This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/beb3a8-4b72-48ec-8e04-03cce3969f9c/1/aJQuPste6nkqdvray-wBqFaOl_Q.mft File: aJQuPste6nkqdvray-wBqFaOl_Q.mft (raw, json) Hash identifier: apq8ypzSqMNLbCkIDpCcmhyUFGNY3BHP1U9Z6D27uS8= Subject key identifier: 67:05:40:53:A4:E5:2A:95:55:7A:45:38:04:83:A1:09:4E:4B:1B:80 Authority key identifier: 68:94:2E:3E:CB:5E:EA:79:2A:76:FA:DA:CB:EC:01:A8:56:8E:97:F4 Certificate issuer: /CN=68942e3ecb5eea792a76fadacbec01a8568e97f4 Certificate serial: 019AF2ADD0ACAD9B0D7D6765C4C25C1AD59F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aJQuPste6nkqdvray-wBqFaOl_Q.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/beb3a8-4b72-48ec-8e04-03cce3969f9c/1/aJQuPste6nkqdvray-wBqFaOl_Q.mft Manifest number: 1762 Signing time: Sat 06 Dec 2025 08:01:08 +0000 Manifest this update: Sat 06 Dec 2025 08:01:08 +0000 Manifest next update: Sun 07 Dec 2025 08:01:08 +0000 Files and hashes: 1: 2I7Ug_0TKUirYBKdCRFB3X-yPVM.roa (hash: OuAKBuCtiZrdtqQo3Ia+YQ9DdlyXDqDuhn9BW+I9wGc=) 2: aJQuPste6nkqdvray-wBqFaOl_Q.crl (hash: rmWvMNYgqsNR69BjDbblkdNrAaN1VBnq6zAGnBQIR9c=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/beb3a8-4b72-48ec-8e04-03cce3969f9c/1/aJQuPste6nkqdvray-wBqFaOl_Q.crl rsync://rpki.ripe.net/repository/DEFAULT/68/beb3a8-4b72-48ec-8e04-03cce3969f9c/1/aJQuPste6nkqdvray-wBqFaOl_Q.mft rsync://rpki.ripe.net/repository/DEFAULT/aJQuPste6nkqdvray-wBqFaOl_Q.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:f2:ad:d0:ac:ad:9b:0d:7d:67:65:c4:c2:5c:1a:d5:9f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=68942e3ecb5eea792a76fadacbec01a8568e97f4 Validity Not Before: Dec 6 08:01:08 2025 GMT Not After : Dec 7 08:01:08 2025 GMT Subject: CN=67054053a4e52a95557a45380483a1094e4b1b80 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:c0:0b:de:0c:46:7c:ae:2b:6c:33:a7:b6:03: 16:c3:fb:fb:b7:20:17:1b:a4:a6:2b:54:bc:29:9e: 2a:e5:4e:52:99:39:a7:66:f5:72:3f:b0:3b:b4:8f: 2f:1d:f9:7e:73:1b:a4:6f:34:c0:03:45:df:a7:ce: ec:2e:a1:9c:c2:29:e2:18:5f:97:1d:be:07:3d:42: b3:41:19:ae:24:b1:0b:52:9e:5b:f2:5d:92:97:6c: af:56:ba:0b:71:09:03:f2:b4:42:14:67:d8:7e:bf: 46:8c:e6:74:1e:17:34:f3:35:f4:50:db:c6:b9:e0: cc:68:8c:a2:fc:0a:c8:65:5e:04:ee:05:6d:3b:3c: 4d:72:f6:64:3f:67:22:f0:ac:3c:09:a5:ea:09:dc: 33:4f:34:44:71:5d:3c:bb:48:b8:20:03:a4:c5:11: 2e:3b:d3:0e:36:3e:b4:d1:dc:61:b3:f8:3d:e6:d8: 8d:e0:c3:84:95:17:6e:f6:b7:fb:95:91:4f:3e:c5: e2:6a:0c:1a:0a:ff:fd:ff:cf:76:41:21:f1:ff:36: 06:b1:e8:04:f1:29:b9:19:61:f6:b6:70:6f:43:18: d2:8b:4e:c3:7d:0f:c1:e4:43:84:b7:cd:b9:89:f4: 65:4f:91:ae:b2:45:f5:54:cc:de:58:47:c1:7f:48: 3e:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:05:40:53:A4:E5:2A:95:55:7A:45:38:04:83:A1:09:4E:4B:1B:80 X509v3 Authority Key Identifier: keyid:68:94:2E:3E:CB:5E:EA:79:2A:76:FA:DA:CB:EC:01:A8:56:8E:97:F4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aJQuPste6nkqdvray-wBqFaOl_Q.