This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/11477c-8452-4abb-9147-f0b09c0c90c7/1/KRKNnU8aVulw-HRtaCesESD5Jmc.mft File: KRKNnU8aVulw-HRtaCesESD5Jmc.mft (raw, json) Hash identifier: hYjVQbw0IVD2h18t61mAfb5q/xIJLXXISBf7SZGzrF8= Subject key identifier: DA:83:6D:FA:EC:96:99:D3:FF:4B:40:33:19:A7:C6:09:1B:E9:FC:6D Authority key identifier: 29:12:8D:9D:4F:1A:56:E9:70:F8:74:6D:68:27:AC:11:20:F9:26:67 Certificate issuer: /CN=29128d9d4f1a56e970f8746d6827ac1120f92667 Certificate serial: 019B3C106C58A22785BE4BDF1DED34653E59 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KRKNnU8aVulw-HRtaCesESD5Jmc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/11477c-8452-4abb-9147-f0b09c0c90c7/1/KRKNnU8aVulw-HRtaCesESD5Jmc.mft Manifest number: 028D Signing time: Sat 20 Dec 2025 14:01:07 +0000 Manifest this update: Sat 20 Dec 2025 14:01:07 +0000 Manifest next update: Sun 21 Dec 2025 14:01:07 +0000 Files and hashes: 1: F89K3Q0XwdNsBMWEF-9n8HX8seQ.roa (hash: k36l/8lxtcKwAJTjrdDRO46ly7DD3aRm+mH7GwvYLjg=) 2: KRKNnU8aVulw-HRtaCesESD5Jmc.crl (hash: z3XxceIFs0mSRc6kR/dy9H3xjr2y+rIHYSYUkBUCVUA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/11477c-8452-4abb-9147-f0b09c0c90c7/1/KRKNnU8aVulw-HRtaCesESD5Jmc.crl rsync://rpki.ripe.net/repository/DEFAULT/cb/11477c-8452-4abb-9147-f0b09c0c90c7/1/KRKNnU8aVulw-HRtaCesESD5Jmc.mft rsync://rpki.ripe.net/repository/DEFAULT/KRKNnU8aVulw-HRtaCesESD5Jmc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 10:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3c:10:6c:58:a2:27:85:be:4b:df:1d:ed:34:65:3e:59 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=29128d9d4f1a56e970f8746d6827ac1120f92667 Validity Not Before: Dec 20 14:01:07 2025 GMT Not After : Dec 21 14:01:07 2025 GMT Subject: CN=da836dfaec9699d3ff4b403319a7c6091be9fc6d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:61:28:ac:46:c2:b4:f5:4e:6e:5e:96:02:71: 71:4a:ae:8a:f4:94:95:b7:52:4d:5d:e8:a3:3e:8c: 8e:e6:4f:af:c4:9d:61:f6:64:58:34:24:5a:a8:77: 33:4b:bd:0d:22:fc:53:da:5b:04:7a:67:09:5b:2d: 8c:c5:44:dc:03:ee:8d:fc:14:88:9e:f0:65:62:93: fc:1a:41:29:88:d0:48:8e:f6:fd:36:c9:2c:d6:f8: e3:e9:6a:f3:cc:1f:79:9a:92:99:55:21:7a:50:fe: 75:0a:e0:cc:49:45:04:ea:cd:67:45:3f:43:1d:3c: 4a:06:7a:53:75:e7:77:1b:a0:6d:62:21:8f:7d:cb: 59:04:30:27:9c:be:f8:a5:3c:e2:10:26:41:d8:8f: 67:44:62:d7:89:54:80:32:99:fc:94:65:ab:df:b5: df:4c:0c:2f:ca:f8:08:b5:30:35:24:c5:e8:6f:01: 5c:c5:70:d1:59:d8:d3:4d:02:bc:16:c5:1d:06:33: 9d:d0:0d:d1:51:33:8f:e1:f9:98:18:5c:10:de:b5: cb:88:f4:97:c3:bf:12:81:70:fc:88:eb:58:80:74: d8:4a:e3:f9:a0:13:cc:29:2a:bc:89:cd:50:6b:3a: 15:0d:5f:75:a7:5c:ef:e7:81:07:ed:07:c5:f1:9f: 3a:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:83:6D:FA:EC:96:99:D3:FF:4B:40:33:19:A7:C6:09:1B:E9:FC:6D X509v3 Authority Key Identifier: keyid:29:12:8D:9D:4F:1A:56:E9:70:F8:74:6D:68:27:AC:11:20:F9:26:67 