This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/be9e88-512f-4b06-b196-89c2f666e905/1/aM_hqssnjBMjGzEORe5XaTL-m04.mft File: aM_hqssnjBMjGzEORe5XaTL-m04.mft (raw, json) Hash identifier: NNIhHIoiTaNW/HPiBUFwz29orfkLzqL6L6DSmqzLPio= Subject key identifier: CA:1F:9E:33:6E:A6:26:87:76:F6:F1:C3:56:8E:4F:7C:68:39:3B:8A Authority key identifier: 68:CF:E1:AA:CB:27:8C:13:23:1B:31:0E:45:EE:57:69:32:FE:9B:4E Certificate issuer: /CN=68cfe1aacb278c13231b310e45ee576932fe9b4e Certificate serial: 019B31FA982D55E63FECDAAB442C1704A700 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aM_hqssnjBMjGzEORe5XaTL-m04.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/be9e88-512f-4b06-b196-89c2f666e905/1/aM_hqssnjBMjGzEORe5XaTL-m04.mft Manifest number: 1417 Signing time: Thu 18 Dec 2025 15:01:05 +0000 Manifest this update: Thu 18 Dec 2025 15:01:05 +0000 Manifest next update: Fri 19 Dec 2025 15:01:05 +0000 Files and hashes: 1: NAg_2lUwiNc2BXVWx1ALPDBcGK0.roa (hash: I6Xgg/yTyhGgk1wwRR5vfbPkXPHDlymI7Asksvi+yR4=) 2: aM_hqssnjBMjGzEORe5XaTL-m04.crl (hash: l2j8KtoUY9DxirrFKqvQsu8U6RGxKyJwZJI+yn7xXUM=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/be9e88-512f-4b06-b196-89c2f666e905/1/aM_hqssnjBMjGzEORe5XaTL-m04.crl rsync://rpki.ripe.net/repository/DEFAULT/65/be9e88-512f-4b06-b196-89c2f666e905/1/aM_hqssnjBMjGzEORe5XaTL-m04.mft rsync://rpki.ripe.net/repository/DEFAULT/aM_hqssnjBMjGzEORe5XaTL-m04.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 13:00:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:31:fa:98:2d:55:e6:3f:ec:da:ab:44:2c:17:04:a7:00 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=68cfe1aacb278c13231b310e45ee576932fe9b4e Validity Not Before: Dec 18 15:01:05 2025 GMT Not After : Dec 19 15:01:05 2025 GMT Subject: CN=ca1f9e336ea6268776f6f1c3568e4f7c68393b8a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:1a:c6:d8:8a:2c:46:c7:e0:38:92:79:13:d0: 64:bc:82:d7:f5:86:93:6c:22:5c:18:d4:6a:8b:3c: 48:1f:36:83:fb:15:e0:94:29:2a:c7:90:d8:78:56: c5:08:46:35:3c:b5:a9:73:7f:d1:32:ed:b4:33:08: 17:4b:06:6f:bd:45:2e:68:5c:2d:11:a0:d7:fe:f9: 4d:5b:58:fb:77:f0:13:0b:a6:f6:27:e3:52:d3:71: dc:b4:52:03:34:69:d1:72:f7:a0:23:6b:72:4c:83: bb:97:51:e6:41:a0:f2:97:be:d9:70:60:8d:4a:23: 17:94:fe:5a:01:9c:56:66:cd:ad:0f:60:cf:23:f4: f1:5d:04:58:29:63:0a:9e:79:b5:da:2b:91:42:ba: ba:0d:f7:a6:39:7c:ac:98:75:8b:1e:c7:56:cf:6c: 2d:11:96:97:a4:5f:66:59:6e:04:59:af:b2:44:af: 7e:46:35:1a:1e:dc:49:57:5e:16:3c:6d:74:6a:9b: 4a:2a:41:47:45:65:16:0b:7e:31:4f:ed:9d:ea:6d: 18:36:7d:dd:22:62:bd:a2:c7:df:be:05:b2:f1:ba: c3:8d:ab:62:c5:07:e5:9e:e5:d8:4d:9e:14:e5:16: 89:f9:d9:fb:83:4d:b9:68:00:9e:5c:da:cb:21:d5: 1f:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:1F:9E:33:6E:A6:26:87:76:F6:F1:C3:56:8E:4F:7C:68:39:3B:8A X509v3 Authority Key Identifier: keyid:68:CF:E1:AA:CB:27:8C:13:23:1B:31:0E:45:EE:57:69:32:FE:9B:4E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aM_hqssnjBMjGzEORe5XaTL-m04.