This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/1d72ce-be4c-4498-a823-3aebc9f817ce/1/KXpCKXFPNOKdPZKyX3tZx0jw38Y.mft File: KXpCKXFPNOKdPZKyX3tZx0jw38Y.mft (raw, json) Hash identifier: pRzUTl/vUtyUwlaf7e6TspXd12ZbwXpMpo9d6mmOvEo= Subject key identifier: 0E:5D:F0:52:0D:ED:26:FB:F6:33:DC:FF:0A:40:17:09:83:C9:85:71 Authority key identifier: 29:7A:42:29:71:4F:34:E2:9D:3D:92:B2:5F:7B:59:C7:48:F0:DF:C6 Certificate issuer: /CN=297a4229714f34e29d3d92b25f7b59c748f0dfc6 Certificate serial: 019B747F54C297844F75F4BE212FCC3A6493 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KXpCKXFPNOKdPZKyX3tZx0jw38Y.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/1d72ce-be4c-4498-a823-3aebc9f817ce/1/KXpCKXFPNOKdPZKyX3tZx0jw38Y.mft Manifest number: 0A33 Signing time: Wed 31 Dec 2025 13:01:00 +0000 Manifest this update: Wed 31 Dec 2025 13:01:00 +0000 Manifest next update: Thu 01 Jan 2026 13:01:00 +0000 Files and hashes: 1: IrS-qV3W0Ik-KE138sR-ycmjsj0.roa (hash: ZrhZqy7V3sNpl24EYUX1sc+YyDytYvN7JDm/U17ihTc=) 2: KXpCKXFPNOKdPZKyX3tZx0jw38Y.crl (hash: MNZeuIqgTfvN8aQklbPrSij1fTNEsRhSZNT3yLZgrfk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e4/1d72ce-be4c-4498-a823-3aebc9f817ce/1/KXpCKXFPNOKdPZKyX3tZx0jw38Y.crl rsync://rpki.ripe.net/repository/DEFAULT/e4/1d72ce-be4c-4498-a823-3aebc9f817ce/1/KXpCKXFPNOKdPZKyX3tZx0jw38Y.mft rsync://rpki.ripe.net/repository/DEFAULT/KXpCKXFPNOKdPZKyX3tZx0jw38Y.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 01 Jan 2026 13:01:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:74:7f:54:c2:97:84:4f:75:f4:be:21:2f:cc:3a:64:93 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=297a4229714f34e29d3d92b25f7b59c748f0dfc6 Validity Not Before: Dec 31 13:01:00 2025 GMT Not After : Jan 1 13:01:00 2026 GMT Subject: CN=0e5df0520ded26fbf633dcff0a40170983c98571 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:02:e3:cf:f0:d5:6b:4b:b4:93:9d:ad:c4:92: f5:05:8f:c5:2a:27:5f:a5:a3:38:b3:4d:61:a6:1e: 29:0a:50:88:a7:92:b3:75:08:aa:0d:55:7b:03:25: 00:bf:4f:b5:fe:a0:c5:ee:d4:3e:df:e8:73:67:04: 09:2e:a8:d1:d2:0b:c1:e7:29:31:19:d7:f8:d4:40: 78:03:34:04:af:82:e6:48:93:fb:06:cb:b7:91:04: 94:e2:2d:41:40:07:39:1f:34:d9:37:6b:64:a1:93: ed:dd:4a:d6:08:c6:89:e8:cf:8e:8a:94:0f:6f:40: d3:9e:38:ae:9a:d8:0f:d3:58:aa:f0:08:7a:12:7f: 63:32:dc:27:35:b9:7e:f0:60:25:26:03:c7:61:bf: 70:ae:47:13:e3:4f:f2:38:4a:d0:94:27:ae:1c:44: 8e:88:ee:a5:38:b6:17:40:b5:d7:ee:60:00:3b:ff: 3b:76:7b:a9:e3:b0:24:ad:f6:fb:45:31:6f:0d:bf: 80:2b:98:0f:ea:51:cb:bc:92:5c:e9:fe:94:07:65: 6f:69:d3:96:40:b3:c0:01:1d:c0:6c:71:5d:74:96: e6:6e:97:57:58:26:03:50:19:03:17:73:2e:4b:76: cc:8a:9f:52:81:79:db:98:73:10:22:7c:ac:e7:4f: 68:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0E:5D:F0:52:0D:ED:26:FB:F6:33:DC:FF:0A:40:17:09:83:C9:85:71 X509v3 Authority Key Identifier: keyid:29:7A:42:29:71:4F:34:E2:9D:3D:92:B2:5F:7B:59:C7:48:F0:DF:C6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KXpCKXFPNOKdPZKyX3tZx0jw38Y.