This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/d2ff5b-0008-4572-9380-976c04bdf18f/1/KeoL3n9pK8X9wLFoumFKAnLy5k0.mft File: KeoL3n9pK8X9wLFoumFKAnLy5k0.mft (raw, json) Hash identifier: tJ6d0nw3BGz2TEuwGAM7cSsHnPyA4JfNxSMYj0ks/TI= Subject key identifier: 02:DA:0E:F3:C0:98:A1:57:97:6C:3C:E8:7F:8C:20:31:B9:99:C0:85 Authority key identifier: 29:EA:0B:DE:7F:69:2B:C5:FD:C0:B1:68:BA:61:4A:02:72:F2:E6:4D Certificate issuer: /CN=29ea0bde7f692bc5fdc0b168ba614a0272f2e64d Certificate serial: 019B68E8FA9A67183CB51031722226BE858D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KeoL3n9pK8X9wLFoumFKAnLy5k0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/d2ff5b-0008-4572-9380-976c04bdf18f/1/KeoL3n9pK8X9wLFoumFKAnLy5k0.mft Manifest number: 0E0A Signing time: Mon 29 Dec 2025 07:00:57 +0000 Manifest this update: Mon 29 Dec 2025 07:00:57 +0000 Manifest next update: Tue 30 Dec 2025 07:00:57 +0000 Files and hashes: 1: 9cEvXYVcBJeRVXoK10hhOCyNhJY.roa (hash: ihTe2JjgXGvlLA7K+HxYQQd7iWcLoXsDNyag9kYHBGk=) 2: KeoL3n9pK8X9wLFoumFKAnLy5k0.crl (hash: pygHndY3ZnaDDJb6c7Dy7XqB4Vz7dEZE7wj/6VXLBlI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/d2ff5b-0008-4572-9380-976c04bdf18f/1/KeoL3n9pK8X9wLFoumFKAnLy5k0.crl rsync://rpki.ripe.net/repository/DEFAULT/d0/d2ff5b-0008-4572-9380-976c04bdf18f/1/KeoL3n9pK8X9wLFoumFKAnLy5k0.mft rsync://rpki.ripe.net/repository/DEFAULT/KeoL3n9pK8X9wLFoumFKAnLy5k0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 30 Dec 2025 07:00:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:68:e8:fa:9a:67:18:3c:b5:10:31:72:22:26:be:85:8d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=29ea0bde7f692bc5fdc0b168ba614a0272f2e64d Validity Not Before: Dec 29 07:00:57 2025 GMT Not After : Dec 30 07:00:57 2025 GMT Subject: CN=02da0ef3c098a157976c3ce87f8c2031b999c085 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:3c:1c:a3:ef:91:d8:72:c2:d4:6c:26:96:9d: 5e:52:08:f4:a2:52:e9:3b:14:05:61:24:f4:2b:2e: 72:e8:4b:66:76:33:f4:9b:d7:c0:e8:95:5f:3b:7a: 0e:2d:53:c9:0f:f9:0c:94:fd:73:ea:32:44:72:f4: ff:e3:20:3b:6f:f5:f2:2e:a7:2d:1e:0b:4c:6e:77: 4d:d5:2e:bd:0d:8e:6c:98:b2:c1:8b:1b:be:72:de: e0:02:f2:14:cf:53:3e:62:47:18:2c:15:67:3b:8e: 15:74:46:28:66:b3:57:5f:65:eb:ab:ea:e9:04:c7: ca:6e:e5:fb:e3:32:28:2d:80:80:fa:90:67:d3:42: 2e:da:50:8f:df:2a:1f:b3:d4:54:8e:0e:f9:a3:61: 34:77:aa:48:0c:09:15:07:e6:f2:ca:99:32:1a:23: 7f:74:21:1b:25:44:5c:3b:a6:5f:03:01:bf:f2:ad: 81:4a:9e:ea:c4:31:52:cd:ec:70:ce:d5:02:d0:8b: e9:80:92:37:c4:f1:c0:f6:88:90:84:af:f1:c7:92: 22:6d:f2:75:e0:60:95:e8:21:7b:e3:6b:47:84:26: a1:a2:78:ac:38:1f:14:73:0c:75:15:b2:8d:79:12: df:e9:50:5f:11:a1:ec:ca:76:95:d7:8b:c4:fa:81: db:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 02:DA:0E:F3:C0:98:A1:57:97:6C:3C:E8:7F:8C:20:31:B9:99:C0:85 X509v3 Authority Key Identifier: keyid:29:EA:0B:DE:7F:69:2B:C5:FD:C0:B1:68:BA:61:4A:02:72:F2:E6:4D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KeoL3n9pK8X9wLFoumFKAnLy5k0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/d2ff5b-0008-4572-9380-976c04bdf18f/1/KeoL3n9pK8X9wLFoumFKAnLy5k0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/d2ff5b-0008-4572-9380-976c04bdf18f/1/KeoL3n9pK8X9wLFoumFKAnLy5k0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 84:10:59:b9:c9:55:b1:ca:59:4c:be:18:49:96:47:8d:96:04: 2b:86:b5:f4:5c:da:fc:12:e2:06:41:2d:75:1a:fb:fa:0d:02: 62:03:91:1a:17:79:2a:b8:4e:f4:d8:19:10:91:5a:2c:e5:aa: 80:a2:49:44:69:21:e1:89:bd:6c:93:0c:5e:83:27:cb:96:ee: 6b:5c:93:da:0f:b7:f0:9f:b9:78:d7:d6:25:90:7a:67:5d:ed: 7c:a8:51:22:9c:63:ad:b8:d2:a8:1e:37:ef:36:64:31:e2:69: c9:fc:b6:e8:3f:f1:fa:47:5e:0a:63:db:47:45:39:3d:2c:b1: fb:6d:79:d5:17:e4:41:2b:71:5b:e2:5b:4a:79:f1:2b:6b:cc: 4d:54:30:8e:d2:63:39:13:bf:76:59:4d:1a:33:2c:c7:4f:c5: d2:30:ff:22:ef:dc:cb:67:58:7b:f0:1f:d8:4f:d1:b5:50:d5: 5a:e5:60:79:9a:c8:48:1a:a4:9d:f5:71:16:56:06:bc:57:be: 78:86:e6:b1:a1:ab:cb:40:62:1d:44:19:4f:9a:8e:40:ee:42: 3d:14:21:3e:6f:e6:de:54:ed:af:86:bb:3a:c2:99:c5:e6:d7: 05:41:74:45:00:b9:fd:ef:d0:3e:69:5e:83:9b:3c:9c:18:d5: 41:04:fb:9d -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZto6PqaZxg8tRAxciImvoWNMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI5ZWEwYmRlN2Y2OTJiYzVmZGMwYjE2OGJhNjE0YTAyNzJm MmU2NGQwHhcNMjUxMjI5MDcwMDU3WhcNMjUxMjMwMDcwMDU3WjAzMTEwLwYDVQQD EygwMmRhMGVmM2MwOThhMTU3OTc2YzNjZTg3ZjhjMjAzMWI5OTljMDg1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3zwco++R2HLC1Gwmlp1eUgj0olLp OxQFYST0Ky5y6EtmdjP0m9fA6JVfO3oOLVPJD/kMlP1z6jJEcvT/4yA7b/XyLqct HgtMbndN1S69DY5smLLBixu+ct7gAvIUz1M+YkcYLBVnO44VdEYoZrNXX2Xrq+rp BMfKbuX74zIoLYCA+pBn00Iu2lCP3yofs9RUjg75o2E0d6pIDAkVB+byypkyGiN/ dCEbJURcO6ZfAwG/8q2BSp7qxDFSzexwztUC0IvpgJI3xPHA9oiQhK/xx5IibfJ1 4GCV6CF742tHhCahonisOB8Ucwx1FbKNeRLf6VBfEaHsynaV14vE+oHbHQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFALaDvPAmKFXl2w86H+MIDG5mcCFMB8GA1UdIwQY MBaAFCnqC95/aSvF/cCxaLphSgJy8uZNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS2VvTDNuOXBLOFg5d0xGb3VtRktBbkx5NWswLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9kMmZmNWItMDAwOC00NTcyLTkzODAt OTc2YzA0YmRmMThmLzEvS2VvTDNuOXBLOFg5d0xGb3VtRktBbkx5NWswLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMC9kMmZmNWItMDAwOC00NTcyLTkzODAtOTc2YzA0YmRmMThm LzEvS2VvTDNuOXBLOFg5d0xGb3VtRktBbkx5NWswLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhBBZuclV scpZTL4YSZZHjZYEK4a19Fza/BLiBkEtdRr7+g0CYgORGhd5KrhO9NgZEJFaLOWq gKJJRGkh4Ym9bJMMXoMny5bua1yT2g+38J+5eNfWJZB6Z13tfKhRIpxjrbjSqB43 7zZkMeJpyfy26D/x+kdeCmPbR0U5PSyx+2151RfkQStxW+JbSnnxK2vMTVQwjtJj ORO/dllNGjMsx0/F0jD/Iu/cy2dYe/Af2E/RtVDVWuVgeZrISBqknfVxFlYGvFe+ eIbmsaGry0BiHUQZT5qOQO5CPRQhPm/m3lTtr4a7OsKZxebXBUF0RQC5/e/QPmle g5s8nBjVQQT7nQ== -----END CERTIFICATE-----Generated at Mon Dec 29 12:05:16 2025 by rpki-client