This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/d301cd-f513-4995-9d55-1b38b02245c1/1/ao33d2sW0oLgTGluJYqk-fnOnJg.mft File: ao33d2sW0oLgTGluJYqk-fnOnJg.mft (raw, json) Hash identifier: Ssm2rqXDdmHf6LixVnne8T/FAjeBDAKpqbwwN7mpjW0= Subject key identifier: CF:7D:6B:46:70:33:17:87:4F:6E:CD:D1:1B:4E:CF:78:E5:4B:32:E1 Authority key identifier: 6A:8D:F7:77:6B:16:D2:82:E0:4C:69:6E:25:8A:A4:F9:F9:CE:9C:98 Certificate issuer: /CN=6a8df7776b16d282e04c696e258aa4f9f9ce9c98 Certificate serial: 019AF23FD87A28322A38932A2840B9FECAF6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ao33d2sW0oLgTGluJYqk-fnOnJg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/d301cd-f513-4995-9d55-1b38b02245c1/1/ao33d2sW0oLgTGluJYqk-fnOnJg.mft Manifest number: 0B52 Signing time: Sat 06 Dec 2025 06:01:01 +0000 Manifest this update: Sat 06 Dec 2025 06:01:01 +0000 Manifest next update: Sun 07 Dec 2025 06:01:01 +0000 Files and hashes: 1: ao33d2sW0oLgTGluJYqk-fnOnJg.crl (hash: VMqB3bjfZgmwPeywU7z1+krcaQhQzAlxw1fGYhGOqLg=) 2: zkFI0q7jFUcpvcC1_CEihR1YV24.roa (hash: 783T5wgYEpPQMcRoCX4E0P3B8Y6FUugL0p43iJWmXrI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/d301cd-f513-4995-9d55-1b38b02245c1/1/ao33d2sW0oLgTGluJYqk-fnOnJg.crl rsync://rpki.ripe.net/repository/DEFAULT/17/d301cd-f513-4995-9d55-1b38b02245c1/1/ao33d2sW0oLgTGluJYqk-fnOnJg.mft rsync://rpki.ripe.net/repository/DEFAULT/ao33d2sW0oLgTGluJYqk-fnOnJg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:3f:d8:7a:28:32:2a:38:93:2a:28:40:b9:fe:ca:f6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6a8df7776b16d282e04c696e258aa4f9f9ce9c98 Validity Not Before: Dec 6 06:01:01 2025 GMT Not After : Dec 7 06:01:01 2025 GMT Subject: CN=cf7d6b46703317874f6ecdd11b4ecf78e54b32e1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:b7:20:e4:6a:0e:84:13:61:a8:41:a5:d5:04: e5:a7:8e:58:91:28:ff:8b:82:ca:9c:7c:34:5d:5d: cf:76:35:0e:51:9a:4b:7e:8c:82:e4:ac:15:19:53: a8:b1:9f:52:92:37:a2:4a:bb:91:f6:3c:1a:bb:d8: 32:dd:4e:fd:42:5b:95:ce:dd:e3:0b:2c:b5:06:18: 6f:f8:29:1f:f1:72:43:4a:c5:f6:21:4a:61:58:4e: c7:53:1f:61:38:84:75:43:81:c3:24:08:1c:5c:97: a0:36:ac:d0:f2:fa:50:e4:2f:00:f6:e6:64:39:94: be:d9:7d:e7:a6:95:22:16:4d:56:99:f5:96:ce:2f: e4:99:9a:62:fc:1e:0e:7f:f3:74:06:56:58:d1:8a: fe:24:9a:b1:e6:42:c6:76:b0:4f:14:d3:70:0f:8d: 21:42:c0:a8:1c:93:ae:f1:6e:85:2b:5f:c8:a3:3f: 02:fc:57:74:55:8f:d0:ce:8a:29:2d:d0:c7:1c:5b: 76:b3:e9:4e:a0:02:6b:a6:8b:ec:9a:ca:35:f8:43: af:70:f4:55:8d:ac:3d:f0:44:7f:62:72:e2:20:b1: c5:af:75:0a:2b:92:9e:35:64:02:13:9b:c9:ec:0b: d6:20:d7:79:16:d5:a7:ae:be:6d:62:19:3f:ec:6d: c7:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:7D:6B:46:70:33:17:87:4F:6E:CD:D1:1B:4E:CF:78:E5:4B:32:E1 X509v3 Authority Key Identifier: keyid:6A:8D:F7:77:6B:16:D2:82:E0:4C:69:6E:25:8A:A4:F9:F9:CE:9C:98 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ao33d2sW0oLgTGluJYqk-fnOnJg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/d301cd-f513-4995-9d55-1b38b02245c1/1/ao33d2sW0oLgTGluJYqk-fnOnJg.