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/be9e88-512f-4b06-b196-89c2f666e905/1/aM_hqssnjBMjGzEORe5XaTL-m04.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/65/be9e88-512f-4b06-b196-89c2f666e905/1/aM_hqssnjBMjGzEORe5XaTL-m04.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption b7:28:99:9f:5d:6e:a4:8d:ae:d1:cd:3f:48:28:8f:46:37:99: 84:3e:e8:96:66:db:5e:53:ef:7e:b5:a1:53:38:8a:ac:96:75: 1d:11:f1:78:52:4f:b9:ae:50:50:d9:61:c6:52:c2:b1:30:ef: ec:6a:33:a5:c9:9b:72:d0:4c:5a:fd:ed:10:65:93:85:ce:95: 74:37:91:61:88:05:2b:3c:45:26:ad:71:df:f0:ab:8f:79:47: d1:e8:95:0c:e0:81:53:bd:a4:4a:26:8b:03:45:6d:18:78:e0: a7:1d:3d:78:9f:2a:20:1f:41:6f:d8:13:3f:af:e5:66:bd:c5: 54:5e:f6:5b:88:b0:bc:03:13:b6:bd:99:46:48:2b:66:a7:58: c5:da:9c:99:34:80:04:97:b7:0e:87:f7:71:f0:48:33:d1:31: 47:fd:ac:31:20:cd:d4:d0:83:27:4f:a4:77:c0:d2:ea:a3:00: dd:df:38:dc:71:cc:49:5b:ee:f1:0f:9b:1c:16:50:06:2f:12: 6f:af:ee:20:5f:f5:bd:31:0c:e4:a5:12:d2:6e:90:94:17:7b: fb:dc:a5:cd:60:2b:3e:68:22:d7:4f:30:b1:ad:90:0a:5b:47: 83:61:36:13:91:52:59:7c:49:05:28:de:c7:1d:b2:32:19:dd: 98:6c:77:59 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZsx+pgtVeY/7NqrRCwXBKcAMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY4Y2ZlMWFhY2IyNzhjMTMyMzFiMzEwZTQ1ZWU1NzY5MzJm ZTliNGUwHhcNMjUxMjE4MTUwMTA1WhcNMjUxMjE5MTUwMTA1WjAzMTEwLwYDVQQD EyhjYTFmOWUzMzZlYTYyNjg3NzZmNmYxYzM1NjhlNGY3YzY4MzkzYjhhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwhrG2IosRsfgOJJ5E9BkvILX9YaT bCJcGNRqizxIHzaD+xXglCkqx5DYeFbFCEY1PLWpc3/RMu20MwgXSwZvvUUuaFwt EaDX/vlNW1j7d/ATC6b2J+NS03HctFIDNGnRcvegI2tyTIO7l1HmQaDyl77ZcGCN SiMXlP5aAZxWZs2tD2DPI/TxXQRYKWMKnnm12iuRQrq6DfemOXysmHWLHsdWz2wt EZaXpF9mWW4EWa+yRK9+RjUaHtxJV14WPG10aptKKkFHRWUWC34xT+2d6m0YNn3d ImK9osffvgWy8brDjatixQflnuXYTZ4U5RaJ+dn7g025aACeXNrLIdUf9wIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFMofnjNupiaHdvbxw1aOT3xoOTuKMB8GA1UdIwQY MBaAFGjP4arLJ4wTIxsxDkXuV2ky/ptOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYU1faHFzc25qQk1qR3pFT1JlNVhhVEwtbTA0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9iZTllODgtNTEyZi00YjA2LWIxOTYt ODljMmY2NjZlOTA1LzEvYU1faHFzc25qQk1qR3pFT1JlNVhhVEwtbTA0Lm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82NS9iZTllODgtNTEyZi00YjA2LWIxOTYtODljMmY2NjZlOTA1 LzEvYU1faHFzc25qQk1qR3pFT1JlNVhhVEwtbTA0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAtyiZn11u pI2u0c0/SCiPRjeZhD7olmbbXlPvfrWhUziKrJZ1HRHxeFJPua5QUNlhxlLCsTDv 7GozpcmbctBMWv3tEGWThc6VdDeRYYgFKzxFJq1x3/Crj3lH0eiVDOCBU72kSiaL A0VtGHjgpx09eJ8qIB9Bb9gTP6/lZr3FVF72W4iwvAMTtr2ZRkgrZqdYxdqcmTSA BJe3Dof3cfBIM9ExR/2sMSDN1NCDJ0+kd8DS6qMA3d843HHMSVvu8Q+bHBZQBi8S b6/uIF/1vTEM5KUS0m6QlBd7+9ylzWArPmgi108wsa2QCltHg2E2E5FSWXxJBSje xx2yMhndmGx3WQ== -----END CERTIFICATE-----Generated at Thu Dec 18 23:10:59 2025 by rpki-client