This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/b08e6e-0822-4224-954b-a6b1ad34e08c/1/kdfs8XFCs7CTX443uPfZwlPw7hk.mft File: kdfs8XFCs7CTX443uPfZwlPw7hk.mft (raw, json) Hash identifier: P3oMcuuePGXO7WKfumKBZPisnIoSopkyt3FjsooY20E= Subject key identifier: 93:E6:B0:F3:B6:80:3C:6E:84:22:21:A5:AC:E9:C2:29:96:07:71:7D Authority key identifier: 91:D7:EC:F1:71:42:B3:B0:93:5F:8E:37:B8:F7:D9:C2:53:F0:EE:19 Certificate issuer: /CN=91d7ecf17142b3b0935f8e37b8f7d9c253f0ee19 Certificate serial: 019B3D22F8F75D9F3B65393A91E00C72728E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kdfs8XFCs7CTX443uPfZwlPw7hk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/b08e6e-0822-4224-954b-a6b1ad34e08c/1/kdfs8XFCs7CTX443uPfZwlPw7hk.mft Manifest number: 178D Signing time: Sat 20 Dec 2025 19:01:00 +0000 Manifest this update: Sat 20 Dec 2025 19:01:00 +0000 Manifest next update: Sun 21 Dec 2025 19:01:00 +0000 Files and hashes: 1: kdfs8XFCs7CTX443uPfZwlPw7hk.crl (hash: szI6wqqGtk1KCQY5BqAnwHRTlHm4ZIkt+s0l7HRje74=) 2: yaNI0_QU-og_a5wIKL7nblpP3wo.roa (hash: mocSKnatPWu2K5HO5VSBkHGD9dsGk50fbeHRajNzTSQ=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/b08e6e-0822-4224-954b-a6b1ad34e08c/1/kdfs8XFCs7CTX443uPfZwlPw7hk.crl rsync://rpki.ripe.net/repository/DEFAULT/b6/b08e6e-0822-4224-954b-a6b1ad34e08c/1/kdfs8XFCs7CTX443uPfZwlPw7hk.mft rsync://rpki.ripe.net/repository/DEFAULT/kdfs8XFCs7CTX443uPfZwlPw7hk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 15:46:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3d:22:f8:f7:5d:9f:3b:65:39:3a:91:e0:0c:72:72:8e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=91d7ecf17142b3b0935f8e37b8f7d9c253f0ee19 Validity Not Before: Dec 20 19:01:00 2025 GMT Not After : Dec 21 19:01:00 2025 GMT Subject: CN=93e6b0f3b6803c6e842221a5ace9c2299607717d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:3c:3c:1d:b6:c6:16:00:21:37:17:52:e2:7b: 03:a8:50:73:f3:5f:42:f9:5e:dc:48:af:4b:96:ec: ce:4b:0f:9d:45:57:be:0a:e2:8c:74:08:75:55:40: a4:41:1e:8d:46:0e:c4:d9:4f:57:1f:b2:69:57:00: 01:04:76:7f:78:f8:ee:25:b3:10:1e:22:7e:67:fc: 56:36:21:7a:94:00:8a:35:e5:92:65:3b:a3:8d:3b: 64:c8:0f:ef:28:0c:c2:27:b7:a2:0c:c0:a8:18:d4: 12:6a:4c:0a:6b:cc:6b:33:89:8d:0c:b4:f2:36:a7: 3f:53:fc:6d:78:aa:6b:12:54:9e:ac:05:98:35:76: da:02:3b:d9:26:f6:c1:fc:ad:db:fe:04:ea:4d:fd: 14:e1:f8:12:32:8f:0e:c5:f9:6e:1f:51:15:6b:4f: cf:40:58:2c:4c:13:d5:f8:d8:9f:08:ef:6d:33:6d: e7:ea:96:17:a2:b5:db:a5:61:c1:9b:e8:4f:3d:84: 0c:4a:4a:1d:d6:85:f6:19:f6:84:e9:0a:35:28:1a: 76:5c:01:8c:74:61:8a:e1:26:dc:40:a3:a6:4c:d2: 60:ca:54:e0:d5:67:ee:09:f8:a5:88:d0:0c:a5:c5: a1:54:c9:0d:e0:48:79:87:d0:a8:b1:92:af:4b:bc: d3:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 93:E6:B0:F3:B6:80:3C:6E:84:22:21:A5:AC:E9:C2:29:96:07:71:7D X509v3 Authority Key Identifier: keyid:91:D7:EC:F1:71:42:B3:B0:93:5F:8E:37:B8:F7:D9:C2:53:F0:EE:19 