This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/0aef2b-1e45-4ad5-a80c-86dee207f81e/1/pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.mft File: pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.mft (raw, json) Hash identifier: d9HXurwmAaSqQ9mIq1PlvKNI9A/ICmyrBdUnSD3q9cY= Subject key identifier: 2C:7F:A7:AD:C7:AA:A2:25:6C:E4:95:41:14:5B:A2:71:53:C3:DB:C5 Authority key identifier: A4:06:8C:66:55:C3:33:FC:71:28:32:C1:13:F6:7F:1F:D6:88:AE:C4 Certificate issuer: /CN=a4068c6655c333fc712832c113f67f1fd688aec4 Certificate serial: 019AF12DD44E1FC4D31B61ABE4F017310426 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/0aef2b-1e45-4ad5-a80c-86dee207f81e/1/pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.mft Manifest number: 145E Signing time: Sat 06 Dec 2025 01:01:43 +0000 Manifest this update: Sat 06 Dec 2025 01:01:43 +0000 Manifest next update: Sun 07 Dec 2025 01:01:43 +0000 Files and hashes: 1: pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.crl (hash: kAvKHXNSHu4faJ4RugSniyglD+5VMVDcbmlo1W4EUo0=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/0aef2b-1e45-4ad5-a80c-86dee207f81e/1/pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.crl rsync://rpki.ripe.net/repository/DEFAULT/01/0aef2b-1e45-4ad5-a80c-86dee207f81e/1/pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.mft rsync://rpki.ripe.net/repository/DEFAULT/pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:01:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2d:d4:4e:1f:c4:d3:1b:61:ab:e4:f0:17:31:04:26 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a4068c6655c333fc712832c113f67f1fd688aec4 Validity Not Before: Dec 6 01:01:43 2025 GMT Not After : Dec 7 01:01:43 2025 GMT Subject: CN=2c7fa7adc7aaa2256ce49541145ba27153c3dbc5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:05:8d:36:f7:ad:16:82:aa:3f:86:63:34:e1: 6a:bc:c8:5d:e3:e0:57:f9:ff:d6:cb:48:de:04:91: ba:89:8e:30:76:e9:ac:c2:ab:46:e8:0a:f5:6d:ed: 7b:a4:9f:69:c3:f0:1b:68:e7:3b:70:08:9a:a8:28: 03:91:08:02:ed:10:0c:15:82:0a:cc:d8:da:10:73: 61:ae:7a:0d:62:24:69:ab:74:4f:6c:09:73:51:3c: a3:d2:b4:95:0b:a5:97:95:40:99:cc:2c:3a:38:30: 73:89:5b:62:03:21:c5:2f:79:ca:4a:39:95:29:d9: cd:39:d9:e1:bd:16:e3:dd:fe:72:1c:69:4f:63:5f: a2:4b:16:8c:ef:d6:03:2e:f3:30:ff:10:b4:ef:51: f4:f1:77:b2:9b:4f:3d:74:1a:aa:ad:4d:20:38:e1: 23:5e:d0:ae:7c:24:1b:99:d7:c1:7a:c7:b1:3e:d7: 16:82:e1:a8:29:a9:81:ec:41:b0:b5:e0:ce:00:e2: 87:26:01:80:10:6f:0c:3d:0e:d4:1f:73:1e:cd:da: 8c:07:e6:de:fa:ae:8f:6d:61:71:94:fb:3a:fd:26: 93:c7:36:92:bc:63:02:f0:c7:4e:c9:5b:88:95:3f: ff:ad:62:7c:74:82:3f:47:bc:cf:ff:f8:fc:ce:1e: e5:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2C:7F:A7:AD:C7:AA:A2:25:6C:E4:95:41:14:5B:A2:71:53:C3:DB:C5 X509v3 Authority Key Identifier: keyid:A4:06:8C:66:55:C3:33:FC:71:28:32:C1:13:F6:7F:1F:D6:88:AE:C4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/0aef2b-1e45-4ad5-a80c-86dee207f81e/1/pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/01/0aef2b-1e45-4ad5-a80c-86dee207f81e/1/pAaMZlXDM_xxKDLBE_Z_H9aIrsQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 49:11:3c:ab:8c:66:93:21:bf:e1:55:60:aa:84:9c:5b:56:81: 5c:cd:5f:72:99:59:e7:0b:f4:69:8e:87:c3:5d:83:99:9d:a5: 5c:22:49:df:3d:0f:ad:92:3b:7d:ec:16:d6:fa:42:e9:bf:b2: ab:e4:3a:6c:dd:33:26:68:f8:2a:e2:64:20:b7:d2:87:eb:4f: f3:ee:6e:a7:0f:a2:d7:3c:cb:88:81:04:04:e9:48:70:c4:29: 66:a4:69:b0:e5:0b:12:51:7b:f3:26:c3:5a:13:5c:18:4e:11: 57:b8:f6:e8:38:43:49:50:96:0f:6b:16:dc:21:2b:fa:05:c2: 00:c1:d6:33:90:ae:6c:37:fd:ec:dd:77:b0:87:dc:ef:25:5f: 09:d3:4d:22:eb:8a:98:27:36:91:aa:ac:f6:73:f0:7a:86:89: ed:d2:5b:0d:ed:bf:76:20:da:26:da:7f:21:7c:d8:44:42:a5: a0:5c:c1:14:c4:b5:00:21:4b:65:af:04:ab:9a:dc:b6:b4:44: 05:b4:81:bb:3b:d3:a1:65:f2:cc:1f:19:2f:0b:a9:84:1f:75: a9:6d:16:6e:40:9f:c3:1d:59:0d:6e:6f:c8:5f:f4:a3:e8:ce: 07:5e:4b:9a:64:31:39:77:c5:0a:2d:9b:c6:e8:0d:69:46:39: 58:bb:0e:08 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLdROH8TTG2Gr5PAXMQQmMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE0MDY4YzY2NTVjMzMzZmM3MTI4MzJjMTEzZjY3ZjFmZDY4 OGFlYzQwHhcNMjUxMjA2MDEwMTQzWhcNMjUxMjA3MDEwMTQzWjAzMTEwLwYDVQQD EygyYzdmYTdhZGM3YWFhMjI1NmNlNDk1NDExNDViYTI3MTUzYzNkYmM1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwgWNNvetFoKqP4ZjNOFqvMhd4+BX +f/Wy0jeBJG6iY4wdumswqtG6Ar1be17pJ9pw/AbaOc7cAiaqCgDkQgC7RAMFYIK zNjaEHNhrnoNYiRpq3RPbAlzUTyj0rSVC6WXlUCZzCw6ODBziVtiAyHFL3nKSjmV KdnNOdnhvRbj3f5yHGlPY1+iSxaM79YDLvMw/xC071H08Xeym089dBqqrU0gOOEj XtCufCQbmdfBesexPtcWguGoKamB7EGwteDOAOKHJgGAEG8MPQ7UH3MezdqMB+be +q6PbWFxlPs6/SaTxzaSvGMC8MdOyVuIlT//rWJ8dII/R7zP//j8zh7lmQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFCx/p63HqqIlbOSVQRRbonFTw9vFMB8GA1UdIwQY MBaAFKQGjGZVwzP8cSgywRP2fx/WiK7EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcEFhTVpsWERNX3h4S0RMQkVfWl9IOWFJcnNRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8wYWVmMmItMWU0NS00YWQ1LWE4MGMt ODZkZWUyMDdmODFlLzEvcEFhTVpsWERNX3h4S0RMQkVfWl9IOWFJcnNRLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMS8wYWVmMmItMWU0NS00YWQ1LWE4MGMtODZkZWUyMDdmODFl LzEvcEFhTVpsWERNX3h4S0RMQkVfWl9IOWFJcnNRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEASRE8q4xm kyG/4VVgqoScW1aBXM1fcplZ5wv0aY6Hw12DmZ2lXCJJ3z0PrZI7fewW1vpC6b+y q+Q6bN0zJmj4KuJkILfSh+tP8+5upw+i1zzLiIEEBOlIcMQpZqRpsOULElF78ybD WhNcGE4RV7j26DhDSVCWD2sW3CEr+gXCAMHWM5CubDf97N13sIfc7yVfCdNNIuuK mCc2kaqs9nPweoaJ7dJbDe2/diDaJtp/IXzYREKloFzBFMS1ACFLZa8Eq5rctrRE BbSBuzvToWXyzB8ZLwuphB91qW0WbkCfwx1ZDW5vyF/0o+jOB15LmmQxOXfFCi2b xugNaUY5WLsOCA== -----END CERTIFICATE-----Generated at Sat Dec 6 10:03:19 2025 by rpki-client