This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/a76a86-75b3-4cef-a340-31b2a607ba97/1/aQomMkmEfPlzRHQiE2RPkpvqqZc.mft File: aQomMkmEfPlzRHQiE2RPkpvqqZc.mft (raw, json) Hash identifier: vU4N1+PxeIGCJY9KlqG9yA+71ueib/DLXd6wXgMvJbc= Subject key identifier: F2:97:10:36:6F:3A:FE:39:09:82:FD:1A:B8:21:23:49:24:35:25:98 Authority key identifier: 69:0A:26:32:49:84:7C:F9:73:44:74:22:13:64:4F:92:9B:EA:A9:97 Certificate issuer: /CN=690a263249847cf97344742213644f929beaa997 Certificate serial: 019AF31B7625AABDFC7F793F47710567B9C5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aQomMkmEfPlzRHQiE2RPkpvqqZc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/a76a86-75b3-4cef-a340-31b2a607ba97/1/aQomMkmEfPlzRHQiE2RPkpvqqZc.mft Manifest number: 09C1 Signing time: Sat 06 Dec 2025 10:00:54 +0000 Manifest this update: Sat 06 Dec 2025 10:00:54 +0000 Manifest next update: Sun 07 Dec 2025 10:00:54 +0000 Files and hashes: 1: DY21Bg3oUbtzm77wQkCwRHIkQQk.roa (hash: qZIMcnP47zIIcLpWesPleUJ2XdB9zCYyYyzYWyBj/nk=) 2: aQomMkmEfPlzRHQiE2RPkpvqqZc.crl (hash: 4tHsKX1VLwlfn5eLztwrNST654fqumbcsQSa7TB28HM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/a76a86-75b3-4cef-a340-31b2a607ba97/1/aQomMkmEfPlzRHQiE2RPkpvqqZc.crl rsync://rpki.ripe.net/repository/DEFAULT/64/a76a86-75b3-4cef-a340-31b2a607ba97/1/aQomMkmEfPlzRHQiE2RPkpvqqZc.mft rsync://rpki.ripe.net/repository/DEFAULT/aQomMkmEfPlzRHQiE2RPkpvqqZc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f3:1b:76:25:aa:bd:fc:7f:79:3f:47:71:05:67:b9:c5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=690a263249847cf97344742213644f929beaa997 Validity Not Before: Dec 6 10:00:54 2025 GMT Not After : Dec 7 10:00:54 2025 GMT Subject: CN=f29710366f3afe390982fd1ab821234924352598 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:a9:ac:0f:fa:49:61:15:2a:05:eb:ea:38:60: d4:7a:f4:ea:00:b8:28:76:6b:31:d9:11:fc:70:74: 4c:10:b4:4d:f8:80:5e:97:da:bd:fd:22:e9:b3:53: c4:8b:f1:29:fd:46:9f:cb:86:d0:ca:d9:60:6e:4a: 52:be:ec:4c:39:4f:b8:6a:15:04:af:a2:04:69:18: eb:ff:ea:44:66:64:ac:cc:ec:e6:59:6d:a6:b7:b4: c5:05:2a:8d:71:ca:2e:38:e5:93:3e:84:a9:18:00: b0:e9:f2:f9:ec:96:2e:ef:a6:03:57:9f:d6:e9:de: ad:48:de:dc:ac:3c:f4:ca:de:ce:6d:6b:84:6f:59: d5:9e:f5:09:e9:b5:09:e5:63:74:71:20:31:60:74: ea:05:ac:33:39:44:c0:19:30:8a:2c:41:1c:71:a9: ce:5b:ec:57:32:64:8c:0c:82:03:cd:73:99:f3:17: 9f:43:09:eb:85:3a:ad:73:2a:ee:c2:f4:30:6b:91: 38:28:b5:18:85:e4:f5:bb:ec:60:36:5f:0f:08:cc: b9:3d:9c:cf:58:10:8a:d1:19:fc:16:50:16:96:a2: d6:f9:6f:c0:fc:52:bc:12:8d:a7:a4:4c:f5:ce:d7: ae:b4:c7:52:8f:aa:e3:1e:fe:4c:26:2a:d5:97:45: 98:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F2:97:10:36:6F:3A:FE:39:09:82:FD:1A:B8:21:23:49:24:35:25:98 X509v3 Authority Key Identifier: keyid:69:0A:26:32:49:84:7C:F9:73:44:74:22:13:64:4F:92:9B:EA:A9:97 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aQomMkmEfPlzRHQiE2RPkpvqqZc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/a76a86-75b3-4cef-a340-31b2a607ba97/1/aQomMkmEfPlzRHQiE2RPkpvqqZc.