This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.mft File: kpbYTmTVXsgSR2-4BvD-daCL-ys.mft (raw, json) Hash identifier: M98zxwOiI0lKGo1KcYOXziTTQO8ozIBsDf87DlykDjw= Subject key identifier: E7:A2:45:9C:E3:1C:A6:F3:58:B6:5C:BA:C4:67:14:3E:23:10:A4:58 Authority key identifier: 92:96:D8:4E:64:D5:5E:C8:12:47:6F:B8:06:F0:FE:75:A0:8B:FB:2B Certificate issuer: /CN=9296d84e64d55ec812476fb806f0fe75a08bfb2b Certificate serial: 019B3E6C427E04824D9E41985944E1BC054C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kpbYTmTVXsgSR2-4BvD-daCL-ys.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.mft Manifest number: 178A Signing time: Sun 21 Dec 2025 01:00:40 +0000 Manifest this update: Sun 21 Dec 2025 01:00:40 +0000 Manifest next update: Mon 22 Dec 2025 01:00:40 +0000 Files and hashes: 1: kpbYTmTVXsgSR2-4BvD-daCL-ys.crl (hash: hH7O/HMBR4uWnBgD8VKuup7rFuyXOOn5Y+omz+vqZEg=) 2: r4bjJ2cCOInhIlG1f9hIdTm3g6M.roa (hash: aZToxg96BEY8Qvj4uVJxCXKyOgQmRt2zg6OKjNY/eQ0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.crl rsync://rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.mft rsync://rpki.ripe.net/repository/DEFAULT/kpbYTmTVXsgSR2-4BvD-daCL-ys.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 19:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3e:6c:42:7e:04:82:4d:9e:41:98:59:44:e1:bc:05:4c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9296d84e64d55ec812476fb806f0fe75a08bfb2b Validity Not Before: Dec 21 01:00:40 2025 GMT Not After : Dec 22 01:00:40 2025 GMT Subject: CN=e7a2459ce31ca6f358b65cbac467143e2310a458 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:f5:08:f2:a3:e5:20:02:f3:74:e6:f9:a5:1e: 44:7f:8c:78:4b:78:9c:fc:86:f2:fa:2f:8e:84:17: 9b:ec:64:19:f2:b1:9f:3d:29:48:b7:0a:bc:ec:85: a5:64:02:6a:0d:be:5b:7b:34:87:35:01:c1:d6:e6: 12:6c:16:31:70:e2:af:b7:b9:09:5d:87:4d:2f:d3: 91:14:90:23:63:2b:c7:9a:00:e0:27:9f:0b:aa:76: 57:4f:7e:f8:08:73:06:81:f0:6e:f7:6b:b2:f9:59: a8:58:2f:3e:7b:52:c5:99:42:eb:98:a0:8a:e8:4a: 75:a0:9f:b2:a0:9c:8d:35:15:db:0a:4c:8e:22:7b: a4:4b:b4:70:66:2a:4f:f7:84:d5:90:6d:4d:75:59: 0d:9b:82:90:11:15:27:29:51:72:82:21:35:8e:4c: 5d:09:ac:02:58:20:2a:0f:86:bb:4e:56:a9:e3:8c: f8:6b:72:67:d2:51:3f:e8:9d:c2:e1:02:13:69:19: 4d:47:8e:d9:99:f0:65:19:7b:c6:69:a7:76:cf:97: aa:dd:fe:a8:5e:e4:9b:9a:c6:65:f2:16:8a:54:14: cb:d6:61:c2:85:a6:42:2b:9b:91:78:af:b0:1c:0c: b3:f0:65:74:d7:f8:a0:f4:ef:91:10:ad:16:d9:98: 13:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E7:A2:45:9C:E3:1C:A6:F3:58:B6:5C:BA:C4:67:14:3E:23:10:A4:58 X509v3 Authority Key Identifier: keyid:92:96:D8:4E:64:D5:5E:C8:12:47:6F:B8:06:F0:FE:75:A0:8B:FB:2B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kpbYTmTVXsgSR2-4BvD-daCL-ys.