This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/61ae21-8f63-4fd0-a6b5-d57255e25fee/1/aHyL8iKia_HJxmOMw1bSg1UC8tY.mft File: aHyL8iKia_HJxmOMw1bSg1UC8tY.mft (raw, json) Hash identifier: C2Ku1hdkXto6QCwHiMWLTPI3sT+D3YR5qCwIStlSrN4= Subject key identifier: 50:93:20:C4:5C:DB:EA:BC:08:6E:84:C1:4C:B2:FE:80:4A:96:3C:1E Authority key identifier: 68:7C:8B:F2:22:A2:6B:F1:C9:C6:63:8C:C3:56:D2:83:55:02:F2:D6 Certificate issuer: /CN=687c8bf222a26bf1c9c6638cc356d2835502f2d6 Certificate serial: 019AF12F0BBB587956303A429774AA2B4984 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aHyL8iKia_HJxmOMw1bSg1UC8tY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/61ae21-8f63-4fd0-a6b5-d57255e25fee/1/aHyL8iKia_HJxmOMw1bSg1UC8tY.mft Manifest number: 08A1 Signing time: Sat 06 Dec 2025 01:03:03 +0000 Manifest this update: Sat 06 Dec 2025 01:03:03 +0000 Manifest next update: Sun 07 Dec 2025 01:03:03 +0000 Files and hashes: 1: aHyL8iKia_HJxmOMw1bSg1UC8tY.crl (hash: 1p+U4ERGUFzgTtAb8y66MU+N52gMnJFDVNZY+RiEkOk=) 2: szxe0DPYsGTMI_tgKM1yaWgLDtI.roa (hash: fjZgmmGMINi/iYDucRgC4NEVBx45QTUkAnBaw6M5XK4=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/61ae21-8f63-4fd0-a6b5-d57255e25fee/1/aHyL8iKia_HJxmOMw1bSg1UC8tY.crl rsync://rpki.ripe.net/repository/DEFAULT/38/61ae21-8f63-4fd0-a6b5-d57255e25fee/1/aHyL8iKia_HJxmOMw1bSg1UC8tY.mft rsync://rpki.ripe.net/repository/DEFAULT/aHyL8iKia_HJxmOMw1bSg1UC8tY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 01:03:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:2f:0b:bb:58:79:56:30:3a:42:97:74:aa:2b:49:84 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=687c8bf222a26bf1c9c6638cc356d2835502f2d6 Validity Not Before: Dec 6 01:03:03 2025 GMT Not After : Dec 7 01:03:03 2025 GMT Subject: CN=509320c45cdbeabc086e84c14cb2fe804a963c1e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:48:76:35:da:6a:48:ff:a8:8e:ad:22:10:b2: 61:b8:0e:fd:10:9b:e2:25:2d:b8:1a:28:c5:c0:c4: 6d:fd:0d:5f:76:60:db:17:88:c4:60:c0:4a:f6:05: 08:b7:de:dd:cc:fa:63:88:d7:e5:bb:06:84:dd:94: 32:9f:c1:b9:1f:29:cd:fc:55:84:9b:63:4c:f4:b1: 28:e2:7b:8e:fa:5f:02:0c:99:cb:a9:9e:76:f2:55: 2a:57:77:8f:55:7e:68:53:03:6e:69:07:6d:e5:ea: 22:30:70:19:d3:a1:dc:55:88:5f:37:08:43:70:92: 2f:c1:b0:1d:96:24:be:09:2e:3d:0c:e9:78:15:ae: 92:08:c1:0c:98:b9:a8:4e:fa:8f:2c:b0:f5:31:85: 1b:fb:f4:6b:04:bd:fc:96:6d:3e:b5:33:b1:62:16: 15:13:c1:d7:44:f2:06:4e:32:a1:38:7b:4f:ab:de: 30:0c:c7:fc:91:01:b7:9a:66:06:64:1e:7a:ea:1c: 93:1c:f7:24:a7:0f:67:09:1e:53:a6:b7:94:4b:93: 3f:0a:a9:a6:fe:7a:e3:3f:b4:a2:d9:50:36:f0:ff: bb:f8:55:6a:32:c9:4c:37:0b:27:d3:4c:57:e8:21: 74:04:98:60:1b:b3:f8:f3:94:a6:cf:e8:8c:a1:49: 85:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 50:93:20:C4:5C:DB:EA:BC:08:6E:84:C1:4C:B2:FE:80:4A:96:3C:1E X509v3 Authority Key Identifier: keyid:68:7C:8B:F2:22:A2:6B:F1:C9:C6:63:8C:C3:56:D2:83:55:02:F2:D6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aHyL8iKia_HJxmOMw1bSg1UC8tY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/61ae21-8f63-4fd0-a6b5-d57255e25fee/1/aHyL8iKia_HJxmOMw1bSg1UC8tY.