This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/67caee-4c11-4a6f-bf63-5518b0e86566/1/KpTH34VXtlNEfD4G-0s3LVEgoiI.mft File: KpTH34VXtlNEfD4G-0s3LVEgoiI.mft (raw, json) Hash identifier: I0wtB7TAX8AVeuDZwe6oljwuQ/ZxaaMUzcg1kPagpeo= Subject key identifier: 15:11:9C:87:4E:10:99:CA:B4:63:94:AF:10:07:24:3C:36:5C:F6:20 Authority key identifier: 2A:94:C7:DF:85:57:B6:53:44:7C:3E:06:FB:4B:37:2D:51:20:A2:22 Certificate issuer: /CN=2a94c7df8557b653447c3e06fb4b372d5120a222 Certificate serial: 019B3A221F3064D0E5B5681155828A4DFBEE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KpTH34VXtlNEfD4G-0s3LVEgoiI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/67caee-4c11-4a6f-bf63-5518b0e86566/1/KpTH34VXtlNEfD4G-0s3LVEgoiI.mft Manifest number: 1786 Signing time: Sat 20 Dec 2025 05:01:13 +0000 Manifest this update: Sat 20 Dec 2025 05:01:13 +0000 Manifest next update: Sun 21 Dec 2025 05:01:13 +0000 Files and hashes: 1: 7z2YGPcEqsEw9wB3cXl_nQ3NHO4.roa (hash: Bvn+rA+635xtyl4tft39rNzvvTGpmQ30acIvRfRFLQI=) 2: KpTH34VXtlNEfD4G-0s3LVEgoiI.crl (hash: dyz0lSyopVoqothJmHTYvFsVB5p2dP1h1GiUd+yz+tQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/67caee-4c11-4a6f-bf63-5518b0e86566/1/KpTH34VXtlNEfD4G-0s3LVEgoiI.crl rsync://rpki.ripe.net/repository/DEFAULT/58/67caee-4c11-4a6f-bf63-5518b0e86566/1/KpTH34VXtlNEfD4G-0s3LVEgoiI.mft rsync://rpki.ripe.net/repository/DEFAULT/KpTH34VXtlNEfD4G-0s3LVEgoiI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 01:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3a:22:1f:30:64:d0:e5:b5:68:11:55:82:8a:4d:fb:ee Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a94c7df8557b653447c3e06fb4b372d5120a222 Validity Not Before: Dec 20 05:01:13 2025 GMT Not After : Dec 21 05:01:13 2025 GMT Subject: CN=15119c874e1099cab46394af1007243c365cf620 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:4b:99:25:55:9f:6f:b0:0a:2f:d3:41:ea:ec: dc:ca:3d:72:bb:4b:ff:9f:f0:a0:d5:1f:6f:c4:5e: 48:bc:b2:f7:b9:3b:1c:b2:d3:44:0f:88:de:d4:3a: ae:78:1b:f5:8f:28:ec:9f:d7:92:30:4f:e7:01:26: f4:09:d7:85:51:1c:55:43:3a:d7:50:27:9c:a6:47: 1e:38:2e:20:04:20:de:2b:1e:4d:c4:bf:c1:66:0d: 36:4d:e0:16:6d:23:47:44:be:c7:bf:df:19:4b:03: 78:8b:d0:17:c4:be:c8:66:33:49:4e:76:30:da:0a: 19:d9:e1:7b:86:e1:a5:8e:3a:ad:ac:ca:d7:89:cf: a3:3f:d7:53:ae:22:96:0c:59:a9:b1:85:e9:02:3f: e9:2b:c6:c4:80:c9:2c:4e:f2:f8:72:33:9d:b4:79: 6e:11:f0:8c:fe:40:e1:cc:b7:f6:e4:cb:5e:31:13: de:64:1e:27:73:6e:33:0b:ba:d6:43:5d:bf:f7:e0: 41:c5:cd:eb:f0:4d:79:a6:a0:63:9e:4a:48:f8:e8: 34:31:28:f9:de:73:11:77:e1:83:24:1d:60:e9:eb: b5:61:d7:40:5d:b7:74:27:49:ef:42:a5:d7:ad:0d: b0:ea:56:dc:be:45:74:91:93:ff:ab:49:69:0d:b8: 94:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 15:11:9C:87:4E:10:99:CA:B4:63:94:AF:10:07:24:3C:36:5C:F6:20 X509v3 Authority Key Identifier: keyid:2A:94:C7:DF:85:57:B6:53:44:7C:3E:06:FB:4B:37:2D:51:20:A2:22 