This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/352f9a-4fde-484a-b923-c87fbbd03e86/1/KPmBwgqmUqqF4Ai9Ji97wfhWw1g.mft File: KPmBwgqmUqqF4Ai9Ji97wfhWw1g.mft (raw, json) Hash identifier: D0ZJrzEq2dj0Q0hQqRjzqgbQHkY3KkmMuLjqDk1zHq8= Subject key identifier: DF:47:5B:25:1B:59:F9:87:F9:A3:CF:D5:7E:F7:59:E1:E2:EC:D8:70 Authority key identifier: 28:F9:81:C2:0A:A6:52:AA:85:E0:08:BD:26:2F:7B:C1:F8:56:C3:58 Certificate issuer: /CN=28f981c20aa652aa85e008bd262f7bc1f856c358 Certificate serial: 019B69C4BC408561F2FEF4D3F75349FBFDB6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KPmBwgqmUqqF4Ai9Ji97wfhWw1g.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/352f9a-4fde-484a-b923-c87fbbd03e86/1/KPmBwgqmUqqF4Ai9Ji97wfhWw1g.mft Manifest number: 11E9 Signing time: Mon 29 Dec 2025 11:00:59 +0000 Manifest this update: Mon 29 Dec 2025 11:00:59 +0000 Manifest next update: Tue 30 Dec 2025 11:00:59 +0000 Files and hashes: 1: KPmBwgqmUqqF4Ai9Ji97wfhWw1g.crl (hash: TGdhsTG3CyTKqvvrDFBbpBQgu1i5oqP4zKL8Li13zn4=) 2: rYNJq30hG9TfQKEAUAnbb-JlarU.roa (hash: bobhiWtsSX2sPVTtreNAJF6ae9i50YxHtcGAHPsK84U=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/352f9a-4fde-484a-b923-c87fbbd03e86/1/KPmBwgqmUqqF4Ai9Ji97wfhWw1g.crl rsync://rpki.ripe.net/repository/DEFAULT/11/352f9a-4fde-484a-b923-c87fbbd03e86/1/KPmBwgqmUqqF4Ai9Ji97wfhWw1g.mft rsync://rpki.ripe.net/repository/DEFAULT/KPmBwgqmUqqF4Ai9Ji97wfhWw1g.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 30 Dec 2025 11:00:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:69:c4:bc:40:85:61:f2:fe:f4:d3:f7:53:49:fb:fd:b6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=28f981c20aa652aa85e008bd262f7bc1f856c358 Validity Not Before: Dec 29 11:00:59 2025 GMT Not After : Dec 30 11:00:59 2025 GMT Subject: CN=df475b251b59f987f9a3cfd57ef759e1e2ecd870 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:30:30:77:de:06:78:53:5b:8d:3c:29:c3:20: 90:3d:75:bf:d8:05:62:67:0b:51:37:87:43:5a:3a: a1:92:f8:0d:9d:26:b2:12:ad:e8:d7:db:05:f4:cc: e5:28:e3:d7:03:59:66:bb:d9:f7:4b:6e:88:23:71: a0:35:80:da:c3:4a:72:05:6c:51:a8:84:b6:43:1b: 6e:8f:aa:aa:6a:0f:c1:3f:83:38:07:1b:2a:50:28: 33:b4:db:0b:e8:39:5b:78:f2:36:f0:f8:b5:2f:be: 27:fc:31:b5:a5:b5:6e:bc:87:5c:f2:ea:1a:f1:f0: dd:94:dd:7b:a5:df:30:2e:51:65:04:c1:66:6b:03: 6e:32:ee:ef:ca:78:3f:20:ef:3d:87:eb:3f:77:8b: 83:e9:79:9b:4b:91:5d:06:98:e4:49:9f:b7:5d:10: d4:69:88:5c:df:5f:f7:35:c4:1c:4e:db:b2:ea:77: 10:53:0d:e7:b0:b9:d5:ea:f1:ae:84:5c:2e:d1:68: b7:da:96:18:59:8a:02:aa:71:7b:ec:1d:a3:e9:ba: 35:bd:1f:9e:23:d6:81:89:95:23:68:e9:20:33:bd: 51:da:f7:8d:28:f3:08:2f:55:da:e8:97:47:c8:36: b4:bd:9c:1a:55:05:a0:3a:0e:93:21:41:e8:9d:6c: 4d:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:47:5B:25:1B:59:F9:87:F9:A3:CF:D5:7E:F7:59:E1:E2:EC:D8:70 X509v3 Authority Key Identifier: keyid:28:F9:81:C2:0A:A6:52:AA:85:E0:08:BD:26:2F:7B:C1:F8:56:C3:58 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KPmBwgqmUqqF4Ai9Ji97wfhWw1g.