This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/027688-d39c-484a-a450-73dced39707f/1/kgIDakPa0GtsLMZL3nZ4cGdvh7M.mft File: kgIDakPa0GtsLMZL3nZ4cGdvh7M.mft (raw, json) Hash identifier: Qb5LfuzVTcbVT3e4e9Q9nwNBorH1EOE+VU9j0Wz14S4= Subject key identifier: 3B:56:C6:46:2A:03:E0:F0:E3:80:8E:14:50:AE:0E:8D:E6:A3:95:B5 Authority key identifier: 92:02:03:6A:43:DA:D0:6B:6C:2C:C6:4B:DE:76:78:70:67:6F:87:B3 Certificate issuer: /CN=9202036a43dad06b6c2cc64bde767870676f87b3 Certificate serial: 019B503BF06BFFAB346A54569984C31399B2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kgIDakPa0GtsLMZL3nZ4cGdvh7M.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/027688-d39c-484a-a450-73dced39707f/1/kgIDakPa0GtsLMZL3nZ4cGdvh7M.mft Manifest number: 102F Signing time: Wed 24 Dec 2025 12:01:03 +0000 Manifest this update: Wed 24 Dec 2025 12:01:03 +0000 Manifest next update: Thu 25 Dec 2025 12:01:03 +0000 Files and hashes: 1: 9Bw4s7L1PZyJ0cmK8dHggvZkyc8.roa (hash: k8G5zSf+pp8Di/1i1Rk8bBBXkqYoG95ba1/+ZDXAe1E=) 2: kgIDakPa0GtsLMZL3nZ4cGdvh7M.crl (hash: oqjrmSR7NW5nkUUHHrHD0ZkKwtutwj2kBEa2ZYF6Sns=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e7/027688-d39c-484a-a450-73dced39707f/1/kgIDakPa0GtsLMZL3nZ4cGdvh7M.crl rsync://rpki.ripe.net/repository/DEFAULT/e7/027688-d39c-484a-a450-73dced39707f/1/kgIDakPa0GtsLMZL3nZ4cGdvh7M.mft rsync://rpki.ripe.net/repository/DEFAULT/kgIDakPa0GtsLMZL3nZ4cGdvh7M.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 09:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:50:3b:f0:6b:ff:ab:34:6a:54:56:99:84:c3:13:99:b2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9202036a43dad06b6c2cc64bde767870676f87b3 Validity Not Before: Dec 24 12:01:03 2025 GMT Not After : Dec 25 12:01:03 2025 GMT Subject: CN=3b56c6462a03e0f0e3808e1450ae0e8de6a395b5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:5a:5e:1d:3e:3e:2f:35:32:cd:62:7c:6d:f5: 9f:11:76:a7:2c:e4:47:b2:67:60:79:83:7c:bd:89: 66:fa:bd:e5:fb:4b:46:63:f0:aa:99:40:63:52:4a: e1:bc:6f:66:e7:bf:7b:39:02:44:d7:7e:34:a4:2a: 96:c3:4c:4b:ad:c2:3b:d1:95:56:5c:9f:70:6a:b2: 67:10:77:5a:25:a7:7c:ed:36:e0:f0:98:db:0f:c0: 62:b6:e6:bf:9c:92:a8:cc:b0:b8:50:f6:f9:d8:4c: 67:60:e7:8c:c7:54:85:33:ad:8c:f8:78:85:56:b3: 0b:09:2d:a4:ca:5d:03:7e:b3:ac:f8:8c:ee:37:b0: 58:08:f9:ba:32:92:54:f3:ec:45:8f:69:bb:0b:c1: a3:02:bf:b8:fa:ef:b8:7e:51:81:f8:f4:b8:7a:22: 6e:95:4b:9c:f1:b7:38:7d:e9:c4:cb:b3:db:bb:9a: f0:5b:7c:4f:bf:ab:bf:4a:ac:db:ca:d3:d3:13:60: e8:42:f3:f8:e5:90:1a:bd:b1:a3:4e:2d:f5:68:54: 59:2b:f9:73:f9:91:f7:e1:f0:57:69:a2:9d:2d:ed: 4b:8f:5a:5a:8a:43:27:9f:0e:4d:82:04:72:46:3a: 62:11:f4:16:ba:36:4b:1a:8d:f2:1b:8c:4a:ac:b2: f1:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3B:56:C6:46:2A:03:E0:F0:E3:80:8E:14:50:AE:0E:8D:E6:A3:95:B5 X509v3 Authority Key Identifier: keyid:92:02:03:6A:43:DA:D0:6B:6C:2C:C6:4B:DE:76:78:70:67:6F:87:B3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kgIDakPa0GtsLMZL3nZ4cGdvh7M.