This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/eb19cb-ac83-451e-9b54-8be3df89f359/1/aAkoqR-PfmOX5sZdDgtmKReW01I.mft File: aAkoqR-PfmOX5sZdDgtmKReW01I.mft (raw, json) Hash identifier: L9tOpa5qaLkQkgZ0f1VoJ345Zvzfoi+2/a56ewuDops= Subject key identifier: 17:51:EA:46:42:B2:DD:BF:60:F9:09:C2:1D:E3:27:8E:FB:27:33:A6 Authority key identifier: 68:09:28:A9:1F:8F:7E:63:97:E6:C6:5D:0E:0B:66:29:17:96:D3:52 Certificate issuer: /CN=680928a91f8f7e6397e6c65d0e0b66291796d352 Certificate serial: 019AF0887017E2ECC685556456947AE68432 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aAkoqR-PfmOX5sZdDgtmKReW01I.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/eb19cb-ac83-451e-9b54-8be3df89f359/1/aAkoqR-PfmOX5sZdDgtmKReW01I.mft Manifest number: 1324 Signing time: Fri 05 Dec 2025 22:01:04 +0000 Manifest this update: Fri 05 Dec 2025 22:01:04 +0000 Manifest next update: Sat 06 Dec 2025 22:01:04 +0000 Files and hashes: 1: aAkoqR-PfmOX5sZdDgtmKReW01I.crl (hash: fU3RHEY5sfgmbCcz+etrXNVPyqYhXo4KR5GxHPcAf0I=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/60/eb19cb-ac83-451e-9b54-8be3df89f359/1/aAkoqR-PfmOX5sZdDgtmKReW01I.crl rsync://rpki.ripe.net/repository/DEFAULT/60/eb19cb-ac83-451e-9b54-8be3df89f359/1/aAkoqR-PfmOX5sZdDgtmKReW01I.mft rsync://rpki.ripe.net/repository/DEFAULT/aAkoqR-PfmOX5sZdDgtmKReW01I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 22:01:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f0:88:70:17:e2:ec:c6:85:55:64:56:94:7a:e6:84:32 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=680928a91f8f7e6397e6c65d0e0b66291796d352 Validity Not Before: Dec 5 22:01:04 2025 GMT Not After : Dec 6 22:01:04 2025 GMT Subject: CN=1751ea4642b2ddbf60f909c21de3278efb2733a6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:09:0e:e1:58:65:59:18:38:c4:57:46:91:0c: ec:eb:f6:ee:35:d8:bc:d5:08:da:ce:b6:3f:b7:b5: f5:8a:11:ba:db:4d:c6:42:61:25:4e:13:51:1c:f9: a5:5b:39:2c:d3:ff:2f:f7:77:9a:fa:c3:a7:ad:60: 71:17:06:bb:73:73:77:fb:7d:e8:50:99:83:ca:f4: e2:6c:94:81:ac:ec:e9:6c:58:ff:5c:69:9d:bf:57: 12:22:19:ca:bb:e2:41:aa:30:dd:4a:94:6a:60:00: 5b:bc:70:16:8e:2d:2e:01:55:d7:f5:ee:fa:e0:2e: 03:b6:bc:6b:df:88:83:98:93:b1:0c:78:23:85:b5: 7c:6c:97:90:60:4e:71:8f:80:f3:1d:bc:b9:06:1b: a9:0a:47:25:90:08:ec:3a:3e:bc:1d:57:70:9f:1c: 20:8b:d8:c7:4e:d7:0f:30:1a:bc:97:64:0f:cc:98: 79:ab:26:8a:14:9a:e6:3d:8f:75:31:b4:73:3b:34: f4:4d:8f:b6:e6:41:ed:2b:79:b5:9c:9d:a0:51:ad: 81:2d:79:9d:8a:45:68:63:6a:73:eb:0c:bb:0d:69: c0:ef:06:53:5e:92:0b:4c:31:e5:6b:5b:14:a1:61: e5:37:85:e5:15:c9:fb:44:7e:c8:ff:ee:0f:ca:ca: 3f:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 17:51:EA:46:42:B2:DD:BF:60:F9:09:C2:1D:E3:27:8E:FB:27:33:A6 X509v3 Authority Key Identifier: keyid:68:09:28:A9:1F:8F:7E:63:97:E6:C6:5D:0E:0B:66:29:17:96:D3:52 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aAkoqR-PfmOX5sZdDgtmKReW01I.