This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/ba6df7-f325-4184-a54a-0c481f0ad20e/1/KL8ecjI3QqxNgTarbI6F33ujfus.mft File: KL8ecjI3QqxNgTarbI6F33ujfus.mft (raw, json) Hash identifier: d5JUhy+ed9Gco0d3dygiLbbw7Z2ISYFjej1gET9jonY= Subject key identifier: F4:2D:66:7D:6F:04:36:36:EB:BF:4F:53:45:07:61:A5:05:43:1A:8E Authority key identifier: 28:BF:1E:72:32:37:42:AC:4D:81:36:AB:6C:8E:85:DF:7B:A3:7E:EB Certificate issuer: /CN=28bf1e72323742ac4d8136ab6c8e85df7ba37eeb Certificate serial: 019B484B0308194DBC37DC981F8303EEC053 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KL8ecjI3QqxNgTarbI6F33ujfus.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/ba6df7-f325-4184-a54a-0c481f0ad20e/1/KL8ecjI3QqxNgTarbI6F33ujfus.mft Manifest number: 178F Signing time: Mon 22 Dec 2025 23:00:33 +0000 Manifest this update: Mon 22 Dec 2025 23:00:33 +0000 Manifest next update: Tue 23 Dec 2025 23:00:33 +0000 Files and hashes: 1: KL8ecjI3QqxNgTarbI6F33ujfus.crl (hash: Vf2mhOIAp6SzZs8Le4O1sKEH/mJrjFvHdfB58db3CPc=) 2: tkt4SudQfK9uwQrgGKvvYflAjl8.roa (hash: dFUnqKo0rasEdebFDefgA9DnqivcqZmMoexL2NOUY5M=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/ba6df7-f325-4184-a54a-0c481f0ad20e/1/KL8ecjI3QqxNgTarbI6F33ujfus.crl rsync://rpki.ripe.net/repository/DEFAULT/25/ba6df7-f325-4184-a54a-0c481f0ad20e/1/KL8ecjI3QqxNgTarbI6F33ujfus.mft rsync://rpki.ripe.net/repository/DEFAULT/KL8ecjI3QqxNgTarbI6F33ujfus.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 23:00:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:48:4b:03:08:19:4d:bc:37:dc:98:1f:83:03:ee:c0:53 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=28bf1e72323742ac4d8136ab6c8e85df7ba37eeb Validity Not Before: Dec 22 23:00:33 2025 GMT Not After : Dec 23 23:00:33 2025 GMT Subject: CN=f42d667d6f043636ebbf4f53450761a505431a8e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:6e:f2:2e:91:2a:8b:8b:64:e7:ce:94:8d:f7: 31:5c:14:70:61:10:ca:03:6d:2b:e5:5c:94:3e:20: 84:7f:6c:38:2d:3f:3e:58:15:c0:f8:44:96:21:c6: b7:0e:d8:d0:0b:03:00:8a:f3:38:9c:48:1f:12:63: 29:c4:b5:a5:57:b1:55:34:f8:61:ed:d0:a8:cf:53: 71:f9:52:20:58:ec:40:b8:67:d1:87:6c:e8:a6:52: 85:61:75:37:a6:85:4d:99:88:38:50:b3:ea:3e:93: 99:e1:a0:3f:e2:02:8a:9a:19:5a:60:cb:56:3b:fb: 31:85:ff:5c:8d:03:87:d1:b3:45:e1:fa:80:4e:7e: 76:73:14:61:35:5f:d8:ed:41:26:3f:f0:75:24:fe: 80:1a:64:0c:62:9c:65:17:2e:b9:ea:df:6c:12:1b: c1:75:1b:99:c7:84:31:f5:92:6c:a1:08:51:93:9b: bd:e9:b2:6b:98:fd:c5:bc:6c:84:a4:26:30:cc:03: 45:ae:28:22:6b:f8:5e:a9:5f:83:72:12:75:d2:ca: bb:f7:e4:22:ce:70:29:7f:76:af:0f:fc:f2:7b:eb: e5:86:c1:68:94:35:36:63:a7:04:c2:b0:85:df:a6: 2c:c5:40:c8:1e:07:e0:d2:a2:27:e6:f7:2c:26:f7: 3e:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F4:2D:66:7D:6F:04:36:36:EB:BF:4F:53:45:07:61:A5:05:43:1A:8E X509v3 Authority Key Identifier: keyid:28:BF:1E:72:32:37:42:AC:4D:81:36:AB:6C:8E:85:DF:7B:A3:7E:EB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KL8ecjI3QqxNgTarbI6F33ujfus.