This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/ad9756-84d1-4ab9-96e1-14797eac522e/1/aNLCXQU0pAJ8aVViqM5PABzVOW8.mft File: aNLCXQU0pAJ8aVViqM5PABzVOW8.mft (raw, json) Hash identifier: clHzCWB+DRM3BzfUrPZGsB88BCpVtPuN8mEv51Thtbo= Subject key identifier: 3E:36:6F:22:56:8E:1E:A6:33:58:7E:43:5F:E9:73:18:A6:91:71:C1 Authority key identifier: 68:D2:C2:5D:05:34:A4:02:7C:69:55:62:A8:CE:4F:00:1C:D5:39:6F Certificate issuer: /CN=68d2c25d0534a4027c695562a8ce4f001cd5396f Certificate serial: 019AF49BFD124616AA72B29AA6FE7E7874C4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aNLCXQU0pAJ8aVViqM5PABzVOW8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/ad9756-84d1-4ab9-96e1-14797eac522e/1/aNLCXQU0pAJ8aVViqM5PABzVOW8.mft Manifest number: 13B6 Signing time: Sat 06 Dec 2025 17:00:54 +0000 Manifest this update: Sat 06 Dec 2025 17:00:54 +0000 Manifest next update: Sun 07 Dec 2025 17:00:54 +0000 Files and hashes: 1: SALrx8y5x39WJ8efwGiimpmg788.roa (hash: CtpmQiaYAVz0sehGOLMPmKtW82021GvqOFqhQ5ojIPI=) 2: aNLCXQU0pAJ8aVViqM5PABzVOW8.crl (hash: XD7R7ySoKMUENwvl8ZnAYthhvLMAsB604O9PNha5QOE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/ad9756-84d1-4ab9-96e1-14797eac522e/1/aNLCXQU0pAJ8aVViqM5PABzVOW8.crl rsync://rpki.ripe.net/repository/DEFAULT/0d/ad9756-84d1-4ab9-96e1-14797eac522e/1/aNLCXQU0pAJ8aVViqM5PABzVOW8.mft rsync://rpki.ripe.net/repository/DEFAULT/aNLCXQU0pAJ8aVViqM5PABzVOW8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f4:9b:fd:12:46:16:aa:72:b2:9a:a6:fe:7e:78:74:c4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=68d2c25d0534a4027c695562a8ce4f001cd5396f Validity Not Before: Dec 6 17:00:54 2025 GMT Not After : Dec 7 17:00:54 2025 GMT Subject: CN=3e366f22568e1ea633587e435fe97318a69171c1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:80:63:49:6b:a5:5b:f2:8c:65:4d:81:8f:ac: d3:da:43:28:bd:24:c6:64:60:11:73:91:ae:60:9b: 55:5f:7c:84:d8:83:7b:9e:87:f9:07:ce:3b:87:be: 2d:65:0e:36:86:40:01:e0:59:96:9b:c1:c2:3d:94: cc:cb:c3:ba:0d:ae:60:82:d8:88:94:a1:0d:c0:ba: 4a:54:d5:97:fe:e1:29:87:c6:c0:ee:09:ac:7f:73: 1b:a1:b8:85:75:fb:5d:23:5f:8d:b9:4f:10:c6:ad: 48:b7:9b:c0:42:a3:42:89:73:99:cc:d5:9a:40:a4: a9:b9:9d:65:a6:bf:19:eb:5a:c9:9a:42:fe:b5:3a: ff:28:a0:b3:78:04:33:20:b0:de:1d:d5:66:6a:da: 84:a5:97:57:28:ba:66:3e:5c:c2:6a:fa:aa:fe:f8: ad:27:02:55:a8:41:94:45:95:27:c8:14:6f:96:3c: 36:52:2c:52:a8:a1:1a:8b:8f:f3:db:19:8e:d2:43: 08:d0:c6:b9:d4:27:0b:27:86:53:00:8e:34:bd:75: 98:b2:7e:cd:cb:32:99:64:8a:69:f4:3c:d3:d0:f5: 9a:82:cf:f5:79:78:9f:df:b1:82:02:d5:b3:98:75: eb:e1:b4:63:c2:96:aa:47:d5:88:6f:e3:7e:f0:0f: 39:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3E:36:6F:22:56:8E:1E:A6:33:58:7E:43:5F:E9:73:18:A6:91:71:C1 X509v3 Authority Key Identifier: keyid:68:D2:C2:5D:05:34:A4:02:7C:69:55:62:A8:CE:4F:00:1C:D5:39:6F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aNLCXQU0pAJ8aVViqM5PABzVOW8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/ad9756-84d1-4ab9-96e1-14797eac522e/1/aNLCXQU0pAJ8aVViqM5PABzVOW8.