This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/9d56a3-4417-4940-baa2-9e962cd9dd82/1/kb1Yg8gq7SX-8bGNcNAhWwf3J9g.mft File: kb1Yg8gq7SX-8bGNcNAhWwf3J9g.mft (raw, json) Hash identifier: 8RwC5EVflUlf/z1PVilhlb3a0YEB1Sls6eD9TdcYWmk= Subject key identifier: 67:B4:A2:86:11:A0:B4:99:52:68:81:B4:DA:E3:09:FA:69:06:2E:C4 Authority key identifier: 91:BD:58:83:C8:2A:ED:25:FE:F1:B1:8D:70:D0:21:5B:07:F7:27:D8 Certificate issuer: /CN=91bd5883c82aed25fef1b18d70d0215b07f727d8 Certificate serial: 019B35A11318EB9F4DC05F72643B7AEA7F18 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kb1Yg8gq7SX-8bGNcNAhWwf3J9g.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/9d56a3-4417-4940-baa2-9e962cd9dd82/1/kb1Yg8gq7SX-8bGNcNAhWwf3J9g.mft Manifest number: 02AC Signing time: Fri 19 Dec 2025 08:01:47 +0000 Manifest this update: Fri 19 Dec 2025 08:01:47 +0000 Manifest next update: Sat 20 Dec 2025 08:01:47 +0000 Files and hashes: 1: N05LSOD5G7OCVr2R2Lk3Qm3IMnc.roa (hash: 2FUijApprdSPC+yt20CbCF23SFHyPUM/peKf0m3x+RA=) 2: kb1Yg8gq7SX-8bGNcNAhWwf3J9g.crl (hash: P8Xv1olfE4sg6gIbCfRkBrh47uFE8KypIBVnQtJtSwo=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/9d56a3-4417-4940-baa2-9e962cd9dd82/1/kb1Yg8gq7SX-8bGNcNAhWwf3J9g.crl rsync://rpki.ripe.net/repository/DEFAULT/dd/9d56a3-4417-4940-baa2-9e962cd9dd82/1/kb1Yg8gq7SX-8bGNcNAhWwf3J9g.mft rsync://rpki.ripe.net/repository/DEFAULT/kb1Yg8gq7SX-8bGNcNAhWwf3J9g.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 07:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:35:a1:13:18:eb:9f:4d:c0:5f:72:64:3b:7a:ea:7f:18 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=91bd5883c82aed25fef1b18d70d0215b07f727d8 Validity Not Before: Dec 19 08:01:47 2025 GMT Not After : Dec 20 08:01:47 2025 GMT Subject: CN=67b4a28611a0b499526881b4dae309fa69062ec4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ef:5d:79:9f:ec:ed:07:54:f0:22:43:9b:6f:e7: 18:bf:df:12:bf:96:51:11:04:85:9a:8d:0f:64:96: d1:73:a5:d9:a4:03:6e:b9:dc:ec:8c:e4:a5:49:d6: 8e:e0:a4:43:1f:34:31:ea:87:1f:bb:11:d9:54:b8: 24:e8:10:f2:bb:d9:6b:8f:27:38:f1:5f:b0:fb:76: e2:49:88:c5:0b:74:e0:ba:e7:15:d7:8e:35:00:5a: 0a:0a:6c:92:7e:0f:72:d7:0b:fa:ba:75:92:9d:fa: 30:7b:03:69:45:dd:7f:d1:5d:66:26:d6:3a:36:69: 9a:97:de:f9:bb:0d:81:4f:52:21:37:0a:f2:00:a0: 84:00:1c:e8:9b:ea:75:46:36:db:ae:d3:05:db:71: 70:4d:e2:9f:03:b8:c5:32:99:48:ec:cb:e2:d3:98: 4a:20:29:3c:76:25:72:51:d9:7d:5b:e6:c5:8c:95: 2f:55:b9:30:87:fe:b1:78:78:5b:87:f6:06:40:50: e9:59:dd:06:21:fc:2b:d8:30:85:9b:ed:0a:77:01: 40:2d:5c:18:d1:b5:f6:05:c7:b6:f2:9d:c9:b1:fc: bc:1a:01:15:a5:bd:47:67:5c:4b:20:b0:ab:aa:96: 36:0d:cb:87:26:27:61:f3:e5:0e:98:45:e3:bf:61: 00:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:B4:A2:86:11:A0:B4:99:52:68:81:B4:DA:E3:09:FA:69:06:2E:C4 X509v3 Authority Key Identifier: keyid:91:BD:58:83:C8:2A:ED:25:FE:F1:B1:8D:70:D0:21:5B:07:F7:27:D8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kb1Yg8gq7SX-8bGNcNAhWwf3J9g.