This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/f433c3-132f-4d66-bd30-c62cf20a5ec9/1/CKNNqqiH2YpTSMOkYKIfyE4RpOY.mft File: CKNNqqiH2YpTSMOkYKIfyE4RpOY.mft (raw, json) Hash identifier: D8GURN6Yln7IqSg5GGdVVfDeuFVphqZ4W7skAW+1B6Y= Subject key identifier: C4:38:83:F3:02:1C:07:47:B2:65:93:4B:B6:E8:F4:1E:01:F9:7B:70 Authority key identifier: 08:A3:4D:AA:A8:87:D9:8A:53:48:C3:A4:60:A2:1F:C8:4E:11:A4:E6 Certificate issuer: /CN=08a34daaa887d98a5348c3a460a21fc84e11a4e6 Certificate serial: 019B4280448AD0D1D6FBF7CE44A2E274C2F6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CKNNqqiH2YpTSMOkYKIfyE4RpOY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/f433c3-132f-4d66-bd30-c62cf20a5ec9/1/CKNNqqiH2YpTSMOkYKIfyE4RpOY.mft Manifest number: 13F2 Signing time: Sun 21 Dec 2025 20:01:00 +0000 Manifest this update: Sun 21 Dec 2025 20:01:00 +0000 Manifest next update: Mon 22 Dec 2025 20:01:00 +0000 Files and hashes: 1: CKNNqqiH2YpTSMOkYKIfyE4RpOY.crl (hash: MRjCArLgLurUVgQRVxzvYvsg3G8Pye4U2CeLh/HPeos=) 2: DQ47vKDjcl-2XGhWvGpEltnbLx0.roa (hash: xO7ywYo6rKZE+1UGlrRMauCBtFM1TiMUXrJWYhc9zkg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/f433c3-132f-4d66-bd30-c62cf20a5ec9/1/CKNNqqiH2YpTSMOkYKIfyE4RpOY.crl rsync://rpki.ripe.net/repository/DEFAULT/33/f433c3-132f-4d66-bd30-c62cf20a5ec9/1/CKNNqqiH2YpTSMOkYKIfyE4RpOY.mft rsync://rpki.ripe.net/repository/DEFAULT/CKNNqqiH2YpTSMOkYKIfyE4RpOY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 20:01:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:42:80:44:8a:d0:d1:d6:fb:f7:ce:44:a2:e2:74:c2:f6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=08a34daaa887d98a5348c3a460a21fc84e11a4e6 Validity Not Before: Dec 21 20:01:00 2025 GMT Not After : Dec 22 20:01:00 2025 GMT Subject: CN=c43883f3021c0747b265934bb6e8f41e01f97b70 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:b8:48:b6:34:ce:6b:bd:df:e0:a4:ba:e9:88: 20:c6:22:0b:a9:2d:71:10:02:7f:cf:df:16:34:ed: da:73:b6:0c:53:d8:ed:f0:23:25:c3:ce:fb:23:56: e7:51:45:66:b8:96:09:69:ff:29:19:5f:4b:51:72: 20:06:8f:92:74:c9:f7:e2:d5:89:c8:67:df:59:47: 4c:fe:1f:84:d7:89:ff:70:6c:13:19:7b:8d:46:4f: 82:21:96:2f:fc:68:e8:87:cf:ec:76:78:4e:5c:e1: 03:7c:e7:5c:fb:29:6e:1a:a5:03:32:d8:77:e6:9d: 49:b3:28:ec:a3:21:cb:22:61:50:18:1c:61:92:8f: c4:55:c0:8b:6b:30:8c:13:d0:d9:59:cc:b5:26:57: 1c:19:1e:3a:b3:a4:a5:84:bb:4b:e2:40:96:b4:6c: e3:39:7d:ee:a4:b9:b9:1c:ff:5c:6c:23:14:0d:79: 98:7b:da:66:a3:11:35:de:2d:35:a4:6a:da:ae:5e: 72:5d:bb:4e:65:39:32:60:76:8d:2e:86:36:12:9c: b5:7f:64:84:c6:37:65:2f:8d:08:5c:44:f0:5b:16: 91:3b:57:2f:55:ce:3a:37:e7:87:67:66:a5:c9:f0: d5:ea:a5:05:8a:f6:01:4a:3a:dd:4f:e5:6b:39:87: 24:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C4:38:83:F3:02:1C:07:47:B2:65:93:4B:B6:E8:F4:1E:01:F9:7B:70 X509v3 Authority Key Identifier: keyid:08:A3:4D:AA:A8:87:D9:8A:53:48:C3:A4:60:A2:1F:C8:4E:11:A4:E6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CKNNqqiH2YpTSMOkYKIfyE4RpOY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/f433c3-132f-4d66-bd30-c62cf20a5ec9/1/CKNNqqiH2YpTSMOkYKIfyE4RpOY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/33/f433c3-132f-4d66-bd30-c62cf20a5ec9/1/CKNNqqiH2YpTSMOkYKIfyE4RpOY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 58:9c:3c:b3:3b:02:0e:4b:a2:5f:5f:0a:07:62:fd:16:0e:00: a4:c3:e3:65:59:68:db:cc:32:d3:17:f7:16:c5:f0:3d:d6:03: 78:06:7f:56:e6:4f:27:5f:fd:34:b6:ef:f3:aa:22:34:dd:c1: 67:42:cf:4d:46:e4:7c:4d:33:b5:d7:12:20:50:0d:c6:32:39: dd:d1:c9:78:e7:63:be:18:65:eb:52:97:40:b3:95:71:42:9b: 4b:d1:d6:2a:15:79:db:30:f6:83:bf:18:8e:e6:a9:72:18:1e: c0:e9:e4:0a:9d:e7:67:81:6c:db:1f:1b:b7:24:f3:52:a3:2f: 5e:1e:b6:9d:8b:92:e7:65:78:6a:87:34:e7:5d:4d:42:89:2e: 59:4c:24:7e:23:8b:3f:ae:3d:b4:16:6a:18:aa:db:59:48:bd: a7:aa:8b:56:c1:d5:85:57:45:e6:25:d5:7f:e5:f4:15:d0:a1: 01:5f:fd:17:a3:bf:7b:85:6e:92:a2:82:96:41:80:b1:f9:3c: d9:07:96:23:1f:d9:65:84:3f:76:c0:1b:f7:3e:df:47:0f:3c: 89:a8:65:db:4c:76:51:69:f8:f9:fb:c9:3c:c7:fc:46:58:93: 60:fd:49:f6:1c:8a:be:37:19:5d:2c:6c:dd:c9:1d:c7:55:c0: fe:fd:3e:b2 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtCgESK0NHW+/fORKLidML2MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA4YTM0ZGFhYTg4N2Q5OGE1MzQ4YzNhNDYwYTIxZmM4NGUx MWE0ZTYwHhcNMjUxMjIxMjAwMTAwWhcNMjUxMjIyMjAwMTAwWjAzMTEwLwYDVQQD EyhjNDM4ODNmMzAyMWMwNzQ3YjI2NTkzNGJiNmU4ZjQxZTAxZjk3YjcwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr7hItjTOa73f4KS66YggxiILqS1x EAJ/z98WNO3ac7YMU9jt8CMlw877I1bnUUVmuJYJaf8pGV9LUXIgBo+SdMn34tWJ yGffWUdM/h+E14n/cGwTGXuNRk+CIZYv/Gjoh8/sdnhOXOEDfOdc+yluGqUDMth3 5p1JsyjsoyHLImFQGBxhko/EVcCLazCME9DZWcy1JlccGR46s6SlhLtL4kCWtGzj OX3upLm5HP9cbCMUDXmYe9pmoxE13i01pGrarl5yXbtOZTkyYHaNLoY2Epy1f2SE xjdlL40IXETwWxaRO1cvVc46N+eHZ2alyfDV6qUFivYBSjrdT+VrOYck/QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMQ4g/MCHAdHsmWTS7bo9B4B+XtwMB8GA1UdIwQY MBaAFAijTaqoh9mKU0jDpGCiH8hOEaTmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ0tOTnFxaUgyWXBUU01Pa1lLSWZ5RTRScE9ZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy9mNDMzYzMtMTMyZi00ZDY2LWJkMzAt YzYyY2YyMGE1ZWM5LzEvQ0tOTnFxaUgyWXBUU01Pa1lLSWZ5RTRScE9ZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMy9mNDMzYzMtMTMyZi00ZDY2LWJkMzAtYzYyY2YyMGE1ZWM5 LzEvQ0tOTnFxaUgyWXBUU01Pa1lLSWZ5RTRScE9ZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWJw8szsC DkuiX18KB2L9Fg4ApMPjZVlo28wy0xf3FsXwPdYDeAZ/VuZPJ1/9NLbv86oiNN3B Z0LPTUbkfE0ztdcSIFANxjI53dHJeOdjvhhl61KXQLOVcUKbS9HWKhV52zD2g78Y juapchgewOnkCp3nZ4Fs2x8btyTzUqMvXh62nYuS52V4aoc0511NQokuWUwkfiOL P649tBZqGKrbWUi9p6qLVsHVhVdF5iXVf+X0FdChAV/9F6O/e4VukqKClkGAsfk8 2QeWIx/ZZYQ/dsAb9z7fRw88iahl20x2UWn4+fvJPMf8RliTYP1J9hyKvjcZXSxs 3ckdx1XA/v0+sg== -----END CERTIFICATE-----Generated at Mon Dec 22 00:08:07 2025 by rpki-client