This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/43a672-d151-4c4e-9809-149f6365ffda/1/KgGcraFj42jMM2J2PyBrPerE0yA.mft File: KgGcraFj42jMM2J2PyBrPerE0yA.mft (raw, json) Hash identifier: 5EE1vSPbdavZs3QkeRjv/eImPdTqraPXWzrHRI3X9GM= Subject key identifier: 88:1C:75:6D:FA:2F:F2:E8:5E:C0:FB:CA:9A:BF:F4:F2:64:6C:5F:83 Authority key identifier: 2A:01:9C:AD:A1:63:E3:68:CC:33:62:76:3F:20:6B:3D:EA:C4:D3:20 Certificate issuer: /CN=2a019cada163e368cc3362763f206b3deac4d320 Certificate serial: 019B3F7F80E0E725FB6CB69A7359E7C11318 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KgGcraFj42jMM2J2PyBrPerE0yA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/43a672-d151-4c4e-9809-149f6365ffda/1/KgGcraFj42jMM2J2PyBrPerE0yA.mft Manifest number: 0CF8 Signing time: Sun 21 Dec 2025 06:01:19 +0000 Manifest this update: Sun 21 Dec 2025 06:01:19 +0000 Manifest next update: Mon 22 Dec 2025 06:01:19 +0000 Files and hashes: 1: KgGcraFj42jMM2J2PyBrPerE0yA.crl (hash: h8cpj8X2RRXt8BbuRmRRxFN2fYZoXh0kTYTJK4+ZmUQ=) 2: aZtA3Tb82BUczOl9SsTYverE7lI.roa (hash: LK8Z2BqrNCcDSNuABGRySwkLhGqKgLJf/sHl1VyEOIw=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/43a672-d151-4c4e-9809-149f6365ffda/1/KgGcraFj42jMM2J2PyBrPerE0yA.crl rsync://rpki.ripe.net/repository/DEFAULT/f2/43a672-d151-4c4e-9809-149f6365ffda/1/KgGcraFj42jMM2J2PyBrPerE0yA.mft rsync://rpki.ripe.net/repository/DEFAULT/KgGcraFj42jMM2J2PyBrPerE0yA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3f:7f:80:e0:e7:25:fb:6c:b6:9a:73:59:e7:c1:13:18 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2a019cada163e368cc3362763f206b3deac4d320 Validity Not Before: Dec 21 06:01:19 2025 GMT Not After : Dec 22 06:01:19 2025 GMT Subject: CN=881c756dfa2ff2e85ec0fbca9abff4f2646c5f83 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:16:34:ed:a4:f8:4a:9d:51:8c:b6:bf:d0:ab: c8:d5:af:ce:f0:3a:13:b8:1e:be:dd:d5:7c:ee:b9: 5b:de:76:f6:96:f3:0d:f7:5b:28:e3:1d:ef:3b:ad: 7e:ed:71:54:63:ea:e4:2e:33:92:56:69:85:2d:94: 95:8c:68:a3:c8:34:32:d5:db:6b:05:45:04:1a:ef: 30:d2:ad:46:16:11:bf:29:3f:36:bb:8a:90:de:c1: a2:08:43:1b:c1:a8:46:41:7c:5a:f7:de:c3:c1:97: 4f:c5:e6:ca:b9:f7:15:27:39:1a:8b:3c:ee:5c:1c: b2:f1:4b:bb:8b:b8:98:e0:f1:3b:4a:f8:3b:42:a9: 4c:4c:ac:23:05:4b:3f:59:df:13:16:da:03:ee:b3: 2d:1d:0b:33:b9:fd:97:bb:a8:84:15:d8:a3:ec:d0: 06:41:c4:97:00:d0:7a:b1:e6:20:59:22:51:a6:59: 4c:2b:3f:8b:05:5d:0f:2c:06:04:df:39:ff:3d:8b: 38:b7:08:fe:f4:f3:08:a3:3f:d7:5e:af:a4:36:96: af:27:14:b2:91:d8:ba:b6:e1:7c:26:68:10:3b:db: d1:18:19:6e:88:6e:e5:57:ef:3f:9a:98:55:d8:65: 7f:99:c9:2d:dc:db:4f:9b:8b:2c:32:da:10:15:e5: 79:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:1C:75:6D:FA:2F:F2:E8:5E:C0:FB:CA:9A:BF:F4:F2:64:6C:5F:83 X509v3 Authority Key Identifier: keyid:2A:01:9C:AD:A1:63:E3:68:CC:33:62:76:3F:20:6B:3D:EA:C4:D3:20 