This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/1a9248-ec91-43fa-86ff-4b137a4dbc6e/1/aUSJSM9NjazkdxjA9yWe3usJPns.mft File: aUSJSM9NjazkdxjA9yWe3usJPns.mft (raw, json) Hash identifier: wOJqHuoTMZop8Mf6maBChl//b7sB00orTzkx0ZFn/fk= Subject key identifier: 7A:8F:83:E5:00:A0:A2:7C:AF:2C:1A:97:51:BF:78:F0:8A:20:BF:71 Authority key identifier: 69:44:89:48:CF:4D:8D:AC:E4:77:18:C0:F7:25:9E:DE:EB:09:3E:7B Certificate issuer: /CN=69448948cf4d8dace47718c0f7259edeeb093e7b Certificate serial: 019AF087F9FC40A8A45DDF110527E31B2928 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aUSJSM9NjazkdxjA9yWe3usJPns.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/1a9248-ec91-43fa-86ff-4b137a4dbc6e/1/aUSJSM9NjazkdxjA9yWe3usJPns.mft Manifest number: 175E Signing time: Fri 05 Dec 2025 22:00:34 +0000 Manifest this update: Fri 05 Dec 2025 22:00:34 +0000 Manifest next update: Sat 06 Dec 2025 22:00:34 +0000 Files and hashes: 1: aUSJSM9NjazkdxjA9yWe3usJPns.crl (hash: H9fReJxLgAS+6IXVBRVRre+Q766iTk1jiHRLi846N8o=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1d/1a9248-ec91-43fa-86ff-4b137a4dbc6e/1/aUSJSM9NjazkdxjA9yWe3usJPns.crl rsync://rpki.ripe.net/repository/DEFAULT/1d/1a9248-ec91-43fa-86ff-4b137a4dbc6e/1/aUSJSM9NjazkdxjA9yWe3usJPns.mft rsync://rpki.ripe.net/repository/DEFAULT/aUSJSM9NjazkdxjA9yWe3usJPns.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 22:00:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f0:87:f9:fc:40:a8:a4:5d:df:11:05:27:e3:1b:29:28 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=69448948cf4d8dace47718c0f7259edeeb093e7b Validity Not Before: Dec 5 22:00:34 2025 GMT Not After : Dec 6 22:00:34 2025 GMT Subject: CN=7a8f83e500a0a27caf2c1a9751bf78f08a20bf71 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:bc:d2:1f:a0:10:0b:7c:f2:2c:c4:64:78:e1: cc:6c:64:a0:31:d2:cb:5c:a6:ae:16:1b:df:9a:44: 4c:c7:0f:be:2e:5d:e4:73:30:4d:05:84:10:fb:ef: 41:4f:57:42:a0:92:56:23:fe:8c:1f:5c:80:10:27: bb:db:29:40:98:63:c2:77:0c:a1:f9:87:7a:77:7c: 90:2f:7a:89:3b:38:46:b6:23:2f:d4:44:37:ab:6b: 8c:59:aa:92:36:42:3a:69:0f:38:44:e3:59:a6:86: 35:20:b4:29:c0:74:d0:ee:10:5c:02:f5:41:c7:6b: 07:4f:21:92:bb:91:5b:79:93:f3:d8:3a:bc:b8:66: 8b:51:a2:4e:40:8d:29:35:9e:ab:bf:2f:d7:92:e9: ac:14:65:81:37:42:42:51:e8:85:5d:a9:e8:b0:26: 52:66:f8:e9:29:19:00:18:f2:fc:66:46:bf:56:72: 24:82:57:f4:e1:f3:10:f9:a2:dd:ad:75:15:75:2a: 0d:5b:b9:c5:81:41:2b:48:68:3d:ee:9a:e2:86:05: 62:d4:8d:34:92:44:2a:f8:c5:e0:1d:c1:a8:cc:2c: 2e:23:78:57:bf:81:48:50:e8:f4:36:41:9a:81:a9: 71:af:b6:04:a4:22:c9:8a:f0:8f:29:78:33:81:44: 2e:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7A:8F:83:E5:00:A0:A2:7C:AF:2C:1A:97:51:BF:78:F0:8A:20:BF:71 X509v3 Authority Key Identifier: keyid:69:44:89:48:CF:4D:8D:AC:E4:77:18:C0:F7:25:9E:DE:EB:09:3E:7B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aUSJSM9NjazkdxjA9yWe3usJPns.