This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/dc9b6f-3a6d-449f-8b89-1e829ffa1c3a/1/KZkwB8fJLfYXjny0MYP9f1KlJtg.mft File: KZkwB8fJLfYXjny0MYP9f1KlJtg.mft (raw, json) Hash identifier: 4mOFQGcje5dNLy63AIKFNQaiuQ0bT/rcJ9v0EIqtbco= Subject key identifier: 3B:59:7C:C9:5C:29:54:8D:13:71:CA:1B:D3:91:0C:11:98:8B:F7:B2 Authority key identifier: 29:99:30:07:C7:C9:2D:F6:17:8E:7C:B4:31:83:FD:7F:52:A5:26:D8 Certificate issuer: /CN=29993007c7c92df6178e7cb43183fd7f52a526d8 Certificate serial: 019B3CB4A614F7DA5ECB2665A095F6F9143E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KZkwB8fJLfYXjny0MYP9f1KlJtg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/dc9b6f-3a6d-449f-8b89-1e829ffa1c3a/1/KZkwB8fJLfYXjny0MYP9f1KlJtg.mft Manifest number: 0533 Signing time: Sat 20 Dec 2025 17:00:30 +0000 Manifest this update: Sat 20 Dec 2025 17:00:30 +0000 Manifest next update: Sun 21 Dec 2025 17:00:30 +0000 Files and hashes: 1: 4Onxw3ZyCceGdWFdrDz9GypV1To.roa (hash: rLXGfCwokEmOeP6DWTGHar2KAFcpyGY37FcoMJ/rm24=) 2: 6w2llJPr5u5R0U0gFJBhkfjASt8.roa (hash: Et1DM1KW1gT7dKyxGFfIxs38O3+sH74ZansUhbBdzew=) 3: HxZyQaGrGtOk8RKg0Mhbl06w1Co.roa (hash: T6PK192RHox/GMNjjl8t8FiOFdhRf0h3waZVXZOPKpk=) 4: KZkwB8fJLfYXjny0MYP9f1KlJtg.crl (hash: WZaaT5psyq0EawmHDEr80N9rBBlUn8U7MHjMYiBWjqo=) 5: PwMQ2FB61zxu5sQ2E09luTqKMvk.roa (hash: izn212mH5oYV5cpl26pTxpZxIsUMzoPkaD7C7yvNm8E=) 6: fNae6M71mV294ZXPAPike0PbceE.roa (hash: yK1vBYE3EmPb37wOJedAwxWWRQFUDScm3ZCALz4wEUs=) 7: nFiPEMhy3ZN7Kzd1c5drtsfC2Ms.roa (hash: K/fi1bP7PVVo/L+gbRw+2aDpJIZXZHh+7f96KzgbyVo=) 8: od9af71GeQfA9Hxa-pUi9HfyQbQ.roa (hash: XWeJ2o3YIDMGq+Gf7bx+E7FN5efcdXQkm09+SRPSSXw=) 9: ypFL40Xoi4y05qu3ogA3n6gvBmc.roa (hash: Osn8j8oSksWpQIeEIhv5U30zU1XAWvsewtWKW4S5v1U=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/dc9b6f-3a6d-449f-8b89-1e829ffa1c3a/1/KZkwB8fJLfYXjny0MYP9f1KlJtg.crl rsync://rpki.ripe.net/repository/DEFAULT/09/dc9b6f-3a6d-449f-8b89-1e829ffa1c3a/1/KZkwB8fJLfYXjny0MYP9f1KlJtg.mft rsync://rpki.ripe.net/repository/DEFAULT/KZkwB8fJLfYXjny0MYP9f1KlJtg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 15:46:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3c:b4:a6:14:f7:da:5e:cb:26:65:a0:95:f6:f9:14:3e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=29993007c7c92df6178e7cb43183fd7f52a526d8 Validity Not Before: Dec 20 17:00:30 2025 GMT Not After : Dec 21 17:00:30 2025 GMT Subject: CN=3b597cc95c29548d1371ca1bd3910c11988bf7b2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:8a:5c:4c:ae:ce:8f:35:cd:be:27:49:45:e3: 56:7d:77:72:ad:cd:57:95:85:e1:25:d1:e4:91:24: 19:40:90:b8:b8:86:37:fe:08:90:ce:48:66:d4:5f: ce:52:35:5a:6a:24:f0:89:24:db:8e:c3:bc:0c:a0: 40:a0:3a:6c:24:2f:98:76:85:de:9e:aa:d5:a2:25: 1b:a4:b4:5f:2c:3a:03:37:36:2f:41:27:0c:d3:b6: 11:a1:3f:65:db:14:38:aa:25:78:0d:b6:cc:49:d4: 65:f3:54:44:aa:a0:ea:30:65:4c:26:7e:33:5b:e0: 6a:2b:c7:56:eb:f5:58:d9:bc:e5:a7:15:2d:b2:a6: 77:31:17:e1:c0:9f:82:04:dc:74:0b:d7:8c:4a:9c: 29:3b:55:99:33:37:89:c1:6a:c0:08:c1:37:ea:52: 4d:22:e4:61:a1:7e:f6:28:96:bd:23:fa:55:ba:fa: e1:e3:46:52:ca:c1:b6:82:f7:75:7c:37:a2:99:34: ae:4e:e7:fc:5f:71:fd:99:e0:8c:4b:58:3a:4b:98: 84:28:f4:53:0a:94:b0:26:41:4c:47:36:d9:63:dd: 