This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/56f2a3-7eb7-4513-9f55-677871a03355/1/rAiBXoxlA2AfJUyrNxvsRxvX6qY.mft File: rAiBXoxlA2AfJUyrNxvsRxvX6qY.mft (raw, json) Hash identifier: oqGGghrFMJI4MVvwi6PpKZwIdEdqt+Hy8RW/5mPXEM8= Subject key identifier: CA:CF:E3:8E:7D:39:0A:8E:B2:C7:B8:FF:4D:6A:35:3E:2E:1D:23:3A Authority key identifier: AC:08:81:5E:8C:65:03:60:1F:25:4C:AB:37:1B:EC:47:1B:D7:EA:A6 Certificate issuer: /CN=ac08815e8c6503601f254cab371bec471bd7eaa6 Certificate serial: 019AF19B321D3F4F605EFA8BE06F987348FC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rAiBXoxlA2AfJUyrNxvsRxvX6qY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/56f2a3-7eb7-4513-9f55-677871a03355/1/rAiBXoxlA2AfJUyrNxvsRxvX6qY.mft Manifest number: 0B70 Signing time: Sat 06 Dec 2025 03:01:11 +0000 Manifest this update: Sat 06 Dec 2025 03:01:11 +0000 Manifest next update: Sun 07 Dec 2025 03:01:11 +0000 Files and hashes: 1: QsrgGtjjVfYUdnjVBy3FKVxOReM.roa (hash: /bct/glFTr5+fLpXRU1WLa/LnjLyQigL1zGVjyxrPQI=) 2: rAiBXoxlA2AfJUyrNxvsRxvX6qY.crl (hash: gQJ+sdXiAH7JmAP17LU3v/A4pF7XczTWYX7oa2eMNI4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/56f2a3-7eb7-4513-9f55-677871a03355/1/rAiBXoxlA2AfJUyrNxvsRxvX6qY.crl rsync://rpki.ripe.net/repository/DEFAULT/10/56f2a3-7eb7-4513-9f55-677871a03355/1/rAiBXoxlA2AfJUyrNxvsRxvX6qY.mft rsync://rpki.ripe.net/repository/DEFAULT/rAiBXoxlA2AfJUyrNxvsRxvX6qY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 03:01:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:9b:32:1d:3f:4f:60:5e:fa:8b:e0:6f:98:73:48:fc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ac08815e8c6503601f254cab371bec471bd7eaa6 Validity Not Before: Dec 6 03:01:11 2025 GMT Not After : Dec 7 03:01:11 2025 GMT Subject: CN=cacfe38e7d390a8eb2c7b8ff4d6a353e2e1d233a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:57:ef:dc:42:ad:dd:a1:39:7f:10:9f:de:95: 43:a5:2c:78:49:28:7e:10:24:55:0b:ff:6a:b6:37: 1c:cf:f4:aa:d7:b0:cd:d1:9a:8a:6a:14:69:b6:fe: d5:de:40:a8:ad:9a:31:e0:e2:4c:ad:ef:df:24:5b: 9d:1b:d9:48:88:bc:1f:9b:5a:11:8e:36:28:6b:d1: 25:ca:ee:f1:b6:89:fd:dc:0c:65:5e:c7:1f:45:c6: b0:06:c0:41:09:3e:48:a6:95:d9:48:ab:4c:31:f8: 94:8b:6d:35:0d:18:c2:7d:81:97:0e:6a:7d:44:4f: 35:d2:22:8a:86:14:a3:fc:30:d3:d2:e3:8c:38:6a: 5f:e7:0c:50:e4:8b:e9:ef:b6:99:04:05:df:5c:ea: 51:90:0f:17:a3:6c:64:ee:54:55:c3:b4:1a:a2:53: 0c:23:c7:6b:3c:df:8d:91:bf:7c:c5:19:cb:01:cb: 79:09:a8:dc:95:e3:04:7e:d9:1b:a3:b4:ff:0a:8e: 3d:ce:f3:55:5e:18:ad:cd:bf:eb:dd:63:87:a6:24: 62:3c:b1:83:7a:f9:6c:e9:c2:c8:9d:39:d8:a0:fa: 33:d8:2f:1a:0f:97:1d:1e:cc:b8:a9:19:0c:7f:35: e4:0c:ed:52:2e:5b:dc:b3:50:48:05:62:d1:84:51: 65:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:CF:E3:8E:7D:39:0A:8E:B2:C7:B8:FF:4D:6A:35:3E:2E:1D:23:3A X509v3 Authority Key Identifier: keyid:AC:08:81:5E:8C:65:03:60:1F:25:4C:AB:37:1B:EC:47:1B:D7:EA:A6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rAiBXoxlA2AfJUyrNxvsRxvX6qY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/56f2a3-7eb7-4513-9f55-677871a03355/1/rAiBXoxlA2AfJUyrNxvsRxvX6qY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/10/56f2a3-7eb7-4513-9f55-677871a03355/1/rAiBXoxlA2AfJUyrNxvsRxvX6qY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 9d:7b:29:0a:91:54:ad:e9:e0:ad:dd:ca:1c:63:10:fb:c8:be: 91:b6:79:3d:1a:b5:ec:d9:75:50:6d:d3:8a:39:a6:ba:66:3a: 91:6e:b0:60:04:48:29:7d:d8:71:98:55:6c:9b:97:e5:a2:35: 77:37:a2:30:44:3f:31:58:07:66:3c:4e:9a:91:12:e1:e7:a0: 32:1a:92:e0:03:f1:98:9c:ea:01:2a:87:dd:bc:74:63:bb:59: 45:3c:0d:e8:e1:39:66:74:64:5f:7e:f0:a1:23:96:dd:af:5c: b5:b3:07:e0:f4:70:f1:b1:9d:6a:a5:fa:a2:dc:92:5a:0f:fb: 8f:40:7b:fd:88:44:fb:c3:fd:8d:51:89:a2:08:ff:0a:47:03: b5:d8:fd:eb:d9:f0:62:65:6f:85:71:99:b0:3a:ec:06:14:48: f3:c0:d7:0d:d8:3a:18:90:ce:4b:9c:5c:f1:9b:f5:97:9b:e9: 1d:41:bf:96:9a:0f:ab:9e:29:11:18:a1:9b:6c:db:cf:6b:fb: f9:a2:f0:de:aa:f1:76:54:bc:93:18:b8:d1:e4:d3:8b:9f:a5: f9:ca:ad:50:37:f6:1b:8d:a6:b4:9c:02:65:11:16:58:b1:58: a7:80:9c:93:56:e3:1f:3d:11:13:88:ed:1a:d1:43:55:36:80: ea:e0:76:13 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxmzIdP09gXvqL4G+Yc0j8MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGFjMDg4MTVlOGM2NTAzNjAxZjI1NGNhYjM3MWJlYzQ3MWJk N2VhYTYwHhcNMjUxMjA2MDMwMTExWhcNMjUxMjA3MDMwMTExWjAzMTEwLwYDVQQD EyhjYWNmZTM4ZTdkMzkwYThlYjJjN2I4ZmY0ZDZhMzUzZTJlMWQyMzNhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqlfv3EKt3aE5fxCf3pVDpSx4SSh+ ECRVC/9qtjccz/Sq17DN0ZqKahRptv7V3kCorZox4OJMre/fJFudG9lIiLwfm1oR jjYoa9Elyu7xton93AxlXscfRcawBsBBCT5IppXZSKtMMfiUi201DRjCfYGXDmp9 RE810iKKhhSj/DDT0uOMOGpf5wxQ5Ivp77aZBAXfXOpRkA8Xo2xk7lRVw7QaolMM I8drPN+Nkb98xRnLAct5CajcleMEftkbo7T/Co49zvNVXhitzb/r3WOHpiRiPLGD evls6cLInTnYoPoz2C8aD5cdHsy4qRkMfzXkDO1SLlvcs1BIBWLRhFFlJQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMrP4459OQqOsse4/01qNT4uHSM6MB8GA1UdIwQY MBaAFKwIgV6MZQNgHyVMqzcb7Ecb1+qmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvckFpQlhveGxBMkFmSlV5ck54dnNSeHZYNnFZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC81NmYyYTMtN2ViNy00NTEzLTlmNTUt Njc3ODcxYTAzMzU1LzEvckFpQlhveGxBMkFmSlV5ck54dnNSeHZYNnFZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xMC81NmYyYTMtN2ViNy00NTEzLTlmNTUtNjc3ODcxYTAzMzU1 LzEvckFpQlhveGxBMkFmSlV5ck54dnNSeHZYNnFZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAnXspCpFU rengrd3KHGMQ+8i+kbZ5PRq17Nl1UG3TijmmumY6kW6wYARIKX3YcZhVbJuX5aI1 dzeiMEQ/MVgHZjxOmpES4eegMhqS4APxmJzqASqH3bx0Y7tZRTwN6OE5ZnRkX37w oSOW3a9ctbMH4PRw8bGdaqX6otySWg/7j0B7/YhE+8P9jVGJogj/CkcDtdj969nw YmVvhXGZsDrsBhRI88DXDdg6GJDOS5xc8Zv1l5vpHUG/lpoPq54pERihm2zbz2v7 +aLw3qrxdlS8kxi40eTTi5+l+cqtUDf2G42mtJwCZREWWLFYp4Cck1bjHz0RE4jt GtFDVTaA6uB2Ew== -----END CERTIFICATE-----Generated at Sat Dec 6 12:24:15 2025 by rpki-client