This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/6541b4-7424-4758-bd32-5e4041d93008/1/KxlTcbTPcLiOdz4bgHyyORYyOFs.mft File: KxlTcbTPcLiOdz4bgHyyORYyOFs.mft (raw, json) Hash identifier: 808urdAopxsZ41PWU1c6GMLs84Khn2uv2utDYoq+oTY= Subject key identifier: BB:87:5E:12:79:9B:F7:FF:00:E1:E5:BD:A4:77:B7:8F:28:85:6B:69 Authority key identifier: 2B:19:53:71:B4:CF:70:B8:8E:77:3E:1B:80:7C:B2:39:16:32:38:5B Certificate issuer: /CN=2b195371b4cf70b88e773e1b807cb2391632385b Certificate serial: 019B3C7E19A1E319365F99DB77DFB14F5F51 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KxlTcbTPcLiOdz4bgHyyORYyOFs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/6541b4-7424-4758-bd32-5e4041d93008/1/KxlTcbTPcLiOdz4bgHyyORYyOFs.mft Manifest number: 69 Signing time: Sat 20 Dec 2025 16:00:55 +0000 Manifest this update: Sat 20 Dec 2025 16:00:55 +0000 Manifest next update: Sun 21 Dec 2025 16:00:55 +0000 Files and hashes: 1: KxlTcbTPcLiOdz4bgHyyORYyOFs.crl (hash: Tsy82nHz82I7iQMBOjR00JEeUEW5fuNcLhK85+v2sSs=) 2: RcBxveXi_aoz_FeIeMxnhBQusXA.roa (hash: JDMtMYQL2yTP3JmageJpAIJjq7tYWuu1s/9pPUz+mME=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/6541b4-7424-4758-bd32-5e4041d93008/1/KxlTcbTPcLiOdz4bgHyyORYyOFs.crl rsync://rpki.ripe.net/repository/DEFAULT/fa/6541b4-7424-4758-bd32-5e4041d93008/1/KxlTcbTPcLiOdz4bgHyyORYyOFs.mft rsync://rpki.ripe.net/repository/DEFAULT/KxlTcbTPcLiOdz4bgHyyORYyOFs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 15:46:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3c:7e:19:a1:e3:19:36:5f:99:db:77:df:b1:4f:5f:51 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2b195371b4cf70b88e773e1b807cb2391632385b Validity Not Before: Dec 20 16:00:55 2025 GMT Not After : Dec 21 16:00:55 2025 GMT Subject: CN=bb875e12799bf7ff00e1e5bda477b78f28856b69 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:94:2e:46:42:ee:9b:c5:a4:fa:55:b9:63:71:0a: a6:18:ed:23:16:91:2d:c1:3a:f7:c2:5b:37:ee:7f: 3d:29:de:8e:49:a9:bd:ba:f8:51:07:58:c4:44:ea: 9d:26:09:b6:56:d7:b9:7c:93:4c:5c:4a:c0:a8:1e: ed:d9:23:89:57:8e:05:22:a9:2d:71:c9:85:59:49: 15:e3:03:3a:4b:7e:35:ed:52:13:fe:d1:59:de:bc: 69:d3:3a:ef:46:fd:bd:36:97:0b:80:8b:4f:ac:ca: e3:ab:c0:ab:84:4c:19:aa:98:83:e3:a1:2e:45:c5: 2f:24:ac:43:7e:e2:9a:fe:b2:d7:4c:9c:0f:47:1d: 06:2a:bf:e6:92:b1:eb:8e:34:b8:ac:b4:41:87:44: ef:68:91:28:15:9b:33:d3:b4:d8:47:80:77:5d:64: c4:d3:c5:c8:56:cb:00:84:53:4b:c7:e0:ae:94:80: 4e:62:db:81:9d:62:eb:5c:90:e1:8f:f9:85:b8:ec: f8:7b:7d:0f:da:bb:25:da:aa:84:34:bd:b3:5b:a9: a8:c5:46:68:b8:29:a1:b8:0a:7f:e9:fc:14:c2:42: 8d:70:ad:6d:34:d0:79:1b:f3:a2:71:32:86:37:ad: 41:9a:09:78:34:15:ce:3b:2b:91:b2:cd:9c:92:17: 44:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BB:87:5E:12:79:9B:F7:FF:00:E1:E5:BD:A4:77:B7:8F:28:85:6B:69 X509v3 Authority Key Identifier: keyid:2B:19:53:71:B4:CF:70:B8:8E:77:3E:1B:80:7C:B2:39:16:32:38:5B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KxlTcbTPcLiOdz4bgHyyORYyOFs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/6541b4-7424-4758-bd32-5e4041d93008/1/KxlTcbTPcLiOdz4bgHyyORYyOFs.