02:09:9d:c4:33:65:4a:04:69:f1:1b:8c:e0:95:52: 6b:09:0b:43:39:d8:dd:53:72:b9:15:27:ca:8b:39: 39:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3B:59:7C:C9:5C:29:54:8D:13:71:CA:1B:D3:91:0C:11:98:8B:F7:B2 X509v3 Authority Key Identifier: keyid:29:99:30:07:C7:C9:2D:F6:17:8E:7C:B4:31:83:FD:7F:52:A5:26:D8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KZkwB8fJLfYXjny0MYP9f1KlJtg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/dc9b6f-3a6d-449f-8b89-1e829ffa1c3a/1/KZkwB8fJLfYXjny0MYP9f1KlJtg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/09/dc9b6f-3a6d-449f-8b89-1e829ffa1c3a/1/KZkwB8fJLfYXjny0MYP9f1KlJtg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 42:58:b3:32:69:7d:d1:8f:87:41:83:35:c4:d9:3a:ab:3a:fd: eb:27:bd:7f:1b:41:66:44:fb:90:76:ee:cb:8f:8e:6c:81:bb: d3:cb:59:7c:6c:48:50:1f:fb:9c:0e:24:b2:0f:7e:d2:22:be: 66:c1:90:ac:2c:a8:fb:05:e2:97:0c:d7:7a:3a:20:1a:21:9f: b4:1b:72:a4:46:e6:e5:d6:1d:6a:56:0d:49:1f:fd:dc:98:40: 7d:cf:5c:9e:38:ed:e4:9d:8a:44:ce:b6:2c:e5:d8:26:d7:f1: 60:6f:ec:ff:16:07:8b:80:82:88:71:fa:96:7c:94:64:a2:d8: 65:37:9b:16:21:42:ae:f2:57:9e:4a:14:5a:f6:93:f2:0f:39: af:a2:f5:84:66:b8:26:ae:88:28:64:8d:cd:3b:c9:d1:95:51: d5:69:c9:30:9d:e7:c4:f1:f5:9c:2d:34:2f:34:0a:de:0f:91: ce:33:db:b4:29:ce:35:44:f5:29:66:0d:ac:fe:ad:51:30:0e: 57:27:05:63:32:44:fe:7a:cb:49:76:25:fc:d6:5e:f6:b4:75: da:7a:91:23:17:30:ae:1f:04:38:3d:f1:23:d3:b8:8e:b4:96: d4:bf:69:1e:74:14:ce:da:ca:92:c5:2c:2c:77:84:fa:88:23: d5:84:d4:82 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs8tKYU99peyyZloJX2+RQ+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI5OTkzMDA3YzdjOTJkZjYxNzhlN2NiNDMxODNmZDdmNTJh NTI2ZDgwHhcNMjUxMjIwMTcwMDMwWhcNMjUxMjIxMTcwMDMwWjAzMTEwLwYDVQQD EygzYjU5N2NjOTVjMjk1NDhkMTM3MWNhMWJkMzkxMGMxMTk4OGJmN2IyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvYpcTK7OjzXNvidJReNWfXdyrc1X lYXhJdHkkSQZQJC4uIY3/giQzkhm1F/OUjVaaiTwiSTbjsO8DKBAoDpsJC+YdoXe nqrVoiUbpLRfLDoDNzYvQScM07YRoT9l2xQ4qiV4DbbMSdRl81REqqDqMGVMJn4z W+BqK8dW6/VY2bzlpxUtsqZ3MRfhwJ+CBNx0C9eMSpwpO1WZMzeJwWrACME36lJN IuRhoX72KJa9I/pVuvrh40ZSysG2gvd1fDeimTSuTuf8X3H9meCMS1g6S5iEKPRT CpSwJkFMRzbZY90CCZ3EM2VKBGnxG4zglVJrCQtDOdjdU3K5FSfKizk5WQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDtZfMlcKVSNE3HKG9ORDBGYi/eyMB8GA1UdIwQY MBaAFCmZMAfHyS32F458tDGD/X9SpSbYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS1prd0I4ZkpMZllYam55ME1ZUDlmMUtsSnRnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9kYzliNmYtM2E2ZC00NDlmLThiODkt MWU4MjlmZmExYzNhLzEvS1prd0I4ZkpMZllYam55ME1ZUDlmMUtsSnRnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wOS9kYzliNmYtM2E2ZC00NDlmLThiODktMWU4MjlmZmExYzNh LzEvS1prd0I4ZkpMZllYam55ME1ZUDlmMUtsSnRnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAQlizMml9 0Y+HQYM1xNk6qzr96ye9fxtBZkT7kHbuy4+ObIG708tZfGxIUB/7nA4ksg9+0iK+ ZsGQrCyo+wXilwzXejogGiGftBtypEbm5dYdalYNSR/93JhAfc9cnjjt5J2KRM62 LOXYJtfxYG/s/xYHi4CCiHH6lnyUZKLYZTebFiFCrvJXnkoUWvaT8g85r6L1hGa4 Jq6IKGSNzTvJ0ZVR1WnJMJ3nxPH1nC00LzQK3g+RzjPbtCnONUT1KWYNrP6tUTAO VycFYzJE/nrLSXYl/NZe9rR12nqRIxcwrh8EOD3xI9O4jrSW1L9pHnQUztrKksUs LHeE+ogj1YTUgg== -----END CERTIFICATE-----Generated at Sat Dec 20 20:52:40 2025 by rpki-client