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/17/d301cd-f513-4995-9d55-1b38b02245c1/1/ao33d2sW0oLgTGluJYqk-fnOnJg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 79:76:d0:f7:0b:22:aa:be:2b:77:97:52:dc:36:49:e9:02:99: 2b:a8:19:06:c5:3c:5e:2a:c3:74:28:d3:41:bb:57:0c:6b:90: 1d:55:b0:3a:1e:bc:cb:74:79:bd:62:72:8c:00:4a:55:82:59: 35:0f:b8:2c:fb:ba:9c:12:55:1e:c2:45:83:af:5f:3a:23:f3: da:41:ae:80:4c:d4:76:c6:43:6b:0c:f6:e2:1d:46:b6:93:66: c6:10:8a:5b:27:f6:2e:8b:5d:a6:94:94:b5:94:8c:2f:bd:00: fd:f1:21:f8:c8:2a:07:7e:54:fa:45:7b:47:ad:ca:c5:f5:4b: 11:99:79:4b:17:62:82:eb:31:5c:45:b8:ed:d6:67:13:59:eb: dc:6d:8f:59:88:52:3f:e2:cc:19:8d:bf:bc:ad:46:b9:85:b1: 76:eb:5e:92:f8:d3:f2:d0:05:f0:39:d4:50:19:9f:56:20:69: e6:e5:cc:b8:ef:08:52:31:12:3e:44:24:b4:d9:db:86:57:ba: 0e:c4:f1:cc:1c:98:17:f0:d0:13:56:0a:40:c3:5d:3d:bd:de: 7a:b2:0f:e0:40:26:ff:cf:ad:12:f7:af:d0:12:57:8c:6f:81: ec:28:78:a2:ec:15:1b:ab:b7:50:1b:11:fd:bf:f4:44:f7:97: 8b:af:c4:63 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryP9h6KDIqOJMqKEC5/sr2MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZhOGRmNzc3NmIxNmQyODJlMDRjNjk2ZTI1OGFhNGY5Zjlj ZTljOTgwHhcNMjUxMjA2MDYwMTAxWhcNMjUxMjA3MDYwMTAxWjAzMTEwLwYDVQQD EyhjZjdkNmI0NjcwMzMxNzg3NGY2ZWNkZDExYjRlY2Y3OGU1NGIzMmUxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA27cg5GoOhBNhqEGl1QTlp45YkSj/ i4LKnHw0XV3PdjUOUZpLfoyC5KwVGVOosZ9SkjeiSruR9jwau9gy3U79QluVzt3j Cyy1Bhhv+Ckf8XJDSsX2IUphWE7HUx9hOIR1Q4HDJAgcXJegNqzQ8vpQ5C8A9uZk OZS+2X3nppUiFk1WmfWWzi/kmZpi/B4Of/N0BlZY0Yr+JJqx5kLGdrBPFNNwD40h QsCoHJOu8W6FK1/Ioz8C/Fd0VY/QzoopLdDHHFt2s+lOoAJrpovsmso1+EOvcPRV jaw98ER/YnLiILHFr3UKK5KeNWQCE5vJ7AvWINd5FtWnrr5tYhk/7G3HVwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFM99a0ZwMxeHT27N0RtOz3jlSzLhMB8GA1UdIwQY MBaAFGqN93drFtKC4ExpbiWKpPn5zpyYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYW8zM2Qyc1cwb0xnVEdsdUpZcWstZm5PbkpnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9kMzAxY2QtZjUxMy00OTk1LTlkNTUt MWIzOGIwMjI0NWMxLzEvYW8zM2Qyc1cwb0xnVEdsdUpZcWstZm5PbkpnLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNy9kMzAxY2QtZjUxMy00OTk1LTlkNTUtMWIzOGIwMjI0NWMx LzEvYW8zM2Qyc1cwb0xnVEdsdUpZcWstZm5PbkpnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAeXbQ9wsi qr4rd5dS3DZJ6QKZK6gZBsU8XirDdCjTQbtXDGuQHVWwOh68y3R5vWJyjABKVYJZ NQ+4LPu6nBJVHsJFg69fOiPz2kGugEzUdsZDawz24h1GtpNmxhCKWyf2LotdppSU tZSML70A/fEh+MgqB35U+kV7R63KxfVLEZl5SxdigusxXEW47dZnE1nr3G2PWYhS P+LMGY2/vK1GuYWxdutekvjT8tAF8DnUUBmfViBp5uXMuO8IUjESPkQktNnbhle6 DsTxzByYF/DQE1YKQMNdPb3eerIP4EAm/8+tEvev0BJXjG+B7Ch4ouwVG6u3UBsR /b/0RPeXi6/EYw== -----END CERTIFICATE-----Generated at Sat Dec 6 12:08:02 2025 by rpki-client