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KpTH34VXtlNEfD4G-0s3LVEgoiI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/67caee-4c11-4a6f-bf63-5518b0e86566/1/KpTH34VXtlNEfD4G-0s3LVEgoiI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/58/67caee-4c11-4a6f-bf63-5518b0e86566/1/KpTH34VXtlNEfD4G-0s3LVEgoiI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 2f:22:94:81:bf:90:02:c5:2b:b6:e4:37:b1:a7:e6:56:03:e8: 5b:c8:22:a1:06:95:fb:9d:3e:b9:71:bf:fe:57:22:ed:69:12: 65:3c:40:8b:fa:13:16:e1:3e:e8:60:0c:3e:8e:f3:8c:c7:2a: 2e:7e:0b:86:01:35:5a:3f:14:76:27:11:38:3a:b0:c3:3a:1b: f5:43:fa:79:d3:05:80:6f:37:3c:e6:4c:8e:e2:c9:31:a2:0d: 42:f9:d2:7f:d1:d0:1b:ed:f6:e2:b3:ca:c0:4e:59:c6:19:49: 9b:0e:37:75:66:c6:2b:06:e9:fc:80:83:32:04:a8:f6:7f:12: 19:e3:d2:87:20:be:7b:04:03:98:86:7b:5e:b1:2f:6b:00:cf: b0:49:da:a7:53:56:fa:50:97:e4:8c:f0:58:4c:59:57:51:f5: 30:d3:98:e0:68:4b:d8:f3:ea:cb:f0:5a:b4:b1:ef:8d:40:39: 58:e3:e9:e8:fc:98:99:6d:3f:83:38:21:2e:2d:d7:43:63:16: 29:f1:68:ec:eb:09:a4:35:8d:56:fc:01:1c:8a:5f:c4:5e:ea: 0d:12:3c:7b:f7:d6:aa:06:58:bf:e4:42:2b:ae:9f:d9:34:fd: 57:9c:c0:bd:1f:f9:65:de:f9:b3:69:4d:ea:24:0a:a8:79:33: e9:bf:35:96 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs6Ih8wZNDltWgRVYKKTfvuMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhOTRjN2RmODU1N2I2NTM0NDdjM2UwNmZiNGIzNzJkNTEy MGEyMjIwHhcNMjUxMjIwMDUwMTEzWhcNMjUxMjIxMDUwMTEzWjAzMTEwLwYDVQQD EygxNTExOWM4NzRlMTA5OWNhYjQ2Mzk0YWYxMDA3MjQzYzM2NWNmNjIwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl0uZJVWfb7AKL9NB6uzcyj1yu0v/ n/Cg1R9vxF5IvLL3uTscstNED4je1DqueBv1jyjsn9eSME/nASb0CdeFURxVQzrX UCecpkceOC4gBCDeKx5NxL/BZg02TeAWbSNHRL7Hv98ZSwN4i9AXxL7IZjNJTnYw 2goZ2eF7huGljjqtrMrXic+jP9dTriKWDFmpsYXpAj/pK8bEgMksTvL4cjOdtHlu EfCM/kDhzLf25MteMRPeZB4nc24zC7rWQ12/9+BBxc3r8E15pqBjnkpI+Og0MSj5 3nMRd+GDJB1g6eu1YddAXbd0J0nvQqXXrQ2w6lbcvkV0kZP/q0lpDbiU+QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBURnIdOEJnKtGOUrxAHJDw2XPYgMB8GA1UdIwQY MBaAFCqUx9+FV7ZTRHw+BvtLNy1RIKIiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS3BUSDM0Vlh0bE5FZkQ0Ry0wczNMVkVnb2lJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC82N2NhZWUtNGMxMS00YTZmLWJmNjMt NTUxOGIwZTg2NTY2LzEvS3BUSDM0Vlh0bE5FZkQ0Ry0wczNMVkVnb2lJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81OC82N2NhZWUtNGMxMS00YTZmLWJmNjMtNTUxOGIwZTg2NTY2 LzEvS3BUSDM0Vlh0bE5FZkQ0Ry0wczNMVkVnb2lJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEALyKUgb+Q AsUrtuQ3safmVgPoW8gioQaV+50+uXG//lci7WkSZTxAi/oTFuE+6GAMPo7zjMcq Ln4LhgE1Wj8UdicRODqwwzob9UP6edMFgG83POZMjuLJMaINQvnSf9HQG+324rPK wE5ZxhlJmw43dWbGKwbp/ICDMgSo9n8SGePShyC+ewQDmIZ7XrEvawDPsEnap1NW +lCX5IzwWExZV1H1MNOY4GhL2PPqy/BatLHvjUA5WOPp6PyYmW0/gzghLi3XQ2MW KfFo7OsJpDWNVvwBHIpfxF7qDRI8e/fWqgZYv+RCK66f2TT9V5zAvR/5Zd75s2lN 6iQKqHkz6b81lg== -----END CERTIFICATE-----Generated at Sat Dec 20 10:51:38 2025 by rpki-client