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9d56a3-4417-4940-baa2-9e962cd9dd82/1/kb1Yg8gq7SX-8bGNcNAhWwf3J9g.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9d56a3-4417-4940-baa2-9e962cd9dd82/1/kb1Yg8gq7SX-8bGNcNAhWwf3J9g.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 58:29:a8:64:da:33:6d:4c:32:c3:45:14:0f:4a:24:38:5b:3f: 8d:2f:ff:96:38:01:2c:8a:11:e5:db:99:2f:14:08:1c:88:87: ad:3a:4b:31:a2:72:a6:e0:98:1d:59:ff:23:be:e9:67:2e:70: bd:80:b2:81:83:82:40:43:7b:19:ad:d0:8e:6b:10:9b:fa:a9: 4a:27:ac:82:c9:c4:3a:53:7d:63:03:dd:50:50:76:e3:fa:2d: 0e:ba:e1:39:5d:5d:07:2f:8c:c1:fa:93:17:ad:e6:30:7a:27: 10:1c:d9:d1:9f:4b:02:06:14:a3:94:78:52:c9:d8:8b:85:ea: 2c:2d:5d:4a:7c:00:28:1f:f8:3b:46:a6:5b:9f:21:6c:56:a2: 9c:d6:5f:13:9d:2f:9d:3e:42:b9:46:9c:e0:4e:3d:24:f3:f6: 5b:bf:a6:03:27:ec:f2:e5:c1:f8:e2:2a:29:27:3f:ef:f6:c3: fe:c9:2a:37:dd:50:a5:dc:c4:74:4c:5c:81:75:e9:9f:88:be: d8:04:99:5d:c3:c3:31:92:98:f1:4d:eb:47:3a:30:4d:60:7d: a4:10:f1:e3:63:4d:18:c9:00:1a:48:80:6e:72:93:22:4b:86: bf:83:b9:f0:b1:98:e7:44:aa:4f:fc:2e:26:b7:24:af:69:5b: cc:20:c2:30 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs1oRMY659NwF9yZDt66n8YMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkxYmQ1ODgzYzgyYWVkMjVmZWYxYjE4ZDcwZDAyMTViMDdm NzI3ZDgwHhcNMjUxMjE5MDgwMTQ3WhcNMjUxMjIwMDgwMTQ3WjAzMTEwLwYDVQQD Eyg2N2I0YTI4NjExYTBiNDk5NTI2ODgxYjRkYWUzMDlmYTY5MDYyZWM0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7115n+ztB1TwIkObb+cYv98Sv5ZR EQSFmo0PZJbRc6XZpANuudzsjOSlSdaO4KRDHzQx6ocfuxHZVLgk6BDyu9lrjyc4 8V+w+3biSYjFC3TguucV1441AFoKCmySfg9y1wv6unWSnfowewNpRd1/0V1mJtY6 Nmmal975uw2BT1IhNwryAKCEABzom+p1RjbbrtMF23FwTeKfA7jFMplI7Mvi05hK ICk8diVyUdl9W+bFjJUvVbkwh/6xeHhbh/YGQFDpWd0GIfwr2DCFm+0KdwFALVwY 0bX2Bce28p3Jsfy8GgEVpb1HZ1xLILCrqpY2DcuHJidh8+UOmEXjv2EA8QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGe0ooYRoLSZUmiBtNrjCfppBi7EMB8GA1UdIwQY MBaAFJG9WIPIKu0l/vGxjXDQIVsH9yfYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva2IxWWc4Z3E3U1gtOGJHTmNOQWhXd2YzSjlnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC85ZDU2YTMtNDQxNy00OTQwLWJhYTIt OWU5NjJjZDlkZDgyLzEva2IxWWc4Z3E3U1gtOGJHTmNOQWhXd2YzSjlnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZC85ZDU2YTMtNDQxNy00OTQwLWJhYTItOWU5NjJjZDlkZDgy LzEva2IxWWc4Z3E3U1gtOGJHTmNOQWhXd2YzSjlnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWCmoZNoz bUwyw0UUD0okOFs/jS//ljgBLIoR5duZLxQIHIiHrTpLMaJypuCYHVn/I77pZy5w vYCygYOCQEN7Ga3QjmsQm/qpSiesgsnEOlN9YwPdUFB24/otDrrhOV1dBy+MwfqT F63mMHonEBzZ0Z9LAgYUo5R4UsnYi4XqLC1dSnwAKB/4O0amW58hbFainNZfE50v nT5CuUac4E49JPP2W7+mAyfs8uXB+OIqKSc/7/bD/skqN91QpdzEdExcgXXpn4i+ 2ASZXcPDMZKY8U3rRzowTWB9pBDx42NNGMkAGkiAbnKTIkuGv4O58LGY50SqT/wu Jrckr2lbzCDCMA== -----END CERTIFICATE-----Generated at Fri Dec 19 13:44:07 2025 by rpki-client