This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/263447-0c80-4cda-b915-081a637f703e/1/00KrFW1a4VOtFlKOh9nIR53ApKU.mft File: 00KrFW1a4VOtFlKOh9nIR53ApKU.mft (raw, json) Hash identifier: zNePrwlUdMU/3azfd5aDLY6BxBEQfgdnS1owogE6ddk= Subject key identifier: 8A:89:A0:CA:04:0B:37:1C:82:3A:A6:33:4B:80:D2:7C:58:C0:79:A1 Authority key identifier: D3:42:AB:15:6D:5A:E1:53:AD:16:52:8E:87:D9:C8:47:9D:C0:A4:A5 Certificate issuer: /CN=d342ab156d5ae153ad16528e87d9c8479dc0a4a5 Certificate serial: 019B3EA33562CFEE76763BA497E5BD611FC6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/00KrFW1a4VOtFlKOh9nIR53ApKU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/263447-0c80-4cda-b915-081a637f703e/1/00KrFW1a4VOtFlKOh9nIR53ApKU.mft Manifest number: 178A Signing time: Sun 21 Dec 2025 02:00:41 +0000 Manifest this update: Sun 21 Dec 2025 02:00:41 +0000 Manifest next update: Mon 22 Dec 2025 02:00:41 +0000 Files and hashes: 1: 00KrFW1a4VOtFlKOh9nIR53ApKU.crl (hash: 2eOKEjItXNFTHdjxUtOJLXcbFBNWK7Fo0Ea1bZvROyU=) 2: YzWazfZkDmpS6lnGJouGiR4vMgw.roa (hash: g+4T1wjwDSXCQUkHT41UwModEGJm2ijdNXqnxLEPkqw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/263447-0c80-4cda-b915-081a637f703e/1/00KrFW1a4VOtFlKOh9nIR53ApKU.crl rsync://rpki.ripe.net/repository/DEFAULT/c3/263447-0c80-4cda-b915-081a637f703e/1/00KrFW1a4VOtFlKOh9nIR53ApKU.mft rsync://rpki.ripe.net/repository/DEFAULT/00KrFW1a4VOtFlKOh9nIR53ApKU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 19:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3e:a3:35:62:cf:ee:76:76:3b:a4:97:e5:bd:61:1f:c6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d342ab156d5ae153ad16528e87d9c8479dc0a4a5 Validity Not Before: Dec 21 02:00:41 2025 GMT Not After : Dec 22 02:00:41 2025 GMT Subject: CN=8a89a0ca040b371c823aa6334b80d27c58c079a1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:18:25:cd:be:98:e2:c9:81:fc:4a:d3:05:b7: 20:a0:fe:c8:3e:7f:e2:46:3a:7c:c6:fb:43:86:bb: dc:68:3f:2a:bc:5e:d6:59:c2:d7:83:d8:eb:b3:99: b0:a2:f9:7d:57:df:ae:ae:61:90:ff:7e:0d:57:a4: fb:26:4c:ad:8e:5d:b7:3c:a7:a7:2d:72:2e:6c:7c: 2f:76:7a:a4:b6:5b:af:9e:1b:16:ff:f6:fe:30:67: 99:76:ef:f9:f4:94:7d:19:d7:d4:bf:15:91:81:96: ef:29:5a:c8:79:3f:fc:eb:58:1f:a0:d9:70:c6:dc: ab:65:01:67:61:c1:bc:67:9a:22:8f:6d:96:54:68: 29:6d:be:f9:f9:96:0a:eb:4f:c8:d9:73:08:15:48: aa:95:ac:b1:72:4e:fb:32:5c:af:52:81:54:ff:7f: 29:6f:1f:e8:5b:6c:c8:72:2e:ab:98:d9:f9:0c:24: ac:13:7b:c6:64:f5:20:ff:14:16:4e:a3:83:b5:e0: 52:8f:e4:fd:f3:56:cf:83:24:59:5b:0d:c0:92:55: ea:7a:c4:63:13:4d:f9:f9:fe:9a:f2:10:d0:dc:ca: cf:1b:6a:94:c6:02:d8:79:45:5f:b6:b5:9c:27:40: 94:62:7c:fd:9c:aa:26:d7:1d:35:7a:3a:2a:33:04: cf:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:89:A0:CA:04:0B:37:1C:82:3A:A6:33:4B:80:D2:7C:58:C0:79:A1 X509v3 Authority Key Identifier: keyid:D3:42:AB:15:6D:5A:E1:53:AD:16:52:8E:87:D9:C8:47:9D:C0:A4:A5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/00KrFW1a4VOtFlKOh9nIR53ApKU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/263447-0c80-4cda-b915-081a637f703e/1/00KrFW1a4VOtFlKOh9nIR53ApKU.