This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/b35c9a-8495-4169-8c50-3692f7841619/1/kNWCLTx7v3q1QE3aiP2dqSE43iE.mft File: kNWCLTx7v3q1QE3aiP2dqSE43iE.mft (raw, json) Hash identifier: 1w1H2RIqHis8KHXHDorvGdnse4Y/ykXMfCX7XPRNhfo= Subject key identifier: 83:7B:5C:5E:19:76:03:3B:03:0D:DE:9E:30:D2:DF:DC:83:F7:39:64 Authority key identifier: 90:D5:82:2D:3C:7B:BF:7A:B5:40:4D:DA:88:FD:9D:A9:21:38:DE:21 Certificate issuer: /CN=90d5822d3c7bbf7ab5404dda88fd9da92138de21 Certificate serial: 019B6D336E90A4913500F8365F605DB5E30B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kNWCLTx7v3q1QE3aiP2dqSE43iE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/b35c9a-8495-4169-8c50-3692f7841619/1/kNWCLTx7v3q1QE3aiP2dqSE43iE.mft Manifest number: 085E Signing time: Tue 30 Dec 2025 03:00:45 +0000 Manifest this update: Tue 30 Dec 2025 03:00:45 +0000 Manifest next update: Wed 31 Dec 2025 03:00:45 +0000 Files and hashes: 1: kNWCLTx7v3q1QE3aiP2dqSE43iE.crl (hash: ixeXHTFb4S0lim6ewx8X2rRcdaHKDmpIJXV2MtPD/MA=) 2: wd_UoJqlC6X8mKMfS7O-YEGVRuo.roa (hash: xFPdoUnkz2JIkzmQ5taq1hUGjTFKvPuKX93R37CXGQk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/b35c9a-8495-4169-8c50-3692f7841619/1/kNWCLTx7v3q1QE3aiP2dqSE43iE.crl rsync://rpki.ripe.net/repository/DEFAULT/aa/b35c9a-8495-4169-8c50-3692f7841619/1/kNWCLTx7v3q1QE3aiP2dqSE43iE.mft rsync://rpki.ripe.net/repository/DEFAULT/kNWCLTx7v3q1QE3aiP2dqSE43iE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 31 Dec 2025 03:00:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:6d:33:6e:90:a4:91:35:00:f8:36:5f:60:5d:b5:e3:0b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=90d5822d3c7bbf7ab5404dda88fd9da92138de21 Validity Not Before: Dec 30 03:00:45 2025 GMT Not After : Dec 31 03:00:45 2025 GMT Subject: CN=837b5c5e1976033b030dde9e30d2dfdc83f73964 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:f0:f6:1c:46:5d:d0:a9:82:c2:0e:3b:5f:73: c8:f6:e3:78:bd:58:d8:f3:0d:1f:68:21:26:38:d0: 27:c0:70:11:73:23:19:fb:b9:f8:8d:a2:0a:26:37: c0:9f:6d:0a:b7:92:3a:42:32:a5:02:c0:72:86:07: cb:8d:4b:11:d5:8f:7c:e9:73:c7:9b:4e:e6:66:1a: ec:72:73:d8:34:33:b5:a6:e2:16:78:a1:7e:ca:5d: 61:96:be:9c:57:85:b4:b3:28:85:d9:74:07:25:52: 27:1a:b6:68:4c:32:52:c3:17:f2:41:fe:06:1b:3a: 90:1d:23:3b:e5:83:c6:3f:cf:6d:8d:8e:11:9d:b1: aa:b0:73:f0:d2:69:b1:df:ee:05:e4:e6:46:da:4c: 23:b7:47:17:c9:cf:07:20:ad:c3:3a:8c:1a:18:ce: 70:7d:d4:41:88:21:70:84:d8:ec:c4:91:d0:fe:c5: 30:81:9d:73:41:72:c1:18:80:d7:14:b5:81:91:31: a1:b3:ff:41:47:cd:91:08:6d:60:c0:23:31:01:55: e0:3d:ce:64:86:27:13:73:c9:ba:b2:a1:08:f1:e7: 65:61:43:2c:50:ba:cc:e2:83:54:62:84:80:79:66: 61:e2:f0:78:c5:60:31:99:30:03:9a:cf:a8:43:85: 61:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 83:7B:5C:5E:19:76:03:3B:03:0D:DE:9E:30:D2:DF:DC:83:F7:39:64 X509v3 Authority Key Identifier: keyid:90:D5:82:2D:3C:7B:BF:7A:B5:40:4D:DA:88:FD:9D:A9:21:38:DE:21 