This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/352f9a-4fde-484a-b923-c87fbbd03e86/1/KPmBwgqmUqqF4Ai9Ji97wfhWw1g.mft File: KPmBwgqmUqqF4Ai9Ji97wfhWw1g.mft (raw, json) Hash identifier: otPQDc1Yd+6eTm+Rv36+iyvX+eBr3bRqSnvbGd69BCY= Subject key identifier: AA:42:7E:4D:60:1D:7E:3D:3B:FB:BE:09:E4:0E:D0:5D:7F:7C:94:4D Authority key identifier: 28:F9:81:C2:0A:A6:52:AA:85:E0:08:BD:26:2F:7B:C1:F8:56:C3:58 Certificate issuer: /CN=28f981c20aa652aa85e008bd262f7bc1f856c358 Certificate serial: 019B601D38B94773AEAAE4607C5E3478D0FD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KPmBwgqmUqqF4Ai9Ji97wfhWw1g.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/352f9a-4fde-484a-b923-c87fbbd03e86/1/KPmBwgqmUqqF4Ai9Ji97wfhWw1g.mft Manifest number: 11E4 Signing time: Sat 27 Dec 2025 14:01:26 +0000 Manifest this update: Sat 27 Dec 2025 14:01:26 +0000 Manifest next update: Sun 28 Dec 2025 14:01:26 +0000 Files and hashes: 1: KPmBwgqmUqqF4Ai9Ji97wfhWw1g.crl (hash: UMDv3S7ngYAuPM2Wc4ccRPWtJJ3qyXJX4s1JZMFdyUE=) 2: rYNJq30hG9TfQKEAUAnbb-JlarU.roa (hash: bobhiWtsSX2sPVTtreNAJF6ae9i50YxHtcGAHPsK84U=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/352f9a-4fde-484a-b923-c87fbbd03e86/1/KPmBwgqmUqqF4Ai9Ji97wfhWw1g.crl rsync://rpki.ripe.net/repository/DEFAULT/11/352f9a-4fde-484a-b923-c87fbbd03e86/1/KPmBwgqmUqqF4Ai9Ji97wfhWw1g.mft rsync://rpki.ripe.net/repository/DEFAULT/KPmBwgqmUqqF4Ai9Ji97wfhWw1g.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 28 Dec 2025 14:01:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:60:1d:38:b9:47:73:ae:aa:e4:60:7c:5e:34:78:d0:fd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=28f981c20aa652aa85e008bd262f7bc1f856c358 Validity Not Before: Dec 27 14:01:26 2025 GMT Not After : Dec 28 14:01:26 2025 GMT Subject: CN=aa427e4d601d7e3d3bfbbe09e40ed05d7f7c944d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:25:20:9b:dc:54:19:33:18:8d:5c:7e:db:e6: 0d:f6:09:22:a1:d4:b0:42:37:5d:a9:6b:5d:d0:b9: 11:b4:d7:4c:2f:f3:df:ac:ce:53:6f:7f:89:d1:e0: 6a:97:7b:64:87:a9:18:94:3e:c0:c8:15:2f:87:02: 04:47:f9:ed:8b:7b:66:4a:8d:d2:0c:13:7a:a4:3e: 29:c3:a3:c4:c9:a3:6a:04:26:3f:67:40:0f:34:2e: de:26:5e:95:9e:e5:ab:0e:fe:70:32:0b:c9:bc:2f: a4:3e:fc:b7:d9:ca:2f:3a:fb:2a:1e:19:da:e7:29: b3:15:56:b5:22:0e:53:a2:1c:ac:37:24:3e:ef:91: 99:1e:eb:42:5d:3f:3d:0d:5a:06:5a:89:95:b9:19: bf:30:75:43:11:bc:d6:67:af:d8:2c:f3:d5:11:00: 7b:a4:2f:ab:39:d1:13:e9:4f:d2:94:18:4f:4b:20: c0:15:9a:8d:39:b3:14:24:6d:8a:8b:17:57:d9:9f: a0:9f:ec:84:99:18:3f:1c:61:24:f1:69:95:1c:06: b2:49:6f:b3:b4:34:51:45:71:3a:7a:72:ee:2f:09: c2:05:4d:07:4c:49:65:76:0b:0d:7e:70:ea:4e:bf: 19:71:35:ca:fe:ca:eb:ef:c9:a7:44:48:9c:8e:ca: 26:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AA:42:7E:4D:60:1D:7E:3D:3B:FB:BE:09:E4:0E:D0:5D:7F:7C:94:4D X509v3 Authority Key Identifier: keyid:28:F9:81:C2:0A:A6:52:AA:85:E0:08:BD:26:2F:7B:C1:F8:56:C3:58 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KPmBwgqmUqqF4Ai9Ji97wfhWw1g.