This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/4a5d71-e11d-4d32-b597-019ec9d9a758/1/aOlYF0Bglex8tceyhrETM0l7lFE.mft File: aOlYF0Bglex8tceyhrETM0l7lFE.mft (raw, json) Hash identifier: lpiE3EwP19+8mfDqEen4sbqb0Mt5f6A1sbjp/B/DPZI= Subject key identifier: 49:73:B8:AA:09:5E:18:42:EA:04:F1:27:79:64:AD:4E:0F:A6:BF:96 Authority key identifier: 68:E9:58:17:40:60:95:EC:7C:B5:C7:B2:86:B1:13:33:49:7B:94:51 Certificate issuer: /CN=68e95817406095ec7cb5c7b286b11333497b9451 Certificate serial: 019AF654097057164144517F7B23A82C90A5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aOlYF0Bglex8tceyhrETM0l7lFE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/4a5d71-e11d-4d32-b597-019ec9d9a758/1/aOlYF0Bglex8tceyhrETM0l7lFE.mft Manifest number: 096F Signing time: Sun 07 Dec 2025 01:01:33 +0000 Manifest this update: Sun 07 Dec 2025 01:01:33 +0000 Manifest next update: Mon 08 Dec 2025 01:01:33 +0000 Files and hashes: 1: ExEAGmrTaGZYkgcoaaGfFiacDZM.roa (hash: vfQhBpcBjSjG95UQaSsBC3edgr1xXnN4hhJBHCKa+Vc=) 2: aOlYF0Bglex8tceyhrETM0l7lFE.crl (hash: rRyMERlD9L4VAVie2d41x2qd+EXSEIl9j6bqjwGQA0E=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/4a5d71-e11d-4d32-b597-019ec9d9a758/1/aOlYF0Bglex8tceyhrETM0l7lFE.crl rsync://rpki.ripe.net/repository/DEFAULT/27/4a5d71-e11d-4d32-b597-019ec9d9a758/1/aOlYF0Bglex8tceyhrETM0l7lFE.mft rsync://rpki.ripe.net/repository/DEFAULT/aOlYF0Bglex8tceyhrETM0l7lFE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 21:29:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f6:54:09:70:57:16:41:44:51:7f:7b:23:a8:2c:90:a5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=68e95817406095ec7cb5c7b286b11333497b9451 Validity Not Before: Dec 7 01:01:33 2025 GMT Not After : Dec 8 01:01:33 2025 GMT Subject: CN=4973b8aa095e1842ea04f1277964ad4e0fa6bf96 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:04:af:97:5e:71:15:3f:09:55:bb:a8:1f:35: 73:a3:be:d7:b8:66:27:67:1b:4c:20:05:77:ca:04: 05:26:d6:97:8a:13:34:a5:3f:4c:a0:1d:f0:e1:06: 38:c8:e0:1f:9a:f5:8c:a9:9e:2c:b2:43:75:34:13: 32:61:45:80:0b:6a:59:fb:f8:cc:8f:b6:66:58:b7: c6:c4:85:a7:76:c2:cf:14:c4:8e:85:9f:19:05:92: 44:b9:56:99:09:8f:b6:64:17:9d:7a:b0:c1:69:d3: 80:22:c0:02:c1:51:2f:98:43:c0:a2:da:da:93:ed: 91:7b:68:29:6d:79:91:1a:38:f2:cc:19:4d:6b:90: 3c:4d:9c:ca:b5:09:e2:c5:a4:2c:a4:10:5d:b8:65: 57:c0:53:7b:a6:f5:c3:3c:c8:8e:47:32:ef:58:eb: a0:ed:d0:b7:83:cd:e1:d8:c5:8e:c1:03:71:b5:47: 64:8f:b6:67:09:73:88:4b:60:2e:d0:23:b2:c9:26: b9:29:dd:43:6a:d3:a9:18:be:e4:b9:41:9b:a1:25: 1e:e1:8f:28:b4:f3:51:dc:39:c0:70:09:bb:e8:e1: e3:3d:16:0c:e5:a9:bd:8f:98:d7:79:0e:f4:98:04: ce:a7:df:c5:98:0b:8c:f2:74:94:cf:53:c6:dc:bf: 5b:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 49:73:B8:AA:09:5E:18:42:EA:04:F1:27:79:64:AD:4E:0F:A6:BF:96 X509v3 Authority Key Identifier: keyid:68:E9:58:17:40:60:95:EC:7C:B5:C7:B2:86:B1:13:33:49:7B:94:51 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aOlYF0Bglex8tceyhrETM0l7lFE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/4a5d71-e11d-4d32-b597-019ec9d9a758/1/aOlYF0Bglex8tceyhrETM0l7lFE.