This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/af161b-ef51-44bd-8e0a-9eb3c682b009/1/KH4cl_cfNVhn4_uHfyGqUTC2z10.mft File: KH4cl_cfNVhn4_uHfyGqUTC2z10.mft (raw, json) Hash identifier: xS2SZT8EtAib3DNQbLu/eXA/f0aBQj618wzkaNm2sl4= Subject key identifier: EB:68:CF:97:C1:50:3A:F1:2C:2E:43:EF:A9:C2:B9:82:41:F4:B9:84 Authority key identifier: 28:7E:1C:97:F7:1F:35:58:67:E3:FB:87:7F:21:AA:51:30:B6:CF:5D Certificate issuer: /CN=287e1c97f71f355867e3fb877f21aa5130b6cf5d Certificate serial: 019B3C0FF4457D3ACBA6A149D0E557052131 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KH4cl_cfNVhn4_uHfyGqUTC2z10.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/af161b-ef51-44bd-8e0a-9eb3c682b009/1/KH4cl_cfNVhn4_uHfyGqUTC2z10.mft Manifest number: 0BD3 Signing time: Sat 20 Dec 2025 14:00:37 +0000 Manifest this update: Sat 20 Dec 2025 14:00:37 +0000 Manifest next update: Sun 21 Dec 2025 14:00:37 +0000 Files and hashes: 1: 1gJl5QGcLnfhKR4ZX5vkhukZyTU.roa (hash: NMFFqW5s2zQQWT6VrzvJinnOwTRcu4h6yTFNCCxpjXA=) 2: HlpYPKfUTSJ7pDq2oQziu1OJN70.roa (hash: 2/lnsP1apTOPlsNH0YhFprUwFbQM2G9j3yZLF5vZFt4=) 3: KH4cl_cfNVhn4_uHfyGqUTC2z10.crl (hash: bL3PeQHnT+3MgtKEzVXS9K01EaiIMiz/t3KWW4Vxd1o=) 4: n82Q14Y2YDik1JFdwsQlLlmUXCU.roa (hash: Pqu0KJ3PErrtF3waClxiFcaMqimhO+E9Mo28nI/aapw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/af161b-ef51-44bd-8e0a-9eb3c682b009/1/KH4cl_cfNVhn4_uHfyGqUTC2z10.crl rsync://rpki.ripe.net/repository/DEFAULT/35/af161b-ef51-44bd-8e0a-9eb3c682b009/1/KH4cl_cfNVhn4_uHfyGqUTC2z10.mft rsync://rpki.ripe.net/repository/DEFAULT/KH4cl_cfNVhn4_uHfyGqUTC2z10.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 14:00:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3c:0f:f4:45:7d:3a:cb:a6:a1:49:d0:e5:57:05:21:31 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=287e1c97f71f355867e3fb877f21aa5130b6cf5d Validity Not Before: Dec 20 14:00:37 2025 GMT Not After : Dec 21 14:00:37 2025 GMT Subject: CN=eb68cf97c1503af12c2e43efa9c2b98241f4b984 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f4:ab:9b:aa:4e:0b:25:04:10:1c:34:4e:72:c0: 20:1e:0d:49:dd:36:9b:a1:4a:39:5a:f7:74:14:49: e2:26:77:f3:8a:56:5b:33:02:6d:07:5d:90:16:f6: f8:90:eb:c6:55:21:0b:8b:ee:d2:54:c8:03:fc:2c: 96:0f:d0:7f:8c:27:cf:bb:9b:4f:c0:12:79:01:74: 94:46:06:3c:c7:58:fd:2a:3e:ab:1f:d4:3c:4c:f4: e1:59:10:2b:46:d0:42:21:e0:b9:6d:6d:90:95:eb: c4:39:24:06:ac:9e:69:f9:9d:61:63:e2:e2:cc:c1: c1:fc:f2:e8:82:9d:72:e6:de:16:d1:b7:0d:16:04: 7d:cc:23:26:f0:64:b7:13:31:9c:87:a2:55:00:f9: 5c:61:9f:cb:b1:26:05:27:a9:38:e6:b5:29:06:b6: 0b:a8:e5:5d:97:28:c1:11:69:8b:63:39:b8:63:7b: 76:ca:55:83:f9:34:c7:f9:46:19:d3:10:59:72:f6: 41:b8:5a:5e:97:75:62:00:e6:d7:fe:ab:50:3b:1c: 93:c9:2f:59:a3:a9:ff:73:6b:23:3c:42:ea:5d:57: 8d:c8:18:33:0b:c2:7d:aa:35:b7:37:df:d1:1c:62: a1:bb:08:10:e3:2c:a9:f1:ba:ce:01:97:26:a1:a2: 39:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EB:68:CF:97:C1:50:3A:F1:2C:2E:43:EF:A9:C2:B9:82:41:F4:B9:84 X509v3 Authority Key Identifier: keyid:28:7E:1C:97:F7:1F:35:58:67:E3:FB:87:7F:21:AA:51:30:B6:CF:5D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KH4cl_cfNVhn4_uHfyGqUTC2z10.