This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/240024-f433-4241-b40d-d1e84cfa478f/1/ARRj_5nCTAk3pAZdH8z-uQj8OtI.mft File: ARRj_5nCTAk3pAZdH8z-uQj8OtI.mft (raw, json) Hash identifier: CiQeqDVtutwPoWjN9AisiHVlkCKgFy5ekfZCxNmbAdY= Subject key identifier: 06:6A:39:F2:00:30:D1:7C:57:03:B7:0A:BB:48:9C:EF:5B:15:AB:19 Authority key identifier: 01:14:63:FF:99:C2:4C:09:37:A4:06:5D:1F:CC:FE:B9:08:FC:3A:D2 Certificate issuer: /CN=011463ff99c24c0937a4065d1fccfeb908fc3ad2 Certificate serial: 019AF12E5DD5F09967F7C43705CD89C56A6B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ARRj_5nCTAk3pAZdH8z-uQj8OtI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/240024-f433-4241-b40d-d1e84cfa478f/1/ARRj_5nCTAk3pAZdH8z-uQj8OtI.mft Manifest number: 1398 Signing time: Sat 06 Dec 2025 01:02:18 +0000 Manifest this update: Sat 06 Dec 2025 01:02:18 +0000 Manifest next update: Sun 07 Dec 2025 01:02:18 +0000 Files and hashes: 1: ARRj_5nCTAk3pAZdH8z-uQj8OtI.crl (hash: 6go82jIcrX9n+IHay29YVsHq7FXYhFVotQEpKJt9lcU=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/240024-f433-4241-b40d-d1e84cfa478f/1/ARRj_5nCTAk3pAZdH8z-uQj8OtI.crl rsync://rpki.ripe.net/repository/DEFAULT/2b/240024-f433-4241-b40d-d1e84cfa478f/1/ARRj_5nCTAk3pAZdH8z-uQj8OtI.mft rsync://rpki.ripe.net/repository/DEFAULT/ARRj_5nCTAk3pAZdH8z-uQj8OtI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:02:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2e:5d:d5:f0:99:67:f7:c4:37:05:cd:89:c5:6a:6b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=011463ff99c24c0937a4065d1fccfeb908fc3ad2 Validity Not Before: Dec 6 01:02:18 2025 GMT Not After : Dec 7 01:02:18 2025 GMT Subject: CN=066a39f20030d17c5703b70abb489cef5b15ab19 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:75:1d:4b:5a:45:af:12:56:ba:db:96:bc:1f: 60:91:43:48:2d:82:b0:05:f1:2e:51:fd:7f:91:3e: b2:86:76:d6:7c:86:a2:9b:f4:9f:4a:b4:fd:c7:14: 69:d5:33:74:15:03:f4:e5:5d:4b:85:b8:a5:01:17: 17:38:c6:96:e7:b2:8a:fd:3c:69:74:03:1f:db:d9: fd:d7:3f:30:bc:71:36:93:07:d9:73:46:af:9a:37: 31:76:80:af:c8:b3:2d:49:5d:bb:b3:1b:02:da:e3: f0:c3:71:04:94:af:dc:b5:e7:1d:04:d3:02:b2:f8: 44:46:75:ae:7e:8f:c6:61:bf:a7:b6:94:f9:06:50: 14:6f:77:26:11:1e:fd:0a:34:6d:8f:79:76:9c:75: ac:f2:0c:7c:a9:a3:49:61:96:3d:c9:25:5a:31:89: e9:8b:64:45:0c:3a:fc:06:85:fa:63:95:3c:b9:dc: 35:14:f0:dc:b1:8a:9b:62:ad:03:16:32:20:36:bb: 0d:90:e3:dd:13:f1:c4:d0:98:5a:ce:cf:df:6d:98: 7f:ca:b8:99:28:3f:76:2d:cf:d3:8b:53:e1:71:ce: b3:4e:fd:b5:f2:80:4e:df:89:af:40:a4:84:b7:19: 05:2f:81:f3:54:6e:0b:10:9c:ab:f8:2c:24:a8:31: d4:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 06:6A:39:F2:00:30:D1:7C:57:03:B7:0A:BB:48:9C:EF:5B:15:AB:19 X509v3 Authority Key Identifier: keyid:01:14:63:FF:99:C2:4C:09:37:A4:06:5D:1F:CC:FE:B9:08:FC:3A:D2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ARRj_5nCTAk3pAZdH8z-uQj8OtI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/240024-f433-4241-b40d-d1e84cfa478f/1/ARRj_5nCTAk3pAZdH8z-uQj8OtI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/240024-f433-4241-b40d-d1e84cfa478f/1/ARRj_5nCTAk3pAZdH8z-uQj8OtI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 60:91:3e:f4:dc:1c:4d:ea:2c:16:4e:20:04:de:e5:12:91:b7: fc:6f:7c:96:15:be:c8:78:15:a6:73:ea:e3:44:30:a5:78:3d: c2:08:ea:df:fb:6c:25:a1:5e:02:a0:e8:22:15:eb:2e:04:1b: c5:8e:1d:2e:88:82:88:c1:c5:b5:5e:cd:5f:43:c4:88:29:64: 69:45:c7:a7:4b:16:c6:e3:d5:7f:9a:87:90:7a:09:fb:6c:a0: 4e:22:69:61:7f:bd:42:b2:0e:d7:94:24:cd:f5:3b:02:e2:df: 6b:b9:ec:2e:14:ec:b6:1c:82:4b:b7:52:a0:94:b3:c1:25:b4: d3:ac:ee:c2:dc:31:8c:a7:2c:00:a1:54:37:68:99:f7:55:d5: 85:7e:b9:2e:67:27:25:7d:6d:8e:b8:e4:45:f7:b1:06:82:e0: 4a:35:d6:f9:ad:5b:f8:3f:c1:06:9f:74:3c:7a:ee:53:48:da: aa:f1:0b:4f:86:85:22:a4:da:f9:53:95:ca:32:b5:52:2d:bd: 29:23:d5:ef:a7:53:24:34:14:26:16:32:1f:04:37:e1:ff:20: 01:31:d8:26:90:23:a6:18:b6:9c:3f:28:9a:65:c7:3d:4f:c5: d8:0d:b2:ce:af:06:c7:e5:50:20:79:a6:9e:c9:e3:e9:b0:3d: 4f:a9:17:d5 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLl3V8Jln98Q3Bc2JxWprMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDAxMTQ2M2ZmOTljMjRjMDkzN2E0MDY1ZDFmY2NmZWI5MDhm YzNhZDIwHhcNMjUxMjA2MDEwMjE4WhcNMjUxMjA3MDEwMjE4WjAzMTEwLwYDVQQD EygwNjZhMzlmMjAwMzBkMTdjNTcwM2I3MGFiYjQ4OWNlZjViMTVhYjE5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwXUdS1pFrxJWutuWvB9gkUNILYKw BfEuUf1/kT6yhnbWfIaim/SfSrT9xxRp1TN0FQP05V1LhbilARcXOMaW57KK/Txp dAMf29n91z8wvHE2kwfZc0avmjcxdoCvyLMtSV27sxsC2uPww3EElK/ctecdBNMC svhERnWufo/GYb+ntpT5BlAUb3cmER79CjRtj3l2nHWs8gx8qaNJYZY9ySVaMYnp i2RFDDr8BoX6Y5U8udw1FPDcsYqbYq0DFjIgNrsNkOPdE/HE0Jhazs/fbZh/yriZ KD92Lc/Ti1Phcc6zTv218oBO34mvQKSEtxkFL4HzVG4LEJyr+CwkqDHUnQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFAZqOfIAMNF8VwO3CrtInO9bFasZMB8GA1UdIwQY MBaAFAEUY/+ZwkwJN6QGXR/M/rkI/DrSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQVJSal81bkNUQWszcEFaZEg4ei11UWo4T3RJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi8yNDAwMjQtZjQzMy00MjQxLWI0MGQt ZDFlODRjZmE0NzhmLzEvQVJSal81bkNUQWszcEFaZEg4ei11UWo4T3RJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYi8yNDAwMjQtZjQzMy00MjQxLWI0MGQtZDFlODRjZmE0Nzhm LzEvQVJSal81bkNUQWszcEFaZEg4ei11UWo4T3RJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAYJE+9Nwc TeosFk4gBN7lEpG3/G98lhW+yHgVpnPq40QwpXg9wgjq3/tsJaFeAqDoIhXrLgQb xY4dLoiCiMHFtV7NX0PEiClkaUXHp0sWxuPVf5qHkHoJ+2ygTiJpYX+9QrIO15Qk zfU7AuLfa7nsLhTsthyCS7dSoJSzwSW006zuwtwxjKcsAKFUN2iZ91XVhX65Lmcn JX1tjrjkRfexBoLgSjXW+a1b+D/BBp90PHruU0jaqvELT4aFIqTa+VOVyjK1Ui29 KSPV76dTJDQUJhYyHwQ34f8gATHYJpAjphi2nD8ommXHPU/F2A2yzq8Gx+VQIHmm nsnj6bA9T6kX1Q== -----END CERTIFICATE-----Generated at Sat Dec 6 07:22:23 2025 by rpki-client