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/352f9a-4fde-484a-b923-c87fbbd03e86/1/KPmBwgqmUqqF4Ai9Ji97wfhWw1g.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/11/352f9a-4fde-484a-b923-c87fbbd03e86/1/KPmBwgqmUqqF4Ai9Ji97wfhWw1g.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 38:a9:00:84:ab:32:2f:28:99:0f:89:92:ba:bc:d7:eb:6d:3f: 26:21:94:26:56:8b:d7:55:6c:98:8b:26:3f:92:9e:82:b5:81: 96:ee:83:9c:37:26:a6:3b:c9:a1:5e:a5:b3:4b:84:e4:43:e2: 28:26:71:ec:b6:1e:0c:53:5c:f9:09:07:64:e3:05:ac:f1:26: 08:99:23:5d:86:2d:94:27:61:cb:b9:e0:87:27:b5:96:d7:b9: d8:2d:92:6e:40:42:ce:1e:50:d8:97:fd:58:19:74:09:6f:51: 35:b1:ba:be:69:0b:b8:e7:a6:5e:8b:c1:ae:3b:61:b0:59:82: 30:cd:8a:e0:d3:52:61:b7:3c:e2:fa:9c:48:9d:82:24:38:68: 9c:8d:90:70:fc:76:04:7e:8e:26:09:86:ab:68:e7:49:e2:ce: 9d:09:a9:dc:48:4d:e4:61:b8:34:2f:28:c8:33:6a:9f:43:9f: ac:1c:8c:0a:b9:5e:91:e4:7a:a2:6c:17:33:ba:64:8d:bd:0b: ec:7d:12:b4:1b:84:cd:97:b1:3e:c7:b8:06:f1:a9:a3:e9:b5: a4:2e:bc:b0:26:6b:29:ba:bb:c3:0d:74:a2:0a:0b:a7:6b:29: 23:21:7d:b1:46:b6:28:b9:b8:25:85:ba:8f:3a:4f:e1:e3:e5: 90:48:22:b8 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtgHTi5R3OuquRgfF40eND9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI4Zjk4MWMyMGFhNjUyYWE4NWUwMDhiZDI2MmY3YmMxZjg1 NmMzNTgwHhcNMjUxMjI3MTQwMTI2WhcNMjUxMjI4MTQwMTI2WjAzMTEwLwYDVQQD EyhhYTQyN2U0ZDYwMWQ3ZTNkM2JmYmJlMDllNDBlZDA1ZDdmN2M5NDRkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzSUgm9xUGTMYjVx+2+YN9gkiodSw QjddqWtd0LkRtNdML/PfrM5Tb3+J0eBql3tkh6kYlD7AyBUvhwIER/nti3tmSo3S DBN6pD4pw6PEyaNqBCY/Z0APNC7eJl6VnuWrDv5wMgvJvC+kPvy32covOvsqHhna 5ymzFVa1Ig5TohysNyQ+75GZHutCXT89DVoGWomVuRm/MHVDEbzWZ6/YLPPVEQB7 pC+rOdET6U/SlBhPSyDAFZqNObMUJG2KixdX2Z+gn+yEmRg/HGEk8WmVHAaySW+z tDRRRXE6enLuLwnCBU0HTElldgsNfnDqTr8ZcTXK/srr78mnREicjsomEQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKpCfk1gHX49O/u+CeQO0F1/fJRNMB8GA1UdIwQY MBaAFCj5gcIKplKqheAIvSYve8H4VsNYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS1BtQndncW1VcXFGNEFpOUppOTd3ZmhXdzFnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS8zNTJmOWEtNGZkZS00ODRhLWI5MjMt Yzg3ZmJiZDAzZTg2LzEvS1BtQndncW1VcXFGNEFpOUppOTd3ZmhXdzFnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xMS8zNTJmOWEtNGZkZS00ODRhLWI5MjMtYzg3ZmJiZDAzZTg2 LzEvS1BtQndncW1VcXFGNEFpOUppOTd3ZmhXdzFnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOKkAhKsy LyiZD4mSurzX620/JiGUJlaL11VsmIsmP5KegrWBlu6DnDcmpjvJoV6ls0uE5EPi KCZx7LYeDFNc+QkHZOMFrPEmCJkjXYYtlCdhy7nghye1lte52C2SbkBCzh5Q2Jf9 WBl0CW9RNbG6vmkLuOemXovBrjthsFmCMM2K4NNSYbc84vqcSJ2CJDhonI2QcPx2 BH6OJgmGq2jnSeLOnQmp3EhN5GG4NC8oyDNqn0OfrByMCrlekeR6omwXM7pkjb0L 7H0StBuEzZexPse4BvGpo+m1pC68sCZrKbq7ww10ogoLp2spIyF9sUa2KLm4JYW6 jzpP4ePlkEgiuA== -----END CERTIFICATE-----Generated at Sat Dec 27 19:43:39 2025 by rpki-client