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/1d72ce-be4c-4498-a823-3aebc9f817ce/1/KXpCKXFPNOKdPZKyX3tZx0jw38Y.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/1d72ce-be4c-4498-a823-3aebc9f817ce/1/KXpCKXFPNOKdPZKyX3tZx0jw38Y.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b5:49:c7:55:ec:d4:62:ed:ab:76:66:87:2d:7b:d8:1b:4a:ae: 0c:10:c4:c1:db:ee:18:b9:39:f4:d5:21:95:8a:76:c2:32:63: c2:e9:9e:aa:10:68:e3:c6:8f:9e:e1:a0:0e:23:6f:5c:ce:51: 02:bf:bc:91:91:61:d6:34:41:76:ff:ea:62:81:1b:66:98:5d: 7c:a6:b9:c4:2c:19:f9:2d:02:a5:56:2b:2e:20:e5:21:ca:6b: b9:47:b7:aa:92:5c:10:5d:14:17:8e:34:f4:85:cf:37:95:87: c2:c7:e7:28:71:40:c6:09:02:7b:bd:c8:18:83:d6:43:63:34: 5b:8e:b4:6b:08:01:3f:18:1c:06:df:50:60:d5:9e:cb:2b:c8: 84:5b:a1:7f:01:90:cb:b6:90:f1:66:37:93:ed:33:c9:43:2f: c0:ea:33:ed:63:e9:d7:89:4e:d0:24:dc:0c:59:07:ee:0e:b2: fa:5c:da:8c:f6:0d:20:e5:d9:8b:f0:46:ab:61:26:49:93:ce: cd:2b:b7:4c:61:49:c1:2d:24:53:a9:63:95:6f:7c:42:cb:13: c1:87:28:d7:50:aa:64:b8:d1:98:f4:13:75:75:21:4c:db:c5: 9b:e6:a2:11:ca:1f:95:0c:7c:92:9f:f8:d7:c1:14:7a:c7:87: 5c:d8:44:48 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZt0f1TCl4RPdfS+IS/MOmSTMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI5N2E0MjI5NzE0ZjM0ZTI5ZDNkOTJiMjVmN2I1OWM3NDhm MGRmYzYwHhcNMjUxMjMxMTMwMTAwWhcNMjYwMTAxMTMwMTAwWjAzMTEwLwYDVQQD EygwZTVkZjA1MjBkZWQyNmZiZjYzM2RjZmYwYTQwMTcwOTgzYzk4NTcxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzALjz/DVa0u0k52txJL1BY/FKidf paM4s01hph4pClCIp5KzdQiqDVV7AyUAv0+1/qDF7tQ+3+hzZwQJLqjR0gvB5ykx Gdf41EB4AzQEr4LmSJP7Bsu3kQSU4i1BQAc5HzTZN2tkoZPt3UrWCMaJ6M+OipQP b0DTnjiumtgP01iq8Ah6En9jMtwnNbl+8GAlJgPHYb9wrkcT40/yOErQlCeuHESO iO6lOLYXQLXX7mAAO/87dnup47Akrfb7RTFvDb+AK5gP6lHLvJJc6f6UB2VvadOW QLPAAR3AbHFddJbmbpdXWCYDUBkDF3MuS3bMip9SgXnbmHMQInys509owQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFA5d8FIN7Sb79jPc/wpAFwmDyYVxMB8GA1UdIwQY MBaAFCl6QilxTzTinT2Ssl97WcdI8N/GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS1hwQ0tYRlBOT0tkUFpLeVgzdFp4MGp3MzhZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC8xZDcyY2UtYmU0Yy00NDk4LWE4MjMt M2FlYmM5ZjgxN2NlLzEvS1hwQ0tYRlBOT0tkUFpLeVgzdFp4MGp3MzhZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lNC8xZDcyY2UtYmU0Yy00NDk4LWE4MjMtM2FlYmM5ZjgxN2Nl LzEvS1hwQ0tYRlBOT0tkUFpLeVgzdFp4MGp3MzhZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtUnHVezU Yu2rdmaHLXvYG0quDBDEwdvuGLk59NUhlYp2wjJjwumeqhBo48aPnuGgDiNvXM5R Ar+8kZFh1jRBdv/qYoEbZphdfKa5xCwZ+S0CpVYrLiDlIcpruUe3qpJcEF0UF440 9IXPN5WHwsfnKHFAxgkCe73IGIPWQ2M0W460awgBPxgcBt9QYNWeyyvIhFuhfwGQ y7aQ8WY3k+0zyUMvwOoz7WPp14lO0CTcDFkH7g6y+lzajPYNIOXZi/BGq2EmSZPO zSu3TGFJwS0kU6ljlW98QssTwYco11CqZLjRmPQTdXUhTNvFm+aiEcoflQx8kp/4 18EUeseHXNhESA== -----END CERTIFICATE-----Generated at Wed Dec 31 21:06:01 2025 by rpki-client