This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/590e2f-decc-4887-8e03-e76b54466654/1/aYKbRIrY-WOg7P-LIhbKnOnOb0E.mft File: aYKbRIrY-WOg7P-LIhbKnOnOb0E.mft (raw, json) Hash identifier: eT0JBrc93jNNuvKWHl2I3VjuNVLb2BPFwKNrnD0tFkA= Subject key identifier: 58:77:DA:E7:69:30:01:8B:02:DA:78:57:27:9D:7C:71:29:4E:74:8C Authority key identifier: 69:82:9B:44:8A:D8:F9:63:A0:EC:FF:8B:22:16:CA:9C:E9:CE:6F:41 Certificate issuer: /CN=69829b448ad8f963a0ecff8b2216ca9ce9ce6f41 Certificate serial: 019AF1D1A8766A12F20FDA72FEC9FBB50C57 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aYKbRIrY-WOg7P-LIhbKnOnOb0E.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/590e2f-decc-4887-8e03-e76b54466654/1/aYKbRIrY-WOg7P-LIhbKnOnOb0E.mft Manifest number: 079A Signing time: Sat 06 Dec 2025 04:00:40 +0000 Manifest this update: Sat 06 Dec 2025 04:00:40 +0000 Manifest next update: Sun 07 Dec 2025 04:00:40 +0000 Files and hashes: 1: WhLENsO2y4UEzkuswA1wx41c4K4.roa (hash: qqWz2hpUFCfdOvnndjkfI9tgPQ2D7KLxkWgnxyi1reI=) 2: aYKbRIrY-WOg7P-LIhbKnOnOb0E.crl (hash: ArG04eh51YNFXuN4fdIWYUfR4UnpeRgtOf1nYSQjenA=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/590e2f-decc-4887-8e03-e76b54466654/1/aYKbRIrY-WOg7P-LIhbKnOnOb0E.crl rsync://rpki.ripe.net/repository/DEFAULT/5d/590e2f-decc-4887-8e03-e76b54466654/1/aYKbRIrY-WOg7P-LIhbKnOnOb0E.mft rsync://rpki.ripe.net/repository/DEFAULT/aYKbRIrY-WOg7P-LIhbKnOnOb0E.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 04:00:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f1:d1:a8:76:6a:12:f2:0f:da:72:fe:c9:fb:b5:0c:57 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=69829b448ad8f963a0ecff8b2216ca9ce9ce6f41 Validity Not Before: Dec 6 04:00:40 2025 GMT Not After : Dec 7 04:00:40 2025 GMT Subject: CN=5877dae76930018b02da7857279d7c71294e748c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:b1:a0:2c:fc:35:a3:c0:8f:2d:91:73:eb:53: d0:86:34:e2:a1:67:6e:ff:d9:51:63:1e:1d:4e:58: ba:7b:26:bf:53:7c:18:b2:e2:ce:b3:fa:bf:88:25: e1:c5:5b:ed:31:70:72:c4:30:b5:11:b1:7d:03:ae: ee:51:c7:77:97:17:0f:7c:7e:29:99:08:e5:49:44: e1:4b:e8:b6:02:54:95:97:78:b2:c8:d8:5d:ac:ad: 23:0c:32:9d:63:db:cf:09:de:d4:45:fe:a5:bc:a7: a2:75:d1:a6:a5:0b:9f:2b:bc:5f:35:aa:19:8b:a2: 18:7a:da:02:15:dc:25:fd:8d:c1:7d:5c:75:de:24: a2:a6:28:8c:2f:3c:ce:10:6d:be:de:c9:82:06:bb: 41:8b:94:b8:a7:4b:38:c0:26:88:32:d4:13:2b:e3: b5:8f:32:3c:9b:2a:27:01:bf:c6:9b:96:06:7c:29: fa:e2:af:bb:de:47:63:1d:e2:be:42:fd:2b:62:11: cd:9b:c4:be:6f:f1:73:63:a1:9b:c9:75:07:f3:5f: 01:bd:07:45:37:dc:a2:0f:42:65:87:f0:76:07:19: 3f:20:77:3f:03:3c:a1:51:0c:b5:3c:de:a5:69:13: a3:ce:dc:47:35:e4:c9:d6:38:1c:82:d7:ce:8c:ef: 4f:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 58:77:DA:E7:69:30:01:8B:02:DA:78:57:27:9D:7C:71:29:4E:74:8C X509v3 Authority Key Identifier: keyid:69:82:9B:44:8A:D8:F9:63:A0:EC:FF:8B:22:16:CA:9C:E9:CE:6F:41 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aYKbRIrY-WOg7P-LIhbKnOnOb0E.