This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/83cd41-7256-4d66-942f-72ecba131af8/1/KZbNaFMYR-Owvg2TxlzB-2Ts0ho.mft File: KZbNaFMYR-Owvg2TxlzB-2Ts0ho.mft (raw, json) Hash identifier: mFSeJCkoAR2gUM5h9Kqm2xdIQrYzTybs3zVeC5A+J2U= Subject key identifier: 95:AB:81:D5:11:19:C6:E1:62:B0:F1:D5:EE:60:87:D6:AC:40:BB:6E Authority key identifier: 29:96:CD:68:53:18:47:E3:B0:BE:0D:93:C6:5C:C1:FB:64:EC:D2:1A Certificate issuer: /CN=2996cd68531847e3b0be0d93c65cc1fb64ecd21a Certificate serial: 019B34C5203CAB74632CB7B9C3B40650EC44 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KZbNaFMYR-Owvg2TxlzB-2Ts0ho.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/83cd41-7256-4d66-942f-72ecba131af8/1/KZbNaFMYR-Owvg2TxlzB-2Ts0ho.mft Manifest number: 0359 Signing time: Fri 19 Dec 2025 04:01:32 +0000 Manifest this update: Fri 19 Dec 2025 04:01:32 +0000 Manifest next update: Sat 20 Dec 2025 04:01:32 +0000 Files and hashes: 1: KZbNaFMYR-Owvg2TxlzB-2Ts0ho.crl (hash: NN/kzpfF1Vx+r7PZh/Y0WhtSKdultlHoiYdiiUXMSQE=) 2: l2JOTmWwgvB0Noq1JM57zkDHT7E.roa (hash: fvF/3WFpXW+en1bZSjFDxni1bz8bZU75qvWIdCsVsmI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/83cd41-7256-4d66-942f-72ecba131af8/1/KZbNaFMYR-Owvg2TxlzB-2Ts0ho.crl rsync://rpki.ripe.net/repository/DEFAULT/f0/83cd41-7256-4d66-942f-72ecba131af8/1/KZbNaFMYR-Owvg2TxlzB-2Ts0ho.mft rsync://rpki.ripe.net/repository/DEFAULT/KZbNaFMYR-Owvg2TxlzB-2Ts0ho.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 04:01:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:34:c5:20:3c:ab:74:63:2c:b7:b9:c3:b4:06:50:ec:44 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2996cd68531847e3b0be0d93c65cc1fb64ecd21a Validity Not Before: Dec 19 04:01:32 2025 GMT Not After : Dec 20 04:01:32 2025 GMT Subject: CN=95ab81d51119c6e162b0f1d5ee6087d6ac40bb6e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:ac:1b:6d:09:17:a1:5f:d1:cc:47:fd:f6:38: 14:f1:42:21:15:1a:e1:59:6a:78:43:16:09:2d:81: ce:0f:43:4c:26:27:30:33:a0:75:db:72:d0:54:83: 96:b3:16:af:9b:03:1e:92:f4:1e:1f:9d:e1:78:12: d7:b8:91:ac:f6:dd:c6:a2:f5:e4:fc:d5:33:2f:4f: 35:c6:70:08:9f:c9:75:dd:5f:66:6c:78:ca:1c:dc: a5:e6:3f:b0:4d:1b:8b:ed:f3:5b:cc:27:16:13:53: b9:b8:ec:50:9e:80:b7:d8:d1:fe:58:ef:48:2c:49: 68:2c:56:d3:18:43:ae:f5:77:d1:f1:b8:6c:f4:da: e1:a9:63:3c:51:39:19:a8:90:2c:f4:fe:6c:38:23: 72:e9:85:ce:52:c6:a9:0b:a4:bd:34:c0:4e:f9:bb: d8:10:ab:60:84:cc:cf:f0:69:46:48:57:33:26:5c: 38:a7:af:de:19:3d:86:09:65:e2:3a:33:9e:d6:e7: aa:62:e1:79:49:95:e4:1a:1e:88:e9:6f:6f:83:c2: 38:9a:49:ab:bd:aa:18:78:07:de:9a:d9:84:1a:ad: 9d:87:d8:c0:2d:d4:60:1b:41:84:f9:8b:51:ce:15: bd:0d:8a:49:14:17:c0:98:5b:04:37:49:cb:eb:1f: f6:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 95:AB:81:D5:11:19:C6:E1:62:B0:F1:D5:EE:60:87:D6:AC:40:BB:6E X509v3 Authority Key Identifier: keyid:29:96:CD:68:53:18:47:E3:B0:BE:0D:93:C6:5C:C1:FB:64:EC:D2:1A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KZbNaFMYR-Owvg2TxlzB-2Ts0ho.