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KRKNnU8aVulw-HRtaCesESD5Jmc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/11477c-8452-4abb-9147-f0b09c0c90c7/1/KRKNnU8aVulw-HRtaCesESD5Jmc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/11477c-8452-4abb-9147-f0b09c0c90c7/1/KRKNnU8aVulw-HRtaCesESD5Jmc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 8f:fa:0f:3f:12:31:5b:db:3b:35:c7:7a:61:b6:35:cc:d1:cf: 9a:16:d0:d8:b5:76:4e:f9:34:c3:6b:51:f9:77:9a:2d:6f:89: 9d:76:e1:7a:59:0c:d0:07:43:db:15:0c:23:e3:15:41:ce:30: 65:17:3c:eb:5c:66:f3:21:2f:4c:41:19:3e:ce:0b:3a:90:8e: 0f:ab:42:1b:f4:2d:88:f4:83:08:a3:98:ee:26:b2:90:90:22: 01:67:51:f3:99:be:5a:49:5b:fc:a9:e3:8d:35:60:47:1d:da: 5b:5f:b0:c2:b9:84:31:46:c2:91:e6:89:3f:7a:36:40:98:eb: d1:1f:8c:85:18:09:38:4d:33:8d:44:5c:96:4d:f6:3f:e8:46: 26:d2:0b:b4:5a:cd:82:ae:fd:f7:bd:87:9f:cf:23:90:33:cc: bd:d0:79:9a:ee:3f:21:7c:e0:7c:fc:95:4a:eb:87:0b:42:4f: f2:50:d9:fa:65:ec:ee:20:b3:b9:cf:28:35:c1:50:1e:b0:93: bf:c6:7c:2f:71:6a:83:fd:1c:72:e8:c2:db:52:ac:4a:ad:47: 6c:57:8e:85:99:1c:99:e8:c1:5f:16:f8:0c:58:77:4f:56:e5: 1d:41:be:fa:bd:16:79:ac:61:80:31:9b:98:9c:df:40:31:18: 94:eb:82:d7 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs8EGxYoieFvkvfHe00ZT5ZMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI5MTI4ZDlkNGYxYTU2ZTk3MGY4NzQ2ZDY4MjdhYzExMjBm OTI2NjcwHhcNMjUxMjIwMTQwMTA3WhcNMjUxMjIxMTQwMTA3WjAzMTEwLwYDVQQD EyhkYTgzNmRmYWVjOTY5OWQzZmY0YjQwMzMxOWE3YzYwOTFiZTlmYzZkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm2EorEbCtPVObl6WAnFxSq6K9JSV t1JNXeijPoyO5k+vxJ1h9mRYNCRaqHczS70NIvxT2lsEemcJWy2MxUTcA+6N/BSI nvBlYpP8GkEpiNBIjvb9Nsks1vjj6WrzzB95mpKZVSF6UP51CuDMSUUE6s1nRT9D HTxKBnpTded3G6BtYiGPfctZBDAnnL74pTziECZB2I9nRGLXiVSAMpn8lGWr37Xf TAwvyvgItTA1JMXobwFcxXDRWdjTTQK8FsUdBjOd0A3RUTOP4fmYGFwQ3rXLiPSX w78SgXD8iOtYgHTYSuP5oBPMKSq8ic1QazoVDV91p1zv54EH7QfF8Z86XQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNqDbfrslpnT/0tAMxmnxgkb6fxtMB8GA1UdIwQY MBaAFCkSjZ1PGlbpcPh0bWgnrBEg+SZnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS1JLTm5VOGFWdWx3LUhSdGFDZXNFU0Q1Sm1jLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi8xMTQ3N2MtODQ1Mi00YWJiLTkxNDct ZjBiMDljMGM5MGM3LzEvS1JLTm5VOGFWdWx3LUhSdGFDZXNFU0Q1Sm1jLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jYi8xMTQ3N2MtODQ1Mi00YWJiLTkxNDctZjBiMDljMGM5MGM3 LzEvS1JLTm5VOGFWdWx3LUhSdGFDZXNFU0Q1Sm1jLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAj/oPPxIx W9s7Ncd6YbY1zNHPmhbQ2LV2Tvk0w2tR+XeaLW+JnXbhelkM0AdD2xUMI+MVQc4w ZRc861xm8yEvTEEZPs4LOpCOD6tCG/QtiPSDCKOY7iaykJAiAWdR85m+Wklb/Knj jTVgRx3aW1+wwrmEMUbCkeaJP3o2QJjr0R+MhRgJOE0zjURclk32P+hGJtILtFrN gq79972Hn88jkDPMvdB5mu4/IXzgfPyVSuuHC0JP8lDZ+mXs7iCzuc8oNcFQHrCT v8Z8L3Fqg/0ccujC21KsSq1HbFeOhZkcmejBXxb4DFh3T1blHUG++r0WeaxhgDGb mJzfQDEYlOuC1w== -----END CERTIFICATE-----Generated at Sat Dec 20 19:50:26 2025 by rpki-client