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/beb3a8-4b72-48ec-8e04-03cce3969f9c/1/aJQuPste6nkqdvray-wBqFaOl_Q.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/68/beb3a8-4b72-48ec-8e04-03cce3969f9c/1/aJQuPste6nkqdvray-wBqFaOl_Q.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 36:b3:48:22:8f:62:be:5c:23:8d:ee:af:18:d0:c1:2b:06:7b: 07:6e:6f:74:20:01:b9:99:a2:0d:d9:b5:66:89:76:96:f9:63: 68:10:91:4f:bb:dd:6b:7a:1c:dc:ca:bd:62:bc:c3:46:0d:1c: c1:f4:d3:b1:cf:f5:dd:60:18:05:dd:c5:2d:38:6f:79:e7:a3: fd:83:ec:2d:4c:de:6e:9e:90:ac:44:98:ca:4e:26:2b:d1:f1: 73:98:36:26:42:b9:54:0c:2d:b2:1b:a9:ba:0e:6f:25:fb:4a: 62:7b:db:06:ac:ab:36:50:4f:7c:b4:18:74:10:03:dc:ba:79: 46:29:f5:cc:6d:46:54:eb:70:11:7e:67:97:47:d9:44:3b:ab: 9d:f4:09:b9:a1:0a:f1:87:54:2c:04:cf:ca:6e:0c:a4:17:53: fe:56:d0:8f:3b:12:13:f5:4b:16:00:80:46:34:44:39:0d:92: b3:db:33:f6:f0:9d:02:28:93:dc:e7:1e:03:5d:d9:4d:8e:b0: b7:ff:a7:1a:3e:52:60:5b:3a:34:c6:d4:f5:58:47:1a:56:94: 02:46:14:7b:78:88:f8:7e:d8:6f:e0:29:84:c8:e8:c3:69:04: db:7d:57:2a:4b:27:ad:69:fe:e9:97:5f:ba:ae:3c:b3:7a:ec: c9:d6:85:f1 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZryrdCsrZsNfWdlxMJcGtWfMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY4OTQyZTNlY2I1ZWVhNzkyYTc2ZmFkYWNiZWMwMWE4NTY4 ZTk3ZjQwHhcNMjUxMjA2MDgwMTA4WhcNMjUxMjA3MDgwMTA4WjAzMTEwLwYDVQQD Eyg2NzA1NDA1M2E0ZTUyYTk1NTU3YTQ1MzgwNDgzYTEwOTRlNGIxYjgwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu8AL3gxGfK4rbDOntgMWw/v7tyAX G6SmK1S8KZ4q5U5SmTmnZvVyP7A7tI8vHfl+cxukbzTAA0Xfp87sLqGcwiniGF+X Hb4HPUKzQRmuJLELUp5b8l2Sl2yvVroLcQkD8rRCFGfYfr9GjOZ0Hhc08zX0UNvG ueDMaIyi/ArIZV4E7gVtOzxNcvZkP2ci8Kw8CaXqCdwzTzREcV08u0i4IAOkxREu O9MONj600dxhs/g95tiN4MOElRdu9rf7lZFPPsXiagwaCv/9/892QSHx/zYGsegE 8Sm5GWH2tnBvQxjSi07DfQ/B5EOEt825ifRlT5GuskX1VMzeWEfBf0g+gwIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFGcFQFOk5SqVVXpFOASDoQlOSxuAMB8GA1UdIwQY MBaAFGiULj7LXup5Knb62svsAahWjpf0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYUpRdVBzdGU2bmtxZHZyYXktd0JxRmFPbF9RLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC9iZWIzYTgtNGI3Mi00OGVjLThlMDQt MDNjY2UzOTY5ZjljLzEvYUpRdVBzdGU2bmtxZHZyYXktd0JxRmFPbF9RLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82OC9iZWIzYTgtNGI3Mi00OGVjLThlMDQtMDNjY2UzOTY5Zjlj LzEvYUpRdVBzdGU2bmtxZHZyYXktd0JxRmFPbF9RLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANrNIIo9i vlwjje6vGNDBKwZ7B25vdCABuZmiDdm1Zol2lvljaBCRT7vda3oc3Mq9YrzDRg0c wfTTsc/13WAYBd3FLThveeej/YPsLUzebp6QrESYyk4mK9Hxc5g2JkK5VAwtshup ug5vJftKYnvbBqyrNlBPfLQYdBAD3Lp5Rin1zG1GVOtwEX5nl0fZRDurnfQJuaEK 8YdULATPym4MpBdT/lbQjzsSE/VLFgCARjREOQ2Ss9sz9vCdAiiT3OceA13ZTY6w t/+nGj5SYFs6NMbU9VhHGlaUAkYUe3iI+H7Yb+AphMjow2kE231XKksnrWn+6Zdf uq48s3rsydaF8Q== -----END CERTIFICATE-----Generated at Sat Dec 6 15:19:54 2025 by rpki-client