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 72:36:4d:2c:b0:5c:01:bb:9a:45:29:6b:b2:8b:db:0a:3e:80: 08:ef:78:9c:0b:a9:4a:29:a0:8a:14:48:5b:c5:9d:dc:8f:2e: f2:f8:27:ca:47:03:88:2e:9f:78:ef:df:10:3a:6d:b7:b3:94: 51:1f:a3:fa:32:1d:51:cb:0a:33:db:a4:2e:d0:3f:73:2d:40: 88:d5:f5:71:8e:d6:b2:85:5c:b9:8c:45:13:25:05:bf:ac:4c: 8a:42:cc:b3:a7:20:92:e4:b4:c8:2f:ef:66:53:2e:61:e4:b7: 22:47:24:c5:33:18:a6:f7:5e:9a:77:18:26:6f:24:61:f1:30: d7:fe:ff:c9:1a:15:89:be:d9:d0:cc:c3:56:32:35:9c:05:d5: b1:f4:ec:f2:0d:44:45:81:df:43:39:2e:53:bf:e2:8f:ed:f1: ff:58:b8:1a:6d:60:00:7f:7b:b9:54:3d:18:af:57:cf:d0:b1: 2a:1a:9c:cf:1b:09:22:34:b5:01:38:89:b4:b8:b3:af:d5:16: d0:71:49:f0:60:52:c9:f2:dc:de:70:bd:03:e1:47:de:6b:9c: e9:bc:ad:fc:79:0c:86:d0:58:fa:af:f5:ee:34:23:d5:8b:b8: ff:d7:67:e2:92:ed:b7:11:9f:6d:94:78:77:58:66:8d:df:7f: 6d:3f:f1:39 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs+bEJ+BIJNnkGYWUThvAVMMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkyOTZkODRlNjRkNTVlYzgxMjQ3NmZiODA2ZjBmZTc1YTA4 YmZiMmIwHhcNMjUxMjIxMDEwMDQwWhcNMjUxMjIyMDEwMDQwWjAzMTEwLwYDVQQD EyhlN2EyNDU5Y2UzMWNhNmYzNThiNjVjYmFjNDY3MTQzZTIzMTBhNDU4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp/UI8qPlIALzdOb5pR5Ef4x4S3ic /Iby+i+OhBeb7GQZ8rGfPSlItwq87IWlZAJqDb5bezSHNQHB1uYSbBYxcOKvt7kJ XYdNL9ORFJAjYyvHmgDgJ58LqnZXT374CHMGgfBu92uy+VmoWC8+e1LFmULrmKCK 6Ep1oJ+yoJyNNRXbCkyOInukS7RwZipP94TVkG1NdVkNm4KQERUnKVFygiE1jkxd CawCWCAqD4a7Tlap44z4a3Jn0lE/6J3C4QITaRlNR47ZmfBlGXvGaad2z5eq3f6o XuSbmsZl8haKVBTL1mHChaZCK5uReK+wHAyz8GV01/ig9O+REK0W2ZgTUQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFOeiRZzjHKbzWLZcusRnFD4jEKRYMB8GA1UdIwQY MBaAFJKW2E5k1V7IEkdvuAbw/nWgi/srMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva3BiWVRtVFZYc2dTUjItNEJ2RC1kYUNMLXlzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9hNTRlYjEtMzNkZS00MDFmLTkzNWEt ZjM0OTI4NDUwOWI3LzEva3BiWVRtVFZYc2dTUjItNEJ2RC1kYUNMLXlzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81My9hNTRlYjEtMzNkZS00MDFmLTkzNWEtZjM0OTI4NDUwOWI3 LzEva3BiWVRtVFZYc2dTUjItNEJ2RC1kYUNMLXlzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAcjZNLLBc AbuaRSlrsovbCj6ACO94nAupSimgihRIW8Wd3I8u8vgnykcDiC6feO/fEDptt7OU UR+j+jIdUcsKM9ukLtA/cy1AiNX1cY7WsoVcuYxFEyUFv6xMikLMs6cgkuS0yC/v ZlMuYeS3IkckxTMYpvdemncYJm8kYfEw1/7/yRoVib7Z0MzDVjI1nAXVsfTs8g1E RYHfQzkuU7/ij+3x/1i4Gm1gAH97uVQ9GK9Xz9CxKhqczxsJIjS1ATiJtLizr9UW 0HFJ8GBSyfLc3nC9A+FH3muc6byt/HkMhtBY+q/17jQj1Yu4/9dn4pLttxGfbZR4 d1hmjd9/bT/xOQ== -----END CERTIFICATE-----Generated at Sun Dec 21 03:56:03 2025 by rpki-client