This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.mft File: kdDHjDCaPpncmrdPLNwEhIWedTA.mft (raw, json) Hash identifier: RN9XNfRplnOtAg2A49dNbsxGU8HVqdXfa5+ExSHo31g= Subject key identifier: BD:21:4C:13:9A:B6:21:3F:CB:B4:11:2F:EE:B7:C6:2F:36:41:E3:92 Authority key identifier: 91:D0:C7:8C:30:9A:3E:99:DC:9A:B7:4F:2C:DC:04:84:85:9E:75:30 Certificate issuer: /CN=91d0c78c309a3e99dc9ab74f2cdc0484859e7530 Certificate serial: 019B3A587C13DFA709119422C33EADEA4700 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kdDHjDCaPpncmrdPLNwEhIWedTA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.mft Manifest number: 12A0 Signing time: Sat 20 Dec 2025 06:00:36 +0000 Manifest this update: Sat 20 Dec 2025 06:00:36 +0000 Manifest next update: Sun 21 Dec 2025 06:00:36 +0000 Files and hashes: 1: 1-W_ixXGYX8sPaJagj-AVwFiwChc.roa (hash: L0D3lIfkN9efhBw5T+b3u9NkdIMxDqZ5UXxZUhgRWOs=) 2: 1wei3P__YsLq8D2DZQdx3r5Se8Q.roa (hash: mJ3sfO2t0ZrVqr8Lh/dS5cWV3uJ23FidlrzCBj85Xpg=) 3: FL9fu1OvmoFGfhkDWCYg6qk3FZw.roa (hash: 4qo1m7CfLoe2e1/s3slGLhDBLmvad/IFz+DUbL4c5ro=) 4: QhTNtcmMP2d8JHj8beOVtwBfn-8.roa (hash: pGtJfsZnHgpcNHsy6MUt5rD0YLB/sQz5xjhWg8xCmoY=) 5: b_UNR9Xj_ycfuOSMA48F_QSRqts.roa (hash: V/FK04zH2Za3Nwu+0PjyuAuPUrWk9vHEnkwAOnyhoAs=) 6: bvT0XxpWvjhSrsyJnY-pHBlHicQ.roa (hash: jO921Nm2+NbwqmtR+BTndgCkDUsWuQ/tZNnxs0Ah0nM=) 7: jOvM-KkjMcocARVIZsXXSmhqwTk.roa (hash: /hlDFttzMgmj+4PtUECpeb46avxwmQavKNZsIngAs74=) 8: kdDHjDCaPpncmrdPLNwEhIWedTA.crl (hash: 1m9nK7mtECOu4PTd9vdXWrbKvS+wcyLToq3El7MbJG8=) 9: mI6CMDbVFOggenhN7vYK1kqjlUM.roa (hash: Ix338GJteDKUBZwQ6uAO2I9vp00YeBcogG5YXz8IPLE=) 10: qaPYBIHSJO0VtmaPK-yj9xChj44.roa (hash: SCU2ZI+jqejXCddMhNIesbEWUHlrPpsz2jIcNDVRX0Q=) 11: vUVcdpzXr2JQGsu1xtXoOvW_LHU.roa (hash: 2iN03nQJUllsMqRJ1fP7+P4h4U6MeEk1ERszIuxQ8MY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.crl rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.mft rsync://rpki.ripe.net/repository/DEFAULT/kdDHjDCaPpncmrdPLNwEhIWedTA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 06:00:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3a:58:7c:13:df:a7:09:11:94:22:c3:3e:ad:ea:47:00 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=91d0c78c309a3e99dc9ab74f2cdc0484859e7530 Validity Not Before: Dec 20 06:00:36 2025 GMT Not After : Dec 21 06:00:36 2025 GMT Subject: CN=bd214c139ab6213fcbb4112feeb7c62f3641e392 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:6b:f9:0f:ae:66:50:24:ab:14:0a:02:d7:aa: f3:ec:61:60:bc:5b:39:b2:56:23:79:2e:38:0e:df: 7d:2b:9b:a5:71:27:4a:47:09:5d:2b:b5:4f:33:a5: cc:02:e5:39:27:4d:a7:bc:79:fa:95:e1:34:b1:8c: b5:1c:de:f9:a2:57:72:e4:79:8d:e6:7d:3a:63:a6: 99:39:c5:ad:d1:0e:76:f3:78:cd:94:c7:2a:bd:17: 83:b4:f7:49:d8:d7:f5:25:30:1b:86:3b:72:4a:48: df:99:22:31:5d:05:15:d7:bb:67:f8:a9:04:09:84: 53:06:a7:e6:b4:6c:a9:63:c0:7e:de:89:b6:86:e2: c7:97:31:21:02:2b:06:9d:a1:0e:de:15:20:87:fa: 72:d6:16:f8:d0:04:31:92:e7:fa:4b:c4:f5:e9:13: c7:32:16:e5:a3:f1:86:f0:3d:41:b8:04:fb:ce:b3: 09:ec:74:68:da:3f:ca:d9:c6:0e:a9:2a:3a:e7:e9: 