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/64/a76a86-75b3-4cef-a340-31b2a607ba97/1/aQomMkmEfPlzRHQiE2RPkpvqqZc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 34:d8:cb:53:b3:3c:ef:5a:ba:73:a4:31:a9:34:36:6c:47:54: 4d:b0:f5:25:1b:9b:bc:74:5d:16:52:f8:a1:bd:79:1d:a5:7f: 26:7a:0f:90:ba:b1:10:ed:fa:01:00:ee:4c:69:b3:95:c9:f8: 40:5c:2e:3b:27:67:ce:4d:24:71:ab:53:53:b8:6c:c8:27:6e: 94:47:2b:74:8a:52:6f:a5:ac:c8:91:49:1c:d8:f3:96:bc:91: a3:93:d9:87:43:cf:42:c1:d9:31:7d:15:84:f0:46:b7:36:2d: b2:eb:97:73:4d:35:50:48:3a:95:b1:86:cd:0e:99:1b:df:97: b3:be:65:33:4c:a1:3c:33:b7:f6:75:20:c3:5b:5e:da:ac:21: 19:bd:0e:18:35:8d:07:c6:c6:55:25:bf:a6:96:34:86:2e:63: b0:b7:70:e5:7e:e5:73:54:07:15:4e:8c:d6:c6:d0:b3:58:a1: c9:94:6e:6f:50:38:d8:0d:d2:f1:1c:a1:ed:5c:b3:23:b9:a1: 62:05:87:72:d2:4b:c2:54:01:82:c8:8f:eb:09:11:f4:2b:47: d7:ca:47:98:87:94:46:3f:66:d5:8c:90:ea:a9:28:56:62:8d: 31:7a:12:20:b4:3b:1d:fb:ba:ba:72:ea:e5:65:a9:c6:52:93: 79:c8:bd:c9 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZrzG3Ylqr38f3k/R3EFZ7nFMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY5MGEyNjMyNDk4NDdjZjk3MzQ0NzQyMjEzNjQ0ZjkyOWJl YWE5OTcwHhcNMjUxMjA2MTAwMDU0WhcNMjUxMjA3MTAwMDU0WjAzMTEwLwYDVQQD EyhmMjk3MTAzNjZmM2FmZTM5MDk4MmZkMWFiODIxMjM0OTI0MzUyNTk4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtamsD/pJYRUqBevqOGDUevTqALgo dmsx2RH8cHRMELRN+IBel9q9/SLps1PEi/Ep/Uafy4bQytlgbkpSvuxMOU+4ahUE r6IEaRjr/+pEZmSszOzmWW2mt7TFBSqNccouOOWTPoSpGACw6fL57JYu76YDV5/W 6d6tSN7crDz0yt7ObWuEb1nVnvUJ6bUJ5WN0cSAxYHTqBawzOUTAGTCKLEEccanO W+xXMmSMDIIDzXOZ8xefQwnrhTqtcyruwvQwa5E4KLUYheT1u+xgNl8PCMy5PZzP WBCK0Rn8FlAWlqLW+W/A/FK8Eo2npEz1zteutMdSj6rjHv5MJirVl0WYGQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFPKXEDZvOv45CYL9GrghI0kkNSWYMB8GA1UdIwQY MBaAFGkKJjJJhHz5c0R0IhNkT5Kb6qmXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYVFvbU1rbUVmUGx6UkhRaUUyUlBrcHZxcVpjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9hNzZhODYtNzViMy00Y2VmLWEzNDAt MzFiMmE2MDdiYTk3LzEvYVFvbU1rbUVmUGx6UkhRaUUyUlBrcHZxcVpjLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82NC9hNzZhODYtNzViMy00Y2VmLWEzNDAtMzFiMmE2MDdiYTk3 LzEvYVFvbU1rbUVmUGx6UkhRaUUyUlBrcHZxcVpjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANNjLU7M8 71q6c6QxqTQ2bEdUTbD1JRubvHRdFlL4ob15HaV/JnoPkLqxEO36AQDuTGmzlcn4 QFwuOydnzk0kcatTU7hsyCdulEcrdIpSb6WsyJFJHNjzlryRo5PZh0PPQsHZMX0V hPBGtzYtsuuXc001UEg6lbGGzQ6ZG9+Xs75lM0yhPDO39nUgw1te2qwhGb0OGDWN B8bGVSW/ppY0hi5jsLdw5X7lc1QHFU6M1sbQs1ihyZRub1A42A3S8Ryh7VyzI7mh YgWHctJLwlQBgsiP6wkR9CtH18pHmIeURj9m1YyQ6qkoVmKNMXoSILQ7Hfu6unLq 5WWpxlKTeci9yQ== -----END CERTIFICATE-----Generated at Sat Dec 6 12:13:07 2025 by rpki-client