This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/e6b0ca-fd49-4889-a92e-89af1f2628e6/1/aPgE6F8ICkuVFSbfi3IwEAe37es.mft File: aPgE6F8ICkuVFSbfi3IwEAe37es.mft (raw, json) Hash identifier: 6EqTwsjEJ+2T9hY7JR18uHIKwpZQ1wsPcEkm7VbRka0= Subject key identifier: B6:50:B3:26:06:CC:16:1F:66:A9:54:74:78:31:9C:93:EE:AA:26:A7 Authority key identifier: 68:F8:04:E8:5F:08:0A:4B:95:15:26:DF:8B:72:30:10:07:B7:ED:EB Certificate issuer: /CN=68f804e85f080a4b951526df8b72301007b7edeb Certificate serial: 019AF0F5C5244B7FCC1FCF5072106F1C1695 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aPgE6F8ICkuVFSbfi3IwEAe37es.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/e6b0ca-fd49-4889-a92e-89af1f2628e6/1/aPgE6F8ICkuVFSbfi3IwEAe37es.mft Manifest number: 14 Signing time: Sat 06 Dec 2025 00:00:29 +0000 Manifest this update: Sat 06 Dec 2025 00:00:29 +0000 Manifest next update: Sun 07 Dec 2025 00:00:29 +0000 Files and hashes: 1: aPgE6F8ICkuVFSbfi3IwEAe37es.crl (hash: 91nzdO87g0fxBRhmes1BvOL+2EnpNhWruKxqlaA4iyk=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/e6b0ca-fd49-4889-a92e-89af1f2628e6/1/aPgE6F8ICkuVFSbfi3IwEAe37es.crl rsync://rpki.ripe.net/repository/DEFAULT/36/e6b0ca-fd49-4889-a92e-89af1f2628e6/1/aPgE6F8ICkuVFSbfi3IwEAe37es.mft rsync://rpki.ripe.net/repository/DEFAULT/aPgE6F8ICkuVFSbfi3IwEAe37es.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f0:f5:c5:24:4b:7f:cc:1f:cf:50:72:10:6f:1c:16:95 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=68f804e85f080a4b951526df8b72301007b7edeb Validity Not Before: Dec 6 00:00:29 2025 GMT Not After : Dec 7 00:00:29 2025 GMT Subject: CN=b650b32606cc161f66a9547478319c93eeaa26a7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:c8:e3:47:42:70:2e:52:63:b7:e3:1b:66:bb: 2b:f3:2c:ef:28:98:1a:42:f3:e7:7b:5d:d0:68:aa: a5:49:11:d5:10:b5:98:81:17:05:bb:90:15:cb:47: 27:1b:53:5a:6f:92:4c:7f:a2:09:c7:97:e2:dc:25: a3:2c:9e:dc:44:9c:f9:fd:31:25:6d:4c:a2:62:9c: 0d:3e:48:7d:df:cc:de:15:e6:1a:fe:4e:b9:28:09: 27:c6:ab:0c:40:7a:28:45:37:0d:2a:94:47:78:02: 48:8b:81:c5:41:c4:8c:5e:7f:9b:d0:da:06:8b:45: fb:2a:f1:ee:95:d3:1d:64:eb:60:9e:7e:a0:bf:2f: 9b:de:70:94:85:bd:f0:75:1b:59:22:d5:4e:fb:1e: ea:11:1b:c4:df:a1:66:67:da:21:17:b6:39:bd:81: 74:50:ae:9e:16:0e:09:74:0a:a4:27:e9:13:b9:4b: 16:52:36:bf:91:cd:15:93:b0:83:3b:5c:a7:a9:49: 18:b7:12:e2:fe:fe:b1:a5:3d:17:35:56:a4:26:e8: 30:e8:0b:2a:86:95:99:b0:30:01:b5:4a:24:0e:0c: dc:90:0c:87:1f:e3:e7:e9:83:5b:b3:45:6c:a3:f0: cb:ea:30:0b:4d:aa:16:ae:15:4f:91:f0:49:38:18: 20:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B6:50:B3:26:06:CC:16:1F:66:A9:54:74:78:31:9C:93:EE:AA:26:A7 X509v3 Authority Key Identifier: keyid:68:F8:04:E8:5F:08:0A:4B:95:15:26:DF:8B:72:30:10:07:B7:ED:EB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aPgE6F8ICkuVFSbfi3IwEAe37es.