This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/f433c3-132f-4d66-bd30-c62cf20a5ec9/1/CKNNqqiH2YpTSMOkYKIfyE4RpOY.mft File: CKNNqqiH2YpTSMOkYKIfyE4RpOY.mft (raw, json) Hash identifier: XL3dVN4sYDalkI/QU5xtOJzBcV1ogSF7fyCxD5r/YWk= Subject key identifier: 68:69:1C:5A:69:A9:CE:63:C9:D1:0C:05:14:E5:4F:A9:EB:D0:8E:E1 Authority key identifier: 08:A3:4D:AA:A8:87:D9:8A:53:48:C3:A4:60:A2:1F:C8:4E:11:A4:E6 Certificate issuer: /CN=08a34daaa887d98a5348c3a460a21fc84e11a4e6 Certificate serial: 019B51F352E20E2286830B41514DDD1B7F6E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CKNNqqiH2YpTSMOkYKIfyE4RpOY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/f433c3-132f-4d66-bd30-c62cf20a5ec9/1/CKNNqqiH2YpTSMOkYKIfyE4RpOY.mft Manifest number: 13FA Signing time: Wed 24 Dec 2025 20:00:59 +0000 Manifest this update: Wed 24 Dec 2025 20:00:59 +0000 Manifest next update: Thu 25 Dec 2025 20:00:59 +0000 Files and hashes: 1: CKNNqqiH2YpTSMOkYKIfyE4RpOY.crl (hash: +XWDrYLLdu7Qvw8iMvgKi1gI+UMGtjuby9ccbNpccDA=) 2: DQ47vKDjcl-2XGhWvGpEltnbLx0.roa (hash: xO7ywYo6rKZE+1UGlrRMauCBtFM1TiMUXrJWYhc9zkg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/f433c3-132f-4d66-bd30-c62cf20a5ec9/1/CKNNqqiH2YpTSMOkYKIfyE4RpOY.crl rsync://rpki.ripe.net/repository/DEFAULT/33/f433c3-132f-4d66-bd30-c62cf20a5ec9/1/CKNNqqiH2YpTSMOkYKIfyE4RpOY.mft rsync://rpki.ripe.net/repository/DEFAULT/CKNNqqiH2YpTSMOkYKIfyE4RpOY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 18:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:51:f3:52:e2:0e:22:86:83:0b:41:51:4d:dd:1b:7f:6e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=08a34daaa887d98a5348c3a460a21fc84e11a4e6 Validity Not Before: Dec 24 20:00:59 2025 GMT Not After : Dec 25 20:00:59 2025 GMT Subject: CN=68691c5a69a9ce63c9d10c0514e54fa9ebd08ee1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:63:46:4a:f8:3e:a9:1d:e1:94:60:62:4e:99: 57:84:6d:20:6f:dc:39:7b:17:e6:27:c6:9d:5f:96: 1a:27:5d:48:8c:0d:71:93:56:6b:b7:b9:10:89:09: 3f:b3:56:04:b8:c9:88:1b:38:80:8b:76:f5:15:fb: 8f:6c:68:44:ad:9d:84:44:7d:27:19:01:35:9d:6c: 30:38:de:d9:f9:2b:4f:d5:e9:4e:ac:c9:44:a4:ed: 95:4a:e9:85:27:f3:04:ca:f5:bb:ca:fe:5b:4c:fb: 50:56:3e:b1:37:01:c0:fb:dd:9f:87:2f:04:41:f7: 95:8d:79:0d:17:73:f4:44:4d:fa:a5:6e:cd:29:95: be:fe:59:3f:a6:81:0f:18:d4:72:a5:e4:f1:4f:03: 5b:2d:95:63:8d:0c:0b:7d:7d:68:48:34:9d:00:13: b6:f7:4b:da:60:b9:2c:f8:66:a8:92:04:63:66:d6: 3c:38:ae:08:8f:b6:dc:1a:46:21:54:33:1d:10:cf: 19:69:ce:89:c4:8c:da:99:ea:9f:08:17:b4:62:75: 3d:58:54:d4:10:52:79:4c:7e:09:9b:17:a7:60:7e: d6:15:c0:58:73:29:fa:25:6d:90:01:c1:53:58:e9: 71:0e:7e:5c:28:62:f1:1f:64:d7:0c:66:51:06:7d: 3b:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:69:1C:5A:69:A9:CE:63:C9:D1:0C:05:14:E5:4F:A9:EB:D0:8E:E1 X509v3 Authority Key Identifier: