This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/987b3c-f345-4112-9240-a4c0aba9bbeb/1/KqPjBJdiCGjhestHhoLOegvRNTQ.mft File: KqPjBJdiCGjhestHhoLOegvRNTQ.mft (raw, json) Hash identifier: Nq+ciw9rDnyellBiOLfowfj/9PCfHD2DHfUCh4PtIms= Subject key identifier: F8:55:3F:E1:DD:42:6D:23:1D:4C:D9:55:C0:68:B4:2C:68:7E:AA:A2 Authority key identifier: 2A:A3:E3:04:97:62:08:68:E1:7A:CB:47:86:82:CE:7A:0B:D1:35:34 Certificate issuer: /CN=2aa3e30497620868e17acb478682ce7a0bd13534 Certificate serial: 019B35329D45E26FC3C73F852B68744E7168 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KqPjBJdiCGjhestHhoLOegvRNTQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/987b3c-f345-4112-9240-a4c0aba9bbeb/1/KqPjBJdiCGjhestHhoLOegvRNTQ.mft Manifest number: 1783 Signing time: Fri 19 Dec 2025 06:01:08 +0000 Manifest this update: Fri 19 Dec 2025 06:01:08 +0000 Manifest next update: Sat 20 Dec 2025 06:01:08 +0000 Files and hashes: 1: KqPjBJdiCGjhestHhoLOegvRNTQ.crl (hash: mIfnsYI5K7FsDU0DWWNOqoUsu4SqMoqSzRXQ9L7eVWo=) 2: _F5YjzIp4N7IiS5lXnJMJsPMLEU.roa (hash: HX+68oJeKBQGUaK3TL3s9cs53fsCINCeh8CnxLw+JsM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/987b3c-f345-4112-9240-a4c0aba9bbeb/1/KqPjBJdiCGjhestHhoLOegvRNTQ.crl rsync://rpki.ripe.net/repository/DEFAULT/21/987b3c-f345-4112-9240-a4c0aba9bbeb/1/KqPjBJdiCGjhestHhoLOegvRNTQ.mft rsync://rpki.ripe.net/repository/DEFAULT/KqPjBJdiCGjhestHhoLOegvRNTQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 06:01:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:35:32:9d:45:e2:6f:c3:c7:3f:85:2b:68:74:4e:71:68 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2aa3e30497620868e17acb478682ce7a0bd13534 Validity Not Before: Dec 19 06:01:08 2025 GMT Not After : Dec 20 06:01:08 2025 GMT Subject: CN=f8553fe1dd426d231d4cd955c068b42c687eaaa2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:c9:1c:3a:d6:36:ad:18:77:58:f6:6d:f8:ea: 13:ae:0e:0c:8e:81:86:e7:88:7d:67:f6:83:5f:1e: 6f:40:b5:20:8a:87:19:f2:2b:03:92:08:ba:35:19: 33:7b:3e:7e:a8:a9:e9:fe:4c:41:31:d3:ea:85:b3: c9:b0:09:75:3c:ca:82:28:18:c7:9e:84:01:2d:28: 21:98:29:e5:67:2f:69:aa:17:47:95:4e:0d:1c:a9: ac:09:1d:6d:75:d3:23:bd:4b:9b:43:28:d4:04:78: cf:70:7b:24:05:10:45:cc:21:c3:fa:65:8d:85:e5: 2e:c1:2c:2f:2d:d4:88:cf:f3:f3:a7:47:dd:c2:c3: df:4b:87:e5:d8:10:b6:86:f0:bf:03:bf:45:c7:8e: 53:33:dc:0d:d0:75:72:4e:1a:dc:f2:8f:50:e2:71: 3d:ec:8e:8f:61:85:54:17:93:b2:e9:bb:a2:c0:30: 70:d7:f6:3d:56:ab:94:81:18:4e:25:d6:e0:90:e2: 03:64:66:c6:92:e5:be:b4:b1:da:6d:4c:9a:56:49: 70:ab:30:84:e6:d5:5e:39:17:d1:14:90:3c:f8:9a: 03:bc:20:d6:42:3e:93:47:6e:a9:17:01:ed:a2:f6: ee:79:74:b8:1f:a9:fe:df:30:a3:b2:67:11:b9:a8: f5:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F8:55:3F:E1:DD:42:6D:23:1D:4C:D9:55:C0:68:B4:2C:68:7E:AA:A2 X509v3 Authority Key Identifier: keyid:2A:A3:E3:04:97:62:08:68:E1:7A:CB:47:86:82:CE:7A:0B:D1:35:34 