This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/242faa-eae3-46a5-b774-38820548755c/1/aajmjRKuKTryNpBDzVmgINrCQGI.mft File: aajmjRKuKTryNpBDzVmgINrCQGI.mft (raw, json) Hash identifier: Y3irWt2lvb/+k7g/Efe59odbH+9Q0JTCOnQ1BW96OT4= Subject key identifier: 92:04:3F:E7:06:43:90:87:E7:F7:E5:33:BD:29:C6:F3:5D:EE:45:50 Authority key identifier: 69:A8:E6:8D:12:AE:29:3A:F2:36:90:43:CD:59:A0:20:DA:C2:40:62 Certificate issuer: /CN=69a8e68d12ae293af2369043cd59a020dac24062 Certificate serial: 019AF19B73378FC74A943AC8562DC39E4360 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aajmjRKuKTryNpBDzVmgINrCQGI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/242faa-eae3-46a5-b774-38820548755c/1/aajmjRKuKTryNpBDzVmgINrCQGI.mft Manifest number: 0C53 Signing time: Sat 06 Dec 2025 03:01:27 +0000 Manifest this update: Sat 06 Dec 2025 03:01:27 +0000 Manifest next update: Sun 07 Dec 2025 03:01:27 +0000 Files and hashes: 1: aajmjRKuKTryNpBDzVmgINrCQGI.crl (hash: m35TF5UjM8ddX927+r2pUU7srZJw9mKU41+uDoP5rqY=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/242faa-eae3-46a5-b774-38820548755c/1/aajmjRKuKTryNpBDzVmgINrCQGI.crl rsync://rpki.ripe.net/repository/DEFAULT/2d/242faa-eae3-46a5-b774-38820548755c/1/aajmjRKuKTryNpBDzVmgINrCQGI.mft rsync://rpki.ripe.net/repository/DEFAULT/aajmjRKuKTryNpBDzVmgINrCQGI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 03:01:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:9b:73:37:8f:c7:4a:94:3a:c8:56:2d:c3:9e:43:60 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=69a8e68d12ae293af2369043cd59a020dac24062 Validity Not Before: Dec 6 03:01:27 2025 GMT Not After : Dec 7 03:01:27 2025 GMT Subject: CN=92043fe706439087e7f7e533bd29c6f35dee4550 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f4:fd:d6:52:ba:b6:8a:26:8c:51:b9:c7:7f:27: 34:34:35:0b:89:fb:4d:06:a9:e7:b8:04:99:3b:b1: b7:08:bc:3f:21:cf:63:94:f9:42:dc:f3:4a:51:53: c2:0f:9c:1e:96:ac:d9:c9:ec:50:be:5a:a1:b9:33: d6:22:90:58:84:6c:e3:68:6d:25:6e:64:4b:d4:5d: 52:cc:9e:bd:40:9a:c2:ed:28:e6:6d:0c:2e:d5:52: f3:f2:f0:d9:3b:d6:b1:af:96:8d:02:1f:7c:dd:7c: b0:61:15:74:06:f9:82:e2:3e:c6:97:47:23:43:44: ee:6f:eb:c4:49:dd:57:53:ca:55:29:37:36:09:a2: b5:2f:a9:16:d3:97:f8:2e:5d:a2:6e:cf:b9:39:60: 30:17:90:c3:85:e6:39:db:90:0f:4d:cf:dc:cf:4d: 1d:a0:a7:cc:68:be:03:03:ca:96:e4:90:9b:1e:d0: d7:40:0f:9e:ae:c7:cb:ef:88:80:db:96:64:3e:aa: b8:d6:0a:96:94:cd:7d:1c:a7:67:9f:2b:d2:7f:78: 00:a6:cd:7c:e6:da:99:d0:39:db:12:fa:30:32:6c: 0e:29:92:80:58:6e:ee:55:88:cd:cf:d5:cc:c1:57: 2e:14:5f:6c:b4:80:bb:81:e6:5c:1b:b3:b5:15:ba: 4a:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 92:04:3F:E7:06:43:90:87:E7:F7:E5:33:BD:29:C6:F3:5D:EE:45:50 X509v3 Authority Key Identifier: keyid:69:A8:E6:8D:12:AE:29:3A:F2:36:90:43:CD:59:A0:20:DA:C2:40:62 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aajmjRKuKTryNpBDzVmgINrCQGI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/242faa-eae3-46a5-b774-38820548755c/1/aajmjRKuKTryNpBDzVmgINrCQGI.