This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.mft File: AonuzqJ5QTJX2JCMJVaKvrivhnc.mft (raw, json) Hash identifier: K5BqQZAgBwMR06ITFzypvJa+B0DP3YoaBSt5f9qwBRA= Subject key identifier: D7:A1:4B:31:E9:B1:9F:CA:66:FD:93:0B:23:A7:01:C5:D0:5F:FA:56 Authority key identifier: 02:89:EE:CE:A2:79:41:32:57:D8:90:8C:25:56:8A:BE:B8:AF:86:77 Certificate issuer: /CN=0289eecea279413257d8908c25568abeb8af8677 Certificate serial: 019AF19AFC79F813040A7825A85D4F1890F8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AonuzqJ5QTJX2JCMJVaKvrivhnc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.mft Manifest number: 0CD8 Signing time: Sat 06 Dec 2025 03:00:57 +0000 Manifest this update: Sat 06 Dec 2025 03:00:57 +0000 Manifest next update: Sun 07 Dec 2025 03:00:57 +0000 Files and hashes: 1: AonuzqJ5QTJX2JCMJVaKvrivhnc.crl (hash: d9EKsBiucmiOWeQwAmZ4vw7WqEgYXY6trS8ixK6IdOg=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.crl rsync://rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.mft rsync://rpki.ripe.net/repository/DEFAULT/AonuzqJ5QTJX2JCMJVaKvrivhnc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 03:00:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:9a:fc:79:f8:13:04:0a:78:25:a8:5d:4f:18:90:f8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0289eecea279413257d8908c25568abeb8af8677 Validity Not Before: Dec 6 03:00:57 2025 GMT Not After : Dec 7 03:00:57 2025 GMT Subject: CN=d7a14b31e9b19fca66fd930b23a701c5d05ffa56 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:01:3c:6f:cf:bd:92:75:89:9e:f7:ed:d5:d5: fd:f8:06:54:81:a1:6b:87:07:5a:4e:70:ad:1f:c0: 6f:18:89:56:1c:45:ea:56:9d:e7:80:70:09:a8:0f: 2e:e8:fd:c6:a9:1f:e4:49:d6:b6:30:53:e7:a3:00: 11:f9:26:d8:60:92:9b:15:7d:79:db:5f:9a:71:a3: 1c:c1:7e:3d:91:0f:92:af:fd:df:6a:4d:76:04:49: cc:6b:4e:5d:68:94:fe:d9:83:50:fd:80:46:8a:4e: 78:73:97:c6:32:50:71:d5:62:20:6d:12:84:9f:bc: 96:21:56:c4:87:e2:c0:6a:cf:4b:9d:c8:40:68:18: c5:50:36:5e:1f:af:ed:2f:af:8f:6e:5e:3f:18:b0: d3:f6:0a:91:ca:f8:68:6f:53:de:d8:6e:21:ec:4b: fb:f2:f6:1c:27:bf:87:88:d8:35:b3:23:44:e3:77: 77:08:9d:f2:b2:39:ef:a4:ef:cb:9b:11:1c:a1:82: 16:3f:d6:62:64:be:e3:10:48:29:f0:4b:f1:65:90: ea:12:3d:c2:7e:ba:b6:fc:1f:1a:3d:31:a2:25:9f: cf:d1:20:92:16:ef:3a:7b:fc:5b:74:aa:e8:14:75: 92:13:02:30:a3:5e:c8:a9:07:fc:98:7f:26:66:6d: c4:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D7:A1:4B:31:E9:B1:9F:CA:66:FD:93:0B:23:A7:01:C5:D0:5F:FA:56 X509v3 Authority Key Identifier: keyid:02:89:EE:CE:A2:79:41:32:57:D8:90:8C:25:56:8A:BE:B8:AF:86:77 