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KgGcraFj42jMM2J2PyBrPerE0yA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/43a672-d151-4c4e-9809-149f6365ffda/1/KgGcraFj42jMM2J2PyBrPerE0yA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/43a672-d151-4c4e-9809-149f6365ffda/1/KgGcraFj42jMM2J2PyBrPerE0yA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 30:cb:ae:98:b3:e8:c5:dc:f1:2c:9f:d7:8d:70:34:7c:95:f5: 53:0e:9b:0b:01:6a:8d:15:3f:6b:05:3c:48:67:2b:e0:98:72: c2:7f:fe:fe:e6:0c:e2:5c:4a:de:05:05:52:fb:50:ef:5b:15: 99:b7:6e:4d:8b:13:30:d6:66:90:7d:c9:61:e3:a2:cc:ee:dd: 05:e9:38:21:d6:67:be:4b:0f:ae:ce:61:fc:10:3e:a9:2f:cf: 2a:40:4c:78:d9:80:7a:a2:b5:50:96:62:b1:74:03:91:4e:e3: 6d:9b:26:04:f8:30:f5:5c:e9:27:97:62:3d:ab:f0:50:de:5d: 4a:d8:80:88:72:6f:26:88:9c:ff:af:88:fc:55:33:3d:31:d7: 4b:d8:d5:cf:4e:6b:26:7d:5c:b3:c3:99:58:3b:1f:fb:26:d5: 5d:59:3f:79:ce:d0:1d:73:ad:39:d2:6b:19:77:81:ba:69:36: 86:25:80:f3:df:1c:8b:d2:52:22:2f:0b:e3:0c:ff:f5:c9:6e: 70:5e:5a:f4:ac:9a:f5:09:65:95:30:30:97:3b:72:31:80:09: 64:8f:d3:05:49:f3:25:db:69:fc:04:b8:5a:a7:55:c4:8e:21: 59:0a:9e:4d:4b:47:64:7f:84:72:76:85:ea:39:16:92:e6:ca: ca:6c:4c:95 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs/f4Dg5yX7bLaac1nnwRMYMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJhMDE5Y2FkYTE2M2UzNjhjYzMzNjI3NjNmMjA2YjNkZWFj NGQzMjAwHhcNMjUxMjIxMDYwMTE5WhcNMjUxMjIyMDYwMTE5WjAzMTEwLwYDVQQD Eyg4ODFjNzU2ZGZhMmZmMmU4NWVjMGZiY2E5YWJmZjRmMjY0NmM1ZjgzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnRY07aT4Sp1RjLa/0KvI1a/O8DoT uB6+3dV87rlb3nb2lvMN91so4x3vO61+7XFUY+rkLjOSVmmFLZSVjGijyDQy1dtr BUUEGu8w0q1GFhG/KT82u4qQ3sGiCEMbwahGQXxa997DwZdPxebKufcVJzkaizzu XByy8Uu7i7iY4PE7Svg7QqlMTKwjBUs/Wd8TFtoD7rMtHQszuf2Xu6iEFdij7NAG QcSXANB6seYgWSJRpllMKz+LBV0PLAYE3zn/PYs4twj+9PMIoz/XXq+kNpavJxSy kdi6tuF8JmgQO9vRGBluiG7lV+8/mphV2GV/mckt3NtPm4ssMtoQFeV5AwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFIgcdW36L/LoXsD7ypq/9PJkbF+DMB8GA1UdIwQY MBaAFCoBnK2hY+NozDNidj8gaz3qxNMgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS2dHY3JhRmo0MmpNTTJKMlB5QnJQZXJFMHlBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi80M2E2NzItZDE1MS00YzRlLTk4MDkt MTQ5ZjYzNjVmZmRhLzEvS2dHY3JhRmo0MmpNTTJKMlB5QnJQZXJFMHlBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mMi80M2E2NzItZDE1MS00YzRlLTk4MDktMTQ5ZjYzNjVmZmRh LzEvS2dHY3JhRmo0MmpNTTJKMlB5QnJQZXJFMHlBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMMuumLPo xdzxLJ/XjXA0fJX1Uw6bCwFqjRU/awU8SGcr4Jhywn/+/uYM4lxK3gUFUvtQ71sV mbduTYsTMNZmkH3JYeOizO7dBek4IdZnvksPrs5h/BA+qS/PKkBMeNmAeqK1UJZi sXQDkU7jbZsmBPgw9VzpJ5diPavwUN5dStiAiHJvJoic/6+I/FUzPTHXS9jVz05r Jn1cs8OZWDsf+ybVXVk/ec7QHXOtOdJrGXeBumk2hiWA898ci9JSIi8L4wz/9clu cF5a9Kya9QlllTAwlztyMYAJZI/TBUnzJdtp/AS4WqdVxI4hWQqeTUtHZH+EcnaF 6jkWkubKymxMlQ== -----END CERTIFICATE-----Generated at Sun Dec 21 10:16:23 2025 by rpki-client