This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/34e53f-6759-4cf5-9801-5d630e203fd5/1/kaEXOnDkH0WTVHZpraIvDX9o81Q.mft File: kaEXOnDkH0WTVHZpraIvDX9o81Q.mft (raw, json) Hash identifier: 8CMnpN3RnAcdhM695H2ZKIrt63JjtVhQnGSrOEEyS8s= Subject key identifier: 2E:C6:33:F8:85:35:E6:77:49:03:F4:A5:86:81:6D:7F:17:0D:FA:26 Authority key identifier: 91:A1:17:3A:70:E4:1F:45:93:54:76:69:AD:A2:2F:0D:7F:68:F3:54 Certificate issuer: /CN=91a1173a70e41f4593547669ada22f0d7f68f354 Certificate serial: 019B67D65FC51B1CF6F30D582D899CF54CAC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kaEXOnDkH0WTVHZpraIvDX9o81Q.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/34e53f-6759-4cf5-9801-5d630e203fd5/1/kaEXOnDkH0WTVHZpraIvDX9o81Q.mft Manifest number: 17A0 Signing time: Mon 29 Dec 2025 02:01:00 +0000 Manifest this update: Mon 29 Dec 2025 02:01:00 +0000 Manifest next update: Tue 30 Dec 2025 02:01:00 +0000 Files and hashes: 1: kaEXOnDkH0WTVHZpraIvDX9o81Q.crl (hash: QGkiP0B1+ZkNPzg+nPcmY/p6K9SSvXFeq1mfAf8Amj0=) 2: xREpLh3GVdj1ODzVkMBccz2oKXk.roa (hash: xbsUY7nQRM1AibU2b9y10o7TiQNt9Xvh0b0IzmFT71c=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/34e53f-6759-4cf5-9801-5d630e203fd5/1/kaEXOnDkH0WTVHZpraIvDX9o81Q.crl rsync://rpki.ripe.net/repository/DEFAULT/2b/34e53f-6759-4cf5-9801-5d630e203fd5/1/kaEXOnDkH0WTVHZpraIvDX9o81Q.mft rsync://rpki.ripe.net/repository/DEFAULT/kaEXOnDkH0WTVHZpraIvDX9o81Q.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 30 Dec 2025 02:01:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:67:d6:5f:c5:1b:1c:f6:f3:0d:58:2d:89:9c:f5:4c:ac Signature Algorithm: sha256WithRSAEncryption Issuer: CN=91a1173a70e41f4593547669ada22f0d7f68f354 Validity Not Before: Dec 29 02:01:00 2025 GMT Not After : Dec 30 02:01:00 2025 GMT Subject: CN=2ec633f88535e6774903f4a586816d7f170dfa26 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:24:18:16:59:0a:6e:d1:fe:59:47:0e:1a:ad: 36:f6:fc:af:e7:59:3f:c6:12:a2:91:5e:15:95:b5: 9f:67:35:d1:f4:14:7a:06:ea:a1:e3:37:4e:e0:0e: 30:d8:16:67:5a:1e:2e:74:6f:82:20:6f:d4:57:73: c9:e7:79:d6:a9:05:28:62:b2:f5:80:81:ae:86:45: 57:2d:3b:0b:a8:2a:77:ee:95:c8:cd:73:80:d7:b9: c8:23:bc:f7:4e:ed:52:75:4d:49:df:8b:59:88:be: bc:66:4c:88:63:72:44:27:06:f6:c7:98:10:a3:92: c5:8b:37:e8:af:e5:fb:85:af:5e:a9:ff:41:a1:2d: e0:35:9a:8f:8c:07:57:d6:af:3b:b7:63:40:66:48: 61:e1:21:34:eb:fc:81:c6:f3:02:26:49:53:b3:6a: c0:e8:e3:ca:65:93:5a:1c:a5:1f:86:16:64:28:2d: f4:c2:fd:f5:f4:85:30:7c:3f:98:05:dd:fa:ac:93: b7:d5:0b:ed:3c:2e:cd:46:74:40:85:c2:1a:ce:60: aa:9a:18:4e:23:e2:e1:cb:b1:16:0a:b7:0f:33:62: df:5b:0b:49:14:1c:65:da:f6:cc:70:ab:2d:e7:fb: a2:ea:0b:fd:76:93:2c:e9:79:5c:1e:57:f4:ef:39: c9:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2E:C6:33:F8:85:35:E6:77:49:03:F4:A5:86:81:6D:7F:17:0D:FA:26 X509v3 Authority Key Identifier: keyid:91:A1:17:3A:70:E4:1F:45:93:54:76:69:AD:A2:2F:0D:7F:68:F3:54 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kaEXOnDkH0WTVHZpraIvDX9o81Q.