This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/be370e-6729-4df7-aabe-0a525b69db8f/1/kMABN-5t-utOpII7wXPDvAADHfk.mft File: kMABN-5t-utOpII7wXPDvAADHfk.mft (raw, json) Hash identifier: SD5khCtHNXrDeOsCC8TMq7fTmFROGYOLZC1n+lhHg+c= Subject key identifier: A1:2F:F0:01:24:00:83:51:D2:5C:B8:D6:4D:C7:7A:25:FB:CD:1A:5E Authority key identifier: 90:C0:01:37:EE:6D:FA:EB:4E:A4:82:3B:C1:73:C3:BC:00:03:1D:F9 Certificate issuer: /CN=90c00137ee6dfaeb4ea4823bc173c3bc00031df9 Certificate serial: 019B405B15C7B830EFEF16C43F65EF49BC99 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kMABN-5t-utOpII7wXPDvAADHfk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/be370e-6729-4df7-aabe-0a525b69db8f/1/kMABN-5t-utOpII7wXPDvAADHfk.mft Manifest number: 076F Signing time: Sun 21 Dec 2025 10:01:09 +0000 Manifest this update: Sun 21 Dec 2025 10:01:09 +0000 Manifest next update: Mon 22 Dec 2025 10:01:09 +0000 Files and hashes: 1: FCW2bGoLdcM6i-Jx_GrHtMzXAlk.roa (hash: WJgWrgAT99wsdStIPz/Fl698liisGeyhumyE7tw/O7c=) 2: kMABN-5t-utOpII7wXPDvAADHfk.crl (hash: YQXIuJYWdTrFwoTHAJE5XH6wvfCDMWSwSodPHN/WNuU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/be370e-6729-4df7-aabe-0a525b69db8f/1/kMABN-5t-utOpII7wXPDvAADHfk.crl rsync://rpki.ripe.net/repository/DEFAULT/36/be370e-6729-4df7-aabe-0a525b69db8f/1/kMABN-5t-utOpII7wXPDvAADHfk.mft rsync://rpki.ripe.net/repository/DEFAULT/kMABN-5t-utOpII7wXPDvAADHfk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 10:01:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:40:5b:15:c7:b8:30:ef:ef:16:c4:3f:65:ef:49:bc:99 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=90c00137ee6dfaeb4ea4823bc173c3bc00031df9 Validity Not Before: Dec 21 10:01:09 2025 GMT Not After : Dec 22 10:01:09 2025 GMT Subject: CN=a12ff00124008351d25cb8d64dc77a25fbcd1a5e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:ab:15:df:10:1e:9e:6a:1c:17:35:30:e2:ee: a6:47:6b:ab:8e:d7:ea:9a:3b:eb:b4:8f:f5:dc:22: 7d:fa:f3:3d:65:63:1e:c5:a8:3d:49:0c:ca:bd:fc: 49:e4:49:6a:de:c4:29:bb:60:6b:c1:fa:dc:d1:f5: 41:ac:55:ff:64:e6:21:a1:e9:10:3e:03:7e:6a:21: d7:c1:0d:be:0b:04:61:85:80:22:cd:a9:e8:4f:4b: 50:21:49:e8:8f:0c:93:a0:32:07:1e:b0:30:e5:10: 88:6b:cd:51:57:e8:97:ef:41:bb:a7:de:9f:b7:44: 04:d4:79:c3:04:33:49:ac:cb:c6:57:4a:b6:24:3e: 52:01:43:ba:05:fa:8d:c4:78:67:67:7c:e6:db:99: 42:f0:d9:90:a3:e0:f9:58:16:5c:de:6d:32:78:14: 2e:a2:f7:7b:65:51:ab:8d:7d:12:de:51:f5:86:13: 8c:f0:37:7a:27:00:c6:45:f8:fb:40:4a:c8:f9:4a: cc:29:64:57:a6:b6:40:b1:3f:f7:e4:a3:8f:88:6c: 4e:1c:38:94:07:ee:65:bb:05:c4:36:f7:80:05:33: e4:94:db:5f:84:a9:23:2f:f2:41:1d:cc:2d:4e:1e: 25:db:36:25:25:81:de:34:5e:f7:1f:35:ec:60:f0: 5e:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A1:2F:F0:01:24:00:83:51:D2:5C:B8:D6:4D:C7:7A:25:FB:CD:1A:5E X509v3 Authority Key Identifier: keyid:90:C0:01:37:EE:6D:FA:EB:4E:A4:82:3B:C1:73:C3:BC:00:03:1D:F9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kMABN-5t-utOpII7wXPDvAADHfk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/be370e-6729-4df7-aabe-0a525b69db8f/1/kMABN-5t-utOpII7wXPDvAADHfk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/36/be370e-6729-4df7-aabe-0a525b69db8f/1/kMABN-5t-utOpII7wXPDvAADHfk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 11:8c:7e:0f:94:65:21:e2:ba:2c:c7:b2:fb:de:ff:ec:1e:a8: 8d:fc:d9:22:cc:1b:8e:2b:48:a5:cf:2a:9d:42:c8:61:41:21: f8:74:83:d9:a5:c5:eb:63:e7:e6:89:89:5f:a8:dd:66:85:cf: 15:c9:cf:53:44:41:ee:43:06:2c:6b:32:c1:bf:91:7f:cd:f3: b0:87:37:3d:ab:b1:e3:19:0c:22:65:b1:d0:b1:f3:06:7b:f7: cf:1c:67:16:0f:e4:ce:1e:36:13:be:4f:f9:54:1b:cc:bf:e6: c0:1f:4b:c4:ca:af:27:16:5d:5b:eb:02:19:c8:7f:c9:a2:90: f0:31:ed:d5:8e:7c:ea:02:27:c7:fa:5a:a0:8d:1b:0a:18:84: ee:ef:f0:d2:52:8c:4e:46:b7:54:1f:4d:16:7c:db:bd:a3:bb: 93:c5:97:9e:83:76:e3:81:a0:30:61:6b:9c:13:50:9a:48:89: a6:19:01:ba:b0:62:4c:5d:4e:f5:50:67:1e:b9:c6:42:28:de: a7:c8:e3:01:eb:91:25:3b:b3:85:81:40:a3:c1:cb:b6:46:fb: 0d:00:6e:f7:5e:3a:43:2a:f0:8d:b7:6f:8b:9f:a2:17:10:2c: 8d:92:4c:4d:b0:92:4f:09:fb:2f:48:47:47:ce:b0:bd:62:f8: 92:c2:dc:48 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtAWxXHuDDv7xbEP2XvSbyZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkwYzAwMTM3ZWU2ZGZhZWI0ZWE0ODIzYmMxNzNjM2JjMDAw MzFkZjkwHhcNMjUxMjIxMTAwMTA5WhcNMjUxMjIyMTAwMTA5WjAzMTEwLwYDVQQD EyhhMTJmZjAwMTI0MDA4MzUxZDI1Y2I4ZDY0ZGM3N2EyNWZiY2QxYTVlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxasV3xAenmocFzUw4u6mR2urjtfq mjvrtI/13CJ9+vM9ZWMexag9SQzKvfxJ5Elq3sQpu2Brwfrc0fVBrFX/ZOYhoekQ PgN+aiHXwQ2+CwRhhYAizanoT0tQIUnojwyToDIHHrAw5RCIa81RV+iX70G7p96f t0QE1HnDBDNJrMvGV0q2JD5SAUO6BfqNxHhnZ3zm25lC8NmQo+D5WBZc3m0yeBQu ovd7ZVGrjX0S3lH1hhOM8Dd6JwDGRfj7QErI+UrMKWRXprZAsT/35KOPiGxOHDiU B+5luwXENveABTPklNtfhKkjL/JBHcwtTh4l2zYlJYHeNF73HzXsYPBeSwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKEv8AEkAINR0ly41k3HeiX7zRpeMB8GA1UdIwQY MBaAFJDAATfubfrrTqSCO8Fzw7wAAx35MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva01BQk4tNXQtdXRPcElJN3dYUER2QUFESGZrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9iZTM3MGUtNjcyOS00ZGY3LWFhYmUt MGE1MjViNjlkYjhmLzEva01BQk4tNXQtdXRPcElJN3dYUER2QUFESGZrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNi9iZTM3MGUtNjcyOS00ZGY3LWFhYmUtMGE1MjViNjlkYjhm LzEva01BQk4tNXQtdXRPcElJN3dYUER2QUFESGZrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAEYx+D5Rl IeK6LMey+97/7B6ojfzZIswbjitIpc8qnULIYUEh+HSD2aXF62Pn5omJX6jdZoXP FcnPU0RB7kMGLGsywb+Rf83zsIc3Paux4xkMImWx0LHzBnv3zxxnFg/kzh42E75P +VQbzL/mwB9LxMqvJxZdW+sCGch/yaKQ8DHt1Y586gInx/paoI0bChiE7u/w0lKM Tka3VB9NFnzbvaO7k8WXnoN244GgMGFrnBNQmkiJphkBurBiTF1O9VBnHrnGQije p8jjAeuRJTuzhYFAo8HLtkb7DQBu9146Qyrwjbdvi5+iFxAsjZJMTbCSTwn7L0hH R86wvWL4ksLcSA== -----END CERTIFICATE-----Generated at Sun Dec 21 17:20:32 2025 by rpki-client