keyid:08:A3:4D:AA:A8:87:D9:8A:53:48:C3:A4:60:A2:1F:C8:4E:11:A4:E6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CKNNqqiH2YpTSMOkYKIfyE4RpOY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/f433c3-132f-4d66-bd30-c62cf20a5ec9/1/CKNNqqiH2YpTSMOkYKIfyE4RpOY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/33/f433c3-132f-4d66-bd30-c62cf20a5ec9/1/CKNNqqiH2YpTSMOkYKIfyE4RpOY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 14:59:34:b3:f4:fe:48:e9:c8:6d:fe:5e:b6:48:10:16:ea:54: 30:7c:b9:d3:94:01:67:bb:b6:c6:1e:59:40:3a:9f:29:ec:7c: ee:51:4b:3a:7c:fe:61:71:9f:6e:7b:ed:59:12:fa:3d:fb:77: 12:45:ec:f5:5f:2c:82:1b:88:7b:21:26:ea:ab:c1:f5:63:fe: 5a:57:06:cf:28:ed:d0:d9:53:e5:ac:eb:c7:b0:2f:d0:0c:13: f4:ba:3a:fc:27:6e:fa:49:d1:51:bf:28:15:4a:c2:ab:e8:5c: 4d:67:1b:f0:95:c7:b7:72:75:5d:10:00:19:6a:99:84:ae:dd: b8:11:62:06:7e:db:dd:7d:ad:16:5e:c3:d0:43:54:cd:32:47: 81:88:77:e5:4b:c8:8c:75:4b:87:f3:27:27:a5:76:cd:b9:3d: 82:62:ea:14:26:fc:42:fb:80:ce:1f:ea:34:46:cf:b6:4c:f3: 58:40:d0:0e:0c:e9:22:e3:47:b9:60:42:56:3b:de:86:e2:97: c6:d6:bc:98:cf:13:81:d1:ef:81:4e:36:05:6c:25:9a:0b:31: d5:70:40:4d:c3:b4:15:75:d2:e5:c8:c5:c1:3d:3e:3d:31:c0: f5:16:97:ae:1c:5a:dc:24:08:ef:85:44:dc:91:13:76:cf:b4: 90:b7:9e:43 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtR81LiDiKGgwtBUU3dG39uMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA4YTM0ZGFhYTg4N2Q5OGE1MzQ4YzNhNDYwYTIxZmM4NGUx MWE0ZTYwHhcNMjUxMjI0MjAwMDU5WhcNMjUxMjI1MjAwMDU5WjAzMTEwLwYDVQQD Eyg2ODY5MWM1YTY5YTljZTYzYzlkMTBjMDUxNGU1NGZhOWViZDA4ZWUxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApGNGSvg+qR3hlGBiTplXhG0gb9w5 exfmJ8adX5YaJ11IjA1xk1Zrt7kQiQk/s1YEuMmIGziAi3b1FfuPbGhErZ2ERH0n GQE1nWwwON7Z+StP1elOrMlEpO2VSumFJ/MEyvW7yv5bTPtQVj6xNwHA+92fhy8E QfeVjXkNF3P0RE36pW7NKZW+/lk/poEPGNRypeTxTwNbLZVjjQwLfX1oSDSdABO2 90vaYLks+GaokgRjZtY8OK4Ij7bcGkYhVDMdEM8Zac6JxIzameqfCBe0YnU9WFTU EFJ5TH4JmxenYH7WFcBYcyn6JW2QAcFTWOlxDn5cKGLxH2TXDGZRBn072wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGhpHFppqc5jydEMBRTlT6nr0I7hMB8GA1UdIwQY MBaAFAijTaqoh9mKU0jDpGCiH8hOEaTmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ0tOTnFxaUgyWXBUU01Pa1lLSWZ5RTRScE9ZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy9mNDMzYzMtMTMyZi00ZDY2LWJkMzAt YzYyY2YyMGE1ZWM5LzEvQ0tOTnFxaUgyWXBUU01Pa1lLSWZ5RTRScE9ZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMy9mNDMzYzMtMTMyZi00ZDY2LWJkMzAtYzYyY2YyMGE1ZWM5 LzEvQ0tOTnFxaUgyWXBUU01Pa1lLSWZ5RTRScE9ZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAFFk0s/T+ SOnIbf5etkgQFupUMHy505QBZ7u2xh5ZQDqfKex87lFLOnz+YXGfbnvtWRL6Pft3 EkXs9V8sghuIeyEm6qvB9WP+WlcGzyjt0NlT5azrx7Av0AwT9Lo6/Cdu+knRUb8o FUrCq+hcTWcb8JXHt3J1XRAAGWqZhK7duBFiBn7b3X2tFl7D0ENUzTJHgYh35UvI jHVLh/MnJ6V2zbk9gmLqFCb8QvuAzh/qNEbPtkzzWEDQDgzpIuNHuWBCVjvehuKX xta8mM8TgdHvgU42BWwlmgsx1XBATcO0FXXS5cjFwT0+PTHA9RaXrhxa3CQI74VE 3JETds+0kLeeQw== -----END CERTIFICATE-----Generated at Thu Dec 25 01:22:05 2025 by rpki-client