This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/0347d3-e54c-44c0-8f7a-4514374e6ffa/1/kcHIW_XFNHGpl--fqZnQwWvoVEQ.mft File: kcHIW_XFNHGpl--fqZnQwWvoVEQ.mft (raw, json) Hash identifier: U3iSSKze7bB1p+zNiGhYVlgqtTslwZAtzJ35VlPYojE= Subject key identifier: 91:A8:ED:04:6C:9D:FE:5C:28:28:7F:AB:50:B5:C4:E8:DD:7C:BA:0E Authority key identifier: 91:C1:C8:5B:F5:C5:34:71:A9:97:EF:9F:A9:99:D0:C1:6B:E8:54:44 Certificate issuer: /CN=91c1c85bf5c53471a997ef9fa999d0c16be85444 Certificate serial: 019B405B18677C2C1976C515703ACDC84DC3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kcHIW_XFNHGpl--fqZnQwWvoVEQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/0347d3-e54c-44c0-8f7a-4514374e6ffa/1/kcHIW_XFNHGpl--fqZnQwWvoVEQ.mft Manifest number: 1795 Signing time: Sun 21 Dec 2025 10:01:10 +0000 Manifest this update: Sun 21 Dec 2025 10:01:10 +0000 Manifest next update: Mon 22 Dec 2025 10:01:10 +0000 Files and hashes: 1: 1-w_Sx8LRPBvLvkJLZOQlFfGluOo.roa (hash: jW6TH6eaQc46mg+HMpMqf3iTbPrehVKAIBq6ffyUgyg=) 2: kcHIW_XFNHGpl--fqZnQwWvoVEQ.crl (hash: ZNn+fhCy3uPlS+RZsamOqzVl/7HolAaWITh2hDdSGbg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/0347d3-e54c-44c0-8f7a-4514374e6ffa/1/kcHIW_XFNHGpl--fqZnQwWvoVEQ.crl rsync://rpki.ripe.net/repository/DEFAULT/40/0347d3-e54c-44c0-8f7a-4514374e6ffa/1/kcHIW_XFNHGpl--fqZnQwWvoVEQ.mft rsync://rpki.ripe.net/repository/DEFAULT/kcHIW_XFNHGpl--fqZnQwWvoVEQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 04:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:40:5b:18:67:7c:2c:19:76:c5:15:70:3a:cd:c8:4d:c3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=91c1c85bf5c53471a997ef9fa999d0c16be85444 Validity Not Before: Dec 21 10:01:10 2025 GMT Not After : Dec 22 10:01:10 2025 GMT Subject: CN=91a8ed046c9dfe5c28287fab50b5c4e8dd7cba0e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:d6:40:55:30:d4:9a:17:df:54:42:64:91:41: a2:cb:e4:2e:4c:d9:e6:c3:c8:2f:9c:50:f7:d6:92: fa:84:0f:1c:45:b5:9f:32:0a:62:39:bb:8a:09:76: 7d:53:d3:11:24:1f:e4:d2:92:03:8e:1e:38:82:37: c7:9b:e7:37:e7:de:65:88:37:b0:69:8f:b0:a0:c5: 9d:fa:01:66:eb:ac:76:b4:2b:10:f6:11:f5:19:d0: 77:06:61:c9:11:fe:05:95:f0:aa:ec:e9:db:06:db: 25:a9:4d:42:68:1b:fe:3f:bf:4c:8e:68:44:3a:0b: 66:fa:4b:85:00:e6:b2:57:c2:50:00:c9:31:a4:31: fe:dc:14:76:63:c8:79:8c:4e:87:f7:e7:18:94:cb: 36:eb:84:22:3e:b8:36:eb:c2:7f:ce:40:b7:ea:2d: 87:30:2b:73:48:61:17:88:e0:cc:dc:8f:f0:cd:75: f8:98:da:f2:7b:7e:b1:14:df:23:dd:86:8b:90:8d: bb:f4:76:97:f8:16:ad:30:59:2f:dc:84:0d:1b:45: 58:12:ac:1a:c2:63:ea:e1:7c:b8:e1:18:72:47:55: 89:21:31:f9:bf:32:05:ca:29:49:c2:39:42:6b:20: 1e:0c:4c:a1:9a:95:5c:f5:42:70:11:f9:be:28:12: 18:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:A8:ED:04:6C:9D:FE:5C:28:28:7F:AB:50:B5:C4:E8:DD:7C:BA:0E X509v3 Authority Key Identifier: keyid:91:C1:C8:5B:F5:C5:34:71:A9:97:EF:9F:A9:99:D0:C1:6B:E8:54:44 