This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/a0b63e-1166-46b5-9e3e-38b5d1788007/1/KqPJn_WLj3M-8sYqd3LAwfKeV_w.mft File: KqPJn_WLj3M-8sYqd3LAwfKeV_w.mft (raw, json) Hash identifier: lxXo4fY7HITunOOgKaFhfR5WqP4hFeit5qkSW69zLVI= Subject key identifier: CD:31:FF:8A:55:90:13:AE:2A:15:7F:46:C7:A5:9B:FC:43:29:75:DB Authority key identifier: 2A:A3:C9:9F:F5:8B:8F:73:3E:F2:C6:2A:77:72:C0:C1:F2:9E:57:FC Certificate issuer: /CN=2aa3c99ff58b8f733ef2c62a7772c0c1f29e57fc Certificate serial: 019B43C9773C23A3AAB3B4900C15CB3CFF17 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KqPJn_WLj3M-8sYqd3LAwfKeV_w.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/a0b63e-1166-46b5-9e3e-38b5d1788007/1/KqPJn_WLj3M-8sYqd3LAwfKeV_w.mft Manifest number: 1097 Signing time: Mon 22 Dec 2025 02:00:35 +0000 Manifest this update: Mon 22 Dec 2025 02:00:35 +0000 Manifest next update: Tue 23 Dec 2025 02:00:35 +0000 Files and hashes: 1: KqPJn_WLj3M-8sYqd3LAwfKeV_w.crl (hash: a9TvoNzsjY1SoFb7nyE1Z/sE1uXYRl8GG9BeGvl5gkY=) 2: UZvnE-CaTB9qoHVdVXMgB-LiNEM.roa (hash: Ycg6B0Rffq0DfziTHdPyE76c/wB4R/dWXA7Fjbacvbs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e4/a0b63e-1166-46b5-9e3e-38b5d1788007/1/KqPJn_WLj3M-8sYqd3LAwfKeV_w.crl rsync://rpki.ripe.net/repository/DEFAULT/e4/a0b63e-1166-46b5-9e3e-38b5d1788007/1/KqPJn_WLj3M-8sYqd3LAwfKeV_w.mft rsync://rpki.ripe.net/repository/DEFAULT/KqPJn_WLj3M-8sYqd3LAwfKeV_w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 23 Dec 2025 02:00:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:43:c9:77:3c:23:a3:aa:b3:b4:90:0c:15:cb:3c:ff:17 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2aa3c99ff58b8f733ef2c62a7772c0c1f29e57fc Validity Not Before: Dec 22 02:00:35 2025 GMT Not After : Dec 23 02:00:35 2025 GMT Subject: CN=cd31ff8a559013ae2a157f46c7a59bfc432975db Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:02:3c:0a:02:f2:3a:f0:4e:4a:f2:e1:36:e9: 2c:1c:6c:b0:d2:b9:a7:7c:60:19:51:e0:bd:66:a3: c7:41:eb:aa:a7:67:05:e1:41:c7:f3:99:9b:a8:13: e2:ce:08:1c:9e:b9:56:d8:73:45:6b:8b:2c:b5:01: 79:58:54:ae:85:1b:42:19:9b:e6:25:ad:e3:d1:dc: 17:f4:2f:d1:5a:f8:52:8e:51:04:f9:f1:7c:b2:f2: 6a:23:bf:e6:81:76:70:ea:52:ff:4d:f3:f7:c9:c9: e7:03:77:8d:ce:b9:6f:24:3e:42:ad:3a:86:81:2c: eb:1b:b8:ee:29:a2:6f:5d:22:19:cd:64:1d:ac:63: 5e:43:35:0a:55:24:e9:3c:31:b4:7c:d5:2e:8d:dd: 12:fd:85:4f:10:1a:3a:ee:14:7e:63:f5:74:e7:fc: 3c:d2:80:db:a6:3d:17:ea:c5:8d:92:35:39:86:50: cd:db:df:a2:9e:b9:4a:30:7a:6d:76:b9:2c:f0:67: 2e:39:4d:ad:01:25:10:a2:02:3b:64:7d:0d:60:69: 47:45:6c:16:1a:f6:47:79:9a:f3:7e:01:1d:d1:35: f5:78:67:67:4b:5f:b3:6c:f0:f8:b6:77:fa:43:d4: ac:9d:f9:e7:8a:13:ab:f5:4d:00:8f:df:1e:10:77: 28:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:31:FF:8A:55:90:13:AE:2A:15:7F:46:C7:A5:9B:FC:43:29:75:DB X509v3 Authority Key Identifier: keyid:2A:A3:C9:9F:F5:8B:8F:73:3E:F2:C6:2A:77:72:C0:C1:F2:9E:57:FC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KqPJn_WLj3M-8sYqd3LAwfKeV_w.