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/ad9756-84d1-4ab9-96e1-14797eac522e/1/aNLCXQU0pAJ8aVViqM5PABzVOW8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5e:79:7f:ac:d6:f3:23:3e:b2:26:3e:82:48:5f:b1:c9:d1:8b: ff:dd:75:a8:ee:de:d5:72:d8:20:9e:a5:80:34:e5:39:42:d9: a8:a1:ce:34:e1:42:81:11:2d:0f:b1:3f:6e:ef:7a:bf:bf:f7: f5:21:8b:6a:9c:64:d1:84:cc:8f:a7:b9:c5:8e:a9:f6:2d:2c: 49:2b:79:e6:89:49:d5:72:62:74:63:d6:d4:e3:09:08:91:06: 50:24:56:71:7e:a0:4e:3b:be:aa:b9:2a:35:8b:87:f9:58:35: ea:94:32:11:1c:51:0a:74:19:3c:99:0e:25:43:b1:f5:ee:78: 14:63:a5:06:8d:53:49:61:95:08:03:5a:95:6f:80:18:ef:5a: eb:40:ce:02:08:44:c4:50:ce:25:47:c1:03:96:51:64:68:e8: 5a:db:79:40:04:f5:68:31:49:9a:c6:ec:15:61:ae:92:e8:f8: 5c:13:44:bc:e8:ba:ad:a2:69:4d:96:41:74:82:79:84:aa:e7: f4:19:7b:14:31:51:c9:42:d4:fd:0a:d1:cc:0e:c4:08:a9:c2: 90:51:02:f7:8e:62:b9:d9:09:f3:45:5f:e4:38:bd:31:7c:0d: bd:57:e1:19:99:8f:a6:03:f4:2e:0a:af:0c:ac:ea:98:bb:96: 44:d5:7f:73 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr0m/0SRhaqcrKapv5+eHTEMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY4ZDJjMjVkMDUzNGE0MDI3YzY5NTU2MmE4Y2U0ZjAwMWNk NTM5NmYwHhcNMjUxMjA2MTcwMDU0WhcNMjUxMjA3MTcwMDU0WjAzMTEwLwYDVQQD EygzZTM2NmYyMjU2OGUxZWE2MzM1ODdlNDM1ZmU5NzMxOGE2OTE3MWMxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuoBjSWulW/KMZU2Bj6zT2kMovSTG ZGARc5GuYJtVX3yE2IN7nof5B847h74tZQ42hkAB4FmWm8HCPZTMy8O6Da5ggtiI lKENwLpKVNWX/uEph8bA7gmsf3MbobiFdftdI1+NuU8Qxq1It5vAQqNCiXOZzNWa QKSpuZ1lpr8Z61rJmkL+tTr/KKCzeAQzILDeHdVmatqEpZdXKLpmPlzCavqq/vit JwJVqEGURZUnyBRvljw2UixSqKEai4/z2xmO0kMI0Ma51CcLJ4ZTAI40vXWYsn7N yzKZZIpp9DzT0PWags/1eXif37GCAtWzmHXr4bRjwpaqR9WIb+N+8A85VQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFD42byJWjh6mM1h+Q1/pcximkXHBMB8GA1UdIwQY MBaAFGjSwl0FNKQCfGlVYqjOTwAc1TlvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYU5MQ1hRVTBwQUo4YVZWaXFNNVBBQnpWT1c4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9hZDk3NTYtODRkMS00YWI5LTk2ZTEt MTQ3OTdlYWM1MjJlLzEvYU5MQ1hRVTBwQUo4YVZWaXFNNVBBQnpWT1c4Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wZC9hZDk3NTYtODRkMS00YWI5LTk2ZTEtMTQ3OTdlYWM1MjJl LzEvYU5MQ1hRVTBwQUo4YVZWaXFNNVBBQnpWT1c4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAXnl/rNbz Iz6yJj6CSF+xydGL/911qO7e1XLYIJ6lgDTlOULZqKHONOFCgREtD7E/bu96v7/3 9SGLapxk0YTMj6e5xY6p9i0sSSt55olJ1XJidGPW1OMJCJEGUCRWcX6gTju+qrkq NYuH+Vg16pQyERxRCnQZPJkOJUOx9e54FGOlBo1TSWGVCANalW+AGO9a60DOAghE xFDOJUfBA5ZRZGjoWtt5QAT1aDFJmsbsFWGukuj4XBNEvOi6raJpTZZBdIJ5hKrn 9Bl7FDFRyULU/QrRzA7ECKnCkFEC945iudkJ80Vf5Di9MXwNvVfhGZmPpgP0Lgqv DKzqmLuWRNV/cw== -----END CERTIFICATE-----Generated at Sat Dec 6 18:50:49 2025 by rpki-client