7c:c7:a0:71:b8:a9:c7:3e:ac:2a:9f:d5:11:eb:56: 3d:d1:e5:a9:8b:1e:0c:e0:9a:ec:de:94:af:7c:f5: 77:68:5f:2f:69:4c:6c:26:57:7e:58:4b:d2:0d:57: d5:d1:80:65:0b:8c:1e:1b:e8:2b:58:5c:d3:81:16: 4c:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BD:21:4C:13:9A:B6:21:3F:CB:B4:11:2F:EE:B7:C6:2F:36:41:E3:92 X509v3 Authority Key Identifier: keyid:91:D0:C7:8C:30:9A:3E:99:DC:9A:B7:4F:2C:DC:04:84:85:9E:75:30 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kdDHjDCaPpncmrdPLNwEhIWedTA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 90:e7:24:f6:a4:64:c7:40:28:6f:bc:cd:45:e9:31:26:ff:27: 95:81:e6:07:10:44:1f:86:24:43:a4:2f:6d:16:f8:72:d0:00: 9d:9a:8d:86:9b:2c:11:13:8c:fc:48:4e:10:cd:10:2b:4d:24: d3:83:6f:72:d9:ef:de:74:ff:48:68:d5:83:55:1d:48:9d:bb: fb:d0:f4:7a:d2:bc:4d:eb:c7:d6:53:1c:40:e8:6c:2f:1f:33: 41:e5:b1:8f:07:54:8c:b4:3d:77:a1:09:4f:fd:44:dc:ac:80: ac:7c:ad:94:5b:85:4d:06:49:18:fc:4a:86:7e:2c:aa:dd:8b: e5:c6:95:2e:fa:0a:7f:aa:98:fe:75:c6:eb:10:e4:20:87:46: 95:b7:8a:03:5a:c3:09:d5:19:27:ed:ab:50:ba:55:9f:91:91: 01:d6:34:54:ee:f0:98:4c:9f:d8:92:98:96:9d:4e:94:e1:cc: fc:14:e6:e0:fc:63:48:b1:f3:62:06:0b:16:92:73:fb:c7:e5: 15:ac:75:86:c7:7e:fe:89:48:87:01:33:ac:85:a3:57:0e:4c: c3:c7:96:f3:a2:b4:bd:37:7e:d6:cd:13:6a:b3:da:0a:6a:36: 5d:78:b3:b1:95:2d:28:61:88:49:97:50:f3:82:c6:d2:17:23: 0a:54:71:7e -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs6WHwT36cJEZQiwz6t6kcAMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkxZDBjNzhjMzA5YTNlOTlkYzlhYjc0ZjJjZGMwNDg0ODU5 ZTc1MzAwHhcNMjUxMjIwMDYwMDM2WhcNMjUxMjIxMDYwMDM2WjAzMTEwLwYDVQQD EyhiZDIxNGMxMzlhYjYyMTNmY2JiNDExMmZlZWI3YzYyZjM2NDFlMzkyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuWv5D65mUCSrFAoC16rz7GFgvFs5 slYjeS44Dt99K5ulcSdKRwldK7VPM6XMAuU5J02nvHn6leE0sYy1HN75oldy5HmN 5n06Y6aZOcWt0Q5283jNlMcqvReDtPdJ2Nf1JTAbhjtySkjfmSIxXQUV17tn+KkE CYRTBqfmtGypY8B+3om2huLHlzEhAisGnaEO3hUgh/py1hb40AQxkuf6S8T16RPH Mhblo/GG8D1BuAT7zrMJ7HRo2j/K2cYOqSo65+l8x6BxuKnHPqwqn9UR61Y90eWp ix4M4Jrs3pSvfPV3aF8vaUxsJld+WEvSDVfV0YBlC4weG+grWFzTgRZMwwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFL0hTBOatiE/y7QRL+63xi82QeOSMB8GA1UdIwQY MBaAFJHQx4wwmj6Z3Jq3TyzcBISFnnUwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva2RESGpEQ2FQcG5jbXJkUExOd0VoSVdlZFRBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS8yOTNhMmYtMzk5Ny00OTdmLTllZjEt NDg1MmM4ZmY4YWYyLzEva2RESGpEQ2FQcG5jbXJkUExOd0VoSVdlZFRBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zOS8yOTNhMmYtMzk5Ny00OTdmLTllZjEtNDg1MmM4ZmY4YWYy LzEva2RESGpEQ2FQcG5jbXJkUExOd0VoSVdlZFRBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAkOck9qRk x0Aob7zNRekxJv8nlYHmBxBEH4YkQ6QvbRb4ctAAnZqNhpssEROM/EhOEM0QK00k 04Nvctnv3nT/SGjVg1UdSJ27+9D0etK8TevH1lMcQOhsLx8zQeWxjwdUjLQ9d6EJ T/1E3KyArHytlFuFTQZJGPxKhn4sqt2L5caVLvoKf6qY/nXG6xDkIIdGlbeKA1rD CdUZJ+2rULpVn5GRAdY0VO7wmEyf2JKYlp1OlOHM/BTm4PxjSLHzYgYLFpJz+8fl Fax1hsd+/olIhwEzrIWjVw5Mw8eW86K0vTd+1s0TarPaCmo2XXizsZUtKGGISZdQ 84LG0hcjClRxfg== -----END CERTIFICATE-----Generated at Sat Dec 20 14:50:42 2025 by rpki-client