This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.mft File: AonuzqJ5QTJX2JCMJVaKvrivhnc.mft (raw, json) Hash identifier: CCwtNCBnCyymNWklhJG/tL1j/BMjYoRRcsVmA/xwb54= Subject key identifier: D8:7C:A5:35:54:15:36:DB:D1:B8:AE:D5:0E:96:73:CF:15:5D:A1:C0 Authority key identifier: 02:89:EE:CE:A2:79:41:32:57:D8:90:8C:25:56:8A:BE:B8:AF:86:77 Certificate issuer: /CN=0289eecea279413257d8908c25568abeb8af8677 Certificate serial: 019B3EDB06EBB589E8BE696F9BF7CBE13E55 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AonuzqJ5QTJX2JCMJVaKvrivhnc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.mft Manifest number: 0D00 Signing time: Sun 21 Dec 2025 03:01:39 +0000 Manifest this update: Sun 21 Dec 2025 03:01:39 +0000 Manifest next update: Mon 22 Dec 2025 03:01:39 +0000 Files and hashes: 1: AonuzqJ5QTJX2JCMJVaKvrivhnc.crl (hash: NRnTvXUqqlw9BYMKAh0No0gUGuaA1vX0HCs7Y6jEUIs=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.crl rsync://rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.mft rsync://rpki.ripe.net/repository/DEFAULT/AonuzqJ5QTJX2JCMJVaKvrivhnc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3e:db:06:eb:b5:89:e8:be:69:6f:9b:f7:cb:e1:3e:55 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0289eecea279413257d8908c25568abeb8af8677 Validity Not Before: Dec 21 03:01:39 2025 GMT Not After : Dec 22 03:01:39 2025 GMT Subject: CN=d87ca535541536dbd1b8aed50e9673cf155da1c0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:bb:e0:4a:bc:d2:05:9e:47:09:84:45:dd:1b: fe:47:b3:e5:91:ec:d8:d5:5a:6a:c5:ef:2f:dd:98: db:af:b8:40:c8:39:e0:97:e8:ab:ee:f4:86:af:b6: f4:e9:57:a5:20:6b:67:05:82:64:29:b9:cd:d8:a2: bc:95:c6:f0:12:e5:a7:27:92:69:8b:24:a2:48:ed: c6:02:fb:1c:79:6b:7f:74:64:60:21:36:2a:0d:cb: ea:2a:49:5f:c6:44:86:e2:70:5e:94:f0:af:d8:4c: ef:35:61:39:57:91:8d:ea:c9:38:44:30:9e:b9:08: c1:4f:e5:7e:bb:95:a2:35:d1:6a:f7:83:66:42:81: ca:ec:df:96:22:95:2d:da:24:0b:fa:b1:4d:3d:cd: a0:7d:69:2d:72:fe:11:a2:98:f6:c4:fc:66:52:5b: 26:d3:55:9d:72:c3:81:de:0a:8b:6f:9c:98:9e:fd: f4:df:32:b3:8a:16:63:d0:eb:1a:83:99:3c:d1:6a: 2d:dd:0b:9f:f4:71:3a:54:ed:ed:b8:b6:0a:d8:48: 4e:29:f1:bc:db:7b:d6:cf:c2:46:b3:d9:56:b9:c0: 7f:ce:4c:0b:79:32:ca:ec:06:4e:c5:a8:2f:94:d3: be:c7:7d:62:ae:8a:0d:72:fd:5a:eb:59:d1:0a:43: 90:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:7C:A5:35:54:15:36:DB:D1:B8:AE:D5:0E:96:73:CF:15:5D:A1:C0 X509v3 Authority Key Identifier: keyid:02:89:EE:CE:A2:79:41:32:57:D8:90:8C:25:56:8A:BE:B8:AF:86:77 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AonuzqJ5QTJX2JCMJVaKvrivhnc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/36/22b88b-1fbf-40f4-ada5-270929d05192/1/AonuzqJ5QTJX2JCMJVaKvrivhnc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 