This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/d3cb14-30ad-4213-815b-f6a513de2fea/1/kMzZE6mbr9iT4HupaKZ0NOPfVCA.mft File: kMzZE6mbr9iT4HupaKZ0NOPfVCA.mft (raw, json) Hash identifier: jbp6xcOaTgQkRJ5xUHuT0t2e/XGRlzk5yHc2pXmWku0= Subject key identifier: 9D:E0:09:B2:98:88:B4:7B:A2:8C:10:23:15:20:EB:E8:20:4B:7F:52 Authority key identifier: 90:CC:D9:13:A9:9B:AF:D8:93:E0:7B:A9:68:A6:74:34:E3:DF:54:20 Certificate issuer: /CN=90ccd913a99bafd893e07ba968a67434e3df5420 Certificate serial: 019B559A844233F272B82722CC2F72704884 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kMzZE6mbr9iT4HupaKZ0NOPfVCA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/d3cb14-30ad-4213-815b-f6a513de2fea/1/kMzZE6mbr9iT4HupaKZ0NOPfVCA.mft Manifest number: 16ED Signing time: Thu 25 Dec 2025 13:02:28 +0000 Manifest this update: Thu 25 Dec 2025 13:02:28 +0000 Manifest next update: Fri 26 Dec 2025 13:02:28 +0000 Files and hashes: 1: 7ma8rm9Nc8aP0i9rOur_HEzgHJs.roa (hash: GInuicNk1jMv1+rnjCpEDF87yGDttTl9tUwBgJS9KiA=) 2: kMzZE6mbr9iT4HupaKZ0NOPfVCA.crl (hash: yFYf19DAPRywIdcjERSGrHjeSwjHNo2ttkmKGDrOLNc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/d3cb14-30ad-4213-815b-f6a513de2fea/1/kMzZE6mbr9iT4HupaKZ0NOPfVCA.crl rsync://rpki.ripe.net/repository/DEFAULT/35/d3cb14-30ad-4213-815b-f6a513de2fea/1/kMzZE6mbr9iT4HupaKZ0NOPfVCA.mft rsync://rpki.ripe.net/repository/DEFAULT/kMzZE6mbr9iT4HupaKZ0NOPfVCA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 26 Dec 2025 10:17:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:55:9a:84:42:33:f2:72:b8:27:22:cc:2f:72:70:48:84 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=90ccd913a99bafd893e07ba968a67434e3df5420 Validity Not Before: Dec 25 13:02:28 2025 GMT Not After : Dec 26 13:02:28 2025 GMT Subject: CN=9de009b29888b47ba28c10231520ebe8204b7f52 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:0a:36:ff:9c:e9:36:af:a5:35:78:21:f3:6b: 34:17:3f:14:c9:c0:9a:cf:ae:ed:91:f2:f7:97:4e: f2:43:9b:48:89:55:1a:1b:fc:40:f8:04:af:75:a0: 16:fb:a4:d9:46:d7:56:67:e9:b3:ff:34:37:6f:19: c8:f5:79:57:9a:32:ec:3b:f2:16:52:b3:45:a7:44: 9a:39:06:76:94:1c:e0:84:e8:c9:c9:72:d9:d6:bb: 97:28:1a:7d:09:ad:b7:d5:c4:b0:0c:16:64:56:0a: 86:de:e6:8c:99:35:12:a0:3b:24:65:16:b3:d6:66: b9:a2:bd:e1:4c:ad:a9:ce:be:ef:2e:64:f3:57:42: 66:84:93:77:a5:e9:34:84:0c:24:ce:3b:fc:bb:b8: 6b:c1:d0:0d:7c:6f:d6:28:0b:4f:e7:81:b5:08:bd: f8:b3:d8:e9:89:72:13:83:d0:8c:5d:ad:0a:f2:1e: 1e:7a:bb:06:83:b4:b2:af:15:9e:c9:6f:0d:1e:d8: 1b:02:3b:32:52:ee:61:5b:98:e5:be:bd:1d:7d:d2: 9e:b4:81:4e:a9:00:f4:32:ec:54:6f:11:e2:82:b6: 0c:8b:c8:5c:5f:32:83:23:c9:cb:db:d7:ee:f6:87: 6b:be:90:74:6d:cf:cb:aa:dd:15:b0:15:12:84:f7: c5:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9D:E0:09:B2:98:88:B4:7B:A2:8C:10:23:15:20:EB:E8:20:4B:7F:52 X509v3 Authority Key Identifier: keyid:90:CC:D9:13:A9:9B:AF:D8:93:E0:7B:A9:68:A6:74:34:E3:DF:54:20 