This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/43a672-d151-4c4e-9809-149f6365ffda/1/KgGcraFj42jMM2J2PyBrPerE0yA.mft File: KgGcraFj42jMM2J2PyBrPerE0yA.mft (raw, json) Hash identifier: uztrP/hrI07vUd1M2seOjxYIi/TuIjPbBVfAU/gDFKc= Subject key identifier: 66:FC:E9:81:3A:B4:9A:2E:87:D3:F2:C1:17:A4:31:0C:71:63:87:42 Authority key identifier: 2A:01:9C:AD:A1:63:E3:68:CC:33:62:76:3F:20:6B:3D:EA:C4:D3:20 Certificate issuer: /CN=2a019cada163e368cc3362763f206b3deac4d320 Certificate serial: 019B50E0B43C74CB10772449969ECD9586A8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KgGcraFj42jMM2J2PyBrPerE0yA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/43a672-d151-4c4e-9809-149f6365ffda/1/KgGcraFj42jMM2J2PyBrPerE0yA.mft Manifest number: 0D01 Signing time: Wed 24 Dec 2025 15:01:02 +0000 Manifest this update: Wed 24 Dec 2025 15:01:02 +0000 Manifest next update: Thu 25 Dec 2025 15:01:02 +0000 Files and hashes: 1: KgGcraFj42jMM2J2PyBrPerE0yA.crl (hash: /uc6qqsgJW11cfQOmLtKXPVXkLdA6C8vuZQWxdH5Mlc=) 2: aZtA3Tb82BUczOl9SsTYverE7lI.roa (hash: LK8Z2BqrNCcDSNuABGRySwkLhGqKgLJf/sHl1VyEOIw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/43a672-d151-4c4e-9809-149f6365ffda/1/KgGcraFj42jMM2J2PyBrPerE0yA.crl rsync://rpki.ripe.net/repository/DEFAULT/f2/43a672-d151-4c4e-9809-149f6365ffda/1/KgGcraFj42jMM2J2PyBrPerE0yA.mft rsync://rpki.ripe.net/repository/DEFAULT/KgGcraFj42jMM2J2PyBrPerE0yA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 25 Dec 2025 14:30:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:50:e0:b4:3c:74:cb:10:77:24:49:96:9e:cd:95:86:a8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a019cada163e368cc3362763f206b3deac4d320 Validity Not Before: Dec 24 15:01:02 2025 GMT Not After : Dec 25 15:01:02 2025 GMT Subject: CN=66fce9813ab49a2e87d3f2c117a4310c71638742 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:28:2b:d5:6a:5e:5e:aa:19:6c:7d:7c:c7:18: 5f:cc:91:09:b3:2e:e4:78:02:e8:df:1b:fa:4b:a1: 15:bb:07:68:79:2c:58:2c:68:43:5c:48:5c:31:be: 25:06:8d:af:23:a9:1e:03:7c:71:56:02:47:36:f3: 35:5d:ee:48:6e:ac:21:c5:e1:90:09:06:21:14:8b: 4e:f8:7a:8f:40:36:06:17:23:a6:9c:82:b6:4a:04: d3:08:62:68:3f:e3:c5:75:ff:ae:4a:15:b8:8b:57: b5:6a:1e:fb:cb:9d:15:f0:24:21:81:ca:ff:9b:0f: f9:09:14:4c:f2:7d:6e:cb:92:02:01:ed:e9:39:9f: 9d:24:45:a7:ae:ad:ea:0c:bf:c6:c5:ed:55:c3:5a: 7e:8f:8b:2b:bf:f4:b4:ff:5d:ea:92:b9:ff:e7:47: ea:e3:f9:15:d3:dc:34:58:6f:df:a3:1c:ed:b5:ec: 21:4f:72:1a:d2:0c:98:91:d0:1f:20:2d:78:8e:66: 70:90:04:b6:74:2c:97:81:e9:65:92:7d:d5:b0:eb: c8:55:ff:fc:84:3a:55:d8:c1:bb:34:ee:48:de:bc: 04:9f:68:cf:05:a2:15:d5:a7:b8:21:ea:7b:07:32: af:3c:b5:6f:9b:2d:bf:f2:a7:ac:15:19:4e:72:bc: 4d:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:FC:E9:81:3A:B4:9A:2E:87:D3:F2:C1:17:A4:31:0C:71:63:87:42 X509v3 Authority Key Identifier: keyid:2A:01:9C:AD:A1:63:E3:68:CC:33:62:76:3F:20:6B:3D:EA:C4:D3:20 