This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/3e9525-a2ce-4e90-900d-80d4945911dd/1/AYGCKpyioAj1zRG5-duhbuLGFFk.mft File: AYGCKpyioAj1zRG5-duhbuLGFFk.mft (raw, json) Hash identifier: YIa/IRP0A8ZqpcJp4pYOuTuWNJueSqCZHynvJGwFwqI= Subject key identifier: 6B:8E:C8:1F:28:4D:72:E7:96:E4:9D:3A:A5:9A:07:33:D6:D9:48:F3 Authority key identifier: 01:81:82:2A:9C:A2:A0:08:F5:CD:11:B9:F9:DB:A1:6E:E2:C6:14:59 Certificate issuer: /CN=0181822a9ca2a008f5cd11b9f9dba16ee2c61459 Certificate serial: 019AF23F651118F5BEAE93F2C3CC8F4F5F23 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AYGCKpyioAj1zRG5-duhbuLGFFk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/3e9525-a2ce-4e90-900d-80d4945911dd/1/AYGCKpyioAj1zRG5-duhbuLGFFk.mft Manifest number: 02A7 Signing time: Sat 06 Dec 2025 06:00:32 +0000 Manifest this update: Sat 06 Dec 2025 06:00:32 +0000 Manifest next update: Sun 07 Dec 2025 06:00:32 +0000 Files and hashes: 1: AYGCKpyioAj1zRG5-duhbuLGFFk.crl (hash: N2J2xMsjGo9zvJP4Dp09dxm47VkVRGxzGWjq9tgZaXM=) 2: g2CXKA0Q172jL1FvPLyV_ep5ju0.roa (hash: 11gRkpCQE+58w0mcA/1mDxt2mYAAWr8ch94H20jZvcI=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/3e9525-a2ce-4e90-900d-80d4945911dd/1/AYGCKpyioAj1zRG5-duhbuLGFFk.crl rsync://rpki.ripe.net/repository/DEFAULT/4f/3e9525-a2ce-4e90-900d-80d4945911dd/1/AYGCKpyioAj1zRG5-duhbuLGFFk.mft rsync://rpki.ripe.net/repository/DEFAULT/AYGCKpyioAj1zRG5-duhbuLGFFk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:3f:65:11:18:f5:be:ae:93:f2:c3:cc:8f:4f:5f:23 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0181822a9ca2a008f5cd11b9f9dba16ee2c61459 Validity Not Before: Dec 6 06:00:32 2025 GMT Not After : Dec 7 06:00:32 2025 GMT Subject: CN=6b8ec81f284d72e796e49d3aa59a0733d6d948f3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:41:b5:02:b6:f7:a9:65:bf:c3:61:41:e2:c6: 25:e8:c6:1a:53:21:b1:53:1a:01:0c:91:a6:6f:e6: 57:5d:d4:41:68:34:44:d3:98:ab:2e:c0:c9:16:67: fe:c7:2e:05:68:ee:09:d4:20:d8:32:80:6e:b4:25: 9e:da:74:77:9c:d6:2d:ab:d7:b2:22:6e:d6:01:5a: 71:26:cd:6c:6c:b6:b1:d2:0d:57:c8:32:ab:e7:5d: 19:4a:b8:c1:2a:be:84:0b:69:e4:ba:4f:80:0b:1d: 6a:58:bb:f5:52:69:3f:1d:97:5b:13:c8:8d:c8:b9: b5:68:34:0f:b8:25:10:2d:1f:71:28:cf:f7:99:11: 8e:81:24:ab:05:99:9b:a5:41:e6:33:cb:a9:64:23: e1:19:18:61:a0:62:bf:fd:da:e3:54:05:e7:56:93: d3:0d:fd:1d:68:69:4b:c8:67:a8:46:9b:fd:49:75: ab:77:5d:08:93:e5:54:de:ba:2b:f0:b7:1f:d3:a4: 22:1b:22:54:6c:bd:49:70:0c:cd:75:86:78:aa:f9: c2:29:43:8b:71:38:68:1d:d8:98:69:dd:d3:e7:0c: 36:cf:4b:93:a2:4a:00:aa:f3:8d:ae:16:c3:33:42: af:d5:fc:9b:c2:11:88:59:b5:a5:86:21:97:dd:8b: 4f:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6B:8E:C8:1F:28:4D:72:E7:96:E4:9D:3A:A5:9A:07:33:D6:D9:48:F3 X509v3 Authority Key Identifier: keyid:01:81:82:2A:9C:A2:A0:08:F5:CD:11:B9:F9:DB:A1:6E:E2:C6:14:59 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AYGCKpyioAj1zRG5-duhbuLGFFk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/3e9525-a2ce-4e90-900d-80d4945911dd/1/AYGCKpyioAj1zRG5-duhbuLGFFk.