This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.mft File: KbOnF2ZaETfpncj60i4-f5jbiXM.mft (raw, json) Hash identifier: SVZfgGi5oUJZMBJPJ3rfGtGP13q9aqneRq/h0c53Fbw= Subject key identifier: B2:2B:0F:0C:07:E6:C2:1B:D3:AF:57:C1:63:A7:2F:85:C5:4B:1B:36 Authority key identifier: 29:B3:A7:17:66:5A:11:37:E9:9D:C8:FA:D2:2E:3E:7F:98:DB:89:73 Certificate issuer: /CN=29b3a717665a1137e99dc8fad22e3e7f98db8973 Certificate serial: 019B4EF2194E52458BBD8E59FFD771B6E724 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KbOnF2ZaETfpncj60i4-f5jbiXM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.mft Manifest number: 1797 Signing time: Wed 24 Dec 2025 06:00:47 +0000 Manifest this update: Wed 24 Dec 2025 06:00:47 +0000 Manifest next update: Thu 25 Dec 2025 06:00:47 +0000 Files and hashes: 1: 0l-uuc0ta--zZGivAH1vRPmB_34.roa (hash: N3+ixN59bx1CAdzBVH5dBhTA7XSG6tSZGbX7+qQ9kkU=) 2: KbOnF2ZaETfpncj60i4-f5jbiXM.crl (hash: yt5egmZA8D7bhCPC5vGa8HY4KR3dG0H4YnAX6W7clfE=) 3: ZjCHU3LEGq34M383f_KumGN_eB4.roa (hash: YxlGAgs8g3hAPxhoH9iP3cLnbEfE9zXQU/84spENz30=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.crl rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.mft rsync://rpki.ripe.net/repository/DEFAULT/KbOnF2ZaETfpncj60i4-f5jbiXM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 06:00:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:4e:f2:19:4e:52:45:8b:bd:8e:59:ff:d7:71:b6:e7:24 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=29b3a717665a1137e99dc8fad22e3e7f98db8973 Validity Not Before: Dec 24 06:00:47 2025 GMT Not After : Dec 25 06:00:47 2025 GMT Subject: CN=b22b0f0c07e6c21bd3af57c163a72f85c54b1b36 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:5f:2f:32:a0:fc:19:fa:24:e3:ad:a5:92:ce: 42:3e:db:3f:b4:ad:05:10:86:1c:0e:db:f1:42:29: 49:06:28:23:b9:05:48:70:64:f7:b6:16:73:ff:58: ee:c1:15:e2:38:a0:fc:5b:0e:68:70:0f:1d:4f:61: f1:3a:57:77:1d:f8:eb:d7:37:06:b0:ec:a7:cf:54: 09:c5:e0:30:a0:61:9f:cb:11:8f:9d:64:78:6d:a9: b8:e1:46:45:44:83:df:c7:87:6b:6d:52:b4:eb:d9: 86:5b:c3:ef:1d:61:c6:b8:3f:7a:3e:b9:49:90:ab: 3f:99:9d:f7:fd:47:d0:87:7e:78:40:b1:52:8f:c7: b0:d7:41:a1:14:78:b7:2a:68:3e:be:06:5c:df:ae: 7f:cd:64:69:b1:f0:25:50:53:8f:77:da:30:f7:28: 1d:33:68:be:1f:27:ef:fb:54:1b:4a:58:72:0f:92: 42:d0:90:b8:6b:1a:ba:71:25:f8:68:e7:d9:de:04: 04:aa:b5:b8:b2:f4:ab:5b:bb:73:ef:01:31:26:7c: 71:c8:9c:70:fe:e1:7c:51:93:66:ad:2a:73:08:8c: 45:c0:d2:82:03:33:1f:fd:02:41:39:6c:53:94:a9: a8:70:9d:f4:e7:9c:2c:e9:94:a2:06:e9:8c:90:d8: 19:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B2:2B:0F:0C:07:E6:C2:1B:D3:AF:57:C1:63:A7:2F:85:C5:4B:1B:36 X509v3 Authority Key Identifier: keyid:29:B3:A7:17:66:5A:11:37:E9:9D:C8:FA:D2:2E:3E:7F:98:DB:89:73 