNKeEIy2NbHWe4hooDtx/DudmVvyP33Hpym3tY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/3e6ea5-0d4e-434f-a6f3-eb346d9ce9e0/1/kh2gU5IfUoNniBiPgvYt1aqXP-k.crl rsync://rpki.ripe.net/repository/DEFAULT/d5/3e6ea5-0d4e-434f-a6f3-eb346d9ce9e0/1/kh2gU5IfUoNniBiPgvYt1aqXP-k.mft rsync://rpki.ripe.net/repository/DEFAULT/kh2gU5IfUoNniBiPgvYt1aqXP-k.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 18 Dec 2025 09:01:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2b:8a:d3:23:10:e8:2e:1d:42:de:11:ff:57:a4:d9:ac Signature Algorithm: sha256WithRSAEncryption Issuer: CN=921da053921f52836788188f82f62dd5aa973fe9 Validity Not Before: Dec 17 09:01:16 2025 GMT Not After : Dec 18 09:01:16 2025 GMT Subject: CN=af47201eac71ce5095015f9eb4373bdfa7421323 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8f:ac:d5:93:27:a0:22:15:ba:de:4e:a8:ae:fc: 5c:66:7a:cc:b6:39:34:c7:8f:2e:ff:98:28:4b:6f: bd:30:67:a0:8a:af:4f:e9:e1:32:c3:78:c0:10:e8: 78:2e:2e:02:e4:a1:7f:f3:1a:71:59:44:bf:8c:a9: 22:fc:e2:12:78:e7:61:11:9c:e8:58:8d:49:46:45: bc:f3:2c:26:ec:4c:d3:3d:50:06:4d:36:7b:de:9b: 12:86:0e:56:d3:08:31:b8:61:e9:9c:80:c1:cc:44: 17:aa:64:3c:c7:63:e4:34:b5:2b:bd:b4:8f:47:34: 4d:37:75:5b:a2:25:09:23:8a:b5:28:e4:a4:24:25: 8f:12:40:77:75:80:d8:71:68:7e:a3:a6:c2:2e:a8: 65:de:1b:30:53:1c:52:c3:a9:fd:a1:e1:69:51:57: b6:51:d9:97:dd:cc:1c:83:2a:d2:bf:43:dd:6a:78: bc:ab:91:f4:7c:4a:06:5c:17:82:9f:80:1d:dc:1c: 4e:ac:41:04:27:47:af:b0:ff:39:8f:c8:5d:78:2c: 26:53:43:c8:70:08:27:a0:d6:d9:60:47:df:cd:f1: 30:ab:a1:01:bf:e4:6c:79:cd:2f:5d:91:9d:d4:03: 1f:2a:f8:08:90:f0:15:e4:ee:80:67:c2:fe:5e:ec: 6c:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AF:47:20:1E:AC:71:CE:50:95:01:5F:9E:B4:37:3B:DF:A7:42:13:23 X509v3 Authority Key Identifier: keyid:92:1D:A0:53:92:1F:52:83:67:88:18:8F:82:F6:2D:D5:AA:97:3F:E9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kh2gU5IfUoNniBiPgvYt1aqXP-k.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/3e6ea5-0d4e-434f-a6f3-eb346d9ce9e0/1/kh2gU5IfUoNniBiPgvYt1aqXP-k.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/3e6ea5-0d4e-434f-a6f3-eb346d9ce9e0/1/kh2gU5IfUoNniBiPgvYt1aqXP-k.