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KqPjBJdiCGjhestHhoLOegvRNTQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/987b3c-f345-4112-9240-a4c0aba9bbeb/1/KqPjBJdiCGjhestHhoLOegvRNTQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/21/987b3c-f345-4112-9240-a4c0aba9bbeb/1/KqPjBJdiCGjhestHhoLOegvRNTQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 0c:02:5f:ec:0b:97:34:1c:fc:5d:9e:fe:5e:10:31:f1:41:11: 53:e4:d9:4b:02:89:aa:83:de:c7:95:de:53:ee:7a:ed:8e:3c: 13:cf:c8:e6:70:85:3e:81:d3:96:b6:5f:e0:97:31:f6:5f:ff: 25:86:fe:59:6c:cf:d7:17:83:3b:10:07:7d:ac:0e:e8:17:09: 3b:c1:ed:b4:20:56:89:c3:9b:b1:08:bb:87:b6:d9:7e:58:d4: e6:b1:85:fc:d2:84:5c:fd:07:be:d0:ad:64:f8:71:d8:92:d5: 99:d2:89:85:00:4c:a2:1d:21:82:5b:25:47:83:ce:35:ff:b8: a2:a6:f7:76:72:4d:3b:b3:a8:f3:ee:bb:a3:09:78:99:37:bf: f6:3f:38:fe:1b:96:db:40:24:a1:7a:dd:53:3d:6d:f7:26:3f: 43:41:53:35:d8:85:30:28:46:d1:82:f9:49:aa:51:76:16:41: dc:0e:bc:97:65:c7:3e:22:d1:3b:66:b2:ae:c4:cb:0f:58:6c: c9:9a:87:7d:bb:46:09:76:c8:8e:28:b7:e5:8c:34:56:45:e2: dc:47:43:d7:a0:89:b3:4d:c3:7e:72:ec:e8:ac:0e:a5:dc:c9: fc:b3:88:13:07:7a:1c:db:32:3f:b3:50:fc:33:da:0c:f3:a4: 70:23:bc:ac -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs1Mp1F4m/Dxz+FK2h0TnFoMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhYTNlMzA0OTc2MjA4NjhlMTdhY2I0Nzg2ODJjZTdhMGJk MTM1MzQwHhcNMjUxMjE5MDYwMTA4WhcNMjUxMjIwMDYwMTA4WjAzMTEwLwYDVQQD EyhmODU1M2ZlMWRkNDI2ZDIzMWQ0Y2Q5NTVjMDY4YjQyYzY4N2VhYWEyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsMkcOtY2rRh3WPZt+OoTrg4MjoGG 54h9Z/aDXx5vQLUgiocZ8isDkgi6NRkzez5+qKnp/kxBMdPqhbPJsAl1PMqCKBjH noQBLSghmCnlZy9pqhdHlU4NHKmsCR1tddMjvUubQyjUBHjPcHskBRBFzCHD+mWN heUuwSwvLdSIz/Pzp0fdwsPfS4fl2BC2hvC/A79Fx45TM9wN0HVyThrc8o9Q4nE9 7I6PYYVUF5Oy6buiwDBw1/Y9VquUgRhOJdbgkOIDZGbGkuW+tLHabUyaVklwqzCE 5tVeORfRFJA8+JoDvCDWQj6TR26pFwHtovbueXS4H6n+3zCjsmcRuaj1ZQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPhVP+HdQm0jHUzZVcBotCxofqqiMB8GA1UdIwQY MBaAFCqj4wSXYgho4XrLR4aCznoL0TU0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS3FQakJKZGlDR2poZXN0SGhvTE9lZ3ZSTlRRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS85ODdiM2MtZjM0NS00MTEyLTkyNDAt YTRjMGFiYTliYmViLzEvS3FQakJKZGlDR2poZXN0SGhvTE9lZ3ZSTlRRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMS85ODdiM2MtZjM0NS00MTEyLTkyNDAtYTRjMGFiYTliYmVi LzEvS3FQakJKZGlDR2poZXN0SGhvTE9lZ3ZSTlRRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEADAJf7AuX NBz8XZ7+XhAx8UERU+TZSwKJqoPex5XeU+567Y48E8/I5nCFPoHTlrZf4Jcx9l// JYb+WWzP1xeDOxAHfawO6BcJO8HttCBWicObsQi7h7bZfljU5rGF/NKEXP0HvtCt ZPhx2JLVmdKJhQBMoh0hglslR4PONf+4oqb3dnJNO7Oo8+67owl4mTe/9j84/huW 20AkoXrdUz1t9yY/Q0FTNdiFMChG0YL5SapRdhZB3A68l2XHPiLRO2ayrsTLD1hs yZqHfbtGCXbIjii35Yw0VkXi3EdD16CJs03DfnLs6KwOpdzJ/LOIEwd6HNsyP7NQ /DPaDPOkcCO8rA== -----END CERTIFICATE-----Generated at Fri Dec 19 16:02:52 2025 by rpki-client