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/263447-0c80-4cda-b915-081a637f703e/1/00KrFW1a4VOtFlKOh9nIR53ApKU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 44:35:ce:03:9f:43:fd:df:b7:6c:5a:bd:01:0c:5d:42:1f:0d: 15:7c:8e:a7:40:fd:dd:b6:4c:e7:6b:52:4c:d5:90:9e:ab:c3: 3a:19:6c:6b:1d:98:bb:65:c1:95:6b:0b:1f:cb:c5:51:5b:9c: 98:29:a8:49:25:36:1a:39:88:9f:3a:e4:41:5a:bf:b1:34:ea: 20:58:85:d8:d1:93:e4:2c:c2:04:bf:a3:ac:01:32:7e:9d:d3: 92:60:1d:1e:25:10:5e:65:c9:b7:73:4d:da:6c:3d:bd:15:c4: 5d:1a:bf:b0:69:f0:68:58:ee:2a:38:7f:b0:33:7a:8a:76:76: 02:0d:16:75:3e:81:5d:89:d2:6f:21:89:3c:fd:8f:0c:ed:ff: 71:92:cd:c0:a2:1f:b7:ab:fe:7e:27:d8:46:f5:6e:f2:aa:6b: 34:d3:f6:ff:14:24:bc:e3:33:f9:65:04:18:a4:e7:dd:3e:84: bf:15:b3:2d:4e:bf:5c:8c:ef:3b:d7:19:66:84:37:e4:fc:5a: ac:3f:33:06:7f:14:6b:f9:02:51:d4:db:23:84:d5:5f:f9:91: c3:9a:81:42:86:39:f1:b2:25:38:fc:c1:a7:eb:0b:cf:3c:fd: d1:1c:83:13:ca:58:93:00:bb:2a:cb:a2:d5:b7:a8:ff:52:4a: 6a:b0:56:5b -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs+ozViz+52djukl+W9YR/GMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQzNDJhYjE1NmQ1YWUxNTNhZDE2NTI4ZTg3ZDljODQ3OWRj MGE0YTUwHhcNMjUxMjIxMDIwMDQxWhcNMjUxMjIyMDIwMDQxWjAzMTEwLwYDVQQD Eyg4YTg5YTBjYTA0MGIzNzFjODIzYWE2MzM0YjgwZDI3YzU4YzA3OWExMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2xglzb6Y4smB/ErTBbcgoP7IPn/i Rjp8xvtDhrvcaD8qvF7WWcLXg9jrs5mwovl9V9+urmGQ/34NV6T7Jkytjl23PKen LXIubHwvdnqktluvnhsW//b+MGeZdu/59JR9GdfUvxWRgZbvKVrIeT/861gfoNlw xtyrZQFnYcG8Z5oij22WVGgpbb75+ZYK60/I2XMIFUiqlayxck77MlyvUoFU/38p bx/oW2zIci6rmNn5DCSsE3vGZPUg/xQWTqODteBSj+T981bPgyRZWw3AklXqesRj E035+f6a8hDQ3MrPG2qUxgLYeUVftrWcJ0CUYnz9nKom1x01ejoqMwTP1QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIqJoMoECzccgjqmM0uA0nxYwHmhMB8GA1UdIwQY MBaAFNNCqxVtWuFTrRZSjofZyEedwKSlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMDBLckZXMWE0Vk90RmxLT2g5bklSNTNBcEtVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8yNjM0NDctMGM4MC00Y2RhLWI5MTUt MDgxYTYzN2Y3MDNlLzEvMDBLckZXMWE0Vk90RmxLT2g5bklSNTNBcEtVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jMy8yNjM0NDctMGM4MC00Y2RhLWI5MTUtMDgxYTYzN2Y3MDNl LzEvMDBLckZXMWE0Vk90RmxLT2g5bklSNTNBcEtVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEARDXOA59D /d+3bFq9AQxdQh8NFXyOp0D93bZM52tSTNWQnqvDOhlsax2Yu2XBlWsLH8vFUVuc mCmoSSU2GjmInzrkQVq/sTTqIFiF2NGT5CzCBL+jrAEyfp3TkmAdHiUQXmXJt3NN 2mw9vRXEXRq/sGnwaFjuKjh/sDN6inZ2Ag0WdT6BXYnSbyGJPP2PDO3/cZLNwKIf t6v+fifYRvVu8qprNNP2/xQkvOMz+WUEGKTn3T6EvxWzLU6/XIzvO9cZZoQ35Pxa rD8zBn8Ua/kCUdTbI4TVX/mRw5qBQoY58bIlOPzBp+sLzzz90RyDE8pYkwC7Ksui 1beo/1JKarBWWw== -----END CERTIFICATE-----Generated at Sun Dec 21 03:53:09 2025 by rpki-client