This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/43a91c-3aac-495c-8081-752a45c32dff/1/AahezixTn1hQ-nAfLUWiEn3IZ1U.mft File: AahezixTn1hQ-nAfLUWiEn3IZ1U.mft (raw, json) Hash identifier: SIokvdD7SXRDB4cUFt7Yhe7EszfROoerZqgU2JCi40o= Subject key identifier: 53:6F:99:1D:BD:DC:D1:D2:21:11:AA:C3:96:5B:81:84:76:B0:02:95 Authority key identifier: 01:A8:5E:CE:2C:53:9F:58:50:FA:70:1F:2D:45:A2:12:7D:C8:67:55 Certificate issuer: /CN=01a85ece2c539f5850fa701f2d45a2127dc86755 Certificate serial: 019B2D0AC39BC1E1DFAE4AD587FEBB9AD44C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AahezixTn1hQ-nAfLUWiEn3IZ1U.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/43a91c-3aac-495c-8081-752a45c32dff/1/AahezixTn1hQ-nAfLUWiEn3IZ1U.mft Manifest number: 0A25 Signing time: Wed 17 Dec 2025 16:00:38 +0000 Manifest this update: Wed 17 Dec 2025 16:00:38 +0000 Manifest next update: Thu 18 Dec 2025 16:00:38 +0000 Files and hashes: 1: 1YtqoFQLtfGDiVmHDelz4DRg3EU.roa (hash: IK9E4boh47Pzwtuw3Las8hTZNUl+rwA5t6hlkkr2bx4=) 2: AahezixTn1hQ-nAfLUWiEn3IZ1U.crl (hash: 08n5lvEmZv0GAf7hCq00xci+k6qHoXwty6zTT6Y0HUc=) Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6c/43a91c-3aac-495c-8081-752a45c32dff/1/AahezixTn1hQ-nAfLUWiEn3IZ1U.crl rsync://rpki.ripe.net/repository/DEFAULT/6c/43a91c-3aac-495c-8081-752a45c32dff/1/AahezixTn1hQ-nAfLUWiEn3IZ1U.mft rsync://rpki.ripe.net/repository/DEFAULT/AahezixTn1hQ-nAfLUWiEn3IZ1U.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 18 Dec 2025 10:00:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:2d:0a:c3:9b:c1:e1:df:ae:4a:d5:87:fe:bb:9a:d4:4c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=01a85ece2c539f5850fa701f2d45a2127dc86755 Validity Not Before: Dec 17 16:00:38 2025 GMT Not After : Dec 18 16:00:38 2025 GMT Subject: CN=536f991dbddcd1d22111aac3965b818476b00295 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:46:d1:f3:fe:48:ba:0a:78:a4:ed:b5:80:9f: 6c:c3:90:e2:57:83:ef:ab:00:97:f5:e6:b7:7f:b6: 7d:c6:b5:7c:77:fd:fa:2a:a0:dd:11:0c:21:71:01: 38:06:55:53:31:43:5b:23:80:07:6a:71:22:1f:86: 6a:11:ac:13:ed:8a:75:2c:54:5e:77:e1:85:16:a5: 72:80:a5:da:d0:00:4e:b6:06:c9:18:f0:88:cb:8a: d3:1f:f6:e4:c2:89:b7:4e:18:d5:2f:17:78:12:e0: 97:08:f8:f7:fa:06:b1:28:87:88:59:e1:9e:a5:0a: 6d:e5:a7:f9:34:c8:d6:fc:b8:ca:9a:eb:3a:cb:e3: c8:ed:e8:01:3a:4f:43:71:bb:42:16:b1:f2:ef:85: f8:6e:d6:12:1f:22:49:5d:c1:e8:d0:99:ef:31:bb: 68:9e:94:05:61:e3:59:83:5b:df:5a:c0:df:bc:8e: 6e:c3:ba:24:10:8a:3c:c4:91:22:fe:76:65:12:33: 62:24:3a:9c:03:1e:45:d0:3d:b4:cd:4e:bf:6c:fc: 5c:19:1d:db:15:6b:41:f5:ae:84:96:e9:4a:df:15: 75:40:79:90:d5:99:7e:e7:d8:84:60:42:9c:4a:e5: eb:b8:87:da:d5:39:1e:be:a7:d0:76:0b:e3:5a:5a: f2:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 53:6F:99:1D:BD:DC:D1:D2:21:11:AA:C3:96:5B:81:84:76:B0:02:95 X509v3 Authority Key Identifier: keyid:01:A8:5E:CE:2C:53:9F:58:50:FA:70:1F:2D:45:A2:12:7D:C8:67:55 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AahezixTn1hQ-nAfLUWiEn3IZ1U.