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/a0b63e-1166-46b5-9e3e-38b5d1788007/1/KqPJn_WLj3M-8sYqd3LAwfKeV_w.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/a0b63e-1166-46b5-9e3e-38b5d1788007/1/KqPJn_WLj3M-8sYqd3LAwfKeV_w.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 06:02:58:08:ed:6e:4b:81:7f:05:13:09:7f:1b:63:e1:2c:f2: 4d:d0:58:c9:68:8c:f6:bd:96:e4:b4:90:bd:a4:3f:fa:46:c3: 55:a2:7c:ed:bb:bc:0c:c9:70:41:b7:78:65:2f:00:5c:43:9c: 6b:45:3e:14:d4:0a:90:d8:6e:dd:80:db:bb:23:18:c2:27:fe: 37:56:73:bb:34:18:2f:19:02:e5:02:54:ae:e5:4b:3e:e0:0a: 29:ab:e4:1a:20:64:f0:57:f8:40:ea:23:b2:9c:c6:51:77:b3: 21:e1:45:10:8f:81:f3:b9:04:0b:1c:53:82:be:8a:62:3e:0a: 98:10:f6:86:07:8e:8a:9b:c3:d5:9c:81:c6:11:bc:af:26:14: f1:01:8a:5a:f5:3f:9a:53:00:c4:7b:2d:7c:de:ea:0f:9a:25: 83:d9:92:e6:a8:06:a3:ae:a1:9b:1a:9b:d1:ca:fc:82:12:90: db:17:bb:8e:28:1d:8c:c2:7b:d6:5d:70:4f:ac:e0:67:ca:25: ae:72:4d:63:96:43:38:b3:59:53:18:c1:df:23:a1:f1:89:59: 83:f9:8f:1f:a8:06:d2:4a:00:c5:da:cb:a1:b1:f8:1d:e6:7f: 9e:fd:69:f9:af:cd:97:f3:68:82:d2:08:6b:ce:f9:35:98:d2: ca:d3:d6:55 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtDyXc8I6Oqs7SQDBXLPP8XMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhYTNjOTlmZjU4YjhmNzMzZWYyYzYyYTc3NzJjMGMxZjI5 ZTU3ZmMwHhcNMjUxMjIyMDIwMDM1WhcNMjUxMjIzMDIwMDM1WjAzMTEwLwYDVQQD EyhjZDMxZmY4YTU1OTAxM2FlMmExNTdmNDZjN2E1OWJmYzQzMjk3NWRiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAywI8CgLyOvBOSvLhNuksHGyw0rmn fGAZUeC9ZqPHQeuqp2cF4UHH85mbqBPizggcnrlW2HNFa4sstQF5WFSuhRtCGZvm Ja3j0dwX9C/RWvhSjlEE+fF8svJqI7/mgXZw6lL/TfP3ycnnA3eNzrlvJD5CrTqG gSzrG7juKaJvXSIZzWQdrGNeQzUKVSTpPDG0fNUujd0S/YVPEBo67hR+Y/V05/w8 0oDbpj0X6sWNkjU5hlDN29+inrlKMHptdrks8GcuOU2tASUQogI7ZH0NYGlHRWwW GvZHeZrzfgEd0TX1eGdnS1+zbPD4tnf6Q9SsnfnnihOr9U0Aj98eEHcoPQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFM0x/4pVkBOuKhV/Rselm/xDKXXbMB8GA1UdIwQY MBaAFCqjyZ/1i49zPvLGKndywMHynlf8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS3FQSm5fV0xqM00tOHNZcWQzTEF3ZktlVl93LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC9hMGI2M2UtMTE2Ni00NmI1LTllM2Ut MzhiNWQxNzg4MDA3LzEvS3FQSm5fV0xqM00tOHNZcWQzTEF3ZktlVl93Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lNC9hMGI2M2UtMTE2Ni00NmI1LTllM2UtMzhiNWQxNzg4MDA3 LzEvS3FQSm5fV0xqM00tOHNZcWQzTEF3ZktlVl93LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEABgJYCO1u S4F/BRMJfxtj4SzyTdBYyWiM9r2W5LSQvaQ/+kbDVaJ87bu8DMlwQbd4ZS8AXEOc a0U+FNQKkNhu3YDbuyMYwif+N1ZzuzQYLxkC5QJUruVLPuAKKavkGiBk8Ff4QOoj spzGUXezIeFFEI+B87kECxxTgr6KYj4KmBD2hgeOipvD1ZyBxhG8ryYU8QGKWvU/ mlMAxHstfN7qD5olg9mS5qgGo66hmxqb0cr8ghKQ2xe7jigdjMJ71l1wT6zgZ8ol rnJNY5ZDOLNZUxjB3yOh8YlZg/mPH6gG0koAxdrLobH4HeZ/nv1p+a/Nl/NogtII a875NZjSytPWVQ== -----END CERTIFICATE-----Generated at Mon Dec 22 11:35:58 2025 by rpki-client