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/83cd41-7256-4d66-942f-72ecba131af8/1/KZbNaFMYR-Owvg2TxlzB-2Ts0ho.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/83cd41-7256-4d66-942f-72ecba131af8/1/KZbNaFMYR-Owvg2TxlzB-2Ts0ho.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 86:ca:7a:11:40:4e:ac:3e:33:b7:f5:5e:0e:a2:8c:5d:7e:8e: f5:d1:c2:46:5f:76:bd:9b:7d:ef:96:37:f7:8a:e7:5d:2f:e0: 8f:73:e8:be:9c:6c:58:f6:a9:04:a7:60:40:7e:6e:80:13:2d: 7e:97:02:58:36:84:6c:a8:27:ce:d8:cd:f8:37:e2:a9:2d:cf: fc:de:46:4b:3f:90:ba:1d:9b:10:2a:6e:db:9a:63:53:29:25: ec:dc:ed:1d:4a:67:37:36:f5:15:cc:e0:de:85:cd:64:e4:c4: 11:1c:ae:f2:45:b8:77:8b:37:7f:bb:ae:20:9d:e8:bd:19:78: 38:14:43:2e:0f:09:31:67:f8:be:dc:a8:52:6f:1d:30:91:c8: bb:dd:62:e0:3b:35:00:3f:4c:b3:91:0b:52:31:52:98:02:83: 32:74:e1:68:46:a4:f4:fa:26:73:e3:9b:6d:42:f6:a2:2c:2d: 5d:76:b8:a8:73:c8:9e:36:83:ab:3d:d4:f6:a5:e8:0c:23:11: f3:0f:0c:be:46:72:8c:07:ef:32:72:d6:89:5a:96:da:17:47: 5e:31:92:35:ca:ff:a0:6c:1b:4e:5e:45:9d:79:58:0a:79:da: 29:85:74:7a:80:a7:89:40:d5:3b:8e:e3:8e:24:fc:f0:62:ad: 7d:04:56:0a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs0xSA8q3RjLLe5w7QGUOxEMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI5OTZjZDY4NTMxODQ3ZTNiMGJlMGQ5M2M2NWNjMWZiNjRl Y2QyMWEwHhcNMjUxMjE5MDQwMTMyWhcNMjUxMjIwMDQwMTMyWjAzMTEwLwYDVQQD Eyg5NWFiODFkNTExMTljNmUxNjJiMGYxZDVlZTYwODdkNmFjNDBiYjZlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA36wbbQkXoV/RzEf99jgU8UIhFRrh WWp4QxYJLYHOD0NMJicwM6B123LQVIOWsxavmwMekvQeH53heBLXuJGs9t3GovXk /NUzL081xnAIn8l13V9mbHjKHNyl5j+wTRuL7fNbzCcWE1O5uOxQnoC32NH+WO9I LEloLFbTGEOu9XfR8bhs9NrhqWM8UTkZqJAs9P5sOCNy6YXOUsapC6S9NMBO+bvY EKtghMzP8GlGSFczJlw4p6/eGT2GCWXiOjOe1ueqYuF5SZXkGh6I6W9vg8I4mkmr vaoYeAfemtmEGq2dh9jALdRgG0GE+YtRzhW9DYpJFBfAmFsEN0nL6x/2KwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJWrgdURGcbhYrDx1e5gh9asQLtuMB8GA1UdIwQY MBaAFCmWzWhTGEfjsL4Nk8Zcwftk7NIaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS1piTmFGTVlSLU93dmcyVHhsekItMlRzMGhvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC84M2NkNDEtNzI1Ni00ZDY2LTk0MmYt NzJlY2JhMTMxYWY4LzEvS1piTmFGTVlSLU93dmcyVHhsekItMlRzMGhvLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mMC84M2NkNDEtNzI1Ni00ZDY2LTk0MmYtNzJlY2JhMTMxYWY4 LzEvS1piTmFGTVlSLU93dmcyVHhsekItMlRzMGhvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAhsp6EUBO rD4zt/VeDqKMXX6O9dHCRl92vZt975Y394rnXS/gj3PovpxsWPapBKdgQH5ugBMt fpcCWDaEbKgnztjN+DfiqS3P/N5GSz+Quh2bECpu25pjUykl7NztHUpnNzb1Fczg 3oXNZOTEERyu8kW4d4s3f7uuIJ3ovRl4OBRDLg8JMWf4vtyoUm8dMJHIu91i4Ds1 AD9Ms5ELUjFSmAKDMnThaEak9Pomc+ObbUL2oiwtXXa4qHPInjaDqz3U9qXoDCMR 8w8MvkZyjAfvMnLWiVqW2hdHXjGSNcr/oGwbTl5FnXlYCnnaKYV0eoCniUDVO47j jiT88GKtfQRWCg== -----END CERTIFICATE-----Generated at Fri Dec 19 14:01:34 2025 by rpki-client