This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/e6632b-1fbf-496f-b355-1536fc78385d/1/KMtfP7lXJRqtS6CdC6tzUrdLsH0.mft File: KMtfP7lXJRqtS6CdC6tzUrdLsH0.mft (raw, json) Hash identifier: PKlZFH3BS0xpETUGHXJU1VMBbwYmcZSFNVGH9EViA4M= Subject key identifier: 1E:E6:C2:C0:D3:AC:20:6A:BD:8F:40:0A:15:67:49:62:2F:87:DA:4F Authority key identifier: 28:CB:5F:3F:B9:57:25:1A:AD:4B:A0:9D:0B:AB:73:52:B7:4B:B0:7D Certificate issuer: /CN=28cb5f3fb957251aad4ba09d0bab7352b74bb07d Certificate serial: 019AF12D0EE29433C9985FC29963004CA1D7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KMtfP7lXJRqtS6CdC6tzUrdLsH0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/e6632b-1fbf-496f-b355-1536fc78385d/1/KMtfP7lXJRqtS6CdC6tzUrdLsH0.mft Manifest number: 0C47 Signing time: Sat 06 Dec 2025 01:00:53 +0000 Manifest this update: Sat 06 Dec 2025 01:00:53 +0000 Manifest next update: Sun 07 Dec 2025 01:00:53 +0000 Files and hashes: 1: 0i9Bsr9ABLnx3mgPWtu21_vME3g.roa (hash: TMrcqTSOi1Ov7CcLLSWohgeiaaCi8xEADwSrQIF/DCo=) 2: KMtfP7lXJRqtS6CdC6tzUrdLsH0.crl (hash: S83GCZTW1/1n+d8C3amS1xu2ANMHwou1QklBhSwcEMw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e7/e6632b-1fbf-496f-b355-1536fc78385d/1/KMtfP7lXJRqtS6CdC6tzUrdLsH0.crl rsync://rpki.ripe.net/repository/DEFAULT/e7/e6632b-1fbf-496f-b355-1536fc78385d/1/KMtfP7lXJRqtS6CdC6tzUrdLsH0.mft rsync://rpki.ripe.net/repository/DEFAULT/KMtfP7lXJRqtS6CdC6tzUrdLsH0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:00:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2d:0e:e2:94:33:c9:98:5f:c2:99:63:00:4c:a1:d7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=28cb5f3fb957251aad4ba09d0bab7352b74bb07d Validity Not Before: Dec 6 01:00:53 2025 GMT Not After : Dec 7 01:00:53 2025 GMT Subject: CN=1ee6c2c0d3ac206abd8f400a156749622f87da4f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:89:dd:27:a5:5b:d7:e1:d6:bd:3e:a6:f9:cf:23: 0f:a4:13:69:17:8d:a8:f0:3b:61:8a:bb:d4:11:c6: e7:85:d2:07:96:83:24:21:1c:e9:0a:3b:4c:4b:2c: 0d:a1:53:69:e7:9c:da:9f:b0:d6:d9:5a:89:15:13: b2:02:d6:26:16:2b:24:1c:bf:cd:1e:e5:99:26:33: 2f:86:71:ab:4b:6b:37:fd:f1:35:4c:de:8d:fc:cd: 92:e7:a5:0e:48:70:33:89:a0:65:69:eb:e8:88:73: 33:63:7f:6c:0b:cc:0b:c9:09:31:d6:d1:9a:76:c3: d3:c8:3e:6e:bf:0a:53:07:72:90:7f:c7:ea:87:41: 67:52:fb:95:c7:30:21:f9:fd:99:fe:9d:8d:a7:b1: 0b:f7:79:d0:33:3f:2a:04:2d:28:7e:cf:6e:6c:1d: c7:a3:df:40:36:7d:18:ff:56:0d:ff:6f:15:44:bc: b7:f3:9b:84:d3:15:f8:62:ef:85:4f:e7:8b:30:fa: 8c:ca:e7:56:d3:d7:ca:97:20:01:78:46:f4:da:f2: 2d:70:3b:64:c5:d3:c6:9e:96:99:f7:25:96:2c:b6: 3b:c8:43:f4:70:15:ce:fe:8e:a4:7f:be:9c:e4:76: 16:9b:1d:3c:9d:c5:b9:d8:9f:4a:b7:20:32:42:ee: 3e:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:E6:C2:C0:D3:AC:20:6A:BD:8F:40:0A:15:67:49:62:2F:87:DA:4F X509v3 Authority Key Identifier: keyid:28:CB:5F:3F:B9:57:25:1A:AD:4B:A0:9D:0B:AB:73:52:B7:4B:B0:7D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KMtfP7lXJRqtS6CdC6tzUrdLsH0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/e6632b-1fbf-496f-b355-1536fc78385d/1/KMtfP7lXJRqtS6CdC6tzUrdLsH0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/e6632b-1fbf-496f-b355-1536fc78385d/1/KMtfP7lXJRqtS6CdC6tzUrdLsH0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b1:f4:35:05:a8:f4:6b:06:2d:5f:f2:2f:4e:d3:72:bc:a7:d3: 69:50:71:05:29:79:de:43:f4:14:60:df:e9:bb:c7:a6:89:8c: 2e:00:f2:24:30:65:89:5e:22:2c:f3:09:cc:d4:22:85:b8:72: c4:92:7e:4b:0b:cf:51:9c:f5:d5:ab:ab:34:01:53:42:2f:e5: 56:50:73:fc:67:55:33:95:a3:f6:36:35:1e:4d:89:78:96:13: 42:ba:62:19:06:14:73:c3:96:91:72:fb:38:88:f6:05:90:e1: cb:05:f5:e2:5c:e1:ae:b1:f2:1f:fd:5c:57:b6:0f:86:30:c5: 48:f3:fd:3d:c0:19:95:ce:dc:d2:59:ea:f8:68:31:1e:ce:4c: f5:23:70:b8:62:93:42:1e:5e:84:bd:00:b5:96:79:dc:46:2f: f7:41:f2:3b:30:11:bb:51:e2:f2:55:ec:36:6f:82:da:0b:d8: 32:66:a7:1d:1c:7c:c1:9e:64:46:38:5b:21:04:43:df:f4:82: 22:75:07:41:fd:ce:2e:04:86:6c:71:09:cd:04:ee:a6:ee:f7: 93:58:31:85:89:66:9f:44:6a:ea:1a:d0:94:09:a0:71:7b:22: 2e:a6:f2:19:e1:65:1c:45:03:27:07:e0:79:5b:1a:f7:fd:f5: 3a:12:06:b7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLQ7ilDPJmF/CmWMATKHXMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI4Y2I1ZjNmYjk1NzI1MWFhZDRiYTA5ZDBiYWI3MzUyYjc0 YmIwN2QwHhcNMjUxMjA2MDEwMDUzWhcNMjUxMjA3MDEwMDUzWjAzMTEwLwYDVQQD EygxZWU2YzJjMGQzYWMyMDZhYmQ4ZjQwMGExNTY3NDk2MjJmODdkYTRmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAid0npVvX4da9Pqb5zyMPpBNpF42o 8DthirvUEcbnhdIHloMkIRzpCjtMSywNoVNp55zan7DW2VqJFROyAtYmFiskHL/N HuWZJjMvhnGrS2s3/fE1TN6N/M2S56UOSHAziaBlaevoiHMzY39sC8wLyQkx1tGa dsPTyD5uvwpTB3KQf8fqh0FnUvuVxzAh+f2Z/p2Np7EL93nQMz8qBC0ofs9ubB3H o99ANn0Y/1YN/28VRLy385uE0xX4Yu+FT+eLMPqMyudW09fKlyABeEb02vItcDtk xdPGnpaZ9yWWLLY7yEP0cBXO/o6kf76c5HYWmx08ncW52J9KtyAyQu4+EQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFB7mwsDTrCBqvY9AChVnSWIvh9pPMB8GA1UdIwQY MBaAFCjLXz+5VyUarUugnQurc1K3S7B9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS010ZlA3bFhKUnF0UzZDZEM2dHpVcmRMc0gwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9lNjYzMmItMWZiZi00OTZmLWIzNTUt MTUzNmZjNzgzODVkLzEvS010ZlA3bFhKUnF0UzZDZEM2dHpVcmRMc0gwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lNy9lNjYzMmItMWZiZi00OTZmLWIzNTUtMTUzNmZjNzgzODVk LzEvS010ZlA3bFhKUnF0UzZDZEM2dHpVcmRMc0gwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsfQ1Baj0 awYtX/IvTtNyvKfTaVBxBSl53kP0FGDf6bvHpomMLgDyJDBliV4iLPMJzNQihbhy xJJ+SwvPUZz11aurNAFTQi/lVlBz/GdVM5Wj9jY1Hk2JeJYTQrpiGQYUc8OWkXL7 OIj2BZDhywX14lzhrrHyH/1cV7YPhjDFSPP9PcAZlc7c0lnq+GgxHs5M9SNwuGKT Qh5ehL0AtZZ53EYv90HyOzARu1Hi8lXsNm+C2gvYMmanHRx8wZ5kRjhbIQRD3/SC InUHQf3OLgSGbHEJzQTupu73k1gxhYlmn0Rq6hrQlAmgcXsiLqbyGeFlHEUDJwfg eVsa9/31OhIGtw== -----END CERTIFICATE-----Generated at Sat Dec 6 07:20:06 2025 by rpki-client