This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/a2ce64-33af-45fe-90eb-89d2611a95db/1/KMIgKkQ1N_uPsoBWehdIXxIwxBE.mft File: KMIgKkQ1N_uPsoBWehdIXxIwxBE.mft (raw, json) Hash identifier: fOQd/zlV7Ss/h6cYk2Pgf4TNWUwr1fT05vxm2/rR69M= Subject key identifier: 69:C3:B2:F4:11:12:41:87:AE:F7:D8:7B:10:E7:79:3E:DD:5A:2E:2F Authority key identifier: 28:C2:20:2A:44:35:37:FB:8F:B2:80:56:7A:17:48:5F:12:30:C4:11 Certificate issuer: /CN=28c2202a443537fb8fb280567a17485f1230c411 Certificate serial: 019B465D641F6E44ED0EE73F95D534DE93F7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KMIgKkQ1N_uPsoBWehdIXxIwxBE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/a2ce64-33af-45fe-90eb-89d2611a95db/1/KMIgKkQ1N_uPsoBWehdIXxIwxBE.mft Manifest number: 1790 Signing time: Mon 22 Dec 2025 14:01:24 +0000 Manifest this update: Mon 22 Dec 2025 14:01:24 +0000 Manifest next update: Tue 23 Dec 2025 14:01:24 +0000 Files and hashes: 1: KMIgKkQ1N_uPsoBWehdIXxIwxBE.crl (hash: v4CsIlX/6yDmytVJ7SxQhYb3JW35TgMPb4AKY/YylFo=) 2: rzOkydR3EHFZXD3XEkRebB02-_4.roa (hash: df7jTqxQL8Sw059sbRTkyG9ltt5KtHFaW+BfP29wPTk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/08/a2ce64-33af-45fe-90eb-89d2611a95db/1/KMIgKkQ1N_uPsoBWehdIXxIwxBE.crl rsync://rpki.ripe.net/repository/DEFAULT/08/a2ce64-33af-45fe-90eb-89d2611a95db/1/KMIgKkQ1N_uPsoBWehdIXxIwxBE.mft rsync://rpki.ripe.net/repository/DEFAULT/KMIgKkQ1N_uPsoBWehdIXxIwxBE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 10:00:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:46:5d:64:1f:6e:44:ed:0e:e7:3f:95:d5:34:de:93:f7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=28c2202a443537fb8fb280567a17485f1230c411 Validity Not Before: Dec 22 14:01:24 2025 GMT Not After : Dec 23 14:01:24 2025 GMT Subject: CN=69c3b2f411124187aef7d87b10e7793edd5a2e2f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:f8:e9:4b:43:b3:62:51:82:9f:e8:8e:af:e0: 1d:5e:dc:ec:3b:7f:cf:a8:5b:5c:db:91:b0:b0:c6: 36:34:51:3a:b2:03:68:62:1c:a6:f6:0f:16:d5:3c: a0:31:ca:40:6f:29:d5:b9:47:56:a3:fb:d7:74:ad: 0e:50:dc:87:0b:36:a1:c8:20:ee:ba:b0:a8:47:94: 3a:07:2b:1a:6e:30:18:8d:a8:13:68:c2:e8:d2:15: 00:18:fe:4b:af:b6:62:a3:d6:db:0b:b7:0d:08:21: 8c:e1:ec:94:88:1e:03:6c:15:f4:76:eb:7e:02:78: 49:55:9f:df:43:77:e6:11:e0:fa:7d:31:4e:b9:b9: 2c:c7:27:33:8d:0b:4b:17:e7:b6:90:ca:04:44:94: 68:d2:bd:31:24:bd:bd:23:58:67:41:94:52:97:7f: 7a:d1:41:f4:ff:d7:f3:91:5e:ce:83:86:ee:40:ad: 37:63:9c:a0:16:36:c9:50:86:dc:4b:45:1d:21:dc: e1:65:b8:f9:61:5a:24:54:31:fc:e7:03:68:7d:df: f6:fd:db:4d:8a:3d:4c:d5:69:e7:c4:3c:00:e9:76: 7d:59:3f:fa:62:4a:bc:87:4e:1b:b2:96:b6:71:6a: 40:aa:ef:dc:7a:5a:ae:4f:34:20:ed:ae:68:72:c1: 66:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 69:C3:B2:F4:11:12:41:87:AE:F7:D8:7B:10:E7:79:3E:DD:5A:2E:2F X509v3 Authority Key Identifier: keyid:28:C2:20:2A:44:35:37:FB:8F:B2:80:56:7A:17:48:5F:12:30:C4:11 