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 43:ea:cc:c3:78:4d:62:33:9b:e7:28:99:71:7a:7f:1a:ca:fa: 3a:a3:d7:e3:4d:d5:c8:49:2a:69:96:00:3f:6e:50:7d:7e:ba: 75:ae:a1:e7:7c:d9:bc:63:b0:32:7d:97:0f:d0:62:70:70:8e: 3a:b8:ea:ff:c7:9c:a3:0b:5c:66:98:05:e5:01:5d:11:78:c8: 35:39:af:95:5d:9f:84:aa:be:34:c8:40:94:2f:69:a1:b5:fc: 44:32:87:91:89:86:ce:4d:16:1c:84:a3:41:20:ca:eb:cf:68: 39:5f:d6:d9:47:2b:4e:8c:12:b8:3a:2f:64:79:b4:63:8a:d3: b2:8f:4c:bc:c2:af:de:b8:c0:05:29:f7:0a:79:d3:b0:88:ae: 11:f5:32:16:36:64:d6:bf:90:81:7f:2f:84:08:ec:3d:75:a5: 30:2f:8f:f5:a4:c6:64:d8:39:c5:2a:78:c4:f6:8d:c1:6f:b8: 6e:d1:82:73:9f:da:26:39:19:6b:a8:e2:74:12:10:1e:06:5f: 32:9e:dc:49:45:34:a7:5c:89:d0:87:11:51:9f:c1:e3:ee:e7: 03:2b:3f:a5:ea:1b:42:b1:c6:cf:50:94:12:6e:83:c5:59:b3: c8:c7:00:ef:93:62:7f:43:c2:2f:5f:82:5c:0d:7f:76:af:44: dd:38:f0:3b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsritMjEOguHULeEf9XpNmsMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkyMWRhMDUzOTIxZjUyODM2Nzg4MTg4ZjgyZjYyZGQ1YWE5 NzNmZTkwHhcNMjUxMjE3MDkwMTE2WhcNMjUxMjE4MDkwMTE2WjAzMTEwLwYDVQQD EyhhZjQ3MjAxZWFjNzFjZTUwOTUwMTVmOWViNDM3M2JkZmE3NDIxMzIzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj6zVkyegIhW63k6orvxcZnrMtjk0 x48u/5goS2+9MGegiq9P6eEyw3jAEOh4Li4C5KF/8xpxWUS/jKki/OISeOdhEZzo WI1JRkW88ywm7EzTPVAGTTZ73psShg5W0wgxuGHpnIDBzEQXqmQ8x2PkNLUrvbSP RzRNN3VboiUJI4q1KOSkJCWPEkB3dYDYcWh+o6bCLqhl3hswUxxSw6n9oeFpUVe2 UdmX3cwcgyrSv0Pdani8q5H0fEoGXBeCn4Ad3BxOrEEEJ0evsP85j8hdeCwmU0PI cAgnoNbZYEffzfEwq6EBv+Rsec0vXZGd1AMfKvgIkPAV5O6AZ8L+XuxskQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFK9HIB6scc5QlQFfnrQ3O9+nQhMjMB8GA1UdIwQY MBaAFJIdoFOSH1KDZ4gYj4L2LdWqlz/pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva2gyZ1U1SWZVb05uaUJpUGd2WXQxYXFYUC1rLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS8zZTZlYTUtMGQ0ZS00MzRmLWE2ZjMt ZWIzNDZkOWNlOWUwLzEva2gyZ1U1SWZVb05uaUJpUGd2WXQxYXFYUC1rLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kNS8zZTZlYTUtMGQ0ZS00MzRmLWE2ZjMtZWIzNDZkOWNlOWUw LzEva2gyZ1U1SWZVb05uaUJpUGd2WXQxYXFYUC1rLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQ+rMw3hN YjOb5yiZcXp/Gsr6OqPX403VyEkqaZYAP25QfX66da6h53zZvGOwMn2XD9BicHCO Orjq/8ecowtcZpgF5QFdEXjINTmvlV2fhKq+NMhAlC9pobX8RDKHkYmGzk0WHISj QSDK689oOV/W2UcrTowSuDovZHm0Y4rTso9MvMKv3rjABSn3CnnTsIiuEfUyFjZk 1r+QgX8vhAjsPXWlMC+P9aTGZNg5xSp4xPaNwW+4btGCc5/aJjkZa6jidBIQHgZf Mp7cSUU0p1yJ0IcRUZ/B4+7nAys/peobQrHGz1CUEm6DxVmzyMcA75Nif0PCL1+C XA1/dq9E3TjwOw== -----END CERTIFICATE-----Generated at Wed Dec 17 19:19:41 2025 by rpki-client