This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.mft File: kpbYTmTVXsgSR2-4BvD-daCL-ys.mft (raw, json) Hash identifier: qx1YHJk1F9Dn8EPx/WxHCna2zjea8WeTzRhPW2QKM/4= Subject key identifier: F4:58:B2:26:53:39:90:2D:C2:36:59:9A:F3:39:94:13:62:9D:4A:91 Authority key identifier: 92:96:D8:4E:64:D5:5E:C8:12:47:6F:B8:06:F0:FE:75:A0:8B:FB:2B Certificate issuer: /CN=9296d84e64d55ec812476fb806f0fe75a08bfb2b Certificate serial: 019B6AD724C518C611A5BABEC2EF2E98CAA6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kpbYTmTVXsgSR2-4BvD-daCL-ys.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.mft Manifest number: 17A1 Signing time: Mon 29 Dec 2025 16:00:42 +0000 Manifest this update: Mon 29 Dec 2025 16:00:42 +0000 Manifest next update: Tue 30 Dec 2025 16:00:42 +0000 Files and hashes: 1: kpbYTmTVXsgSR2-4BvD-daCL-ys.crl (hash: +4tV4mrw2kYWhBL72wgUrjzSS0O9PzMXhKMeTICdUYE=) 2: r4bjJ2cCOInhIlG1f9hIdTm3g6M.roa (hash: aZToxg96BEY8Qvj4uVJxCXKyOgQmRt2zg6OKjNY/eQ0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.crl rsync://rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.mft rsync://rpki.ripe.net/repository/DEFAULT/kpbYTmTVXsgSR2-4BvD-daCL-ys.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 30 Dec 2025 15:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:6a:d7:24:c5:18:c6:11:a5:ba:be:c2:ef:2e:98:ca:a6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9296d84e64d55ec812476fb806f0fe75a08bfb2b Validity Not Before: Dec 29 16:00:42 2025 GMT Not After : Dec 30 16:00:42 2025 GMT Subject: CN=f458b2265339902dc236599af3399413629d4a91 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:bd:3a:8c:3f:f8:c8:7f:6b:de:ed:3a:a6:37: 73:8d:67:ee:3d:ee:95:f0:f3:72:c5:0a:74:94:b7: 0b:85:ce:86:a5:31:54:56:1f:36:31:aa:7a:30:c2: 65:79:e9:4a:9e:6f:6c:15:d2:51:b2:ac:30:04:f8: 2b:6e:10:bb:8f:0f:a8:1e:2b:f2:4d:e9:3c:d0:c3: 2e:e6:68:10:79:7d:8e:c4:7b:96:18:fb:70:ad:9c: f4:60:db:c4:2f:86:8e:00:47:a3:24:ba:87:43:40: 9b:a2:f4:03:f2:f0:0e:7a:81:7a:6e:8f:ac:54:e6: f4:29:19:77:cb:f4:1a:8d:c6:be:3a:9c:2c:f8:3f: e6:c7:cc:f7:a2:50:18:49:b9:05:2c:84:ad:62:ce: 80:1e:8c:8d:7b:f4:cb:93:58:b6:b0:f7:ad:c9:35: 4e:d8:16:9d:5d:a3:81:60:fe:65:2a:fc:55:ec:cb: 6f:b9:f0:f2:db:6a:74:ca:77:9e:33:08:7f:8f:9f: 98:57:c2:1b:db:91:ff:bb:7c:89:6a:1b:51:da:8f: 04:cb:90:30:bb:ba:4e:92:ec:7c:84:18:b6:61:a6: cb:5d:00:46:ad:7e:36:bc:90:b3:92:d9:a8:54:0d: f3:72:6d:81:5c:67:57:9d:54:5b:c1:7f:e5:dc:1c: ed:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F4:58:B2:26:53:39:90:2D:C2:36:59:9A:F3:39:94:13:62:9D:4A:91 X509v3 Authority Key Identifier: keyid:92:96:D8:4E:64:D5:5E:C8:12:47:6F:B8:06:F0:FE:75:A0:8B:FB:2B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kpbYTmTVXsgSR2-4BvD-daCL-ys.