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/27/4a5d71-e11d-4d32-b597-019ec9d9a758/1/aOlYF0Bglex8tceyhrETM0l7lFE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b0:98:d8:89:0d:7d:ea:08:72:57:6e:00:dd:b4:17:36:33:5c: df:fe:b2:c4:6a:63:bf:94:87:fc:6f:ed:b7:fb:06:ae:05:bc: 41:a7:63:ba:b1:4d:83:3f:86:03:3c:51:c1:d9:ad:8f:e2:cf: 60:29:cf:f2:1c:54:ac:23:d6:43:70:8e:68:7a:66:20:6b:ae: 07:18:d9:14:85:b5:fe:e1:8f:60:de:9c:42:e3:dc:3d:c8:f0: 97:00:d3:48:ef:21:fb:16:2c:98:f2:7c:80:c3:e8:d4:6d:b2: fa:9b:ec:89:64:ce:b1:c9:be:2b:5f:bc:d3:e4:f2:61:17:3f: f4:16:88:14:f3:af:ed:d4:90:9b:ea:ba:6d:d2:e9:43:e0:ae: be:e2:82:d5:2d:33:2e:15:fe:49:85:e9:f4:ae:47:fe:e8:5d: bd:37:81:16:a5:f5:fc:46:fd:a7:31:71:b3:1f:40:ce:b8:e9: dc:cc:57:0b:b6:1f:c1:9e:df:d2:06:7d:83:6b:0a:4c:de:63: 93:eb:6e:16:5b:56:49:94:4b:9b:4f:0e:7b:8c:af:3c:5a:81: 84:74:77:69:08:96:d6:11:5b:b9:9e:03:88:38:38:f9:0a:00: 05:27:1a:ce:9f:3c:70:bb:1e:f6:b8:f3:41:65:19:63:0c:e3: c7:8d:c3:60 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr2VAlwVxZBRFF/eyOoLJClMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY4ZTk1ODE3NDA2MDk1ZWM3Y2I1YzdiMjg2YjExMzMzNDk3 Yjk0NTEwHhcNMjUxMjA3MDEwMTMzWhcNMjUxMjA4MDEwMTMzWjAzMTEwLwYDVQQD Eyg0OTczYjhhYTA5NWUxODQyZWEwNGYxMjc3OTY0YWQ0ZTBmYTZiZjk2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuwSvl15xFT8JVbuoHzVzo77XuGYn ZxtMIAV3ygQFJtaXihM0pT9MoB3w4QY4yOAfmvWMqZ4sskN1NBMyYUWAC2pZ+/jM j7ZmWLfGxIWndsLPFMSOhZ8ZBZJEuVaZCY+2ZBederDBadOAIsACwVEvmEPAotra k+2Re2gpbXmRGjjyzBlNa5A8TZzKtQnixaQspBBduGVXwFN7pvXDPMiORzLvWOug 7dC3g83h2MWOwQNxtUdkj7ZnCXOIS2Au0COyySa5Kd1DatOpGL7kuUGboSUe4Y8o tPNR3DnAcAm76OHjPRYM5am9j5jXeQ70mATOp9/FmAuM8nSUz1PG3L9baQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFElzuKoJXhhC6gTxJ3lkrU4Ppr+WMB8GA1UdIwQY MBaAFGjpWBdAYJXsfLXHsoaxEzNJe5RRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYU9sWUYwQmdsZXg4dGNleWhyRVRNMGw3bEZFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy80YTVkNzEtZTExZC00ZDMyLWI1OTct MDE5ZWM5ZDlhNzU4LzEvYU9sWUYwQmdsZXg4dGNleWhyRVRNMGw3bEZFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNy80YTVkNzEtZTExZC00ZDMyLWI1OTctMDE5ZWM5ZDlhNzU4 LzEvYU9sWUYwQmdsZXg4dGNleWhyRVRNMGw3bEZFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAsJjYiQ19 6ghyV24A3bQXNjNc3/6yxGpjv5SH/G/tt/sGrgW8QadjurFNgz+GAzxRwdmtj+LP YCnP8hxUrCPWQ3COaHpmIGuuBxjZFIW1/uGPYN6cQuPcPcjwlwDTSO8h+xYsmPJ8 gMPo1G2y+pvsiWTOscm+K1+80+TyYRc/9BaIFPOv7dSQm+q6bdLpQ+CuvuKC1S0z LhX+SYXp9K5H/uhdvTeBFqX1/Eb9pzFxsx9Azrjp3MxXC7YfwZ7f0gZ9g2sKTN5j k+tuFltWSZRLm08Oe4yvPFqBhHR3aQiW1hFbuZ4DiDg4+QoABScazp88cLse9rjz QWUZYwzjx43DYA== -----END CERTIFICATE-----Generated at Sun Dec 7 02:47:10 2025 by rpki-client