This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/36b9b1-6ab6-470e-aa43-c8534a3c9498/1/aPw7CfVvin8ea-PJTw8IikKiy1s.mft File: aPw7CfVvin8ea-PJTw8IikKiy1s.mft (raw, json) Hash identifier: ugbOlVrzDM1XaQpEPwAq9aIrp+reeSH8SskglYh3IfY= Subject key identifier: 50:6B:E4:CF:15:79:C0:58:51:35:14:19:54:7F:80:1C:0A:15:B6:AB Authority key identifier: 68:FC:3B:09:F5:6F:8A:7F:1E:6B:E3:C9:4F:0F:08:8A:42:A2:CB:5B Certificate issuer: /CN=68fc3b09f56f8a7f1e6be3c94f0f088a42a2cb5b Certificate serial: 019AF5E5697BC7534DCF8F65A2434FF81145 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aPw7CfVvin8ea-PJTw8IikKiy1s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/36b9b1-6ab6-470e-aa43-c8534a3c9498/1/aPw7CfVvin8ea-PJTw8IikKiy1s.mft Manifest number: 0921 Signing time: Sat 06 Dec 2025 23:00:43 +0000 Manifest this update: Sat 06 Dec 2025 23:00:43 +0000 Manifest next update: Sun 07 Dec 2025 23:00:43 +0000 Files and hashes: 1: aPw7CfVvin8ea-PJTw8IikKiy1s.crl (hash: u71bGXj/jUHrggirUbfFY6ZgNsVuFCPPCa5piDzDH3Q=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/36b9b1-6ab6-470e-aa43-c8534a3c9498/1/aPw7CfVvin8ea-PJTw8IikKiy1s.crl rsync://rpki.ripe.net/repository/DEFAULT/38/36b9b1-6ab6-470e-aa43-c8534a3c9498/1/aPw7CfVvin8ea-PJTw8IikKiy1s.mft rsync://rpki.ripe.net/repository/DEFAULT/aPw7CfVvin8ea-PJTw8IikKiy1s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 21:29:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f5:e5:69:7b:c7:53:4d:cf:8f:65:a2:43:4f:f8:11:45 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=68fc3b09f56f8a7f1e6be3c94f0f088a42a2cb5b Validity Not Before: Dec 6 23:00:43 2025 GMT Not After : Dec 7 23:00:43 2025 GMT Subject: CN=506be4cf1579c05851351419547f801c0a15b6ab Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:ec:f8:af:1b:42:c5:a5:0f:59:b5:52:7b:10: 3f:54:1c:2c:82:bd:23:11:21:ca:6a:da:61:eb:ab: 52:44:57:27:37:2a:94:f5:1b:15:17:e6:11:b4:72: ea:e4:13:4e:56:29:d2:e8:9b:92:02:ac:5b:05:34: 38:4c:5a:81:3d:67:6f:09:13:34:4b:46:e1:cd:38: 6f:64:cc:a9:63:b9:55:95:43:81:1b:fb:52:f6:dc: 64:ea:a0:21:b9:ea:d4:12:9c:22:4a:d5:e5:03:9c: 75:a2:22:dc:ad:95:07:6b:9c:03:97:ef:5a:44:fc: 69:a1:9a:b3:dc:fc:46:3f:20:bb:be:41:82:e9:6d: a8:87:56:7c:fd:dc:08:57:c7:58:f0:ab:12:c6:62: 39:66:a4:e6:d0:ad:0a:8e:8b:b2:ca:04:99:96:80: 70:b4:a3:5a:75:e2:d3:c6:17:8c:dc:f9:ce:61:0c: 58:9c:3d:b2:7a:dc:b5:05:df:d6:f6:2c:17:88:55: b4:12:85:dc:db:8e:cb:d9:62:7b:9a:57:af:19:ca: 3b:04:8b:40:a4:5e:16:67:66:85:35:3c:c5:02:00: e6:08:e2:79:92:a2:97:d1:87:96:4c:f9:39:60:65: eb:1e:43:dd:85:de:c9:52:77:a7:50:49:9c:75:df: c2:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 50:6B:E4:CF:15:79:C0:58:51:35:14:19:54:7F:80:1C:0A:15:B6:AB X509v3 Authority Key Identifier: keyid:68:FC:3B:09:F5:6F:8A:7F:1E:6B:E3:C9:4F:0F:08:8A:42:A2:CB:5B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aPw7CfVvin8ea-PJTw8IikKiy1s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/36b9b1-6ab6-470e-aa43-c8534a3c9498/1/aPw7CfVvin8ea-PJTw8IikKiy1s.