This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/31a20a-77d0-4ac8-a09f-04a6cd816a03/1/kPWSjHUq2aCM_rG4j0Y8PA3S6F0.mft File: kPWSjHUq2aCM_rG4j0Y8PA3S6F0.mft (raw, json) Hash identifier: e9+27yFsKesCD7jm8Y2HhI3dQKAcmpfOF7sTxefDwok= Subject key identifier: 7C:61:68:4F:51:9D:66:59:D0:17:3F:16:EE:40:26:37:6C:B7:25:9C Authority key identifier: 90:F5:92:8C:75:2A:D9:A0:8C:FE:B1:B8:8F:46:3C:3C:0D:D2:E8:5D Certificate issuer: /CN=90f5928c752ad9a08cfeb1b88f463c3c0dd2e85d Certificate serial: 019B2176226F04B3A4E21CC4D9DE34FB38AA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kPWSjHUq2aCM_rG4j0Y8PA3S6F0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/31a20a-77d0-4ac8-a09f-04a6cd816a03/1/kPWSjHUq2aCM_rG4j0Y8PA3S6F0.mft Manifest number: 08CA Signing time: Mon 15 Dec 2025 10:02:28 +0000 Manifest this update: Mon 15 Dec 2025 10:02:28 +0000 Manifest next update: Tue 16 Dec 2025 10:02:28 +0000 Files and hashes: 1: kPWSjHUq2aCM_rG4j0Y8PA3S6F0.crl (hash: sJl42Ae8CW+KQAnnhk7mwR2w6JkdMSeDR9iWJbvb+tY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/31a20a-77d0-4ac8-a09f-04a6cd816a03/1/kPWSjHUq2aCM_rG4j0Y8PA3S6F0.crl rsync://rpki.ripe.net/repository/DEFAULT/f8/31a20a-77d0-4ac8-a09f-04a6cd816a03/1/kPWSjHUq2aCM_rG4j0Y8PA3S6F0.mft rsync://rpki.ripe.net/repository/DEFAULT/kPWSjHUq2aCM_rG4j0Y8PA3S6F0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 10:02:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:21:76:22:6f:04:b3:a4:e2:1c:c4:d9:de:34:fb:38:aa Signature Algorithm: sha256WithRSAEncryption Issuer: CN=90f5928c752ad9a08cfeb1b88f463c3c0dd2e85d Validity Not Before: Dec 15 10:02:28 2025 GMT Not After : Dec 16 10:02:28 2025 GMT Subject: CN=7c61684f519d6659d0173f16ee4026376cb7259c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:f8:a5:e5:7d:4a:ec:3f:4d:fa:d2:f7:7b:01: 2f:cb:c0:ff:2a:f8:32:d7:d0:d7:f7:9a:bc:64:15: 09:2d:55:04:84:a7:70:d5:87:09:2c:5b:e5:bc:45: 1e:9c:8d:a3:d6:62:26:d9:25:a0:2d:1d:5d:ff:40: 85:d9:41:a9:4f:03:ab:74:37:84:6f:2a:f7:1d:29: 35:03:18:8a:7c:25:0f:1c:73:6d:4e:3a:a6:7c:da: ec:19:71:27:37:50:b2:75:2d:c0:60:9f:df:37:67: 92:58:04:a3:04:c7:c2:6a:4f:56:59:58:e2:52:e5: ca:78:b2:3a:05:45:4e:03:55:ee:93:84:62:2e:98: 87:5a:22:47:f5:70:a2:e5:35:b5:fb:4b:a3:a9:14: 15:53:51:58:e8:49:f1:4a:df:9f:32:17:31:82:98: 43:67:48:8a:1f:c0:ca:e9:e3:4c:de:57:1f:c5:68: fc:77:e1:7a:de:f9:2e:08:3e:18:12:e1:95:a8:3c: 03:88:4c:06:e9:69:d6:c9:57:69:7f:23:ab:ef:d6: 3f:a6:60:b1:1e:c7:fa:ac:1a:66:0d:f4:28:9b:49: 93:2a:54:ba:58:1a:8d:b6:17:52:c1:21:1a:d3:4e: d6:85:b5:26:1d:99:fe:61:3f:1e:d5:ea:fb:9a:a5: 80:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7C:61:68:4F:51:9D:66:59:D0:17:3F:16:EE:40:26:37:6C:B7:25:9C X509v3 Authority Key Identifier: keyid:90:F5:92:8C:75:2A:D9:A0:8C:FE:B1:B8:8F:46:3C:3C:0D:D2:E8:5D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kPWSjHUq2aCM_rG4j0Y8PA3S6F0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/31a20a-77d0-4ac8-a09f-04a6cd816a03/1/kPWSjHUq2aCM_rG4j0Y8PA3S6F0.