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/6541b4-7424-4758-bd32-5e4041d93008/1/KxlTcbTPcLiOdz4bgHyyORYyOFs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 6e:b7:be:f3:47:77:ec:22:06:df:9e:9f:26:b0:c6:03:dd:fc: 6b:17:56:d4:e3:81:66:8d:0d:d5:c7:34:9a:a1:19:2a:c3:05: e9:3f:85:22:0d:f6:b9:80:d2:a9:68:62:a5:2d:e5:61:aa:5d: e0:3a:c4:5d:e4:de:91:93:c3:44:eb:84:44:05:b9:2f:55:7d: 43:ad:a8:2f:7d:a1:4e:1a:69:ca:72:77:79:20:a0:a6:fe:c0: de:cc:a6:9e:8c:89:27:98:56:f8:05:8f:88:1a:59:09:45:04: e1:c7:49:0c:05:61:1d:1b:47:05:b2:3b:0c:70:80:b3:54:98: dc:b7:bf:4d:19:6f:a8:5d:10:2e:60:d9:c8:68:88:d8:34:98: a3:2a:91:e8:ae:5d:ee:14:45:f0:f3:a5:ea:1a:ab:6d:0f:4a: 31:7b:d0:bb:b9:0f:93:5b:b5:4f:7a:40:3e:4a:1f:0f:60:f5: 46:b6:2c:ae:81:a2:4e:1f:81:d0:f0:21:03:3b:d4:ec:57:47: 69:7a:9b:77:a4:ba:7f:46:90:c3:11:9a:e7:54:09:5c:d3:23: 0c:ab:81:5b:05:77:4b:81:f4:d5:fb:06:41:be:c2:d8:56:c7: 15:79:0e:9d:f2:3b:f4:7c:cb:6a:01:73:9a:df:a9:c1:ea:2d: e8:db:7a:51 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs8fhmh4xk2X5nbd9+xT19RMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJiMTk1MzcxYjRjZjcwYjg4ZTc3M2UxYjgwN2NiMjM5MTYz MjM4NWIwHhcNMjUxMjIwMTYwMDU1WhcNMjUxMjIxMTYwMDU1WjAzMTEwLwYDVQQD EyhiYjg3NWUxMjc5OWJmN2ZmMDBlMWU1YmRhNDc3Yjc4ZjI4ODU2YjY5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlC5GQu6bxaT6VbljcQqmGO0jFpEt wTr3wls37n89Kd6OSam9uvhRB1jEROqdJgm2Vte5fJNMXErAqB7t2SOJV44FIqkt ccmFWUkV4wM6S3417VIT/tFZ3rxp0zrvRv29NpcLgItPrMrjq8CrhEwZqpiD46Eu RcUvJKxDfuKa/rLXTJwPRx0GKr/mkrHrjjS4rLRBh0TvaJEoFZsz07TYR4B3XWTE 08XIVssAhFNLx+CulIBOYtuBnWLrXJDhj/mFuOz4e30P2rsl2qqENL2zW6moxUZo uCmhuAp/6fwUwkKNcK1tNNB5G/OicTKGN61Bmgl4NBXOOyuRss2ckhdEXwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLuHXhJ5m/f/AOHlvaR3t48ohWtpMB8GA1UdIwQY MBaAFCsZU3G0z3C4jnc+G4B8sjkWMjhbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS3hsVGNiVFBjTGlPZHo0YmdIeXlPUll5T0ZzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS82NTQxYjQtNzQyNC00NzU4LWJkMzIt NWU0MDQxZDkzMDA4LzEvS3hsVGNiVFBjTGlPZHo0YmdIeXlPUll5T0ZzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mYS82NTQxYjQtNzQyNC00NzU4LWJkMzItNWU0MDQxZDkzMDA4 LzEvS3hsVGNiVFBjTGlPZHo0YmdIeXlPUll5T0ZzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAbre+80d3 7CIG356fJrDGA938axdW1OOBZo0N1cc0mqEZKsMF6T+FIg32uYDSqWhipS3lYapd 4DrEXeTekZPDROuERAW5L1V9Q62oL32hThppynJ3eSCgpv7A3symnoyJJ5hW+AWP iBpZCUUE4cdJDAVhHRtHBbI7DHCAs1SY3Le/TRlvqF0QLmDZyGiI2DSYoyqR6K5d 7hRF8POl6hqrbQ9KMXvQu7kPk1u1T3pAPkofD2D1RrYsroGiTh+B0PAhAzvU7FdH aXqbd6S6f0aQwxGa51QJXNMjDKuBWwV3S4H01fsGQb7C2FbHFXkOnfI79HzLagFz mt+pweot6Nt6UQ== -----END CERTIFICATE-----Generated at Sat Dec 20 21:26:38 2025 by rpki-client