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/e6b0ca-fd49-4889-a92e-89af1f2628e6/1/aPgE6F8ICkuVFSbfi3IwEAe37es.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/36/e6b0ca-fd49-4889-a92e-89af1f2628e6/1/aPgE6F8ICkuVFSbfi3IwEAe37es.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5a:22:0d:52:39:b7:ea:8c:40:ce:5d:e4:99:65:d6:cc:64:c7: 4a:0a:8a:90:35:21:e0:8f:dd:4b:38:4e:a7:db:e9:cd:16:9f: a5:20:2e:bc:1e:e8:1b:64:6a:66:a6:80:b8:16:1c:94:7b:cf: 12:81:1d:c2:27:97:dd:a1:65:7c:e3:96:e4:16:cf:79:68:db: 1f:b8:91:47:fe:d5:9c:7f:18:a4:72:2a:75:f5:27:19:fe:e3: 0c:49:d7:75:59:5c:8e:44:ab:84:83:06:92:6d:df:13:1a:76: 53:0d:64:81:e6:dd:dc:ca:3a:e8:03:72:91:e3:ea:e4:2f:4d: 3c:25:58:35:87:c9:86:a5:14:cb:e5:7b:27:23:4c:5a:eb:48: cc:20:09:a2:e7:fb:d7:90:23:51:1a:ef:80:61:a2:7b:78:ce: 10:f4:97:7b:83:ea:82:9e:77:d5:25:6e:42:c4:47:15:11:6a: 77:f2:23:e8:ef:e4:ff:04:3d:3e:d2:cf:a1:12:6f:d8:fa:4e: 50:31:f1:3d:25:63:3d:f1:20:f6:19:81:9b:d5:2c:59:2d:e5: 72:0f:06:9c:e0:97:1c:26:e9:2d:ad:98:ea:6b:7e:7a:be:ea: d0:6b:44:79:bf:93:3f:8a:da:df:fb:dd:ea:ae:85:36:b1:ec: db:fc:fc:3f -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrw9cUkS3/MH89QchBvHBaVMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY4ZjgwNGU4NWYwODBhNGI5NTE1MjZkZjhiNzIzMDEwMDdi N2VkZWIwHhcNMjUxMjA2MDAwMDI5WhcNMjUxMjA3MDAwMDI5WjAzMTEwLwYDVQQD EyhiNjUwYjMyNjA2Y2MxNjFmNjZhOTU0NzQ3ODMxOWM5M2VlYWEyNmE3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyMjjR0JwLlJjt+MbZrsr8yzvKJga QvPne13QaKqlSRHVELWYgRcFu5AVy0cnG1Nab5JMf6IJx5fi3CWjLJ7cRJz5/TEl bUyiYpwNPkh938zeFeYa/k65KAknxqsMQHooRTcNKpRHeAJIi4HFQcSMXn+b0NoG i0X7KvHuldMdZOtgnn6gvy+b3nCUhb3wdRtZItVO+x7qERvE36FmZ9ohF7Y5vYF0 UK6eFg4JdAqkJ+kTuUsWUja/kc0Vk7CDO1ynqUkYtxLi/v6xpT0XNVakJugw6Asq hpWZsDABtUokDgzckAyHH+Pn6YNbs0Vso/DL6jALTaoWrhVPkfBJOBggsQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFLZQsyYGzBYfZqlUdHgxnJPuqianMB8GA1UdIwQY MBaAFGj4BOhfCApLlRUm34tyMBAHt+3rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYVBnRTZGOElDa3VWRlNiZmkzSXdFQWUzN2VzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9lNmIwY2EtZmQ0OS00ODg5LWE5MmUt ODlhZjFmMjYyOGU2LzEvYVBnRTZGOElDa3VWRlNiZmkzSXdFQWUzN2VzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNi9lNmIwY2EtZmQ0OS00ODg5LWE5MmUtODlhZjFmMjYyOGU2 LzEvYVBnRTZGOElDa3VWRlNiZmkzSXdFQWUzN2VzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAWiINUjm3 6oxAzl3kmWXWzGTHSgqKkDUh4I/dSzhOp9vpzRafpSAuvB7oG2RqZqaAuBYclHvP EoEdwieX3aFlfOOW5BbPeWjbH7iRR/7VnH8YpHIqdfUnGf7jDEnXdVlcjkSrhIMG km3fExp2Uw1kgebd3Mo66ANykePq5C9NPCVYNYfJhqUUy+V7JyNMWutIzCAJouf7 15AjURrvgGGie3jOEPSXe4Pqgp531SVuQsRHFRFqd/Ij6O/k/wQ9PtLPoRJv2PpO UDHxPSVjPfEg9hmBm9UsWS3lcg8GnOCXHCbpLa2Y6mt+er7q0GtEeb+TP4ra3/vd 6q6FNrHs2/z8Pw== -----END CERTIFICATE-----Generated at Sat Dec 6 08:02:21 2025 by rpki-client