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AonuzqJ5QTJX2JCMJVaKvrivhnc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 64:11:fc:85:8f:b5:e6:22:64:ff:08:a4:f1:e0:65:c9:3a:e6: 5c:0e:0c:c4:2e:90:29:a5:f5:0b:b6:44:ec:44:b8:f0:88:5d: 94:4d:f2:92:8b:e8:2f:e7:49:f0:f3:e2:da:a5:2a:f4:76:8a: 90:19:8d:ec:78:2f:12:4d:62:49:0e:d1:05:e3:1f:d1:c2:76: 2e:48:7c:be:08:cf:50:79:05:b7:59:2d:29:64:a7:37:0a:db: e7:cc:f7:e8:5d:49:23:26:23:f3:3a:72:ed:fd:63:a7:84:e9: 43:b8:27:10:17:e9:52:a9:47:f1:36:7e:df:95:fd:c2:05:87: ff:b2:46:2b:a2:c7:fd:d1:be:05:65:45:65:b6:ab:fb:05:79: be:5d:ac:f7:9b:43:50:65:8e:e8:3a:ca:1b:3d:a8:e6:c5:62: 2b:01:a1:64:7a:08:d0:50:56:1b:ac:cd:71:05:b3:3d:a0:7e: 2a:82:2f:7c:28:17:db:95:3e:24:85:0c:9a:22:ea:c5:ce:77: 2e:44:91:da:98:c6:c1:89:14:14:d2:6f:30:4f:52:56:23:4e: 55:d6:76:d6:34:7e:a4:05:86:db:dd:26:fa:c2:58:d9:fe:3a: 91:55:dc:d3:cc:b9:0e:7e:0d:67:6b:5e:87:2e:2e:ec:0f:a1: 0e:fc:df:7f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxmvx5+BMECnglqF1PGJD4MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDAyODllZWNlYTI3OTQxMzI1N2Q4OTA4YzI1NTY4YWJlYjhh Zjg2NzcwHhcNMjUxMjA2MDMwMDU3WhcNMjUxMjA3MDMwMDU3WjAzMTEwLwYDVQQD EyhkN2ExNGIzMWU5YjE5ZmNhNjZmZDkzMGIyM2E3MDFjNWQwNWZmYTU2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqAE8b8+9knWJnvft1dX9+AZUgaFr hwdaTnCtH8BvGIlWHEXqVp3ngHAJqA8u6P3GqR/kSda2MFPnowAR+SbYYJKbFX15 21+acaMcwX49kQ+Sr/3fak12BEnMa05daJT+2YNQ/YBGik54c5fGMlBx1WIgbRKE n7yWIVbEh+LAas9LnchAaBjFUDZeH6/tL6+Pbl4/GLDT9gqRyvhob1Pe2G4h7Ev7 8vYcJ7+HiNg1syNE43d3CJ3ysjnvpO/LmxEcoYIWP9ZiZL7jEEgp8EvxZZDqEj3C frq2/B8aPTGiJZ/P0SCSFu86e/xbdKroFHWSEwIwo17IqQf8mH8mZm3EzwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNehSzHpsZ/KZv2TCyOnAcXQX/pWMB8GA1UdIwQY MBaAFAKJ7s6ieUEyV9iQjCVWir64r4Z3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQW9udXpxSjVRVEpYMkpDTUpWYUt2cml2aG5jLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8yMmI4OGItMWZiZi00MGY0LWFkYTUt MjcwOTI5ZDA1MTkyLzEvQW9udXpxSjVRVEpYMkpDTUpWYUt2cml2aG5jLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNi8yMmI4OGItMWZiZi00MGY0LWFkYTUtMjcwOTI5ZDA1MTky LzEvQW9udXpxSjVRVEpYMkpDTUpWYUt2cml2aG5jLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAZBH8hY+1 5iJk/wik8eBlyTrmXA4MxC6QKaX1C7ZE7ES48IhdlE3ykovoL+dJ8PPi2qUq9HaK kBmN7HgvEk1iSQ7RBeMf0cJ2Lkh8vgjPUHkFt1ktKWSnNwrb58z36F1JIyYj8zpy 7f1jp4TpQ7gnEBfpUqlH8TZ+35X9wgWH/7JGK6LH/dG+BWVFZbar+wV5vl2s95tD UGWO6DrKGz2o5sViKwGhZHoI0FBWG6zNcQWzPaB+KoIvfCgX25U+JIUMmiLqxc53 LkSR2pjGwYkUFNJvME9SViNOVdZ21jR+pAWG290m+sJY2f46kVXc08y5Dn4NZ2te hy4u7A+hDvzffw== -----END CERTIFICATE-----Generated at Sat Dec 6 11:42:31 2025 by rpki-client