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/352f9a-4fde-484a-b923-c87fbbd03e86/1/KPmBwgqmUqqF4Ai9Ji97wfhWw1g.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/11/352f9a-4fde-484a-b923-c87fbbd03e86/1/KPmBwgqmUqqF4Ai9Ji97wfhWw1g.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 00:b2:40:6a:87:11:b2:5b:68:3a:44:29:ef:f7:b6:7d:1f:d0: 07:2f:5f:07:a8:22:f4:40:bd:b9:b2:c0:82:2d:96:cd:a1:1b: 37:c5:94:a7:82:5e:e9:aa:90:0e:aa:33:ff:05:ff:f3:10:2d: 09:8f:5f:bb:6b:65:4d:49:58:5c:26:80:2b:e7:21:ee:04:76: aa:3a:b1:4c:b5:4c:0d:89:d0:10:61:3f:27:c6:9b:43:73:0b: d7:52:10:26:3f:a4:d2:d5:70:47:1d:c7:17:d3:82:eb:22:64: 8c:a2:29:16:b3:a0:80:05:42:84:d8:53:cb:7e:3c:0d:6a:b0: e5:76:02:9f:25:1a:b7:d7:67:4f:fb:7a:2f:59:46:48:10:71: 99:ba:2e:d8:d3:02:ba:9e:d4:30:f7:65:7a:8d:b7:96:61:d6: e3:6a:95:81:ac:9f:91:af:a2:62:62:67:c9:1e:3d:e4:c8:95: 36:31:a3:1a:18:c5:7b:71:5e:af:1a:66:18:ec:1f:36:74:09: bb:a1:a8:f9:d8:74:cb:ac:b4:4b:c1:2e:28:3b:86:5f:16:ac: b2:6c:e2:db:fd:fe:78:3e:82:04:32:c4:38:28:bb:cf:0e:a4: 8e:44:e9:97:ca:de:0e:28:76:d7:9c:b7:1a:92:df:a0:b4:0e: a0:3a:2c:b2 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtpxLxAhWHy/vTT91NJ+/22MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI4Zjk4MWMyMGFhNjUyYWE4NWUwMDhiZDI2MmY3YmMxZjg1 NmMzNTgwHhcNMjUxMjI5MTEwMDU5WhcNMjUxMjMwMTEwMDU5WjAzMTEwLwYDVQQD EyhkZjQ3NWIyNTFiNTlmOTg3ZjlhM2NmZDU3ZWY3NTllMWUyZWNkODcwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwzAwd94GeFNbjTwpwyCQPXW/2AVi ZwtRN4dDWjqhkvgNnSayEq3o19sF9MzlKOPXA1lmu9n3S26II3GgNYDaw0pyBWxR qIS2Qxtuj6qqag/BP4M4BxsqUCgztNsL6DlbePI28Pi1L74n/DG1pbVuvIdc8uoa 8fDdlN17pd8wLlFlBMFmawNuMu7vyng/IO89h+s/d4uD6XmbS5FdBpjkSZ+3XRDU aYhc31/3NcQcTtuy6ncQUw3nsLnV6vGuhFwu0Wi32pYYWYoCqnF77B2j6bo1vR+e I9aBiZUjaOkgM71R2veNKPMIL1Xa6JdHyDa0vZwaVQWgOg6TIUHonWxNIwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFN9HWyUbWfmH+aPP1X73WeHi7NhwMB8GA1UdIwQY MBaAFCj5gcIKplKqheAIvSYve8H4VsNYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS1BtQndncW1VcXFGNEFpOUppOTd3ZmhXdzFnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS8zNTJmOWEtNGZkZS00ODRhLWI5MjMt Yzg3ZmJiZDAzZTg2LzEvS1BtQndncW1VcXFGNEFpOUppOTd3ZmhXdzFnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xMS8zNTJmOWEtNGZkZS00ODRhLWI5MjMtYzg3ZmJiZDAzZTg2 LzEvS1BtQndncW1VcXFGNEFpOUppOTd3ZmhXdzFnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAALJAaocR sltoOkQp7/e2fR/QBy9fB6gi9EC9ubLAgi2WzaEbN8WUp4Je6aqQDqoz/wX/8xAt CY9fu2tlTUlYXCaAK+ch7gR2qjqxTLVMDYnQEGE/J8abQ3ML11IQJj+k0tVwRx3H F9OC6yJkjKIpFrOggAVChNhTy348DWqw5XYCnyUat9dnT/t6L1lGSBBxmbou2NMC up7UMPdleo23lmHW42qVgayfka+iYmJnyR495MiVNjGjGhjFe3FerxpmGOwfNnQJ u6Go+dh0y6y0S8EuKDuGXxassmzi2/3+eD6CBDLEOCi7zw6kjkTpl8reDih215y3 GpLfoLQOoDossg== -----END CERTIFICATE-----Generated at Mon Dec 29 16:27:47 2025 by rpki-client