This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/54ca24-6e56-47d3-a429-b649a578f89c/1/KQLJnKcyxkoZx9lzSpj7JOVFVUk.mft File: KQLJnKcyxkoZx9lzSpj7JOVFVUk.mft (raw, json) Hash identifier: aSbXmn7eaF3Jz6FcmWn0LzRmX4LLccKejxDifWg5xQA= Subject key identifier: 1E:BF:4C:91:62:9F:AE:CA:70:09:FC:BF:93:55:44:96:B6:0F:08:9B Authority key identifier: 29:02:C9:9C:A7:32:C6:4A:19:C7:D9:73:4A:98:FB:24:E5:45:55:49 Certificate issuer: /CN=2902c99ca732c64a19c7d9734a98fb24e5455549 Certificate serial: 019AF389E4A4B499F04407ADEA442A2D3E25 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KQLJnKcyxkoZx9lzSpj7JOVFVUk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/54ca24-6e56-47d3-a429-b649a578f89c/1/KQLJnKcyxkoZx9lzSpj7JOVFVUk.mft Manifest number: 10CE Signing time: Sat 06 Dec 2025 12:01:31 +0000 Manifest this update: Sat 06 Dec 2025 12:01:31 +0000 Manifest next update: Sun 07 Dec 2025 12:01:31 +0000 Files and hashes: 1: KQLJnKcyxkoZx9lzSpj7JOVFVUk.crl (hash: XvlchvzUdv26zZ+Wqi+N5Tfp4Tacs9gfbgRakDQmjlI=) 2: kiF2H4Ucoq9Nw51li6ImqM3ctGg.roa (hash: gOoMaXdniQu2tAHNZ6SbwXijF8n71W3w0mmuL2WSkY8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/54ca24-6e56-47d3-a429-b649a578f89c/1/KQLJnKcyxkoZx9lzSpj7JOVFVUk.crl rsync://rpki.ripe.net/repository/DEFAULT/fb/54ca24-6e56-47d3-a429-b649a578f89c/1/KQLJnKcyxkoZx9lzSpj7JOVFVUk.mft rsync://rpki.ripe.net/repository/DEFAULT/KQLJnKcyxkoZx9lzSpj7JOVFVUk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 12:01:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:89:e4:a4:b4:99:f0:44:07:ad:ea:44:2a:2d:3e:25 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2902c99ca732c64a19c7d9734a98fb24e5455549 Validity Not Before: Dec 6 12:01:31 2025 GMT Not After : Dec 7 12:01:31 2025 GMT Subject: CN=1ebf4c91629faeca7009fcbf93554496b60f089b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:74:b5:44:8c:fd:92:96:bc:af:82:95:9f:e5: 9f:d1:34:2c:31:56:4d:ac:d2:36:60:03:01:00:91: c2:b8:55:f7:49:5b:2b:05:18:26:61:24:18:d9:8b: fb:30:4a:29:ee:cf:b4:a1:ca:9f:a4:45:c5:58:1e: 71:9b:81:c9:bf:bb:ea:12:41:18:73:0c:8e:b2:d5: e7:9a:39:5f:00:ec:92:e2:f3:29:8e:c0:71:81:91: 1e:f9:1f:4a:5b:25:a9:59:50:52:8b:97:df:f2:d2: d3:19:4c:57:e4:51:0f:d8:bb:2e:10:f6:94:33:11: d0:c7:e1:a5:62:9d:19:50:e6:29:88:2a:47:af:0f: 53:a8:f6:06:2d:62:0f:16:df:1a:f6:9d:25:ef:e8: 3f:b9:cb:39:5b:34:b8:ee:93:3f:e1:83:5a:63:07: 1d:5e:39:e6:84:d4:87:9b:d7:2c:b8:59:d9:39:40: 49:ef:1f:df:b7:45:d4:02:ed:c8:08:b3:82:99:66: 2e:dc:27:50:b7:2d:c7:a5:56:94:91:36:7f:a6:74: c2:4f:22:c1:f3:21:ce:27:27:c7:e0:02:f0:24:a6: 86:f7:05:d0:97:39:33:97:09:c5:2a:df:25:a2:dd: 68:3c:76:93:96:18:49:3c:19:0c:b4:cc:da:d6:6c: f0:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:BF:4C:91:62:9F:AE:CA:70:09:FC:BF:93:55:44:96:B6:0F:08:9B X509v3 Authority Key Identifier: keyid:29:02:C9:9C:A7:32:C6:4A:19:C7:D9:73:4A:98:FB:24:E5:45:55:49 