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/242faa-eae3-46a5-b774-38820548755c/1/aajmjRKuKTryNpBDzVmgINrCQGI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 32:b4:b5:1a:bb:6a:ee:6f:ae:d7:c9:3a:8a:1d:eb:90:ff:51: 71:63:96:37:2b:9e:03:58:94:79:68:f4:11:85:30:b4:af:72: fd:bb:35:b1:1f:ae:cc:5b:78:d5:a2:0a:e9:e5:f0:ab:28:74: 0c:51:7f:74:c4:1b:e3:05:a6:7b:94:c3:2c:13:d4:8c:10:76: e4:70:a1:f3:9b:50:1d:c1:57:87:60:33:d6:48:c3:1e:02:57: e1:47:03:34:a5:98:5e:67:8f:89:6d:52:6c:8b:4a:93:f2:23: c5:97:95:18:b9:d2:29:a2:23:8b:52:ae:ed:35:ae:a9:6b:b5: ce:f2:64:48:93:04:8c:1a:6e:a4:39:c9:b0:a2:08:94:4a:1c: 3d:b1:82:1d:e4:80:29:27:81:f7:1b:e3:0e:df:16:1f:93:61: 4b:e2:ee:1f:c1:d3:ab:f8:e6:41:d0:71:79:bd:0e:18:09:5d: ce:e3:71:e6:74:87:25:24:5e:b0:11:44:b0:cc:94:14:18:61: 65:45:50:f3:87:9b:0b:19:9c:28:31:bd:7d:4e:8c:d3:6e:97: 42:a2:bd:d5:20:29:50:2d:d1:3b:33:c1:75:f1:fd:fe:da:c3: 20:57:64:e2:54:87:12:64:95:46:16:e7:6e:1e:b4:dd:89:9f: 1f:52:31:d0 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxm3M3j8dKlDrIVi3DnkNgMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY5YThlNjhkMTJhZTI5M2FmMjM2OTA0M2NkNTlhMDIwZGFj MjQwNjIwHhcNMjUxMjA2MDMwMTI3WhcNMjUxMjA3MDMwMTI3WjAzMTEwLwYDVQQD Eyg5MjA0M2ZlNzA2NDM5MDg3ZTdmN2U1MzNiZDI5YzZmMzVkZWU0NTUwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9P3WUrq2iiaMUbnHfyc0NDULiftN BqnnuASZO7G3CLw/Ic9jlPlC3PNKUVPCD5welqzZyexQvlqhuTPWIpBYhGzjaG0l bmRL1F1SzJ69QJrC7SjmbQwu1VLz8vDZO9axr5aNAh983XywYRV0BvmC4j7Gl0cj Q0Tub+vESd1XU8pVKTc2CaK1L6kW05f4Ll2ibs+5OWAwF5DDheY525APTc/cz00d oKfMaL4DA8qW5JCbHtDXQA+ersfL74iA25ZkPqq41gqWlM19HKdnnyvSf3gAps18 5tqZ0DnbEvowMmwOKZKAWG7uVYjNz9XMwVcuFF9stIC7geZcG7O1FbpKaQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFJIEP+cGQ5CH5/flM70pxvNd7kVQMB8GA1UdIwQY MBaAFGmo5o0Srik68jaQQ81ZoCDawkBiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYWFqbWpSS3VLVHJ5TnBCRHpWbWdJTnJDUUdJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC8yNDJmYWEtZWFlMy00NmE1LWI3NzQt Mzg4MjA1NDg3NTVjLzEvYWFqbWpSS3VLVHJ5TnBCRHpWbWdJTnJDUUdJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yZC8yNDJmYWEtZWFlMy00NmE1LWI3NzQtMzg4MjA1NDg3NTVj LzEvYWFqbWpSS3VLVHJ5TnBCRHpWbWdJTnJDUUdJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAMrS1Grtq 7m+u18k6ih3rkP9RcWOWNyueA1iUeWj0EYUwtK9y/bs1sR+uzFt41aIK6eXwqyh0 DFF/dMQb4wWme5TDLBPUjBB25HCh85tQHcFXh2Az1kjDHgJX4UcDNKWYXmePiW1S bItKk/IjxZeVGLnSKaIji1Ku7TWuqWu1zvJkSJMEjBpupDnJsKIIlEocPbGCHeSA KSeB9xvjDt8WH5NhS+LuH8HTq/jmQdBxeb0OGAldzuNx5nSHJSResBFEsMyUFBhh ZUVQ84ebCxmcKDG9fU6M026XQqK91SApUC3ROzPBdfH9/trDIFdk4lSHEmSVRhbn bh603YmfH1Ix0A== -----END CERTIFICATE-----Generated at Sat Dec 6 11:37:29 2025 by rpki-client