This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/KiGxq-eH4lRkOR-tYdAOPzdrmM8.mft File: KiGxq-eH4lRkOR-tYdAOPzdrmM8.mft (raw, json) Hash identifier: MFFmUJtDldT22k/Ta97BxcmYUNUUc9zsMlw4ALyE8X0= Subject key identifier: 4D:66:F3:72:F7:A1:AF:75:57:4E:E9:B2:6C:EE:29:07:62:81:C8:C7 Authority key identifier: 2A:21:B1:AB:E7:87:E2:54:64:39:1F:AD:61:D0:0E:3F:37:6B:98:CF Certificate issuer: /CN=2a21b1abe787e25464391fad61d00e3f376b98cf Certificate serial: 019B4FCDE09B11F1A2A2D61CC2BF785F2223 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KiGxq-eH4lRkOR-tYdAOPzdrmM8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/KiGxq-eH4lRkOR-tYdAOPzdrmM8.mft Manifest number: 0CAD Signing time: Wed 24 Dec 2025 10:00:50 +0000 Manifest this update: Wed 24 Dec 2025 10:00:50 +0000 Manifest next update: Thu 25 Dec 2025 10:00:50 +0000 Files and hashes: 1: HDOhzz0jBa_Gp9AJUMy27D9Cjlg.roa (hash: lm71x5ibbc8ZUL32IG9cJWwnD/vjqa8xr80jq2AaleE=) 2: KiGxq-eH4lRkOR-tYdAOPzdrmM8.crl (hash: PLGHMWA2GuHWVuSrqMS7xX6Qtgm3+2j4L7otwQmiKE8=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/KiGxq-eH4lRkOR-tYdAOPzdrmM8.crl rsync://rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/KiGxq-eH4lRkOR-tYdAOPzdrmM8.mft rsync://rpki.ripe.net/repository/DEFAULT/KiGxq-eH4lRkOR-tYdAOPzdrmM8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 09:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4f:cd:e0:9b:11:f1:a2:a2:d6:1c:c2:bf:78:5f:22:23 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a21b1abe787e25464391fad61d00e3f376b98cf Validity Not Before: Dec 24 10:00:50 2025 GMT Not After : Dec 25 10:00:50 2025 GMT Subject: CN=4d66f372f7a1af75574ee9b26cee29076281c8c7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:b7:54:0f:dd:8e:f1:69:9f:78:92:a3:c3:48: 38:c0:2b:5f:95:9f:fe:98:98:72:59:ef:a7:25:f6: 04:eb:4c:56:f8:6b:e4:c6:c6:9f:00:09:7c:e6:81: c3:7f:7a:91:0f:94:80:ae:e5:87:8b:34:e1:9c:8b: e9:b5:0f:d5:10:c6:2c:15:53:1f:5c:a1:85:ca:8d: 0d:80:e8:69:05:4e:c3:50:cd:44:05:c0:44:30:9f: ae:50:7b:ca:9d:9e:ed:9d:79:0d:dc:62:46:eb:85: 6f:09:cc:00:45:f2:d3:cd:a2:cd:5c:e7:f5:38:ee: 72:1d:28:5d:12:ec:04:b8:02:ed:38:fa:70:3d:a8: 0b:a5:ea:f1:a4:b3:42:4d:a4:b7:1a:47:ad:82:df: a8:4a:a1:d8:d1:14:70:5f:f6:b9:8f:e6:a4:0a:3d: aa:14:c2:02:04:00:1f:6f:e1:8a:d3:8f:90:24:4f: a3:43:e8:da:3b:6c:8d:47:f2:94:a1:af:d9:2b:af: 3c:a1:c3:4a:bd:13:ff:68:09:dc:8f:ec:51:e5:ed: 9c:c9:59:55:05:72:d2:82:93:67:e5:a7:15:a5:7e: f5:c9:62:54:13:78:0f:44:f0:b7:19:65:19:0a:9b: c1:75:b8:63:e5:6f:da:44:85:65:c5:9a:d6:5b:3a: 2a:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:66:F3:72:F7:A1:AF:75:57:4E:E9:B2:6C:EE:29:07:62:81:C8:C7 X509v3 Authority Key Identifier: keyid:2A:21:B1:AB:E7:87:E2:54:64:39:1F:AD:61:D0:0E:3F:37:6B:98:CF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KiGxq-eH4lRkOR-tYdAOPzdrmM8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/KiGxq-eH4lRkOR-tYdAOPzdrmM8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/12/ed0654-724c-4e90-81ff-99f5cb7a3ca5/1/KiGxq-eH4lRkOR-tYdAOPzdrmM8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 12:76:9f:55:1b:33:7f:de:99:96:2c:8e:54:28:3b:e0:d2:33: 09:29:f4:b2:f7:a0:97:ad:7a:ec:81:be:8d:04:bf:0f:dd:e4: a3:1f:16:30:d3:d9:a4:c5:fd:2f:f5:95:c8:d8:11:f3:81:43: 14:2c:74:67:26:e4:67:26:39:b4:bd:16:d8:84:26:d1:08:cd: f4:d9:69:37:6b:08:df:b4:c4:82:e4:68:01:8c:b3:b7:40:75: b3:8e:d3:5f:d5:db:9f:a9:3a:88:60:4e:91:5a:e8:e4:e8:f6: eb:c9:e4:90:2e:72:d1:f6:72:fd:50:ba:c8:db:9e:c9:6f:04: 63:b7:fa:b2:d7:f8:3a:fa:18:d6:3b:2b:3d:77:2c:60:6b:6d: 76:e8:40:4e:e8:a2:48:09:79:c9:24:02:ae:54:13:91:a9:ce: ce:ea:9f:b6:9a:8d:89:8a:21:eb:43:6e:42:52:9f:8b:cf:43: e8:c2:84:ae:9f:e9:c6:39:df:a1:9b:25:10:1d:67:96:a9:da: bc:94:13:e0:b3:31:f5:d7:95:ed:4e:d9:f1:ad:e3:d4:5c:18: 60:78:d9:33:1b:4d:cc:6c:a8:b4:3e:86:62:d1:d7:29:66:b0: 35:bd:60:bb:82:0c:b0:bc:c2:42:7d:8b:a8:eb:36:76:54:c9: ff:6e:d9:73 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtPzeCbEfGiotYcwr94XyIjMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhMjFiMWFiZTc4N2UyNTQ2NDM5MWZhZDYxZDAwZTNmMzc2 Yjk4Y2YwHhcNMjUxMjI0MTAwMDUwWhcNMjUxMjI1MTAwMDUwWjAzMTEwLwYDVQQD Eyg0ZDY2ZjM3MmY3YTFhZjc1NTc0ZWU5YjI2Y2VlMjkwNzYyODFjOGM3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvLdUD92O8WmfeJKjw0g4wCtflZ/+ mJhyWe+nJfYE60xW+GvkxsafAAl85oHDf3qRD5SAruWHizThnIvptQ/VEMYsFVMf XKGFyo0NgOhpBU7DUM1EBcBEMJ+uUHvKnZ7tnXkN3GJG64VvCcwARfLTzaLNXOf1 OO5yHShdEuwEuALtOPpwPagLperxpLNCTaS3Gketgt+oSqHY0RRwX/a5j+akCj2q FMICBAAfb+GK04+QJE+jQ+jaO2yNR/KUoa/ZK688ocNKvRP/aAncj+xR5e2cyVlV BXLSgpNn5acVpX71yWJUE3gPRPC3GWUZCpvBdbhj5W/aRIVlxZrWWzoqDwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFE1m83L3oa91V07psmzuKQdigcjHMB8GA1UdIwQY MBaAFCohsavnh+JUZDkfrWHQDj83a5jPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS2lHeHEtZUg0bFJrT1ItdFlkQU9QemRybU04LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9lZDA2NTQtNzI0Yy00ZTkwLTgxZmYt OTlmNWNiN2EzY2E1LzEvS2lHeHEtZUg0bFJrT1ItdFlkQU9QemRybU04Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xMi9lZDA2NTQtNzI0Yy00ZTkwLTgxZmYtOTlmNWNiN2EzY2E1 LzEvS2lHeHEtZUg0bFJrT1ItdFlkQU9QemRybU04LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEnafVRsz f96ZliyOVCg74NIzCSn0svegl6167IG+jQS/D93kox8WMNPZpMX9L/WVyNgR84FD FCx0ZybkZyY5tL0W2IQm0QjN9NlpN2sI37TEguRoAYyzt0B1s47TX9Xbn6k6iGBO kVro5Oj268nkkC5y0fZy/VC6yNueyW8EY7f6stf4OvoY1jsrPXcsYGttduhATuii SAl5ySQCrlQTkanOzuqftpqNiYoh60NuQlKfi89D6MKErp/pxjnfoZslEB1nlqna vJQT4LMx9deV7U7Z8a3j1FwYYHjZMxtNzGyotD6GYtHXKWawNb1gu4IMsLzCQn2L qOs2dlTJ/27Zcw== -----END CERTIFICATE-----Generated at Wed Dec 24 14:11:22 2025 by rpki-client