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/38/61ae21-8f63-4fd0-a6b5-d57255e25fee/1/aHyL8iKia_HJxmOMw1bSg1UC8tY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 5b:ac:a0:a2:74:64:5f:fc:d8:48:e7:20:ec:dc:03:d7:e7:98: b5:85:63:16:31:cd:61:de:7e:06:e7:bb:01:24:05:3f:98:c1: c5:52:df:9f:97:bf:82:8b:14:0c:7a:4f:ff:dc:76:2b:14:00: 76:7c:50:1a:df:f4:4c:27:a0:15:2f:aa:3a:6c:c3:23:d4:07: b0:ce:16:9e:78:cf:62:28:73:bb:b2:e7:43:1a:24:4d:86:23: 30:05:66:68:ff:8f:f3:c6:d0:bb:c2:4a:e7:b5:9f:ee:09:c1: 7c:9e:ba:c0:8c:aa:2d:60:68:cf:2f:b2:98:d3:9b:b0:96:82: 46:6c:fc:3d:61:4a:08:a8:23:95:65:91:b0:13:d8:e5:6f:1d: e4:a8:d3:e2:ec:a7:b7:77:f5:b5:2b:1c:a0:20:cc:f4:fb:60: 62:df:ab:2a:ac:b7:27:b8:9c:bc:75:49:44:da:e0:3c:cb:f2: 6c:73:10:c4:72:41:53:d6:7d:84:7c:3f:af:fb:4e:99:09:e8: 79:0d:08:e5:d6:51:24:ed:ed:54:82:a6:95:8b:1d:1d:7c:87: 24:87:64:4f:d3:fb:05:5a:f6:24:c2:7e:24:d9:06:d4:d0:23: 55:81:af:f6:58:71:98:dd:fa:45:0f:df:34:79:7b:34:14:30: be:ca:aa:e0 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrxLwu7WHlWMDpCl3SqK0mEMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY4N2M4YmYyMjJhMjZiZjFjOWM2NjM4Y2MzNTZkMjgzNTUw MmYyZDYwHhcNMjUxMjA2MDEwMzAzWhcNMjUxMjA3MDEwMzAzWjAzMTEwLwYDVQQD Eyg1MDkzMjBjNDVjZGJlYWJjMDg2ZTg0YzE0Y2IyZmU4MDRhOTYzYzFlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoUh2NdpqSP+ojq0iELJhuA79EJvi JS24GijFwMRt/Q1fdmDbF4jEYMBK9gUIt97dzPpjiNfluwaE3ZQyn8G5HynN/FWE m2NM9LEo4nuO+l8CDJnLqZ528lUqV3ePVX5oUwNuaQdt5eoiMHAZ06HcVYhfNwhD cJIvwbAdliS+CS49DOl4Fa6SCMEMmLmoTvqPLLD1MYUb+/RrBL38lm0+tTOxYhYV E8HXRPIGTjKhOHtPq94wDMf8kQG3mmYGZB566hyTHPckpw9nCR5TpreUS5M/Cqmm /nrjP7Si2VA28P+7+FVqMslMNwsn00xX6CF0BJhgG7P485Smz+iMoUmFdwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFCTIMRc2+q8CG6EwUyy/oBKljweMB8GA1UdIwQY MBaAFGh8i/IiomvxycZjjMNW0oNVAvLWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYUh5TDhpS2lhX0hKeG1PTXcxYlNnMVVDOHRZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC82MWFlMjEtOGY2My00ZmQwLWE2YjUt ZDU3MjU1ZTI1ZmVlLzEvYUh5TDhpS2lhX0hKeG1PTXcxYlNnMVVDOHRZLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zOC82MWFlMjEtOGY2My00ZmQwLWE2YjUtZDU3MjU1ZTI1ZmVl LzEvYUh5TDhpS2lhX0hKeG1PTXcxYlNnMVVDOHRZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAW6ygonRk X/zYSOcg7NwD1+eYtYVjFjHNYd5+Bue7ASQFP5jBxVLfn5e/gosUDHpP/9x2KxQA dnxQGt/0TCegFS+qOmzDI9QHsM4WnnjPYihzu7LnQxokTYYjMAVmaP+P88bQu8JK 57Wf7gnBfJ66wIyqLWBozy+ymNObsJaCRmz8PWFKCKgjlWWRsBPY5W8d5KjT4uyn t3f1tSscoCDM9PtgYt+rKqy3J7icvHVJRNrgPMvybHMQxHJBU9Z9hHw/r/tOmQno eQ0I5dZRJO3tVIKmlYsdHXyHJIdkT9P7BVr2JMJ+JNkG1NAjVYGv9lhxmN36RQ/f NHl7NBQwvsqq4A== -----END CERTIFICATE-----Generated at Sat Dec 6 11:20:32 2025 by rpki-client