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/ba6df7-f325-4184-a54a-0c481f0ad20e/1/KL8ecjI3QqxNgTarbI6F33ujfus.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/25/ba6df7-f325-4184-a54a-0c481f0ad20e/1/KL8ecjI3QqxNgTarbI6F33ujfus.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption ba:87:ac:25:3b:28:c0:9b:cd:fd:53:77:51:e5:60:a0:8e:11: 6b:ed:ec:39:bf:4e:93:9c:86:14:b7:09:e2:fb:b5:c3:68:7f: 69:2f:a3:7e:ed:03:f4:0d:f9:5c:35:79:52:e7:e8:42:be:21: 41:eb:03:4c:ca:88:16:c9:f1:f3:0b:21:ad:f1:9e:71:53:7e: 98:07:09:4c:5a:b7:c8:c2:7b:f1:fd:2a:b4:e5:df:0b:c6:f7: 38:ab:8c:18:aa:da:24:16:f2:0a:b4:a2:71:85:03:6e:18:dc: 76:af:94:70:d5:bc:b3:c8:51:e8:8a:9c:1f:3f:40:30:a9:6e: 2e:53:58:5b:a9:ce:46:51:07:d3:c9:f2:a0:74:63:94:52:5f: 23:1c:39:f1:9d:57:dc:51:3a:cb:69:2f:68:ee:dc:b1:d5:24: 76:a5:2e:82:83:d8:ab:d0:16:9a:ef:8d:42:ed:ef:b6:f3:81: a4:6b:60:33:35:49:5b:74:0e:9d:fd:34:ee:5a:87:80:c4:3b: 3b:b7:0b:57:d8:cf:5b:e3:0b:20:e8:6f:7c:6c:a7:36:bb:f4: e0:df:56:fc:f7:2e:a0:7c:a8:45:a4:46:b7:21:df:d2:39:0d: eb:4d:8f:15:cb:61:d6:84:e6:e9:ae:ea:88:b9:07:4f:e4:5c: e4:b9:0a:81 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtISwMIGU28N9yYH4MD7sBTMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI4YmYxZTcyMzIzNzQyYWM0ZDgxMzZhYjZjOGU4NWRmN2Jh MzdlZWIwHhcNMjUxMjIyMjMwMDMzWhcNMjUxMjIzMjMwMDMzWjAzMTEwLwYDVQQD EyhmNDJkNjY3ZDZmMDQzNjM2ZWJiZjRmNTM0NTA3NjFhNTA1NDMxYThlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp27yLpEqi4tk586UjfcxXBRwYRDK A20r5VyUPiCEf2w4LT8+WBXA+ESWIca3DtjQCwMAivM4nEgfEmMpxLWlV7FVNPhh 7dCoz1Nx+VIgWOxAuGfRh2zoplKFYXU3poVNmYg4ULPqPpOZ4aA/4gKKmhlaYMtW O/sxhf9cjQOH0bNF4fqATn52cxRhNV/Y7UEmP/B1JP6AGmQMYpxlFy656t9sEhvB dRuZx4Qx9ZJsoQhRk5u96bJrmP3FvGyEpCYwzANFrigia/heqV+DchJ10sq79+Qi znApf3avD/zye+vlhsFolDU2Y6cEwrCF36YsxUDIHgfg0qIn5vcsJvc+PQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPQtZn1vBDY2679PU0UHYaUFQxqOMB8GA1UdIwQY MBaAFCi/HnIyN0KsTYE2q2yOhd97o37rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS0w4ZWNqSTNRcXhOZ1RhcmJJNkYzM3VqZnVzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9iYTZkZjctZjMyNS00MTg0LWE1NGEt MGM0ODFmMGFkMjBlLzEvS0w4ZWNqSTNRcXhOZ1RhcmJJNkYzM3VqZnVzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNS9iYTZkZjctZjMyNS00MTg0LWE1NGEtMGM0ODFmMGFkMjBl LzEvS0w4ZWNqSTNRcXhOZ1RhcmJJNkYzM3VqZnVzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAuoesJTso wJvN/VN3UeVgoI4Ra+3sOb9Ok5yGFLcJ4vu1w2h/aS+jfu0D9A35XDV5UufoQr4h QesDTMqIFsnx8wshrfGecVN+mAcJTFq3yMJ78f0qtOXfC8b3OKuMGKraJBbyCrSi cYUDbhjcdq+UcNW8s8hR6IqcHz9AMKluLlNYW6nORlEH08nyoHRjlFJfIxw58Z1X 3FE6y2kvaO7csdUkdqUugoPYq9AWmu+NQu3vtvOBpGtgMzVJW3QOnf007lqHgMQ7 O7cLV9jPW+MLIOhvfGynNrv04N9W/PcuoHyoRaRGtyHf0jkN602PFcth1oTm6a7q iLkHT+Rc5LkKgQ== -----END CERTIFICATE-----Generated at Tue Dec 23 07:50:19 2025 by rpki-client