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kcHIW_XFNHGpl--fqZnQwWvoVEQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/0347d3-e54c-44c0-8f7a-4514374e6ffa/1/kcHIW_XFNHGpl--fqZnQwWvoVEQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/40/0347d3-e54c-44c0-8f7a-4514374e6ffa/1/kcHIW_XFNHGpl--fqZnQwWvoVEQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3e:c4:7a:4d:ad:a5:f6:73:ae:0c:71:97:69:58:57:8b:b5:98: 06:b5:50:0b:44:27:03:21:d1:cb:fc:e7:57:09:76:4f:28:c0: 8e:cf:b3:4c:6c:76:d6:31:2d:36:89:ea:36:65:09:ce:08:64: 36:e7:f3:9e:0a:61:9b:5a:7d:c7:fa:81:85:8b:e4:11:57:62: f8:22:6c:21:a4:b9:1d:a7:9f:ed:fd:79:1b:1c:38:4d:cb:79: 25:c2:73:4f:60:3e:e7:26:7d:92:cb:89:22:d8:93:bf:5a:f6: 10:72:4b:59:d3:c8:16:5c:0d:e9:e1:14:7d:64:0a:5c:d4:a1: d0:0b:0f:23:27:71:55:23:c2:7a:78:ce:b4:85:cc:d9:6a:40: 1b:09:37:57:98:de:c3:bc:52:37:75:ab:0f:76:fb:a8:10:a9: 3b:05:d5:a3:44:77:db:c8:65:3d:ea:60:42:54:ee:c7:7c:27: 2b:48:70:92:07:bd:13:13:cb:14:7e:5f:94:f5:55:d8:b2:05: 68:4f:0d:c0:3a:47:b4:53:d2:03:84:f7:bf:3a:15:47:a1:c2: b0:74:20:64:e1:60:f7:0e:1a:20:7c:55:89:69:5b:ec:dc:44: f4:f1:ba:8d:bd:a0:63:4a:90:df:82:f9:24:30:53:00:fc:34: 1a:e6:cf:24 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtAWxhnfCwZdsUVcDrNyE3DMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkxYzFjODViZjVjNTM0NzFhOTk3ZWY5ZmE5OTlkMGMxNmJl ODU0NDQwHhcNMjUxMjIxMTAwMTEwWhcNMjUxMjIyMTAwMTEwWjAzMTEwLwYDVQQD Eyg5MWE4ZWQwNDZjOWRmZTVjMjgyODdmYWI1MGI1YzRlOGRkN2NiYTBlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAodZAVTDUmhffVEJkkUGiy+QuTNnm w8gvnFD31pL6hA8cRbWfMgpiObuKCXZ9U9MRJB/k0pIDjh44gjfHm+c3595liDew aY+woMWd+gFm66x2tCsQ9hH1GdB3BmHJEf4FlfCq7OnbBtslqU1CaBv+P79MjmhE Ogtm+kuFAOayV8JQAMkxpDH+3BR2Y8h5jE6H9+cYlMs264QiPrg268J/zkC36i2H MCtzSGEXiODM3I/wzXX4mNrye36xFN8j3YaLkI279HaX+BatMFkv3IQNG0VYEqwa wmPq4Xy44RhyR1WJITH5vzIFyilJwjlCayAeDEyhmpVc9UJwEfm+KBIY1QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJGo7QRsnf5cKCh/q1C1xOjdfLoOMB8GA1UdIwQY MBaAFJHByFv1xTRxqZfvn6mZ0MFr6FREMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva2NISVdfWEZOSEdwbC0tZnFablF3V3ZvVkVRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8wMzQ3ZDMtZTU0Yy00NGMwLThmN2Et NDUxNDM3NGU2ZmZhLzEva2NISVdfWEZOSEdwbC0tZnFablF3V3ZvVkVRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80MC8wMzQ3ZDMtZTU0Yy00NGMwLThmN2EtNDUxNDM3NGU2ZmZh LzEva2NISVdfWEZOSEdwbC0tZnFablF3V3ZvVkVRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAPsR6Ta2l 9nOuDHGXaVhXi7WYBrVQC0QnAyHRy/znVwl2TyjAjs+zTGx21jEtNonqNmUJzghk Nufzngphm1p9x/qBhYvkEVdi+CJsIaS5Haef7f15Gxw4Tct5JcJzT2A+5yZ9ksuJ ItiTv1r2EHJLWdPIFlwN6eEUfWQKXNSh0AsPIydxVSPCenjOtIXM2WpAGwk3V5je w7xSN3WrD3b7qBCpOwXVo0R328hlPepgQlTux3wnK0hwkge9ExPLFH5flPVV2LIF aE8NwDpHtFPSA4T3vzoVR6HCsHQgZOFg9w4aIHxViWlb7NxE9PG6jb2gY0qQ34L5 JDBTAPw0GubPJA== -----END CERTIFICATE-----Generated at Sun Dec 21 12:02:01 2025 by rpki-client