This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/a264a8-a666-4c87-851c-ada24ef310ca/1/rKKhlS5xiUSkBDSg6-__2iv-7V8.mft File: rKKhlS5xiUSkBDSg6-__2iv-7V8.mft (raw, json) Hash identifier: hNBC7RM7+dvQxecEFDtzjA7HJJKQOT2YbIj59Ocw0ts= Subject key identifier: 96:6A:DD:9D:0A:96:09:00:1F:09:B8:97:41:26:1D:C3:9B:08:B5:74 Authority key identifier: AC:A2:A1:95:2E:71:89:44:A4:04:34:A0:EB:EF:FF:DA:2B:FE:ED:5F Certificate issuer: /CN=aca2a1952e718944a40434a0ebefffda2bfeed5f Certificate serial: 019B50E088E263D1B6F86F4C437B2CEAAB9B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rKKhlS5xiUSkBDSg6-__2iv-7V8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/a264a8-a666-4c87-851c-ada24ef310ca/1/rKKhlS5xiUSkBDSg6-__2iv-7V8.mft Manifest number: 144F Signing time: Wed 24 Dec 2025 15:00:50 +0000 Manifest this update: Wed 24 Dec 2025 15:00:50 +0000 Manifest next update: Thu 25 Dec 2025 15:00:50 +0000 Files and hashes: 1: mN-Gq3CnQOseJQb6vbylzDVdWSg.roa (hash: fOE9ILnEXk1PyxS5P7XqjGQMPFnkivt3IHprv8lvkaM=) 2: rKKhlS5xiUSkBDSg6-__2iv-7V8.crl (hash: mKHynY+w32WdWqA/mxQ+X2T+j1dhnRkLfmy4jaKLx6o=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/a264a8-a666-4c87-851c-ada24ef310ca/1/rKKhlS5xiUSkBDSg6-__2iv-7V8.crl rsync://rpki.ripe.net/repository/DEFAULT/68/a264a8-a666-4c87-851c-ada24ef310ca/1/rKKhlS5xiUSkBDSg6-__2iv-7V8.mft rsync://rpki.ripe.net/repository/DEFAULT/rKKhlS5xiUSkBDSg6-__2iv-7V8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 09:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:50:e0:88:e2:63:d1:b6:f8:6f:4c:43:7b:2c:ea:ab:9b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=aca2a1952e718944a40434a0ebefffda2bfeed5f Validity Not Before: Dec 24 15:00:50 2025 GMT Not After : Dec 25 15:00:50 2025 GMT Subject: CN=966add9d0a9609001f09b89741261dc39b08b574 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:ec:8f:f4:aa:ea:a2:6b:1e:aa:7b:60:a7:57: 70:c5:b4:67:97:f9:e1:23:c8:06:97:0a:e4:19:3b: c4:34:4b:bf:55:14:6f:1d:ff:12:6d:f0:ee:a9:8e: 3d:0f:19:9d:4c:f0:5c:a5:3f:d0:63:2c:ad:3a:cc: 65:14:e9:5c:9a:16:0b:99:b0:c6:f9:80:b6:fd:3d: 15:81:17:11:8b:66:1d:38:6a:52:04:12:e7:b8:3a: cd:49:af:7a:90:d9:0f:a6:85:c9:b5:4d:11:1b:68: f2:ae:d6:d4:2f:78:b0:b7:ef:17:6c:83:d1:c2:7f: a6:c5:cb:43:13:cc:1b:bb:c4:4a:06:96:0a:cb:cf: 54:04:ab:8f:7d:bc:4f:94:94:04:33:91:14:33:06: ee:9f:70:7b:f2:12:f0:aa:b2:ad:6b:25:71:7e:95: 0e:3d:4a:eb:91:60:34:a9:ce:25:05:6e:7a:64:00: 31:10:e8:97:be:ff:62:cd:5c:70:0d:04:34:97:71: 05:fd:eb:ed:27:6d:69:a4:31:0d:9f:21:b3:25:96: 8a:6c:6c:3f:b6:03:a9:d7:cd:d7:92:fa:62:f5:53: 7d:f3:e1:b2:9c:a6:d4:49:20:b0:8c:09:a3:05:3d: b2:62:71:fb:45:75:a4:cc:82:06:0a:86:08:fe:5e: ed:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 96:6A:DD:9D:0A:96:09:00:1F:09:B8:97:41:26:1D:C3:9B:08:B5:74 X509v3 Authority Key Identifier: keyid:AC:A2:A1:95:2E:71:89:44:A4:04:34:A0:EB:EF:FF:DA:2B:FE:ED:5F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rKKhlS5xiUSkBDSg6-__2iv-7V8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/a264a8-a666-4c87-851c-ada24ef310ca/1/rKKhlS5xiUSkBDSg6-__2iv-7V8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/68/a264a8-a666-4c87-851c-ada24ef310ca/1/rKKhlS5xiUSkBDSg6-__2iv-7V8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption af:69:88:2b:5c:61:a1:46:8c:68:53:85:66:c4:54:1d:dc:a4: ba:34:92:bf:57:b2:f1:d0:d3:bb:15:5a:91:9e:eb:c3:5e:0d: 0a:41:ae:13:c6:b5:68:e2:7f:eb:20:dd:ba:8c:1c:a2:f3:09: 6e:a8:53:79:3d:b9:ab:2e:75:7e:61:35:81:37:70:e2:d5:a4: 09:bb:63:ef:a6:8a:cd:74:60:af:71:ea:eb:8c:1f:f4:f0:18: 18:b8:ec:d4:fb:a6:dd:5e:96:0e:99:85:13:53:09:5e:74:8c: 42:e6:64:32:14:fc:c3:cb:c4:51:50:12:64:7f:7e:f8:7c:81: 07:b3:f7:57:68:71:ed:b4:3c:25:6b:fa:6a:2f:71:97:89:41: 2f:38:0b:5e:71:5e:83:a1:28:19:93:3c:e3:5b:59:9f:30:89: 4f:41:60:59:dd:3c:06:ed:ce:2e:cc:45:5f:ad:21:c2:a5:7d: 04:b8:df:27:16:1e:2e:d6:37:e9:6d:95:e9:68:d2:4c:80:44: 7a:5d:7c:d0:b8:88:5f:0a:41:74:14:8a:72:26:d7:61:98:c0: 9e:72:39:e0:ec:7b:4b:cc:97:d4:bf:c5:ca:19:c5:68:3b:88: 8c:77:6d:f0:bc:eb:e5:28:d6:da:81:e0:ee:c6:94:5c:71:d1: 1f:91:5e:ab -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtQ4IjiY9G2+G9MQ3ss6qubMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFjYTJhMTk1MmU3MTg5NDRhNDA0MzRhMGViZWZmZmRhMmJm ZWVkNWYwHhcNMjUxMjI0MTUwMDUwWhcNMjUxMjI1MTUwMDUwWjAzMTEwLwYDVQQD Eyg5NjZhZGQ5ZDBhOTYwOTAwMWYwOWI4OTc0MTI2MWRjMzliMDhiNTc0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAleyP9Krqomseqntgp1dwxbRnl/nh I8gGlwrkGTvENEu/VRRvHf8SbfDuqY49DxmdTPBcpT/QYyytOsxlFOlcmhYLmbDG +YC2/T0VgRcRi2YdOGpSBBLnuDrNSa96kNkPpoXJtU0RG2jyrtbUL3iwt+8XbIPR wn+mxctDE8wbu8RKBpYKy89UBKuPfbxPlJQEM5EUMwbun3B78hLwqrKtayVxfpUO PUrrkWA0qc4lBW56ZAAxEOiXvv9izVxwDQQ0l3EF/evtJ21ppDENnyGzJZaKbGw/ tgOp183Xkvpi9VN98+GynKbUSSCwjAmjBT2yYnH7RXWkzIIGCoYI/l7thQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJZq3Z0KlgkAHwm4l0EmHcObCLV0MB8GA1UdIwQY MBaAFKyioZUucYlEpAQ0oOvv/9or/u1fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcktLaGxTNXhpVVNrQkRTZzYtX18yaXYtN1Y4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC9hMjY0YTgtYTY2Ni00Yzg3LTg1MWMt YWRhMjRlZjMxMGNhLzEvcktLaGxTNXhpVVNrQkRTZzYtX18yaXYtN1Y4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82OC9hMjY0YTgtYTY2Ni00Yzg3LTg1MWMtYWRhMjRlZjMxMGNh LzEvcktLaGxTNXhpVVNrQkRTZzYtX18yaXYtN1Y4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAr2mIK1xh oUaMaFOFZsRUHdykujSSv1ey8dDTuxVakZ7rw14NCkGuE8a1aOJ/6yDduowcovMJ bqhTeT25qy51fmE1gTdw4tWkCbtj76aKzXRgr3Hq64wf9PAYGLjs1Pum3V6WDpmF E1MJXnSMQuZkMhT8w8vEUVASZH9++HyBB7P3V2hx7bQ8JWv6ai9xl4lBLzgLXnFe g6EoGZM841tZnzCJT0FgWd08Bu3OLsxFX60hwqV9BLjfJxYeLtY36W2V6WjSTIBE el180LiIXwpBdBSKcibXYZjAnnI54Ox7S8yX1L/FyhnFaDuIjHdt8Lzr5SjW2oHg 7saUXHHRH5Feqw== -----END CERTIFICATE-----Generated at Wed Dec 24 18:27:08 2025 by rpki-client