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/af161b-ef51-44bd-8e0a-9eb3c682b009/1/KH4cl_cfNVhn4_uHfyGqUTC2z10.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/35/af161b-ef51-44bd-8e0a-9eb3c682b009/1/KH4cl_cfNVhn4_uHfyGqUTC2z10.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 95:9b:c7:a5:18:9f:46:ba:43:86:3c:d3:c1:cc:57:d5:37:f2: b7:f9:0b:2d:c2:1b:b3:dc:cf:fb:9c:8c:62:db:49:83:3d:33: ab:54:6f:be:48:3d:df:ae:1a:6d:62:fd:3e:1f:1b:cc:bd:3f: 17:42:e6:55:19:65:4e:46:fc:ba:1e:dd:55:f5:32:ad:c1:43: fa:25:9e:8e:f7:3b:85:92:35:b6:35:32:a6:67:7a:a7:2a:cb: 8f:13:7a:eb:83:17:37:48:4c:82:6c:4b:ed:08:d5:26:c2:11: 01:f2:e2:96:e6:31:bc:78:5e:ed:9e:92:8b:13:1a:30:5d:5e: 38:d8:7e:a7:c8:b0:fc:af:a1:c8:d7:62:63:e6:aa:65:a0:36: 71:bf:20:89:86:6f:68:d5:7e:d2:23:39:f3:bf:65:b4:4c:1e: ba:3e:97:2d:bd:33:c2:9f:a6:73:19:c2:51:d2:0a:c4:67:1e: 4d:e2:15:b4:15:f1:97:ab:3b:fe:ab:8e:8b:4e:89:c0:b7:90: b5:a8:a4:2e:6f:8c:cb:c1:08:d4:fc:6f:f1:68:33:f7:41:18: bd:84:b9:fd:1f:ec:73:bc:b2:6c:ca:92:8f:bf:b8:74:c3:82: cc:1b:fc:b8:25:65:73:e3:dd:de:6e:e5:c2:95:12:8e:08:88: eb:14:d5:8b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs8D/RFfTrLpqFJ0OVXBSExMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI4N2UxYzk3ZjcxZjM1NTg2N2UzZmI4NzdmMjFhYTUxMzBi NmNmNWQwHhcNMjUxMjIwMTQwMDM3WhcNMjUxMjIxMTQwMDM3WjAzMTEwLwYDVQQD EyhlYjY4Y2Y5N2MxNTAzYWYxMmMyZTQzZWZhOWMyYjk4MjQxZjRiOTg0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9Kubqk4LJQQQHDROcsAgHg1J3Tab oUo5Wvd0FEniJnfzilZbMwJtB12QFvb4kOvGVSELi+7SVMgD/CyWD9B/jCfPu5tP wBJ5AXSURgY8x1j9Kj6rH9Q8TPThWRArRtBCIeC5bW2QlevEOSQGrJ5p+Z1hY+Li zMHB/PLogp1y5t4W0bcNFgR9zCMm8GS3EzGch6JVAPlcYZ/LsSYFJ6k45rUpBrYL qOVdlyjBEWmLYzm4Y3t2ylWD+TTH+UYZ0xBZcvZBuFpel3ViAObX/qtQOxyTyS9Z o6n/c2sjPELqXVeNyBgzC8J9qjW3N9/RHGKhuwgQ4yyp8brOAZcmoaI5VQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOtoz5fBUDrxLC5D76nCuYJB9LmEMB8GA1UdIwQY MBaAFCh+HJf3HzVYZ+P7h38hqlEwts9dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS0g0Y2xfY2ZOVmhuNF91SGZ5R3FVVEMyejEwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hZjE2MWItZWY1MS00NGJkLThlMGEt OWViM2M2ODJiMDA5LzEvS0g0Y2xfY2ZOVmhuNF91SGZ5R3FVVEMyejEwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNS9hZjE2MWItZWY1MS00NGJkLThlMGEtOWViM2M2ODJiMDA5 LzEvS0g0Y2xfY2ZOVmhuNF91SGZ5R3FVVEMyejEwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlZvHpRif RrpDhjzTwcxX1Tfyt/kLLcIbs9zP+5yMYttJgz0zq1Rvvkg9364abWL9Ph8bzL0/ F0LmVRllTkb8uh7dVfUyrcFD+iWejvc7hZI1tjUypmd6pyrLjxN664MXN0hMgmxL 7QjVJsIRAfLiluYxvHhe7Z6SixMaMF1eONh+p8iw/K+hyNdiY+aqZaA2cb8giYZv aNV+0iM5879ltEweuj6XLb0zwp+mcxnCUdIKxGceTeIVtBXxl6s7/quOi06JwLeQ taikLm+My8EI1Pxv8Wgz90EYvYS5/R/sc7yybMqSj7+4dMOCzBv8uCVlc+Pd3m7l wpUSjgiI6xTViw== -----END CERTIFICATE-----Generated at Sat Dec 20 20:54:57 2025 by rpki-client