This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/95535b-e630-457f-8a01-aeae5bbc3920/1/KBZKV1f91XJaYIRPKufvc7EHpMA.mft File: KBZKV1f91XJaYIRPKufvc7EHpMA.mft (raw, json) Hash identifier: SHMuH3A7HCV7Tzd9SnkjuBZQJxddfUDBX8n0IP137x8= Subject key identifier: A5:40:4B:22:94:E6:55:84:2F:A8:46:53:5D:4D:3E:C9:47:1E:CF:A0 Authority key identifier: 28:16:4A:57:57:FD:D5:72:5A:60:84:4F:2A:E7:EF:73:B1:07:A4:C0 Certificate issuer: /CN=28164a5757fdd5725a60844f2ae7ef73b107a4c0 Certificate serial: 019B3F7F3DDB0E916CF724E33C5FAD55A6A5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KBZKV1f91XJaYIRPKufvc7EHpMA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/95535b-e630-457f-8a01-aeae5bbc3920/1/KBZKV1f91XJaYIRPKufvc7EHpMA.mft Manifest number: 1787 Signing time: Sun 21 Dec 2025 06:01:02 +0000 Manifest this update: Sun 21 Dec 2025 06:01:02 +0000 Manifest next update: Mon 22 Dec 2025 06:01:02 +0000 Files and hashes: 1: KBZKV1f91XJaYIRPKufvc7EHpMA.crl (hash: y6K33vtj4NAfbV/Pst1oSybZTaShmo9y/GvXNgPb5E0=) 2: MhHg4JFChvahbVNUw3bJFSkkmEg.roa (hash: 4DOu8CWNY1OjDP1XSPeR4I2ZieWWV4v3/yu30qnq/P4=) 3: jPXAyTxRg6IHrumUsMVZCICaKwI.roa (hash: yu/3MPqNqBbwh5Kh6v8tYgtrr60bnzQOIu7M1/9ZqhU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/95535b-e630-457f-8a01-aeae5bbc3920/1/KBZKV1f91XJaYIRPKufvc7EHpMA.crl rsync://rpki.ripe.net/repository/DEFAULT/38/95535b-e630-457f-8a01-aeae5bbc3920/1/KBZKV1f91XJaYIRPKufvc7EHpMA.mft rsync://rpki.ripe.net/repository/DEFAULT/KBZKV1f91XJaYIRPKufvc7EHpMA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 06:01:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3f:7f:3d:db:0e:91:6c:f7:24:e3:3c:5f:ad:55:a6:a5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=28164a5757fdd5725a60844f2ae7ef73b107a4c0 Validity Not Before: Dec 21 06:01:02 2025 GMT Not After : Dec 22 06:01:02 2025 GMT Subject: CN=a5404b2294e655842fa846535d4d3ec9471ecfa0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:5e:d1:f6:81:da:b5:30:e4:6f:a9:92:fd:f2: 82:92:21:de:f2:96:7a:b3:d3:8b:84:07:d0:a6:30: 3e:34:d5:69:8f:e2:3d:6b:85:10:f0:7c:ba:e6:c5: fe:40:4d:81:26:ac:3d:2e:b7:a5:7e:74:73:d9:e9: 1b:40:70:a8:5e:85:37:b3:72:9f:da:c9:a2:57:c8: 99:63:d8:9d:72:f7:41:8a:70:cb:f5:61:d5:1b:e9: eb:29:9a:11:56:33:34:e2:bc:82:d9:5b:a4:9d:1e: ad:0f:df:28:19:8a:a2:b1:fe:05:4a:fd:b6:2f:2d: 5e:eb:f1:da:42:78:13:a6:dd:e6:46:b7:7b:c5:40: 5b:4d:d2:dc:93:c4:8e:af:e9:fe:6e:0e:e8:96:1d: b8:c5:fd:3a:e7:89:cb:35:b2:cc:a4:60:d3:f4:0e: 80:69:20:57:9c:28:ea:52:11:0a:38:1b:15:a0:8f: 80:12:bc:16:c3:c7:a6:02:62:50:7b:f1:79:d6:bf: 89:9a:65:ab:82:4b:1d:0f:41:a0:18:ac:5a:ef:bd: 2e:02:4b:89:56:c1:6d:76:93:55:90:89:65:39:fa: dd:22:75:7b:51:cc:7d:a6:8c:70:7f:cc:5d:d0:37: f3:f4:a8:70:99:4a:80:38:56:28:30:86:5b:f1:0d: 5c:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A5:40:4B:22:94:E6:55:84:2F:A8:46:53:5D:4D:3E:C9:47:1E:CF:A0 X509v3 Authority Key Identifier: keyid:28:16:4A:57:57:FD:D5:72:5A:60:84:4F:2A:E7:EF:73:B1:07:A4:C0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KBZKV1f91XJaYIRPKufvc7EHpMA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/95535b-e630-457f-8a01-aeae5bbc3920/1/KBZKV1f91XJaYIRPKufvc7EHpMA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/38/95535b-e630-457f-8a01-aeae5bbc3920/1/KBZKV1f91XJaYIRPKufvc7EHpMA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3b:d0:26:7a:25:0f:49:9a:53:12:3b:6c:10:1f:c6:51:4e:f3: d4:11:dd:8e:da:54:81:44:4c:12:a1:97:fa:25:d8:a1:88:9c: bf:52:c1:41:56:1f:51:ad:5c:6a:67:9a:60:0a:86:d1:7b:b6: 1f:17:6a:9c:0f:49:91:b7:54:6a:cc:6f:a8:71:54:2e:e2:73: 08:03:51:a9:da:ef:82:9e:1f:82:5d:00:f0:44:60:07:ec:e9: 1b:70:09:94:70:b1:1c:0e:34:cf:4e:3a:38:18:9b:1f:e5:f5: 1f:b7:7b:ee:c0:8f:3a:60:3e:b9:19:8b:c9:62:cc:dd:4f:56: a4:06:06:93:65:1d:d7:0f:92:3d:2c:f6:85:b0:fb:1e:73:3c: 5d:8f:0f:5f:09:4e:08:e1:fc:0d:a4:42:d4:a9:c0:e2:21:22: 37:3e:ea:5c:48:fe:69:a7:38:61:71:6d:3e:af:49:b2:05:f8: 8b:27:bd:a3:61:d9:33:aa:d4:68:f0:05:6a:30:30:ac:fa:d6: 2d:35:26:87:8e:0e:0b:2e:d8:b3:eb:ed:e3:d0:0c:94:7d:2c: cc:7d:03:d4:f9:d5:7a:9d:96:87:68:6c:7d:17:2d:6c:e8:a5: 9f:86:0b:a1:f2:6f:d8:de:7e:f5:57:3f:82:33:e0:8b:f8:67: 47:2f:25:a4 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs/fz3bDpFs9yTjPF+tVaalMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI4MTY0YTU3NTdmZGQ1NzI1YTYwODQ0ZjJhZTdlZjczYjEw N2E0YzAwHhcNMjUxMjIxMDYwMTAyWhcNMjUxMjIyMDYwMTAyWjAzMTEwLwYDVQQD EyhhNTQwNGIyMjk0ZTY1NTg0MmZhODQ2NTM1ZDRkM2VjOTQ3MWVjZmEwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqF7R9oHatTDkb6mS/fKCkiHe8pZ6 s9OLhAfQpjA+NNVpj+I9a4UQ8Hy65sX+QE2BJqw9LrelfnRz2ekbQHCoXoU3s3Kf 2smiV8iZY9idcvdBinDL9WHVG+nrKZoRVjM04ryC2VuknR6tD98oGYqisf4FSv22 Ly1e6/HaQngTpt3mRrd7xUBbTdLck8SOr+n+bg7olh24xf0654nLNbLMpGDT9A6A aSBXnCjqUhEKOBsVoI+AErwWw8emAmJQe/F51r+JmmWrgksdD0GgGKxa770uAkuJ VsFtdpNVkIllOfrdInV7Ucx9poxwf8xd0Dfz9KhwmUqAOFYoMIZb8Q1c3wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFKVASyKU5lWEL6hGU11NPslHHs+gMB8GA1UdIwQY MBaAFCgWSldX/dVyWmCETyrn73OxB6TAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS0JaS1YxZjkxWEphWUlSUEt1ZnZjN0VIcE1BLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC85NTUzNWItZTYzMC00NTdmLThhMDEt YWVhZTViYmMzOTIwLzEvS0JaS1YxZjkxWEphWUlSUEt1ZnZjN0VIcE1BLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zOC85NTUzNWItZTYzMC00NTdmLThhMDEtYWVhZTViYmMzOTIw LzEvS0JaS1YxZjkxWEphWUlSUEt1ZnZjN0VIcE1BLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAO9AmeiUP SZpTEjtsEB/GUU7z1BHdjtpUgURMEqGX+iXYoYicv1LBQVYfUa1cameaYAqG0Xu2 HxdqnA9JkbdUasxvqHFULuJzCANRqdrvgp4fgl0A8ERgB+zpG3AJlHCxHA40z046 OBibH+X1H7d77sCPOmA+uRmLyWLM3U9WpAYGk2Ud1w+SPSz2hbD7HnM8XY8PXwlO COH8DaRC1KnA4iEiNz7qXEj+aac4YXFtPq9JsgX4iye9o2HZM6rUaPAFajAwrPrW LTUmh44OCy7Ys+vt49AMlH0szH0D1PnVep2Wh2hsfRctbOiln4YLofJv2N5+9Vc/ gjPgi/hnRy8lpA== -----END CERTIFICATE-----Generated at Sun Dec 21 15:30:37 2025 by rpki-client