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/38/36b9b1-6ab6-470e-aa43-c8534a3c9498/1/aPw7CfVvin8ea-PJTw8IikKiy1s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 88:25:17:44:00:a8:d0:a6:c4:bd:61:d6:67:35:56:68:73:fe: 1e:af:d8:e8:7a:6c:c5:24:ed:ed:47:41:02:5c:9e:ee:36:8d: 0b:a5:ec:58:c6:5b:24:a0:9f:ac:bf:2e:aa:73:f3:df:64:0e: 25:e2:d5:cc:ce:5c:21:7b:a4:2f:90:62:9d:17:15:bc:0f:94: eb:f5:c4:36:6d:cd:70:e8:72:24:52:eb:1c:4b:97:c7:84:da: 10:f9:b1:71:8c:e9:65:aa:e9:5d:18:eb:b4:3c:ad:9d:d2:70: ae:cf:f5:87:e4:ba:88:ce:bf:a2:af:65:45:56:86:5b:a0:d0: ba:ac:5b:8e:39:33:63:f7:0e:2d:5b:8b:7e:44:28:70:4a:23: 4c:24:7a:bb:72:ed:10:f9:69:23:a9:92:a3:90:b4:84:11:8d: 1c:fb:e2:5d:3d:db:06:9e:d2:00:5b:0e:b7:51:b1:01:4d:ae: d4:0a:f2:3d:4a:24:78:2b:c9:cd:9b:db:b7:cd:ff:45:47:6b: 20:8c:6e:1d:9a:97:08:37:4a:ab:c0:0a:7e:7e:77:5d:3d:a7: 75:f4:13:c4:1c:b8:c9:ed:05:b6:19:2e:aa:60:31:62:48:05: 40:cb:53:90:ca:d4:bc:c4:c8:ee:30:bd:2a:14:8e:f0:34:20: 0c:4f:a0:c6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZr15Wl7x1NNz49lokNP+BFFMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY4ZmMzYjA5ZjU2ZjhhN2YxZTZiZTNjOTRmMGYwODhhNDJh MmNiNWIwHhcNMjUxMjA2MjMwMDQzWhcNMjUxMjA3MjMwMDQzWjAzMTEwLwYDVQQD Eyg1MDZiZTRjZjE1NzljMDU4NTEzNTE0MTk1NDdmODAxYzBhMTViNmFiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6+z4rxtCxaUPWbVSexA/VBwsgr0j ESHKatph66tSRFcnNyqU9RsVF+YRtHLq5BNOVinS6JuSAqxbBTQ4TFqBPWdvCRM0 S0bhzThvZMypY7lVlUOBG/tS9txk6qAhuerUEpwiStXlA5x1oiLcrZUHa5wDl+9a RPxpoZqz3PxGPyC7vkGC6W2oh1Z8/dwIV8dY8KsSxmI5ZqTm0K0KjouyygSZloBw tKNadeLTxheM3PnOYQxYnD2yety1Bd/W9iwXiFW0EoXc247L2WJ7mlevGco7BItA pF4WZ2aFNTzFAgDmCOJ5kqKX0YeWTPk5YGXrHkPdhd7JUnenUEmcdd/CnQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFBr5M8VecBYUTUUGVR/gBwKFbarMB8GA1UdIwQY MBaAFGj8Own1b4p/HmvjyU8PCIpCostbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYVB3N0NmVnZpbjhlYS1QSlR3OElpa0tpeTFzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zNmI5YjEtNmFiNi00NzBlLWFhNDMt Yzg1MzRhM2M5NDk4LzEvYVB3N0NmVnZpbjhlYS1QSlR3OElpa0tpeTFzLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zOC8zNmI5YjEtNmFiNi00NzBlLWFhNDMtYzg1MzRhM2M5NDk4 LzEvYVB3N0NmVnZpbjhlYS1QSlR3OElpa0tpeTFzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiCUXRACo 0KbEvWHWZzVWaHP+Hq/Y6HpsxSTt7UdBAlye7jaNC6XsWMZbJKCfrL8uqnPz32QO JeLVzM5cIXukL5BinRcVvA+U6/XENm3NcOhyJFLrHEuXx4TaEPmxcYzpZarpXRjr tDytndJwrs/1h+S6iM6/oq9lRVaGW6DQuqxbjjkzY/cOLVuLfkQocEojTCR6u3Lt EPlpI6mSo5C0hBGNHPviXT3bBp7SAFsOt1GxAU2u1AryPUokeCvJzZvbt83/RUdr IIxuHZqXCDdKq8AKfn53XT2ndfQTxBy4ye0FthkuqmAxYkgFQMtTkMrUvMTI7jC9 KhSO8DQgDE+gxg== -----END CERTIFICATE-----Generated at Sun Dec 7 01:35:28 2025 by rpki-client