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KMIgKkQ1N_uPsoBWehdIXxIwxBE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/a2ce64-33af-45fe-90eb-89d2611a95db/1/KMIgKkQ1N_uPsoBWehdIXxIwxBE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/08/a2ce64-33af-45fe-90eb-89d2611a95db/1/KMIgKkQ1N_uPsoBWehdIXxIwxBE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 39:79:04:6a:bc:8d:87:7c:d5:6e:a5:c7:a5:3a:0a:c8:d0:2c: 10:a9:01:2a:0a:9a:8e:df:dc:ae:ca:7b:6e:73:82:d6:e7:41: 05:b9:2a:39:13:f2:46:93:9f:11:10:33:67:fb:97:52:de:53: 33:ad:2d:c1:fc:a6:75:1b:82:50:52:b9:a9:61:8d:93:83:83: 7b:04:9b:da:68:f3:d2:28:ff:c2:92:82:e8:9e:b8:c1:d1:dc: f2:1e:63:e1:3b:0e:5c:86:73:cb:6d:f6:8f:2d:07:4b:76:4c: 9a:93:85:d7:cf:ee:a4:12:a1:5e:f0:31:72:a0:38:08:90:5c: 45:54:25:78:a8:82:d1:b9:56:6c:b5:c5:41:e8:a5:ca:6b:c4: 14:5e:14:74:99:24:c2:b9:8e:72:99:91:a8:ce:4a:24:47:a2: 05:4b:53:3e:74:ba:b6:03:6e:c0:78:c5:06:df:5b:89:cb:87: aa:d0:6e:0a:be:ce:9e:e8:c9:49:3e:f8:b2:3c:e5:91:c7:db: 25:d4:6f:0b:e9:76:20:4d:ef:ac:59:72:e3:42:33:6e:be:20: df:77:c6:f8:c6:85:bd:d6:b9:92:6e:b6:96:ef:47:73:ec:eb: e3:3a:0f:a8:0c:d6:46:75:b5:da:68:61:bd:1c:5d:b6:c3:cd: 32:41:cb:f3 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtGXWQfbkTtDuc/ldU03pP3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI4YzIyMDJhNDQzNTM3ZmI4ZmIyODA1NjdhMTc0ODVmMTIz MGM0MTEwHhcNMjUxMjIyMTQwMTI0WhcNMjUxMjIzMTQwMTI0WjAzMTEwLwYDVQQD Eyg2OWMzYjJmNDExMTI0MTg3YWVmN2Q4N2IxMGU3NzkzZWRkNWEyZTJmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqPjpS0OzYlGCn+iOr+AdXtzsO3/P qFtc25GwsMY2NFE6sgNoYhym9g8W1TygMcpAbynVuUdWo/vXdK0OUNyHCzahyCDu urCoR5Q6BysabjAYjagTaMLo0hUAGP5Lr7Zio9bbC7cNCCGM4eyUiB4DbBX0dut+ AnhJVZ/fQ3fmEeD6fTFOubksxyczjQtLF+e2kMoERJRo0r0xJL29I1hnQZRSl396 0UH0/9fzkV7Og4buQK03Y5ygFjbJUIbcS0UdIdzhZbj5YVokVDH85wNofd/2/dtN ij1M1WnnxDwA6XZ9WT/6Ykq8h04bspa2cWpAqu/celquTzQg7a5ocsFm5wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGnDsvQREkGHrvfYexDneT7dWi4vMB8GA1UdIwQY MBaAFCjCICpENTf7j7KAVnoXSF8SMMQRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS01JZ0trUTFOX3VQc29CV2VoZElYeEl3eEJFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC9hMmNlNjQtMzNhZi00NWZlLTkwZWIt ODlkMjYxMWE5NWRiLzEvS01JZ0trUTFOX3VQc29CV2VoZElYeEl3eEJFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wOC9hMmNlNjQtMzNhZi00NWZlLTkwZWItODlkMjYxMWE5NWRi LzEvS01JZ0trUTFOX3VQc29CV2VoZElYeEl3eEJFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOXkEaryN h3zVbqXHpToKyNAsEKkBKgqajt/crsp7bnOC1udBBbkqORPyRpOfERAzZ/uXUt5T M60twfymdRuCUFK5qWGNk4ODewSb2mjz0ij/wpKC6J64wdHc8h5j4TsOXIZzy232 jy0HS3ZMmpOF18/upBKhXvAxcqA4CJBcRVQleKiC0blWbLXFQeilymvEFF4UdJkk wrmOcpmRqM5KJEeiBUtTPnS6tgNuwHjFBt9bicuHqtBuCr7OnujJST74sjzlkcfb JdRvC+l2IE3vrFly40Izbr4g33fG+MaFvda5km62lu9Hc+zr4zoPqAzWRnW12mhh vRxdtsPNMkHL8w== -----END CERTIFICATE-----Generated at Mon Dec 22 17:07:23 2025 by rpki-client