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/027688-d39c-484a-a450-73dced39707f/1/kgIDakPa0GtsLMZL3nZ4cGdvh7M.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/027688-d39c-484a-a450-73dced39707f/1/kgIDakPa0GtsLMZL3nZ4cGdvh7M.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 36:fa:71:c8:e5:36:33:66:7d:8d:d4:3b:92:4d:2f:6e:b1:3d: 67:4a:03:96:a9:17:6a:6d:19:3d:74:e4:5b:be:38:a3:95:96: fb:f2:72:5b:86:61:2a:c7:1e:6a:f0:6a:e6:80:2b:bd:32:05: 07:94:55:47:0b:df:f6:70:2c:89:9b:34:cb:d7:a5:62:f0:3f: 16:c1:a1:4b:42:0a:41:0b:cf:61:28:87:df:a7:60:b9:57:d1: e0:dd:43:4a:f2:19:81:17:42:db:02:c5:5d:f5:95:ab:ff:5b: 62:9c:56:18:82:a7:69:f7:ae:7d:b6:0e:b2:8c:7d:a3:16:b5: 83:0a:bb:8a:b3:f1:32:6d:2a:ae:47:ca:68:ab:89:23:89:08: 19:7d:78:ac:45:c6:25:16:25:f2:1e:93:3a:32:e0:b5:03:4a: d8:e8:e9:25:1c:c1:8e:11:5e:5a:2a:1f:a0:d3:5c:82:d1:5b: fb:69:f3:a9:45:63:8b:87:8f:29:3b:d0:d1:dc:65:b3:2e:c6: e7:66:aa:9a:75:49:77:01:64:24:80:b3:51:51:a5:a6:90:38: 02:95:6f:f2:b2:65:fc:75:1e:79:a1:12:74:10:7e:54:8d:fd: d3:43:f5:74:5a:5f:f8:aa:c0:b1:52:43:1a:51:91:9d:97:05: cb:91:42:fe -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtQO/Br/6s0alRWmYTDE5myMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkyMDIwMzZhNDNkYWQwNmI2YzJjYzY0YmRlNzY3ODcwNjc2 Zjg3YjMwHhcNMjUxMjI0MTIwMTAzWhcNMjUxMjI1MTIwMTAzWjAzMTEwLwYDVQQD EygzYjU2YzY0NjJhMDNlMGYwZTM4MDhlMTQ1MGFlMGU4ZGU2YTM5NWI1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArlpeHT4+LzUyzWJ8bfWfEXanLORH smdgeYN8vYlm+r3l+0tGY/CqmUBjUkrhvG9m5797OQJE1340pCqWw0xLrcI70ZVW XJ9warJnEHdaJad87Tbg8JjbD8Bitua/nJKozLC4UPb52ExnYOeMx1SFM62M+HiF VrMLCS2kyl0DfrOs+IzuN7BYCPm6MpJU8+xFj2m7C8GjAr+4+u+4flGB+PS4eiJu lUuc8bc4fenEy7Pbu5rwW3xPv6u/SqzbytPTE2DoQvP45ZAavbGjTi31aFRZK/lz +ZH34fBXaaKdLe1Lj1paikMnnw5NggRyRjpiEfQWujZLGo3yG4xKrLLxWQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFDtWxkYqA+Dw44COFFCuDo3mo5W1MB8GA1UdIwQY MBaAFJICA2pD2tBrbCzGS952eHBnb4ezMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva2dJRGFrUGEwR3RzTE1aTDNuWjRjR2R2aDdNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy8wMjc2ODgtZDM5Yy00ODRhLWE0NTAt NzNkY2VkMzk3MDdmLzEva2dJRGFrUGEwR3RzTE1aTDNuWjRjR2R2aDdNLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lNy8wMjc2ODgtZDM5Yy00ODRhLWE0NTAtNzNkY2VkMzk3MDdm LzEva2dJRGFrUGEwR3RzTE1aTDNuWjRjR2R2aDdNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANvpxyOU2 M2Z9jdQ7kk0vbrE9Z0oDlqkXam0ZPXTkW744o5WW+/JyW4ZhKsceavBq5oArvTIF B5RVRwvf9nAsiZs0y9elYvA/FsGhS0IKQQvPYSiH36dguVfR4N1DSvIZgRdC2wLF XfWVq/9bYpxWGIKnafeufbYOsox9oxa1gwq7irPxMm0qrkfKaKuJI4kIGX14rEXG JRYl8h6TOjLgtQNK2OjpJRzBjhFeWiofoNNcgtFb+2nzqUVji4ePKTvQ0dxlsy7G 52aqmnVJdwFkJICzUVGlppA4ApVv8rJl/HUeeaESdBB+VI3900P1dFpf+KrAsVJD GlGRnZcFy5FC/g== -----END CERTIFICATE-----Generated at Wed Dec 24 18:09:01 2025 by rpki-client