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/43a91c-3aac-495c-8081-752a45c32dff/1/AahezixTn1hQ-nAfLUWiEn3IZ1U.mft X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/43a91c-3aac-495c-8081-752a45c32dff/1/AahezixTn1hQ-nAfLUWiEn3IZ1U.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 38:e7:08:ad:7d:30:e8:0e:85:36:8c:d7:f3:9d:29:92:13:22: 30:d7:d9:d3:83:5a:68:f5:97:be:6d:b3:0e:e8:0b:3a:b3:7f: c4:51:fa:84:ba:bd:1f:ae:4a:b1:50:18:04:01:08:42:1b:f3: 4e:b5:49:50:41:50:79:8f:24:ee:36:cc:91:9d:25:23:b1:bf: b1:bf:c8:98:76:8f:4b:0e:fa:79:74:35:62:cd:d1:a0:31:04: 00:04:24:02:42:22:b2:8b:c0:7b:88:cf:d8:6e:f8:e2:51:85: bc:fd:9b:3f:b2:04:76:6e:26:e0:ab:f0:25:eb:69:e4:23:c3: 49:59:44:f9:9f:da:74:37:f0:fd:e5:f5:d6:a2:6b:89:08:45: 30:8e:4b:2c:6b:96:2b:62:e6:11:53:27:e5:b2:a8:6d:eb:58: 94:1f:4f:ed:c7:de:1c:f7:e2:fd:8c:72:58:51:64:9d:8a:fd: 0e:61:f6:6c:92:ed:63:80:d4:0a:16:d5:93:f6:75:10:bd:0b: ca:34:18:3d:11:58:61:ce:7b:87:7d:4d:d1:13:3b:9a:23:77: 53:51:c2:14:6b:eb:5d:c6:23:8e:0f:b1:a2:9f:68:fc:5d:df: ca:c6:c3:17:22:6e:91:27:d9:61:58:b4:f0:17:b2:8f:2e:1e: f0:ce:d4:45 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZstCsObweHfrkrVh/67mtRMMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDAxYTg1ZWNlMmM1MzlmNTg1MGZhNzAxZjJkNDVhMjEyN2Rj ODY3NTUwHhcNMjUxMjE3MTYwMDM4WhcNMjUxMjE4MTYwMDM4WjAzMTEwLwYDVQQD Eyg1MzZmOTkxZGJkZGNkMWQyMjExMWFhYzM5NjViODE4NDc2YjAwMjk1MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvUbR8/5Iugp4pO21gJ9sw5DiV4Pv qwCX9ea3f7Z9xrV8d/36KqDdEQwhcQE4BlVTMUNbI4AHanEiH4ZqEawT7Yp1LFRe d+GFFqVygKXa0ABOtgbJGPCIy4rTH/bkwom3ThjVLxd4EuCXCPj3+gaxKIeIWeGe pQpt5af5NMjW/LjKmus6y+PI7egBOk9DcbtCFrHy74X4btYSHyJJXcHo0JnvMbto npQFYeNZg1vfWsDfvI5uw7okEIo8xJEi/nZlEjNiJDqcAx5F0D20zU6/bPxcGR3b FWtB9a6ElulK3xV1QHmQ1Zl+59iEYEKcSuXruIfa1TkevqfQdgvjWlryWQIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFFNvmR293NHSIRGqw5ZbgYR2sAKVMB8GA1UdIwQY MBaAFAGoXs4sU59YUPpwHy1FohJ9yGdVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQWFoZXppeFRuMWhRLW5BZkxVV2lFbjNJWjFVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy80M2E5MWMtM2FhYy00OTVjLTgwODEt NzUyYTQ1YzMyZGZmLzEvQWFoZXppeFRuMWhRLW5BZkxVV2lFbjNJWjFVLm1mdDCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Yy80M2E5MWMtM2FhYy00OTVjLTgwODEtNzUyYTQ1YzMyZGZm LzEvQWFoZXppeFRuMWhRLW5BZkxVV2lFbjNJWjFVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAOOcIrX0w 6A6FNozX850pkhMiMNfZ04NaaPWXvm2zDugLOrN/xFH6hLq9H65KsVAYBAEIQhvz TrVJUEFQeY8k7jbMkZ0lI7G/sb/ImHaPSw76eXQ1Ys3RoDEEAAQkAkIisovAe4jP 2G744lGFvP2bP7IEdm4m4KvwJetp5CPDSVlE+Z/adDfw/eX11qJriQhFMI5LLGuW K2LmEVMn5bKobetYlB9P7cfeHPfi/YxyWFFknYr9DmH2bJLtY4DUChbVk/Z1EL0L yjQYPRFYYc57h31N0RM7miN3U1HCFGvrXcYjjg+xop9o/F3fysbDFyJukSfZYVi0 8Beyjy4e8M7URQ== -----END CERTIFICATE-----Generated at Wed Dec 17 17:54:18 2025 by rpki-client