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/eb19cb-ac83-451e-9b54-8be3df89f359/1/aAkoqR-PfmOX5sZdDgtmKReW01I.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/60/eb19cb-ac83-451e-9b54-8be3df89f359/1/aAkoqR-PfmOX5sZdDgtmKReW01I.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 89:9d:10:a5:c8:63:78:b1:65:94:09:4e:b8:64:a0:09:8c:73: f3:58:e8:86:3d:82:38:b8:47:ca:aa:3a:09:fa:f7:23:d4:25: 1b:da:e4:d2:05:b7:b9:14:6d:82:b4:d1:fa:a8:27:36:ff:9a: 4a:31:3c:92:db:95:73:00:ff:40:06:b3:57:e2:65:bc:96:16: 9e:4c:29:37:c8:65:de:76:70:34:e3:58:8a:16:db:5d:2f:fc: 54:e0:75:39:c9:e2:66:78:66:82:c4:c1:79:ee:4a:25:94:02: 17:bf:62:b0:87:d8:95:2d:f7:07:ef:7e:2d:08:76:19:27:eb: ae:0f:4c:42:b4:17:39:7f:80:01:a1:3b:e9:6f:03:c7:ee:01: fd:ac:fa:6d:f6:74:fe:b5:a5:12:bc:cc:f0:41:a3:19:85:93: f6:51:90:98:e2:e3:5f:99:07:27:d4:b4:d1:d7:72:5b:50:ef: 25:23:4b:c6:61:bc:b6:57:6d:b7:ed:93:b3:00:1e:4a:69:2a: 96:9d:16:48:57:1a:1c:29:58:c0:da:65:6c:35:62:55:c3:95: c9:1d:70:5a:c8:64:8e:22:3f:7f:e1:67:a8:38:46:fd:90:f4: 58:b9:d9:c7:bb:b0:f9:49:f8:09:7f:45:00:83:a2:e6:c8:df: ea:19:69:c4 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrwiHAX4uzGhVVkVpR65oQyMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY4MDkyOGE5MWY4ZjdlNjM5N2U2YzY1ZDBlMGI2NjI5MTc5 NmQzNTIwHhcNMjUxMjA1MjIwMTA0WhcNMjUxMjA2MjIwMTA0WjAzMTEwLwYDVQQD EygxNzUxZWE0NjQyYjJkZGJmNjBmOTA5YzIxZGUzMjc4ZWZiMjczM2E2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0gkO4VhlWRg4xFdGkQzs6/buNdi8 1QjazrY/t7X1ihG6203GQmElThNRHPmlWzks0/8v93ea+sOnrWBxFwa7c3N3+33o UJmDyvTibJSBrOzpbFj/XGmdv1cSIhnKu+JBqjDdSpRqYABbvHAWji0uAVXX9e76 4C4Dtrxr34iDmJOxDHgjhbV8bJeQYE5xj4DzHby5BhupCkclkAjsOj68HVdwnxwg i9jHTtcPMBq8l2QPzJh5qyaKFJrmPY91MbRzOzT0TY+25kHtK3m1nJ2gUa2BLXmd ikVoY2pz6wy7DWnA7wZTXpILTDHla1sUoWHlN4XlFcn7RH7I/+4Pyso/HQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFBdR6kZCst2/YPkJwh3jJ477JzOmMB8GA1UdIwQY MBaAFGgJKKkfj35jl+bGXQ4LZikXltNSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYUFrb3FSLVBmbU9YNXNaZERndG1LUmVXMDFJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9lYjE5Y2ItYWM4My00NTFlLTliNTQt OGJlM2RmODlmMzU5LzEvYUFrb3FSLVBmbU9YNXNaZERndG1LUmVXMDFJLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82MC9lYjE5Y2ItYWM4My00NTFlLTliNTQtOGJlM2RmODlmMzU5 LzEvYUFrb3FSLVBmbU9YNXNaZERndG1LUmVXMDFJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAiZ0Qpchj eLFllAlOuGSgCYxz81johj2COLhHyqo6Cfr3I9QlG9rk0gW3uRRtgrTR+qgnNv+a SjE8ktuVcwD/QAazV+JlvJYWnkwpN8hl3nZwNONYihbbXS/8VOB1OcniZnhmgsTB ee5KJZQCF79isIfYlS33B+9+LQh2GSfrrg9MQrQXOX+AAaE76W8Dx+4B/az6bfZ0 /rWlErzM8EGjGYWT9lGQmOLjX5kHJ9S00ddyW1DvJSNLxmG8tldtt+2TswAeSmkq lp0WSFcaHClYwNplbDViVcOVyR1wWshkjiI/f+FnqDhG/ZD0WLnZx7uw+Un4CX9F AIOi5sjf6hlpxA== -----END CERTIFICATE-----Generated at Sat Dec 6 07:23:17 2025 by rpki-client