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/3e9525-a2ce-4e90-900d-80d4945911dd/1/AYGCKpyioAj1zRG5-duhbuLGFFk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 94:19:42:fa:92:2b:a1:09:0e:23:f6:3d:ca:a2:27:97:a1:24: 5e:48:14:80:89:7c:78:9c:1e:8c:86:3a:bd:b9:bf:22:6b:d9: 2d:78:79:cc:97:e1:34:1b:e6:bd:8a:50:ea:ab:4a:37:da:1e: 0e:af:5a:3f:f1:52:f6:1f:04:1a:e8:20:d4:63:c1:8a:e7:dd: 77:49:67:89:59:6a:88:6f:c2:2d:4f:f4:f9:68:a5:52:f1:47: b8:60:f1:31:12:0d:13:66:a3:8b:dc:f6:16:be:17:5a:89:fd: e0:e5:c2:15:ce:fe:b9:60:a3:01:a5:4e:9c:11:d0:4f:de:5e: 9c:66:a0:4c:87:77:51:a1:53:b9:e6:45:d4:79:b5:6f:1f:14: 76:20:24:b4:28:df:f9:3c:87:3b:89:fd:20:45:b9:1e:f3:1a: 22:e0:2e:ae:58:92:30:44:26:bf:1d:dd:56:ef:1a:fc:fb:26: 0f:58:c1:82:6e:da:be:f3:8c:22:91:36:f3:81:05:ea:4d:61: 90:6b:07:57:76:d5:47:41:57:27:d0:10:1e:3f:b4:d6:ba:70: b5:bb:c6:c1:26:8d:0a:2e:bd:60:85:bc:81:c6:a9:81:e9:80: ba:b5:00:cc:74:bd:e2:93:e4:0a:92:54:c1:c8:a8:a2:cc:99: 6a:ca:14:b6 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryP2URGPW+rpPyw8yPT18jMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDAxODE4MjJhOWNhMmEwMDhmNWNkMTFiOWY5ZGJhMTZlZTJj NjE0NTkwHhcNMjUxMjA2MDYwMDMyWhcNMjUxMjA3MDYwMDMyWjAzMTEwLwYDVQQD Eyg2YjhlYzgxZjI4NGQ3MmU3OTZlNDlkM2FhNTlhMDczM2Q2ZDk0OGYzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtUG1Arb3qWW/w2FB4sYl6MYaUyGx UxoBDJGmb+ZXXdRBaDRE05irLsDJFmf+xy4FaO4J1CDYMoButCWe2nR3nNYtq9ey Im7WAVpxJs1sbLax0g1XyDKr510ZSrjBKr6EC2nkuk+ACx1qWLv1Umk/HZdbE8iN yLm1aDQPuCUQLR9xKM/3mRGOgSSrBZmbpUHmM8upZCPhGRhhoGK//drjVAXnVpPT Df0daGlLyGeoRpv9SXWrd10Ik+VU3ror8Lcf06QiGyJUbL1JcAzNdYZ4qvnCKUOL cThoHdiYad3T5ww2z0uTokoAqvONrhbDM0Kv1fybwhGIWbWlhiGX3YtPuwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGuOyB8oTXLnluSdOqWaBzPW2UjzMB8GA1UdIwQY MBaAFAGBgiqcoqAI9c0RufnboW7ixhRZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQVlHQ0tweWlvQWoxelJHNS1kdWhidUxHRkZrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi8zZTk1MjUtYTJjZS00ZTkwLTkwMGQt ODBkNDk0NTkxMWRkLzEvQVlHQ0tweWlvQWoxelJHNS1kdWhidUxHRkZrLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Zi8zZTk1MjUtYTJjZS00ZTkwLTkwMGQtODBkNDk0NTkxMWRk LzEvQVlHQ0tweWlvQWoxelJHNS1kdWhidUxHRkZrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAlBlC+pIr oQkOI/Y9yqInl6EkXkgUgIl8eJwejIY6vbm/ImvZLXh5zJfhNBvmvYpQ6qtKN9oe Dq9aP/FS9h8EGugg1GPBiufdd0lniVlqiG/CLU/0+WilUvFHuGDxMRINE2aji9z2 Fr4XWon94OXCFc7+uWCjAaVOnBHQT95enGagTId3UaFTueZF1Hm1bx8UdiAktCjf +TyHO4n9IEW5HvMaIuAurliSMEQmvx3dVu8a/PsmD1jBgm7avvOMIpE284EF6k1h kGsHV3bVR0FXJ9AQHj+01rpwtbvGwSaNCi69YIW8gcapgemAurUAzHS94pPkCpJU wcioosyZasoUtg== -----END CERTIFICATE-----Generated at Sat Dec 6 12:57:53 2025 by rpki-client