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/1a9248-ec91-43fa-86ff-4b137a4dbc6e/1/aUSJSM9NjazkdxjA9yWe3usJPns.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/1a9248-ec91-43fa-86ff-4b137a4dbc6e/1/aUSJSM9NjazkdxjA9yWe3usJPns.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 99:ce:f3:61:03:46:e0:c2:6b:4e:b8:f5:d1:bd:0d:46:57:20: b1:e7:ff:5f:bb:68:63:1e:91:87:f6:38:dc:f8:38:96:8d:68: bf:8d:8e:62:3f:25:65:37:36:01:b7:cd:b9:86:10:da:70:c2: f8:0e:7d:7b:a9:8b:4a:02:86:1a:b9:6a:6c:fb:01:6f:e7:93: 33:3f:25:cd:b7:b2:6f:01:d6:da:44:ee:a2:df:7c:6e:87:2c: 55:79:7b:87:74:10:af:d0:7d:62:d9:4b:b9:ca:67:c2:39:e0: 17:fc:58:7b:7b:f1:b8:90:20:ac:cc:9b:d0:68:00:a4:f6:42: 53:10:9c:68:4f:f4:3f:dc:26:df:be:0e:3a:b9:a5:1a:ac:81: a2:31:6f:18:23:03:ce:53:5e:d7:94:33:00:46:6b:c8:27:ed: 63:64:5e:94:49:c9:4d:30:e6:90:57:bb:e9:79:05:d1:32:73: 8f:eb:14:9c:a5:fb:70:ee:00:a6:84:80:77:10:5c:61:a3:15: 82:bb:20:42:69:a9:3e:6c:cb:ed:d6:5a:8b:dd:fc:d6:ce:7a: 5a:c3:65:a6:f2:c7:05:91:fb:96:40:49:67:df:0d:83:06:74: 77:60:d4:f0:13:2d:02:ab:6e:96:a3:07:00:d8:74:6a:57:5a: 2c:e9:d9:f4 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrwh/n8QKikXd8RBSfjGykoMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY5NDQ4OTQ4Y2Y0ZDhkYWNlNDc3MThjMGY3MjU5ZWRlZWIw OTNlN2IwHhcNMjUxMjA1MjIwMDM0WhcNMjUxMjA2MjIwMDM0WjAzMTEwLwYDVQQD Eyg3YThmODNlNTAwYTBhMjdjYWYyYzFhOTc1MWJmNzhmMDhhMjBiZjcxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArLzSH6AQC3zyLMRkeOHMbGSgMdLL XKauFhvfmkRMxw++Ll3kczBNBYQQ++9BT1dCoJJWI/6MH1yAECe72ylAmGPCdwyh +Yd6d3yQL3qJOzhGtiMv1EQ3q2uMWaqSNkI6aQ84RONZpoY1ILQpwHTQ7hBcAvVB x2sHTyGSu5FbeZPz2Dq8uGaLUaJOQI0pNZ6rvy/XkumsFGWBN0JCUeiFXanosCZS ZvjpKRkAGPL8Zka/VnIkglf04fMQ+aLdrXUVdSoNW7nFgUErSGg97prihgVi1I00 kkQq+MXgHcGozCwuI3hXv4FIUOj0NkGagalxr7YEpCLJivCPKXgzgUQu3wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFHqPg+UAoKJ8rywal1G/ePCKIL9xMB8GA1UdIwQY MBaAFGlEiUjPTY2s5HcYwPclnt7rCT57MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYVVTSlNNOU5qYXprZHhqQTl5V2UzdXNKUG5zLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8xYTkyNDgtZWM5MS00M2ZhLTg2ZmYt NGIxMzdhNGRiYzZlLzEvYVVTSlNNOU5qYXprZHhqQTl5V2UzdXNKUG5zLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xZC8xYTkyNDgtZWM5MS00M2ZhLTg2ZmYtNGIxMzdhNGRiYzZl LzEvYVVTSlNNOU5qYXprZHhqQTl5V2UzdXNKUG5zLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAmc7zYQNG 4MJrTrj10b0NRlcgsef/X7toYx6Rh/Y43Pg4lo1ov42OYj8lZTc2AbfNuYYQ2nDC +A59e6mLSgKGGrlqbPsBb+eTMz8lzbeybwHW2kTuot98bocsVXl7h3QQr9B9YtlL ucpnwjngF/xYe3vxuJAgrMyb0GgApPZCUxCcaE/0P9wm374OOrmlGqyBojFvGCMD zlNe15QzAEZryCftY2RelEnJTTDmkFe76XkF0TJzj+sUnKX7cO4ApoSAdxBcYaMV grsgQmmpPmzL7dZai9381s56WsNlpvLHBZH7lkBJZ98NgwZ0d2DU8BMtAqtulqMH ANh0aldaLOnZ9A== -----END CERTIFICATE-----Generated at Sat Dec 6 06:58:27 2025 by rpki-client