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/53/a54eb1-33de-401f-935a-f349284509b7/1/kpbYTmTVXsgSR2-4BvD-daCL-ys.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 4b:c9:9c:24:fd:09:dd:1d:ef:c5:88:03:29:9e:09:9e:e2:06: 98:32:4c:38:d6:7d:c4:a3:75:8a:df:3a:5a:78:b8:06:2a:63: fb:8d:47:90:e3:b8:7d:e2:82:94:df:52:c6:b1:03:16:54:01: 5a:38:1f:fb:96:4e:82:37:51:5b:73:37:65:84:a6:8f:11:31: 24:22:0a:b1:3b:0e:e7:73:7e:76:1c:1e:b6:39:d9:60:9e:6c: 01:83:e2:2e:8f:ca:84:63:00:37:a3:91:a4:f4:e8:19:3b:0c: d1:c2:44:72:15:cb:e0:fa:1b:65:89:69:3a:0c:17:e2:3f:4a: 03:f9:ab:e1:26:ab:57:7a:a9:33:4e:96:e8:92:f7:cc:55:c7: 66:19:10:71:0a:5f:c1:65:9b:ac:f2:5a:11:82:be:99:18:9e: d4:b8:a0:83:eb:c7:f9:7a:5b:5b:80:b8:cd:ab:79:64:b0:07: 19:ef:2e:9c:44:13:5d:d5:2e:3b:4c:af:1d:75:28:d4:6c:d8: eb:db:55:ac:b3:66:25:b1:f8:a0:2a:ff:07:d8:6b:a4:f0:8c: e4:f3:42:17:05:1d:11:c9:2c:e4:d7:56:df:23:ae:27:ef:4d: 61:ff:3c:48:d9:a6:c1:66:33:57:e6:82:18:35:84:25:ef:3d: 33:60:2f:e5 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtq1yTFGMYRpbq+wu8umMqmMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkyOTZkODRlNjRkNTVlYzgxMjQ3NmZiODA2ZjBmZTc1YTA4 YmZiMmIwHhcNMjUxMjI5MTYwMDQyWhcNMjUxMjMwMTYwMDQyWjAzMTEwLwYDVQQD EyhmNDU4YjIyNjUzMzk5MDJkYzIzNjU5OWFmMzM5OTQxMzYyOWQ0YTkxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyL06jD/4yH9r3u06pjdzjWfuPe6V 8PNyxQp0lLcLhc6GpTFUVh82Map6MMJleelKnm9sFdJRsqwwBPgrbhC7jw+oHivy Tek80MMu5mgQeX2OxHuWGPtwrZz0YNvEL4aOAEejJLqHQ0CbovQD8vAOeoF6bo+s VOb0KRl3y/Qajca+Opws+D/mx8z3olAYSbkFLIStYs6AHoyNe/TLk1i2sPetyTVO 2BadXaOBYP5lKvxV7MtvufDy22p0yneeMwh/j5+YV8Ib25H/u3yJahtR2o8Ey5Aw u7pOkux8hBi2YabLXQBGrX42vJCzktmoVA3zcm2BXGdXnVRbwX/l3BztDwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPRYsiZTOZAtwjZZmvM5lBNinUqRMB8GA1UdIwQY MBaAFJKW2E5k1V7IEkdvuAbw/nWgi/srMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva3BiWVRtVFZYc2dTUjItNEJ2RC1kYUNMLXlzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9hNTRlYjEtMzNkZS00MDFmLTkzNWEt ZjM0OTI4NDUwOWI3LzEva3BiWVRtVFZYc2dTUjItNEJ2RC1kYUNMLXlzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81My9hNTRlYjEtMzNkZS00MDFmLTkzNWEtZjM0OTI4NDUwOWI3 LzEva3BiWVRtVFZYc2dTUjItNEJ2RC1kYUNMLXlzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAS8mcJP0J 3R3vxYgDKZ4JnuIGmDJMONZ9xKN1it86Wni4Bipj+41HkOO4feKClN9SxrEDFlQB Wjgf+5ZOgjdRW3M3ZYSmjxExJCIKsTsO53N+dhwetjnZYJ5sAYPiLo/KhGMAN6OR pPToGTsM0cJEchXL4PobZYlpOgwX4j9KA/mr4SarV3qpM06W6JL3zFXHZhkQcQpf wWWbrPJaEYK+mRie1Ligg+vH+XpbW4C4zat5ZLAHGe8unEQTXdUuO0yvHXUo1GzY 69tVrLNmJbH4oCr/B9hrpPCM5PNCFwUdEcks5NdW3yOuJ+9NYf88SNmmwWYzV+aC GDWEJe89M2Av5Q== -----END CERTIFICATE-----Generated at Tue Dec 30 00:23:19 2025 by rpki-client