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kMzZE6mbr9iT4HupaKZ0NOPfVCA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/d3cb14-30ad-4213-815b-f6a513de2fea/1/kMzZE6mbr9iT4HupaKZ0NOPfVCA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/35/d3cb14-30ad-4213-815b-f6a513de2fea/1/kMzZE6mbr9iT4HupaKZ0NOPfVCA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 70:26:88:f8:fb:b0:03:4f:f0:95:53:2f:c6:82:73:88:f3:b0: 9f:8d:2d:24:7c:ac:86:e6:a7:42:8a:fe:3b:8b:51:c5:37:5c: 46:7b:51:99:49:46:15:56:07:cf:1d:4e:4c:21:10:e7:88:73: ac:a6:27:6d:34:ed:2d:12:db:79:99:90:e0:b9:c9:0e:16:76: ad:34:36:e3:33:f9:c0:ab:72:4d:e6:a9:95:8a:bb:8b:56:a2: cd:71:31:c1:7a:c5:3f:9f:3a:41:20:57:d6:0e:32:26:7e:6e: 73:2f:22:a9:b8:45:fe:32:40:a5:89:98:fa:7d:7e:38:b5:62: 1a:26:56:e0:55:64:b4:3f:6c:99:5f:0f:fb:e5:74:17:91:43: c8:d2:17:6d:71:e5:b0:d5:1c:37:09:47:48:7e:3a:bf:83:31: 0b:d7:9c:8c:a6:77:f0:6a:46:6a:66:55:fa:c8:9e:cb:6e:6b: 50:8c:1a:29:63:1a:de:89:c3:ab:b1:fd:f4:20:ea:1a:a4:73: 27:10:c2:c6:a1:a6:23:b0:2d:76:64:c5:0a:7f:26:1c:a8:b5: 3b:30:52:ce:81:ca:e6:a2:92:66:cd:90:13:58:dc:cc:46:0f: 72:43:39:9f:60:29:41:79:c3:eb:84:2b:f1:2d:e9:bc:f7:1c: d2:00:58:24 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtVmoRCM/JyuCcizC9ycEiEMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkwY2NkOTEzYTk5YmFmZDg5M2UwN2JhOTY4YTY3NDM0ZTNk ZjU0MjAwHhcNMjUxMjI1MTMwMjI4WhcNMjUxMjI2MTMwMjI4WjAzMTEwLwYDVQQD Eyg5ZGUwMDliMjk4ODhiNDdiYTI4YzEwMjMxNTIwZWJlODIwNGI3ZjUyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxgo2/5zpNq+lNXgh82s0Fz8UycCa z67tkfL3l07yQ5tIiVUaG/xA+ASvdaAW+6TZRtdWZ+mz/zQ3bxnI9XlXmjLsO/IW UrNFp0SaOQZ2lBzghOjJyXLZ1ruXKBp9Ca231cSwDBZkVgqG3uaMmTUSoDskZRaz 1ma5or3hTK2pzr7vLmTzV0JmhJN3pek0hAwkzjv8u7hrwdANfG/WKAtP54G1CL34 s9jpiXITg9CMXa0K8h4eersGg7SyrxWeyW8NHtgbAjsyUu5hW5jlvr0dfdKetIFO qQD0MuxUbxHigrYMi8hcXzKDI8nL29fu9odrvpB0bc/Lqt0VsBUShPfFXQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJ3gCbKYiLR7oowQIxUg6+ggS39SMB8GA1UdIwQY MBaAFJDM2ROpm6/Yk+B7qWimdDTj31QgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva016WkU2bWJyOWlUNEh1cGFLWjBOT1BmVkNBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9kM2NiMTQtMzBhZC00MjEzLTgxNWIt ZjZhNTEzZGUyZmVhLzEva016WkU2bWJyOWlUNEh1cGFLWjBOT1BmVkNBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNS9kM2NiMTQtMzBhZC00MjEzLTgxNWItZjZhNTEzZGUyZmVh LzEva016WkU2bWJyOWlUNEh1cGFLWjBOT1BmVkNBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcCaI+Puw A0/wlVMvxoJziPOwn40tJHyshuanQor+O4tRxTdcRntRmUlGFVYHzx1OTCEQ54hz rKYnbTTtLRLbeZmQ4LnJDhZ2rTQ24zP5wKtyTeaplYq7i1aizXExwXrFP586QSBX 1g4yJn5ucy8iqbhF/jJApYmY+n1+OLViGiZW4FVktD9smV8P++V0F5FDyNIXbXHl sNUcNwlHSH46v4MxC9ecjKZ38GpGamZV+siey25rUIwaKWMa3onDq7H99CDqGqRz JxDCxqGmI7AtdmTFCn8mHKi1OzBSzoHK5qKSZs2QE1jczEYPckM5n2ApQXnD64Qr 8S3pvPcc0gBYJA== -----END CERTIFICATE-----Generated at Thu Dec 25 16:22:39 2025 by rpki-client