This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/6e40ee-7935-41a9-8ee7-f9a69449d5fa/1/KMvNlssXsh1iT9IXD9DXCBY68j0.mft File: KMvNlssXsh1iT9IXD9DXCBY68j0.mft (raw, json) Hash identifier: Lzg6/PQtU9ENnBfegnuVeBu64nFsIEo2uoQ94VjSz7M= Subject key identifier: CD:E6:5B:13:E8:06:95:70:55:C4:BE:62:35:11:F8:B2:8B:2A:CA:1A Authority key identifier: 28:CB:CD:96:CB:17:B2:1D:62:4F:D2:17:0F:D0:D7:08:16:3A:F2:3D Certificate issuer: /CN=28cbcd96cb17b21d624fd2170fd0d708163af23d Certificate serial: 019B424A1258E0E436886203CFF5F96A198B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KMvNlssXsh1iT9IXD9DXCBY68j0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/6e40ee-7935-41a9-8ee7-f9a69449d5fa/1/KMvNlssXsh1iT9IXD9DXCBY68j0.mft Manifest number: 10B3 Signing time: Sun 21 Dec 2025 19:01:49 +0000 Manifest this update: Sun 21 Dec 2025 19:01:49 +0000 Manifest next update: Mon 22 Dec 2025 19:01:49 +0000 Files and hashes: 1: KMvNlssXsh1iT9IXD9DXCBY68j0.crl (hash: Na9bzM6Ga4a68J1bHrjRTJHBNqUe67o6SZwF1O2y91g=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b8/6e40ee-7935-41a9-8ee7-f9a69449d5fa/1/KMvNlssXsh1iT9IXD9DXCBY68j0.crl rsync://rpki.ripe.net/repository/DEFAULT/b8/6e40ee-7935-41a9-8ee7-f9a69449d5fa/1/KMvNlssXsh1iT9IXD9DXCBY68j0.mft rsync://rpki.ripe.net/repository/DEFAULT/KMvNlssXsh1iT9IXD9DXCBY68j0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 13:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:42:4a:12:58:e0:e4:36:88:62:03:cf:f5:f9:6a:19:8b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=28cbcd96cb17b21d624fd2170fd0d708163af23d Validity Not Before: Dec 21 19:01:49 2025 GMT Not After : Dec 22 19:01:49 2025 GMT Subject: CN=cde65b13e806957055c4be623511f8b28b2aca1a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:b6:2c:6b:0a:2f:be:13:7f:15:27:b6:04:3c: 58:5c:8a:71:5f:0d:98:b0:40:e2:48:4d:9b:e0:f7: 22:7e:57:eb:7e:f4:58:8f:26:08:e8:19:9f:87:42: 99:d5:5f:2b:96:28:a0:7b:83:64:36:af:5e:9f:1d: dc:ca:f7:a4:c3:6e:18:44:9c:7b:f1:32:82:ea:fb: 25:24:16:49:0d:60:ee:07:5e:56:d6:55:57:2b:df: 3c:3a:62:36:18:7c:fa:88:b4:ff:75:cc:ce:79:1f: 45:a5:6c:e0:9b:1e:89:e0:96:04:2c:0c:eb:6f:c1: 1a:da:7d:ad:8f:47:0a:a7:08:fb:85:c4:78:55:ec: 86:17:93:6e:65:48:85:06:f5:3c:c6:87:2f:23:65: e0:e8:72:11:84:e5:07:1e:cf:9d:f1:32:41:2d:53: 52:a6:41:4e:0f:3d:f7:39:c7:45:35:7e:37:ff:ff: 6e:f7:15:19:32:36:dd:5f:60:f0:2d:d1:46:0e:a9: a6:c5:d0:48:ca:42:2c:0a:e0:69:42:cb:0c:ad:3f: 8f:0b:e7:fc:44:a7:c4:b9:83:ae:22:08:49:e2:7b: 8e:36:f1:b7:dc:32:3e:fb:c7:3a:6e:11:ea:32:29: 83:83:2d:0a:d2:ba:63:8b:0c:83:63:37:62:79:4c: c5:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:E6:5B:13:E8:06:95:70:55:C4:BE:62:35:11:F8:B2:8B:2A:CA:1A X509v3 Authority Key Identifier: keyid:28:CB:CD:96:CB:17:B2:1D:62:4F:D2:17:0F:D0:D7:08:16:3A:F2:3D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KMvNlssXsh1iT9IXD9DXCBY68j0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6e40ee-7935-41a9-8ee7-f9a69449d5fa/1/KMvNlssXsh1iT9IXD9DXCBY68j0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6e40ee-7935-41a9-8ee7-f9a69449d5fa/1/KMvNlssXsh1iT9IXD9DXCBY68j0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 01:13:dc:de:22:01:90:60:20:6b:a4:ab:53:21:6c:e1:14:7f: 13:a9:dd:0a:92:71:0f:77:50:f0:c1:aa:20:8f:85:73:70:2a: b4:6c:25:84:27:00:93:e3:c0:b9:b4:af:a1:7e:23:ab:94:38: 15:1b:e6:56:07:75:7e:06:6f:67:61:63:50:32:92:54:bb:89: 1f:0c:31:0a:7b:7c:aa:52:0a:a0:13:b8:63:ea:b5:fa:db:4b: 6f:f3:25:e4:cc:32:b2:6f:0e:46:3d:bb:13:cd:8c:5f:9e:9c: fc:5d:ec:65:e4:25:74:cd:46:bd:45:f5:c2:d3:cd:73:53:82: d6:d3:5c:25:69:9a:f9:37:73:b4:46:68:58:37:cf:b4:16:b4: b5:ba:33:30:60:7a:f5:8b:95:c3:99:58:87:f4:c7:58:2c:a3: b4:a5:e3:33:af:8a:18:cd:ba:c4:f7:99:69:df:aa:25:0c:f7: f4:0f:a1:a0:db:8c:c4:a0:1e:a2:80:d4:1c:9b:5b:8a:e7:d5: c3:ce:79:55:d3:51:db:5e:ee:fc:2b:e2:b6:db:fe:04:47:11: 12:34:72:4d:6c:cd:00:d8:5e:80:87:8b:fa:31:c3:f5:0e:03: 2a:da:d7:4f:bf:92:45:b2:2f:af:f0:e3:68:27:54:35:0b:96: 04:ab:86:d4 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtCShJY4OQ2iGIDz/X5ahmLMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI4Y2JjZDk2Y2IxN2IyMWQ2MjRmZDIxNzBmZDBkNzA4MTYz YWYyM2QwHhcNMjUxMjIxMTkwMTQ5WhcNMjUxMjIyMTkwMTQ5WjAzMTEwLwYDVQQD EyhjZGU2NWIxM2U4MDY5NTcwNTVjNGJlNjIzNTExZjhiMjhiMmFjYTFhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0LYsawovvhN/FSe2BDxYXIpxXw2Y sEDiSE2b4PciflfrfvRYjyYI6Bmfh0KZ1V8rliige4NkNq9enx3cyvekw24YRJx7 8TKC6vslJBZJDWDuB15W1lVXK988OmI2GHz6iLT/dczOeR9FpWzgmx6J4JYELAzr b8Ea2n2tj0cKpwj7hcR4VeyGF5NuZUiFBvU8xocvI2Xg6HIRhOUHHs+d8TJBLVNS pkFODz33OcdFNX43//9u9xUZMjbdX2DwLdFGDqmmxdBIykIsCuBpQssMrT+PC+f8 RKfEuYOuIghJ4nuONvG33DI++8c6bhHqMimDgy0K0rpjiwyDYzdieUzFdQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFM3mWxPoBpVwVcS+YjUR+LKLKsoaMB8GA1UdIwQY MBaAFCjLzZbLF7IdYk/SFw/Q1wgWOvI9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS012Tmxzc1hzaDFpVDlJWEQ5RFhDQlk2OGowLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC82ZTQwZWUtNzkzNS00MWE5LThlZTct ZjlhNjk0NDlkNWZhLzEvS012Tmxzc1hzaDFpVDlJWEQ5RFhDQlk2OGowLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iOC82ZTQwZWUtNzkzNS00MWE5LThlZTctZjlhNjk0NDlkNWZh LzEvS012Tmxzc1hzaDFpVDlJWEQ5RFhDQlk2OGowLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAARPc3iIB kGAga6SrUyFs4RR/E6ndCpJxD3dQ8MGqII+Fc3AqtGwlhCcAk+PAubSvoX4jq5Q4 FRvmVgd1fgZvZ2FjUDKSVLuJHwwxCnt8qlIKoBO4Y+q1+ttLb/Ml5Mwysm8ORj27 E82MX56c/F3sZeQldM1GvUX1wtPNc1OC1tNcJWma+TdztEZoWDfPtBa0tbozMGB6 9YuVw5lYh/THWCyjtKXjM6+KGM26xPeZad+qJQz39A+hoNuMxKAeooDUHJtbiufV w855VdNR217u/Cvittv+BEcREjRyTWzNANhegIeL+jHD9Q4DKtrXT7+SRbIvr/Dj aCdUNQuWBKuG1A== -----END CERTIFICATE-----Generated at Sun Dec 21 22:47:35 2025 by rpki-client