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kNWCLTx7v3q1QE3aiP2dqSE43iE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/b35c9a-8495-4169-8c50-3692f7841619/1/kNWCLTx7v3q1QE3aiP2dqSE43iE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/b35c9a-8495-4169-8c50-3692f7841619/1/kNWCLTx7v3q1QE3aiP2dqSE43iE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 06:cd:b9:66:d3:bb:e3:ca:4b:86:97:b8:43:a4:23:b5:27:f4: 15:0e:0c:3f:79:40:e5:e0:cb:c7:fa:e3:0f:ac:10:1a:52:88: d2:8b:2f:71:8b:9d:9d:37:01:77:4d:15:5c:eb:c3:4f:81:9a: bb:56:af:93:07:99:6d:d1:d0:90:22:47:66:ea:7e:81:6b:99: 6f:89:37:e4:3a:65:18:e7:60:65:89:8a:e0:a5:e2:52:a0:8b: 1f:cb:05:e6:3c:13:bb:a2:39:a3:95:d4:f4:ae:38:d9:14:41: 3a:89:e0:27:be:50:11:99:a8:f3:a1:2e:95:b7:43:6b:ef:d8: bd:20:fd:c5:63:37:b1:77:6b:a2:3b:08:09:74:17:28:3d:0f: f9:9e:2f:b8:08:5a:82:16:3e:a3:d5:a8:93:0a:77:13:9f:d9: b4:8b:46:78:a2:f6:bc:73:2f:a9:13:e7:7a:47:4f:a7:de:4d: 2e:0e:b0:d0:f4:b8:51:35:fd:6f:bd:17:f1:1b:c3:37:99:ec: d2:24:b7:af:5d:ea:a4:ee:82:70:d0:90:c0:73:87:41:90:79: 00:bc:09:ea:2e:14:9f:29:24:e8:ce:d1:65:80:06:ba:a9:86: 4a:ba:af:8f:20:36:81:18:f6:fd:11:8e:2a:d1:f8:a3:c8:83: 1e:8e:3a:60 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZttM26QpJE1APg2X2BdteMLMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkwZDU4MjJkM2M3YmJmN2FiNTQwNGRkYTg4ZmQ5ZGE5MjEz OGRlMjEwHhcNMjUxMjMwMDMwMDQ1WhcNMjUxMjMxMDMwMDQ1WjAzMTEwLwYDVQQD Eyg4MzdiNWM1ZTE5NzYwMzNiMDMwZGRlOWUzMGQyZGZkYzgzZjczOTY0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsPD2HEZd0KmCwg47X3PI9uN4vVjY 8w0faCEmONAnwHARcyMZ+7n4jaIKJjfAn20Kt5I6QjKlAsByhgfLjUsR1Y986XPH m07mZhrscnPYNDO1puIWeKF+yl1hlr6cV4W0syiF2XQHJVInGrZoTDJSwxfyQf4G GzqQHSM75YPGP89tjY4RnbGqsHPw0mmx3+4F5OZG2kwjt0cXyc8HIK3DOowaGM5w fdRBiCFwhNjsxJHQ/sUwgZ1zQXLBGIDXFLWBkTGhs/9BR82RCG1gwCMxAVXgPc5k hicTc8m6sqEI8edlYUMsULrM4oNUYoSAeWZh4vB4xWAxmTADms+oQ4Vh3QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIN7XF4ZdgM7Aw3enjDS39yD9zlkMB8GA1UdIwQY MBaAFJDVgi08e796tUBN2oj9nakhON4hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva05XQ0xUeDd2M3ExUUUzYWlQMmRxU0U0M2lFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9iMzVjOWEtODQ5NS00MTY5LThjNTAt MzY5MmY3ODQxNjE5LzEva05XQ0xUeDd2M3ExUUUzYWlQMmRxU0U0M2lFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hYS9iMzVjOWEtODQ5NS00MTY5LThjNTAtMzY5MmY3ODQxNjE5 LzEva05XQ0xUeDd2M3ExUUUzYWlQMmRxU0U0M2lFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABs25ZtO7 48pLhpe4Q6QjtSf0FQ4MP3lA5eDLx/rjD6wQGlKI0osvcYudnTcBd00VXOvDT4Ga u1avkweZbdHQkCJHZup+gWuZb4k35DplGOdgZYmK4KXiUqCLH8sF5jwTu6I5o5XU 9K442RRBOongJ75QEZmo86EulbdDa+/YvSD9xWM3sXdrojsICXQXKD0P+Z4vuAha ghY+o9Wokwp3E5/ZtItGeKL2vHMvqRPnekdPp95NLg6w0PS4UTX9b70X8RvDN5ns 0iS3r13qpO6CcNCQwHOHQZB5ALwJ6i4Unykk6M7RZYAGuqmGSrqvjyA2gRj2/RGO KtH4o8iDHo46YA== -----END CERTIFICATE-----Generated at Tue Dec 30 12:31:27 2025 by rpki-client