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/31a20a-77d0-4ac8-a09f-04a6cd816a03/1/kPWSjHUq2aCM_rG4j0Y8PA3S6F0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 94:8f:df:c5:5d:95:c3:c7:b5:eb:16:cc:2f:70:18:2e:48:2c: 8a:78:ba:e4:3d:0d:8c:8d:db:66:07:89:b4:cc:4f:0b:42:06: f8:be:69:1c:0e:23:12:0c:ca:65:cc:e6:34:9a:cf:24:2d:95: d0:e5:31:57:8b:72:3e:85:98:d5:80:ba:38:fb:e2:07:ad:46: c8:9c:c7:c6:2f:43:20:68:8e:bc:bf:d4:bf:72:4c:0d:0f:cb: 94:e1:fd:eb:05:55:06:e1:ef:b5:c8:77:31:e6:af:ad:b4:0f: 4d:5f:c4:f5:fa:48:03:44:08:5e:a0:e4:ab:11:f2:03:20:72: 76:60:ae:c0:bd:0b:40:ce:21:87:6f:10:79:ea:9e:41:23:b7: 32:1f:52:d0:3f:84:98:6b:c8:78:a8:78:80:d3:73:18:20:64: 29:6d:9b:30:63:4d:cb:56:7b:8f:9d:14:8a:96:25:a4:00:20: a7:4f:e9:f9:70:2f:63:4d:2c:09:13:30:7e:10:67:00:6a:74: dc:04:57:59:71:51:a1:3d:c0:f5:39:ba:8b:32:a9:c7:8d:8b: af:bd:87:c1:35:26:a1:6d:75:75:84:5d:25:ba:90:08:8c:e7: ac:cb:5e:dc:67:c8:c2:0f:7d:7a:55:54:8d:7f:d1:ce:c4:c5: aa:d5:61:65 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZshdiJvBLOk4hzE2d40+ziqMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkwZjU5MjhjNzUyYWQ5YTA4Y2ZlYjFiODhmNDYzYzNjMGRk MmU4NWQwHhcNMjUxMjE1MTAwMjI4WhcNMjUxMjE2MTAwMjI4WjAzMTEwLwYDVQQD Eyg3YzYxNjg0ZjUxOWQ2NjU5ZDAxNzNmMTZlZTQwMjYzNzZjYjcyNTljMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3fil5X1K7D9N+tL3ewEvy8D/Kvgy 19DX95q8ZBUJLVUEhKdw1YcJLFvlvEUenI2j1mIm2SWgLR1d/0CF2UGpTwOrdDeE byr3HSk1AxiKfCUPHHNtTjqmfNrsGXEnN1CydS3AYJ/fN2eSWASjBMfCak9WWVji UuXKeLI6BUVOA1Xuk4RiLpiHWiJH9XCi5TW1+0ujqRQVU1FY6EnxSt+fMhcxgphD Z0iKH8DK6eNM3lcfxWj8d+F63vkuCD4YEuGVqDwDiEwG6WnWyVdpfyOr79Y/pmCx Hsf6rBpmDfQom0mTKlS6WBqNthdSwSEa007WhbUmHZn+YT8e1er7mqWArQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHxhaE9RnWZZ0Bc/Fu5AJjdstyWcMB8GA1UdIwQY MBaAFJD1kox1KtmgjP6xuI9GPDwN0uhdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva1BXU2pIVXEyYUNNX3JHNGowWThQQTNTNkYwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC8zMWEyMGEtNzdkMC00YWM4LWEwOWYt MDRhNmNkODE2YTAzLzEva1BXU2pIVXEyYUNNX3JHNGowWThQQTNTNkYwLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mOC8zMWEyMGEtNzdkMC00YWM4LWEwOWYtMDRhNmNkODE2YTAz LzEva1BXU2pIVXEyYUNNX3JHNGowWThQQTNTNkYwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlI/fxV2V w8e16xbML3AYLkgsini65D0NjI3bZgeJtMxPC0IG+L5pHA4jEgzKZczmNJrPJC2V 0OUxV4tyPoWY1YC6OPviB61GyJzHxi9DIGiOvL/Uv3JMDQ/LlOH96wVVBuHvtch3 MeavrbQPTV/E9fpIA0QIXqDkqxHyAyBydmCuwL0LQM4hh28QeeqeQSO3Mh9S0D+E mGvIeKh4gNNzGCBkKW2bMGNNy1Z7j50UipYlpAAgp0/p+XAvY00sCRMwfhBnAGp0 3ARXWXFRoT3A9Tm6izKpx42Lr72HwTUmoW11dYRdJbqQCIznrMte3GfIwg99elVU jX/RzsTFqtVhZQ== -----END CERTIFICATE-----Generated at Mon Dec 15 19:48:04 2025 by rpki-client