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KQLJnKcyxkoZx9lzSpj7JOVFVUk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/54ca24-6e56-47d3-a429-b649a578f89c/1/KQLJnKcyxkoZx9lzSpj7JOVFVUk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/54ca24-6e56-47d3-a429-b649a578f89c/1/KQLJnKcyxkoZx9lzSpj7JOVFVUk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 83:3c:bd:18:0a:9e:29:bf:95:76:08:a2:3a:9e:9a:8a:c0:8f: c1:17:69:f7:0b:b4:b9:15:17:79:df:cd:63:eb:f3:6b:a7:e1: c3:1a:37:e1:83:f8:6b:b8:d4:b6:20:12:16:34:3c:6e:f1:03: 8d:dd:86:5a:20:7a:be:16:a6:d1:00:fc:13:6d:b7:f5:dc:18: 48:75:07:00:f2:14:d8:85:9a:2b:a4:d3:68:55:c7:70:20:06: 26:32:9e:10:3f:04:cb:cf:fc:00:e2:2c:c0:c8:39:6e:7a:59: 19:50:ef:89:9d:3f:98:4e:96:5f:17:ab:2f:6f:5f:3c:e2:64: 6d:dd:3e:92:64:91:a7:40:71:02:f9:95:36:8f:e0:3b:f0:17: c4:ed:dd:ff:8d:25:f4:ca:5c:cc:01:91:c4:4c:b7:97:65:85: 28:79:b2:b6:e9:c0:ce:a0:f2:f1:39:7e:51:2f:31:eb:e7:3b: b9:7a:d5:77:98:0e:15:2e:28:50:35:9e:b9:74:5c:42:76:ce: b5:d0:35:dd:3e:a7:57:a9:3e:95:d5:60:44:63:29:bb:15:8b: 3f:77:58:a7:00:f9:12:ab:49:72:a9:51:f1:49:b4:37:17:45: 84:ff:e1:e8:d0:58:d0:28:bb:ab:53:cf:cf:c9:01:0c:87:38: 03:60:56:b9 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzieSktJnwRAet6kQqLT4lMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI5MDJjOTljYTczMmM2NGExOWM3ZDk3MzRhOThmYjI0ZTU0 NTU1NDkwHhcNMjUxMjA2MTIwMTMxWhcNMjUxMjA3MTIwMTMxWjAzMTEwLwYDVQQD EygxZWJmNGM5MTYyOWZhZWNhNzAwOWZjYmY5MzU1NDQ5NmI2MGYwODliMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuHS1RIz9kpa8r4KVn+Wf0TQsMVZN rNI2YAMBAJHCuFX3SVsrBRgmYSQY2Yv7MEop7s+0ocqfpEXFWB5xm4HJv7vqEkEY cwyOstXnmjlfAOyS4vMpjsBxgZEe+R9KWyWpWVBSi5ff8tLTGUxX5FEP2LsuEPaU MxHQx+GlYp0ZUOYpiCpHrw9TqPYGLWIPFt8a9p0l7+g/ucs5WzS47pM/4YNaYwcd XjnmhNSHm9csuFnZOUBJ7x/ft0XUAu3ICLOCmWYu3CdQty3HpVaUkTZ/pnTCTyLB 8yHOJyfH4ALwJKaG9wXQlzkzlwnFKt8lot1oPHaTlhhJPBkMtMza1mzwAQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFB6/TJFin67KcAn8v5NVRJa2DwibMB8GA1UdIwQY MBaAFCkCyZynMsZKGcfZc0qY+yTlRVVJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS1FMSm5LY3l4a29aeDlselNwajdKT1ZGVlVrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi81NGNhMjQtNmU1Ni00N2QzLWE0Mjkt YjY0OWE1NzhmODljLzEvS1FMSm5LY3l4a29aeDlselNwajdKT1ZGVlVrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mYi81NGNhMjQtNmU1Ni00N2QzLWE0MjktYjY0OWE1NzhmODlj LzEvS1FMSm5LY3l4a29aeDlselNwajdKT1ZGVlVrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAgzy9GAqe Kb+VdgiiOp6aisCPwRdp9wu0uRUXed/NY+vza6fhwxo34YP4a7jUtiASFjQ8bvED jd2GWiB6vham0QD8E2239dwYSHUHAPIU2IWaK6TTaFXHcCAGJjKeED8Ey8/8AOIs wMg5bnpZGVDviZ0/mE6WXxerL29fPOJkbd0+kmSRp0BxAvmVNo/gO/AXxO3d/40l 9MpczAGRxEy3l2WFKHmytunAzqDy8Tl+US8x6+c7uXrVd5gOFS4oUDWeuXRcQnbO tdA13T6nV6k+ldVgRGMpuxWLP3dYpwD5EqtJcqlR8Um0NxdFhP/h6NBY0Ci7q1PP z8kBDIc4A2BWuQ== -----END CERTIFICATE-----Generated at Sat Dec 6 19:31:10 2025 by rpki-client