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/34e53f-6759-4cf5-9801-5d630e203fd5/1/kaEXOnDkH0WTVHZpraIvDX9o81Q.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/34e53f-6759-4cf5-9801-5d630e203fd5/1/kaEXOnDkH0WTVHZpraIvDX9o81Q.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 61:ad:f1:14:ee:96:78:ac:9f:34:82:1f:57:c1:28:e3:45:31: 8f:da:5f:39:ab:85:52:9d:96:c6:12:62:ea:66:b1:d8:a9:b0: 4c:62:3e:67:6e:98:b4:39:71:cb:c8:89:72:57:62:cc:63:4e: cc:2a:b1:97:20:fe:ef:7a:da:93:d8:98:72:fe:76:64:15:ad: 70:99:d3:45:f4:2b:ed:42:d5:65:43:ce:c1:07:3d:e5:61:ca: 67:f4:3e:cc:f1:4d:62:1f:d9:81:a2:77:e3:5a:14:bc:ae:f5: 49:62:6a:e7:9a:41:61:b3:71:86:8a:9f:bf:2f:47:bb:df:c3: 2e:8b:2c:45:6d:f7:53:b7:35:e4:d0:13:bb:0f:51:e7:c7:0b: 68:bf:8b:81:d0:b6:7f:c9:ac:c3:b6:1f:10:7a:fa:17:44:2e: bb:83:92:f4:27:d7:d4:b8:99:71:80:04:df:a4:74:32:b9:97: 6a:46:15:07:2e:dc:90:5e:f2:f3:0e:4b:40:42:12:7a:3a:04: c3:26:43:5d:63:2c:2b:dd:fe:6d:f2:e6:38:e8:b6:62:9d:b7: a7:8d:24:2e:46:61:7b:ff:83:80:ad:cb:c8:b8:90:8a:09:38: 9e:d7:12:40:82:c6:f9:f0:8c:8f:97:f4:d2:7d:b0:dc:7d:ae: 40:26:85:5b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtn1l/FGxz28w1YLYmc9UysMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkxYTExNzNhNzBlNDFmNDU5MzU0NzY2OWFkYTIyZjBkN2Y2 OGYzNTQwHhcNMjUxMjI5MDIwMTAwWhcNMjUxMjMwMDIwMTAwWjAzMTEwLwYDVQQD EygyZWM2MzNmODg1MzVlNjc3NDkwM2Y0YTU4NjgxNmQ3ZjE3MGRmYTI2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyCQYFlkKbtH+WUcOGq029vyv51k/ xhKikV4VlbWfZzXR9BR6Buqh4zdO4A4w2BZnWh4udG+CIG/UV3PJ53nWqQUoYrL1 gIGuhkVXLTsLqCp37pXIzXOA17nII7z3Tu1SdU1J34tZiL68ZkyIY3JEJwb2x5gQ o5LFizfor+X7ha9eqf9BoS3gNZqPjAdX1q87t2NAZkhh4SE06/yBxvMCJklTs2rA 6OPKZZNaHKUfhhZkKC30wv319IUwfD+YBd36rJO31QvtPC7NRnRAhcIazmCqmhhO I+Lhy7EWCrcPM2LfWwtJFBxl2vbMcKst5/ui6gv9dpMs6XlcHlf07znJTwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFC7GM/iFNeZ3SQP0pYaBbX8XDfomMB8GA1UdIwQY MBaAFJGhFzpw5B9Fk1R2aa2iLw1/aPNUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva2FFWE9uRGtIMFdUVkhacHJhSXZEWDlvODFRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi8zNGU1M2YtNjc1OS00Y2Y1LTk4MDEt NWQ2MzBlMjAzZmQ1LzEva2FFWE9uRGtIMFdUVkhacHJhSXZEWDlvODFRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYi8zNGU1M2YtNjc1OS00Y2Y1LTk4MDEtNWQ2MzBlMjAzZmQ1 LzEva2FFWE9uRGtIMFdUVkhacHJhSXZEWDlvODFRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYa3xFO6W eKyfNIIfV8Eo40Uxj9pfOauFUp2WxhJi6max2KmwTGI+Z26YtDlxy8iJcldizGNO zCqxlyD+73rak9iYcv52ZBWtcJnTRfQr7ULVZUPOwQc95WHKZ/Q+zPFNYh/ZgaJ3 41oUvK71SWJq55pBYbNxhoqfvy9Hu9/DLossRW33U7c15NATuw9R58cLaL+LgdC2 f8msw7YfEHr6F0Quu4OS9CfX1LiZcYAE36R0MrmXakYVBy7ckF7y8w5LQEISejoE wyZDXWMsK93+bfLmOOi2Yp23p40kLkZhe/+DgK3LyLiQigk4ntcSQILG+fCMj5f0 0n2w3H2uQCaFWw== -----END CERTIFICATE-----Generated at Mon Dec 29 10:02:36 2025 by rpki-client