47:c5:62:6d:44:89:07:f1:6b:52:79:f8:37:eb:31:d5:18:bb: c7:c9:a1:6b:93:d2:9b:03:21:c2:44:f6:85:d6:8c:30:b4:c8: e0:c4:cb:65:40:f8:cb:33:1d:25:a2:e8:a9:fe:4e:9c:2e:04: e0:6d:cc:fb:21:cf:05:95:73:42:26:5c:64:73:2a:62:28:ef: 58:b6:3f:87:93:4f:a1:c4:79:03:5b:03:e0:ba:e2:6e:c5:df: fa:08:dd:72:59:de:4d:91:6b:0b:76:4b:12:c2:f5:15:f8:0b: 0a:83:12:bf:8f:f0:16:a8:c5:f8:3a:4d:bf:09:f5:13:a4:dd: a5:da:5a:8b:83:dc:73:58:87:1b:17:95:fc:9e:05:d7:f2:71: b5:f2:cd:11:4d:8f:fa:de:fc:47:ce:5f:4e:f8:eb:bf:48:1a: 5e:db:d5:8a:97:4b:49:70:0f:16:a5:db:ae:e5:17:17:77:fe: 1c:54:64:17:ec:76:04:89:bd:24:72:80:62:bf:ac:2f:89:2b: 2d:e9:61:35:5f:08:59:fe:1d:bc:76:77:a8:3f:84:fc:19:b2: 82:23:5a:65:2a:17:a7:11:82:26:7b:43:92:6f:8d:3b:40:67: cf:19:52:45:4a:5f:1c:9b:ae:b2:49:78:c3:47:71:65:63:2a: b6:9f:19:fa -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZs+2wbrtYnovmlvm/fL4T5VMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDAyODllZWNlYTI3OTQxMzI1N2Q4OTA4YzI1NTY4YWJlYjhh Zjg2NzcwHhcNMjUxMjIxMDMwMTM5WhcNMjUxMjIyMDMwMTM5WjAzMTEwLwYDVQQD EyhkODdjYTUzNTU0MTUzNmRiZDFiOGFlZDUwZTk2NzNjZjE1NWRhMWMwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu7vgSrzSBZ5HCYRF3Rv+R7PlkezY 1Vpqxe8v3Zjbr7hAyDngl+ir7vSGr7b06VelIGtnBYJkKbnN2KK8lcbwEuWnJ5Jp iySiSO3GAvsceWt/dGRgITYqDcvqKklfxkSG4nBelPCv2EzvNWE5V5GN6sk4RDCe uQjBT+V+u5WiNdFq94NmQoHK7N+WIpUt2iQL+rFNPc2gfWktcv4Ropj2xPxmUlsm 01WdcsOB3gqLb5yYnv303zKzihZj0Osag5k80Wot3Quf9HE6VO3tuLYK2EhOKfG8 23vWz8JGs9lWucB/zkwLeTLK7AZOxagvlNO+x31irooNcv1a61nRCkOQBQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFNh8pTVUFTbb0biu1Q6Wc88VXaHAMB8GA1UdIwQY MBaAFAKJ7s6ieUEyV9iQjCVWir64r4Z3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQW9udXpxSjVRVEpYMkpDTUpWYUt2cml2aG5jLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi8yMmI4OGItMWZiZi00MGY0LWFkYTUt MjcwOTI5ZDA1MTkyLzEvQW9udXpxSjVRVEpYMkpDTUpWYUt2cml2aG5jLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNi8yMmI4OGItMWZiZi00MGY0LWFkYTUtMjcwOTI5ZDA1MTky LzEvQW9udXpxSjVRVEpYMkpDTUpWYUt2cml2aG5jLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAR8VibUSJ B/FrUnn4N+sx1Ri7x8mha5PSmwMhwkT2hdaMMLTI4MTLZUD4yzMdJaLoqf5OnC4E 4G3M+yHPBZVzQiZcZHMqYijvWLY/h5NPocR5A1sD4LribsXf+gjdclneTZFrC3ZL EsL1FfgLCoMSv4/wFqjF+DpNvwn1E6Tdpdpai4Pcc1iHGxeV/J4F1/JxtfLNEU2P +t78R85fTvjrv0gaXtvVipdLSXAPFqXbruUXF3f+HFRkF+x2BIm9JHKAYr+sL4kr LelhNV8IWf4dvHZ3qD+E/BmygiNaZSoXpxGCJntDkm+NO0BnzxlSRUpfHJuuskl4 w0dxZWMqtp8Z+g== -----END CERTIFICATE-----Generated at Sun Dec 21 10:18:12 2025 by rpki-client