This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/e42ecf-78ff-4b58-8760-826d05ccfe25/1/aG0YQEk-7jRfjAKtiqfw8PQbpFA.mft File: aG0YQEk-7jRfjAKtiqfw8PQbpFA.mft (raw, json) Hash identifier: 47xip40F50XfndUTCs6Bo5HZTipse8kywzgs0PPb2pM= Subject key identifier: EE:4A:BD:45:D4:85:A6:A5:91:11:8F:21:4E:E7:00:00:76:EB:A1:07 Authority key identifier: 68:6D:18:40:49:3E:EE:34:5F:8C:02:AD:8A:A7:F0:F0:F4:1B:A4:50 Certificate issuer: /CN=686d1840493eee345f8c02ad8aa7f0f0f41ba450 Certificate serial: 019AF31D5CEADF8442919C3C2627ECF628A9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aG0YQEk-7jRfjAKtiqfw8PQbpFA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/e42ecf-78ff-4b58-8760-826d05ccfe25/1/aG0YQEk-7jRfjAKtiqfw8PQbpFA.mft Manifest number: 1764 Signing time: Sat 06 Dec 2025 10:02:58 +0000 Manifest this update: Sat 06 Dec 2025 10:02:58 +0000 Manifest next update: Sun 07 Dec 2025 10:02:58 +0000 Files and hashes: 1: Hpq861GqA5RqLih08GH13MdllW0.roa (hash: 6UGmd69y3tVELywuvYudCcD/UUgHO86OmDHx4Pt/TNE=) 2: aG0YQEk-7jRfjAKtiqfw8PQbpFA.crl (hash: MTfNB6tZ1RwgW5BSjAO0xFcNVS09iRjK9N7jVKGtNDE=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/e42ecf-78ff-4b58-8760-826d05ccfe25/1/aG0YQEk-7jRfjAKtiqfw8PQbpFA.crl rsync://rpki.ripe.net/repository/DEFAULT/0d/e42ecf-78ff-4b58-8760-826d05ccfe25/1/aG0YQEk-7jRfjAKtiqfw8PQbpFA.mft rsync://rpki.ripe.net/repository/DEFAULT/aG0YQEk-7jRfjAKtiqfw8PQbpFA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1d:5c:ea:df:84:42:91:9c:3c:26:27:ec:f6:28:a9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=686d1840493eee345f8c02ad8aa7f0f0f41ba450 Validity Not Before: Dec 6 10:02:58 2025 GMT Not After : Dec 7 10:02:58 2025 GMT Subject: CN=ee4abd45d485a6a591118f214ee7000076eba107 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:84:7a:2b:fa:7a:da:34:35:2b:76:98:fe:ae:f5: 2c:fb:54:c8:1c:64:77:15:31:7e:72:aa:16:24:5d: 6f:02:50:4d:62:3f:df:d5:69:45:7f:23:7a:73:2f: 96:6b:b4:bb:84:2a:d3:65:91:8b:a5:62:f2:13:9a: a6:53:09:26:eb:c6:bb:2d:67:77:87:c5:69:b6:e0: 5f:cd:59:6a:fb:a7:50:4e:fd:33:62:44:aa:b5:be: 20:54:23:ad:fe:03:b8:58:4b:85:5f:fd:7d:28:7c: a1:40:25:9d:d0:fc:2d:ac:6e:af:4d:94:20:b4:a9: 4a:27:04:63:10:59:2e:7e:e0:58:e5:3b:cb:ec:d9: 12:d0:ae:1b:f2:70:3d:8f:23:e4:c8:8b:6f:a5:b4: 28:7a:0e:09:76:bd:42:89:87:3b:59:1d:f0:5b:bf: 0c:ff:d5:c9:f1:93:1f:99:77:5a:9b:ff:91:1b:16: 6c:39:5e:a0:bf:3f:a0:a9:23:49:ed:38:a1:39:25: 7d:5d:2e:4d:89:d8:0b:e0:fd:5c:50:58:95:b9:4f: 3a:2c:75:c9:ca:ca:ec:9f:a1:d5:53:98:4c:d2:5c: 2b:d1:8f:1b:f0:97:b0:34:a3:a3:10:be:c2:73:e3: 44:da:a0:f4:d5:77:7d:e0:63:4d:4c:67:76:98:83: a9:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EE:4A:BD:45:D4:85:A6:A5:91:11:8F:21:4E:E7:00:00:76:EB:A1:07 X509v3 Authority Key Identifier: keyid:68:6D:18:40:49:3E:EE:34:5F:8C:02:AD:8A:A7:F0:F0:F4:1B:A4:50 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aG0YQEk-7jRfjAKtiqfw8PQbpFA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/e42ecf-78ff-4b58-8760-826d05ccfe25/1/aG0YQEk-7jRfjAKtiqfw8PQbpFA.