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KgGcraFj42jMM2J2PyBrPerE0yA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/43a672-d151-4c4e-9809-149f6365ffda/1/KgGcraFj42jMM2J2PyBrPerE0yA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/43a672-d151-4c4e-9809-149f6365ffda/1/KgGcraFj42jMM2J2PyBrPerE0yA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 1a:f9:25:dd:e2:34:8f:d5:90:79:a3:34:ac:6d:d1:c8:56:5f: 71:0c:b6:0e:f8:5b:02:c9:1b:ed:de:73:b7:ff:9e:20:3f:ed: cd:19:50:57:ba:fa:56:16:ee:01:99:09:cc:03:4f:c0:88:6f: 0e:3a:46:93:33:82:0e:b6:6c:c8:9f:84:ab:00:b8:69:98:52: d4:40:97:33:59:ec:02:d4:99:59:93:6f:5d:7c:4b:5e:9e:75: 57:26:cc:34:02:fd:29:ca:0a:49:dd:ee:8d:ad:01:df:9e:2c: e4:22:f8:c4:70:db:de:ac:aa:98:20:d3:0d:ff:de:57:6f:a0: 03:af:d5:77:88:b7:56:a8:63:98:94:f6:36:ea:2f:fa:a6:87: 50:1e:09:7f:c8:2b:22:ee:24:a6:d3:e3:de:9e:0a:19:ee:0b: 21:3f:fc:5b:ba:c2:48:9a:8b:b6:1c:f1:20:a1:ce:b7:f2:b2: 9f:79:fb:83:fd:53:a1:5a:d0:11:15:c9:b1:59:81:78:4e:ab: 8d:a9:8f:71:ca:f0:a2:f9:9f:92:63:a8:cc:15:9e:cd:65:5c: c9:a0:7d:51:4b:b6:30:2d:9c:6a:3b:05:0d:43:e6:45:e5:44: b9:68:1d:4b:f3:75:ba:2e:86:f7:1f:f8:a2:c0:5b:6c:4f:ad: d2:6c:0e:37 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZtQ4LQ8dMsQdyRJlp7NlYaoMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhMDE5Y2FkYTE2M2UzNjhjYzMzNjI3NjNmMjA2YjNkZWFj NGQzMjAwHhcNMjUxMjI0MTUwMTAyWhcNMjUxMjI1MTUwMTAyWjAzMTEwLwYDVQQD Eyg2NmZjZTk4MTNhYjQ5YTJlODdkM2YyYzExN2E0MzEwYzcxNjM4NzQyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxygr1WpeXqoZbH18xxhfzJEJsy7k eALo3xv6S6EVuwdoeSxYLGhDXEhcMb4lBo2vI6keA3xxVgJHNvM1Xe5IbqwhxeGQ CQYhFItO+HqPQDYGFyOmnIK2SgTTCGJoP+PFdf+uShW4i1e1ah77y50V8CQhgcr/ mw/5CRRM8n1uy5ICAe3pOZ+dJEWnrq3qDL/Gxe1Vw1p+j4srv/S0/13qkrn/50fq 4/kV09w0WG/foxzttewhT3Ia0gyYkdAfIC14jmZwkAS2dCyXgellkn3VsOvIVf/8 hDpV2MG7NO5I3rwEn2jPBaIV1ae4Iep7BzKvPLVvmy2/8qesFRlOcrxNzQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGb86YE6tJouh9PywRekMQxxY4dCMB8GA1UdIwQY MBaAFCoBnK2hY+NozDNidj8gaz3qxNMgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS2dHY3JhRmo0MmpNTTJKMlB5QnJQZXJFMHlBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi80M2E2NzItZDE1MS00YzRlLTk4MDkt MTQ5ZjYzNjVmZmRhLzEvS2dHY3JhRmo0MmpNTTJKMlB5QnJQZXJFMHlBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mMi80M2E2NzItZDE1MS00YzRlLTk4MDktMTQ5ZjYzNjVmZmRh LzEvS2dHY3JhRmo0MmpNTTJKMlB5QnJQZXJFMHlBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAGvkl3eI0 j9WQeaM0rG3RyFZfcQy2DvhbAskb7d5zt/+eID/tzRlQV7r6VhbuAZkJzANPwIhv DjpGkzOCDrZsyJ+EqwC4aZhS1ECXM1nsAtSZWZNvXXxLXp51VybMNAL9KcoKSd3u ja0B354s5CL4xHDb3qyqmCDTDf/eV2+gA6/Vd4i3VqhjmJT2Nuov+qaHUB4Jf8gr Iu4kptPj3p4KGe4LIT/8W7rCSJqLthzxIKHOt/Kyn3n7g/1ToVrQERXJsVmBeE6r jamPccrwovmfkmOozBWezWVcyaB9UUu2MC2cajsFDUPmReVEuWgdS/N1ui6G9x/4 osBbbE+t0mwONw== -----END CERTIFICATE-----Generated at Wed Dec 24 21:46:16 2025 by rpki-client