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KbOnF2ZaETfpncj60i4-f5jbiXM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/36/acd28e-52ae-4ac9-b028-669f7a761631/1/KbOnF2ZaETfpncj60i4-f5jbiXM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5e:e4:75:13:4f:32:09:e2:7b:b5:d3:7a:aa:54:63:96:fc:7f: b0:4c:ea:ee:f4:f0:db:bf:c1:63:5f:da:fe:15:2e:15:43:23: c9:9d:4f:93:83:48:ce:0e:fc:34:29:7a:4b:be:aa:db:d2:cc: b7:28:dd:91:26:c0:22:65:2a:fd:22:bd:81:e3:4d:64:d0:f0: ca:75:81:78:08:8e:5c:00:fc:b3:33:93:5b:fc:f7:bb:12:98: 1c:ee:77:47:c6:20:be:76:f9:93:ae:35:0d:e5:f8:f6:ec:a1: 7a:f0:31:5f:bd:d5:a6:5b:2f:9d:da:30:cd:27:e4:45:12:2c: be:c4:61:f2:6e:cc:a8:d7:97:81:7c:6f:fa:35:bb:00:62:7b: 17:b7:1b:83:92:a6:b4:e6:7f:87:0f:da:b0:13:8a:c6:17:6e: a6:65:34:b5:2f:dd:0d:e5:9e:38:6a:82:73:36:99:2d:3a:d6: 01:69:c0:d9:09:30:c1:a6:21:64:25:29:e6:a0:ea:fd:e5:28: a6:2d:0e:3b:52:65:59:29:e8:e8:e4:51:e2:69:02:52:a9:33: f3:58:50:6e:4e:2c:df:41:82:1b:b7:ca:e4:94:bd:5d:87:04: 4e:fe:c6:86:7f:2d:74:c8:7a:31:2e:61:e2:6e:a5:60:27:e8: 6e:64:df:9d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtO8hlOUkWLvY5Z/9dxtuckMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI5YjNhNzE3NjY1YTExMzdlOTlkYzhmYWQyMmUzZTdmOThk Yjg5NzMwHhcNMjUxMjI0MDYwMDQ3WhcNMjUxMjI1MDYwMDQ3WjAzMTEwLwYDVQQD EyhiMjJiMGYwYzA3ZTZjMjFiZDNhZjU3YzE2M2E3MmY4NWM1NGIxYjM2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7V8vMqD8Gfok462lks5CPts/tK0F EIYcDtvxQilJBigjuQVIcGT3thZz/1juwRXiOKD8Ww5ocA8dT2HxOld3Hfjr1zcG sOynz1QJxeAwoGGfyxGPnWR4bam44UZFRIPfx4drbVK069mGW8PvHWHGuD96PrlJ kKs/mZ33/UfQh354QLFSj8ew10GhFHi3Kmg+vgZc365/zWRpsfAlUFOPd9ow9ygd M2i+Hyfv+1QbSlhyD5JC0JC4axq6cSX4aOfZ3gQEqrW4svSrW7tz7wExJnxxyJxw /uF8UZNmrSpzCIxFwNKCAzMf/QJBOWxTlKmocJ3055ws6ZSiBumMkNgZTwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLIrDwwH5sIb069XwWOnL4XFSxs2MB8GA1UdIwQY MBaAFCmzpxdmWhE36Z3I+tIuPn+Y24lzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS2JPbkYyWmFFVGZwbmNqNjBpNC1mNWpiaVhNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hY2QyOGUtNTJhZS00YWM5LWIwMjgt NjY5ZjdhNzYxNjMxLzEvS2JPbkYyWmFFVGZwbmNqNjBpNC1mNWpiaVhNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNi9hY2QyOGUtNTJhZS00YWM5LWIwMjgtNjY5ZjdhNzYxNjMx LzEvS2JPbkYyWmFFVGZwbmNqNjBpNC1mNWpiaVhNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXuR1E08y CeJ7tdN6qlRjlvx/sEzq7vTw27/BY1/a/hUuFUMjyZ1Pk4NIzg78NCl6S76q29LM tyjdkSbAImUq/SK9geNNZNDwynWBeAiOXAD8szOTW/z3uxKYHO53R8Ygvnb5k641 DeX49uyhevAxX73VplsvndowzSfkRRIsvsRh8m7MqNeXgXxv+jW7AGJ7F7cbg5Km tOZ/hw/asBOKxhdupmU0tS/dDeWeOGqCczaZLTrWAWnA2QkwwaYhZCUp5qDq/eUo pi0OO1JlWSno6ORR4mkCUqkz81hQbk4s30GCG7fK5JS9XYcETv7Ghn8tdMh6MS5h 4m6lYCfobmTfnQ== -----END CERTIFICATE-----Generated at Wed Dec 24 10:30:54 2025 by rpki-client