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/e42ecf-78ff-4b58-8760-826d05ccfe25/1/aG0YQEk-7jRfjAKtiqfw8PQbpFA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 63:39:8f:17:9e:09:67:af:98:7f:98:e9:79:0e:64:c5:f2:c0: f1:53:e1:39:db:f2:f5:8e:2a:fe:62:c5:b7:e9:46:98:82:bd: e5:18:ea:09:94:0c:64:89:02:9f:ff:85:7c:3b:96:3c:a0:20: ef:1a:e1:25:5b:ba:e8:b0:e1:26:ee:6c:ed:2d:13:ad:af:5c: 10:15:fd:47:b9:1a:8b:96:7a:d3:dd:d3:fb:cd:9d:d7:aa:d6: 12:31:42:50:7d:9d:24:0a:3f:6a:f9:ff:98:4a:11:2e:b2:9d: 32:80:0d:b5:9b:97:a1:6e:e9:08:43:f1:13:cf:da:41:0b:23: 59:2a:66:18:d1:34:11:ac:b3:5e:4f:30:5a:14:57:66:1d:08: 7e:2c:f7:d9:8c:04:68:5a:02:ef:e1:7c:b8:a7:87:43:8b:1f: e8:b4:34:c9:b2:63:ba:d6:61:21:69:f8:4c:d8:f3:f5:20:54: 33:c0:b7:88:75:40:57:d0:a7:53:53:a8:5a:d9:6c:d7:24:b9: 45:87:6a:9f:99:b8:3b:4b:9e:5d:49:b4:cf:0f:a2:10:b7:d7: c1:69:97:78:09:88:e3:3c:13:32:5e:3a:e5:01:36:ba:02:fc: 08:2b:11:a8:66:bc:88:fa:f2:69:f6:ef:dc:70:df:0b:37:d5: 7a:03:94:26 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzHVzq34RCkZw8Jifs9iipMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY4NmQxODQwNDkzZWVlMzQ1ZjhjMDJhZDhhYTdmMGYwZjQx YmE0NTAwHhcNMjUxMjA2MTAwMjU4WhcNMjUxMjA3MTAwMjU4WjAzMTEwLwYDVQQD EyhlZTRhYmQ0NWQ0ODVhNmE1OTExMThmMjE0ZWU3MDAwMDc2ZWJhMTA3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhHor+nraNDUrdpj+rvUs+1TIHGR3 FTF+cqoWJF1vAlBNYj/f1WlFfyN6cy+Wa7S7hCrTZZGLpWLyE5qmUwkm68a7LWd3 h8VptuBfzVlq+6dQTv0zYkSqtb4gVCOt/gO4WEuFX/19KHyhQCWd0PwtrG6vTZQg tKlKJwRjEFkufuBY5TvL7NkS0K4b8nA9jyPkyItvpbQoeg4Jdr1CiYc7WR3wW78M /9XJ8ZMfmXdam/+RGxZsOV6gvz+gqSNJ7TihOSV9XS5NidgL4P1cUFiVuU86LHXJ ysrsn6HVU5hM0lwr0Y8b8JewNKOjEL7Cc+NE2qD01Xd94GNNTGd2mIOpvwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFO5KvUXUhaalkRGPIU7nAAB266EHMB8GA1UdIwQY MBaAFGhtGEBJPu40X4wCrYqn8PD0G6RQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYUcwWVFFay03alJmakFLdGlxZnc4UFFicEZBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9lNDJlY2YtNzhmZi00YjU4LTg3NjAt ODI2ZDA1Y2NmZTI1LzEvYUcwWVFFay03alJmakFLdGlxZnc4UFFicEZBLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wZC9lNDJlY2YtNzhmZi00YjU4LTg3NjAtODI2ZDA1Y2NmZTI1 LzEvYUcwWVFFay03alJmakFLdGlxZnc4UFFicEZBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYzmPF54J Z6+Yf5jpeQ5kxfLA8VPhOdvy9Y4q/mLFt+lGmIK95RjqCZQMZIkCn/+FfDuWPKAg 7xrhJVu66LDhJu5s7S0Tra9cEBX9R7kai5Z6093T+82d16rWEjFCUH2dJAo/avn/ mEoRLrKdMoANtZuXoW7pCEPxE8/aQQsjWSpmGNE0EayzXk8wWhRXZh0Ifiz32YwE aFoC7+F8uKeHQ4sf6LQ0ybJjutZhIWn4TNjz9SBUM8C3iHVAV9CnU1OoWtls1yS5 RYdqn5m4O0ueXUm0zw+iELfXwWmXeAmI4zwTMl465QE2ugL8CCsRqGa8iPryafbv 3HDfCzfVegOUJg== -----END CERTIFICATE-----Generated at Sat Dec 6 13:35:12 2025 by rpki-client