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kdfs8XFCs7CTX443uPfZwlPw7hk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/b08e6e-0822-4224-954b-a6b1ad34e08c/1/kdfs8XFCs7CTX443uPfZwlPw7hk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/b08e6e-0822-4224-954b-a6b1ad34e08c/1/kdfs8XFCs7CTX443uPfZwlPw7hk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 11:10:3e:5c:c4:58:1d:b2:c9:bf:e0:7d:e3:0e:27:70:d8:52: 32:c2:5d:15:e0:5a:a0:62:ff:6a:dc:05:b7:de:93:8b:92:cd: 41:b3:0e:2a:e1:6b:9d:58:49:fc:fa:ee:1b:5f:5a:9d:d2:43: 5b:52:37:66:9a:3d:4d:03:3b:73:70:99:53:9b:7e:7d:37:11: 7a:63:c7:23:ee:0f:41:78:04:f6:c8:6c:2f:41:4b:ff:4d:ff: c1:15:e0:2e:45:09:84:e9:e0:26:47:b9:71:cf:57:45:47:16: 4e:96:3d:ac:4d:02:ff:76:ee:99:22:0c:73:80:5a:df:2a:22: ba:5b:c9:e6:26:e4:42:11:3a:a7:d6:7f:a3:47:1f:6d:1f:df: d2:6e:55:ad:51:f5:b3:f7:3f:72:25:7f:cf:50:55:08:91:63: 04:a4:d9:47:49:d9:36:43:fd:33:f6:dd:2b:29:14:6d:9a:8a: 31:e3:d2:f1:03:39:22:fb:95:bd:f7:47:8d:0e:0d:9f:69:b0: 72:df:25:0b:0b:18:83:9a:25:3e:6f:d6:f1:fc:b9:dc:f2:c4: 1a:00:01:b5:eb:49:6e:71:fc:3b:b5:19:2b:98:e4:3b:b9:3f: 84:c0:c2:fe:72:be:35:87:d1:32:1d:31:d0:7c:77:ab:4d:87: 93:1d:cf:e4 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs9Ivj3XZ87ZTk6keAMcnKOMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkxZDdlY2YxNzE0MmIzYjA5MzVmOGUzN2I4ZjdkOWMyNTNm MGVlMTkwHhcNMjUxMjIwMTkwMTAwWhcNMjUxMjIxMTkwMTAwWjAzMTEwLwYDVQQD Eyg5M2U2YjBmM2I2ODAzYzZlODQyMjIxYTVhY2U5YzIyOTk2MDc3MTdkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsTw8HbbGFgAhNxdS4nsDqFBz819C +V7cSK9LluzOSw+dRVe+CuKMdAh1VUCkQR6NRg7E2U9XH7JpVwABBHZ/ePjuJbMQ HiJ+Z/xWNiF6lACKNeWSZTujjTtkyA/vKAzCJ7eiDMCoGNQSakwKa8xrM4mNDLTy Nqc/U/xteKprElSerAWYNXbaAjvZJvbB/K3b/gTqTf0U4fgSMo8OxfluH1EVa0/P QFgsTBPV+NifCO9tM23n6pYXorXbpWHBm+hPPYQMSkod1oX2GfaE6Qo1KBp2XAGM dGGK4SbcQKOmTNJgylTg1WfuCfiliNAMpcWhVMkN4Eh5h9CosZKvS7zTkwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJPmsPO2gDxuhCIhpazpwimWB3F9MB8GA1UdIwQY MBaAFJHX7PFxQrOwk1+ON7j32cJT8O4ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva2RmczhYRkNzN0NUWDQ0M3VQZlp3bFB3N2hrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9iMDhlNmUtMDgyMi00MjI0LTk1NGIt YTZiMWFkMzRlMDhjLzEva2RmczhYRkNzN0NUWDQ0M3VQZlp3bFB3N2hrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNi9iMDhlNmUtMDgyMi00MjI0LTk1NGItYTZiMWFkMzRlMDhj LzEva2RmczhYRkNzN0NUWDQ0M3VQZlp3bFB3N2hrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAERA+XMRY HbLJv+B94w4ncNhSMsJdFeBaoGL/atwFt96Ti5LNQbMOKuFrnVhJ/PruG19andJD W1I3Zpo9TQM7c3CZU5t+fTcRemPHI+4PQXgE9shsL0FL/03/wRXgLkUJhOngJke5 cc9XRUcWTpY9rE0C/3bumSIMc4Ba3yoiulvJ5ibkQhE6p9Z/o0cfbR/f0m5VrVH1 s/c/ciV/z1BVCJFjBKTZR0nZNkP9M/bdKykUbZqKMePS8QM5IvuVvfdHjQ4Nn2mw ct8lCwsYg5olPm/W8fy53PLEGgABtetJbnH8O7UZK5jkO7k/hMDC/nK+NYfRMh0x 0Hx3q02Hkx3P5A== -----END CERTIFICATE-----Generated at Sat Dec 20 20:24:45 2025 by rpki-client