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/590e2f-decc-4887-8e03-e76b54466654/1/aYKbRIrY-WOg7P-LIhbKnOnOb0E.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/590e2f-decc-4887-8e03-e76b54466654/1/aYKbRIrY-WOg7P-LIhbKnOnOb0E.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 17:78:e1:26:47:8f:cb:ae:84:e0:67:24:92:eb:ee:50:9f:02: d8:50:48:b4:a6:67:6c:55:12:04:e4:c3:97:5a:de:6d:fe:8f: 6b:a9:e8:28:1a:63:94:0d:b9:5e:c2:54:b9:05:12:5e:4d:d6: 51:d6:b9:8f:a9:d6:aa:48:31:f5:d6:53:3c:87:0f:a7:09:40: 30:70:a3:8f:4a:04:0f:83:43:7c:7c:a1:d6:31:ef:80:c2:0e: 2d:ea:62:7f:17:84:a0:4f:7e:26:34:5b:ec:ce:69:dd:02:b4: 0e:1b:27:97:b4:25:85:9b:37:a1:68:28:f1:43:ae:f2:77:d9: 8d:29:43:31:6d:56:f3:7d:89:a7:b1:a5:9a:41:a8:12:96:20: c6:01:39:8c:fc:ca:f4:a2:06:9e:08:99:32:ec:e0:92:e5:8f: 30:ac:27:e0:b2:ac:bd:d3:a0:b3:97:f2:c6:43:2d:3f:2a:49: 5a:3a:95:a0:c3:e7:64:41:a6:f8:2c:20:93:14:10:66:a5:3f: c2:2f:71:6c:1c:1c:55:6f:e6:46:54:7e:e3:ba:52:e9:6a:25: 72:e5:09:ef:90:49:62:15:2c:64:5a:52:17:ab:27:f8:84:8c: 6b:26:74:f1:1b:4d:48:44:7d:aa:c0:59:32:e7:1c:0c:31:78: 92:61:3d:f3 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrx0ah2ahLyD9py/sn7tQxXMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY5ODI5YjQ0OGFkOGY5NjNhMGVjZmY4YjIyMTZjYTljZTlj ZTZmNDEwHhcNMjUxMjA2MDQwMDQwWhcNMjUxMjA3MDQwMDQwWjAzMTEwLwYDVQQD Eyg1ODc3ZGFlNzY5MzAwMThiMDJkYTc4NTcyNzlkN2M3MTI5NGU3NDhjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3LGgLPw1o8CPLZFz61PQhjTioWdu /9lRYx4dTli6eya/U3wYsuLOs/q/iCXhxVvtMXByxDC1EbF9A67uUcd3lxcPfH4p mQjlSUThS+i2AlSVl3iyyNhdrK0jDDKdY9vPCd7URf6lvKeiddGmpQufK7xfNaoZ i6IYetoCFdwl/Y3BfVx13iSipiiMLzzOEG2+3smCBrtBi5S4p0s4wCaIMtQTK+O1 jzI8myonAb/Gm5YGfCn64q+73kdjHeK+Qv0rYhHNm8S+b/FzY6GbyXUH818BvQdF N9yiD0Jlh/B2Bxk/IHc/AzyhUQy1PN6laROjztxHNeTJ1jgcgtfOjO9PwQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFh32udpMAGLAtp4VyedfHEpTnSMMB8GA1UdIwQY MBaAFGmCm0SK2PljoOz/iyIWypzpzm9BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYVlLYlJJclktV09nN1AtTEloYktuT25PYjBFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC81OTBlMmYtZGVjYy00ODg3LThlMDMt ZTc2YjU0NDY2NjU0LzEvYVlLYlJJclktV09nN1AtTEloYktuT25PYjBFLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81ZC81OTBlMmYtZGVjYy00ODg3LThlMDMtZTc2YjU0NDY2NjU0 LzEvYVlLYlJJclktV09nN1AtTEloYktuT25PYjBFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAF3jhJkeP y66E4GckkuvuUJ8C2FBItKZnbFUSBOTDl1rebf6Pa6noKBpjlA25XsJUuQUSXk3W Uda5j6nWqkgx9dZTPIcPpwlAMHCjj0oED4NDfHyh1jHvgMIOLepifxeEoE9+JjRb 7M5p3QK0Dhsnl7QlhZs3oWgo8UOu8nfZjSlDMW1W832Jp7GlmkGoEpYgxgE5jPzK 9KIGngiZMuzgkuWPMKwn4LKsvdOgs5fyxkMtPypJWjqVoMPnZEGm+CwgkxQQZqU/ wi9xbBwcVW/mRlR+47pS6WolcuUJ75BJYhUsZFpSF6sn+ISMayZ08RtNSER9qsBZ MuccDDF4kmE98w== -----END CERTIFICATE-----Generated at Sat Dec 6 15:11:05 2025 by rpki-client